pwn 0.4.451 → 0.4.452
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/{pwn_nessus_cloud_create_scan → pwn_nessus_cloud_scan_crud} +32 -12
- data/bin/pwn_nessus_cloud_vulnscan +4 -4
- data/lib/pwn/plugins/nessus_cloud.rb +73 -19
- data/lib/pwn/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 48f1885a09a8dab8a4d1404d9f142385e1e401c46248cec44d9444a3fd90b9b1
|
4
|
+
data.tar.gz: 499d0c4a1a613da0cab30df3eeb3402a27d6913aeb18588ed2680ff8af96118f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b4d1bf2a6ada8c50b996406ef176425af6753c4f91b6a26fb2da77fdc5abacddb84ceee4dbdfefb385053bc6bba22d0a0eac5d7e5d4cc913ff10bf5e2aa2d884
|
7
|
+
data.tar.gz: b0a4de3193f5ce0df525745650a0f0ea76df6752e3f8a693606efb09e8461bd7e572d043047e9adf88cb44b5962e0bea692c5117c31f090d1bd4358b79cdd6fc
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.452]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.452]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -32,7 +32,7 @@ OptionParser.new do |options|
|
|
32
32
|
end
|
33
33
|
|
34
34
|
options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
|
35
|
-
opts[:
|
35
|
+
opts[:scan_template_name] = t
|
36
36
|
end
|
37
37
|
|
38
38
|
options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan>') do |p|
|
@@ -116,8 +116,8 @@ begin
|
|
116
116
|
# Optional Arguments
|
117
117
|
scan_desc = opts[:scan_desc]
|
118
118
|
|
119
|
-
|
120
|
-
|
119
|
+
scan_template_name = opts[:scan_template_name]
|
120
|
+
scan_template_name ||= 'Basic Network Scan'
|
121
121
|
|
122
122
|
policy_name = opts[:policy_name]
|
123
123
|
policy_name ||= ''
|
@@ -204,17 +204,18 @@ begin
|
|
204
204
|
secret_key: secret_key
|
205
205
|
)
|
206
206
|
|
207
|
-
# Requirements to create a scan:
|
207
|
+
# Requirements to update / create a scan:
|
208
208
|
# Part 1: Populate uuid
|
209
209
|
# Part 2: Populate settings object from options passed to driver
|
210
210
|
# Part 3: Populate credentials object from YAML config (optional)
|
211
211
|
# Part 4: Populate plugins object from YAML config (optional)
|
212
|
+
# Part 5: Update Scan if it exists, or create it.
|
212
213
|
|
213
214
|
# Part 1: Populate uuid
|
214
215
|
# TODO: add --list-canned-scan-templates option
|
215
216
|
scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
|
216
217
|
nessus_obj: nessus_obj,
|
217
|
-
name:
|
218
|
+
name: scan_template_name
|
218
219
|
)
|
219
220
|
scan_template_uuid = scan_template[:uuid]
|
220
221
|
puts scan_template_uuid
|
@@ -307,15 +308,34 @@ begin
|
|
307
308
|
# Part 4: Populate plugins object from YAML config (optional)
|
308
309
|
plugins = yaml[:plugins] if yaml[:plugins]
|
309
310
|
|
310
|
-
|
311
|
+
# Part 5: Update Scan if it exists, or create it.
|
312
|
+
scan = PWN::Plugins::NessusCloud.get_scans(
|
311
313
|
nessus_obj: nessus_obj,
|
312
|
-
|
313
|
-
settings: settings,
|
314
|
-
credentials: credentials,
|
315
|
-
plugins: plugins
|
314
|
+
name: scan_name
|
316
315
|
)
|
317
|
-
|
318
|
-
|
316
|
+
if scan.any?
|
317
|
+
scan_uuid = scan[:uuid]
|
318
|
+
update_scan_resp = PWN::Plugins::NessusCloud.update_scan(
|
319
|
+
nessus_obj: nessus_obj,
|
320
|
+
scan_uuid: scan_uuid,
|
321
|
+
scan_template_uuid: scan_template_uuid,
|
322
|
+
settings: settings,
|
323
|
+
credentials: credentials,
|
324
|
+
plugins: plugins
|
325
|
+
)
|
326
|
+
|
327
|
+
puts update_scan_resp.inspect
|
328
|
+
else
|
329
|
+
create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
|
330
|
+
nessus_obj: nessus_obj,
|
331
|
+
scan_template_uuid: scan_template_uuid,
|
332
|
+
settings: settings,
|
333
|
+
credentials: credentials,
|
334
|
+
plugins: plugins
|
335
|
+
)
|
336
|
+
|
337
|
+
puts create_scan_resp.inspect
|
338
|
+
end
|
319
339
|
rescue Interrupt
|
320
340
|
puts 'CTRL+C detected...goodbye.'
|
321
341
|
rescue StandardError => e
|
@@ -58,11 +58,11 @@ begin
|
|
58
58
|
nessus_obj: nessus_obj,
|
59
59
|
name: scan_name
|
60
60
|
)
|
61
|
-
|
61
|
+
scan_uuid = scan[:uuid]
|
62
62
|
|
63
63
|
PWN::Plugins::NessusCloud.launch_scan(
|
64
64
|
nessus_obj: nessus_obj,
|
65
|
-
|
65
|
+
scan_uuid: scan_uuid
|
66
66
|
)
|
67
67
|
|
68
68
|
scan_status = 'initializing'
|
@@ -73,7 +73,7 @@ begin
|
|
73
73
|
|
74
74
|
scan_status_resp = PWN::Plugins::NessusCloud.get_scan_status(
|
75
75
|
nessus_obj: nessus_obj,
|
76
|
-
|
76
|
+
scan_uuid: scan_uuid
|
77
77
|
)
|
78
78
|
|
79
79
|
scan_status = scan_status_resp[:status]
|
@@ -87,7 +87,7 @@ begin
|
|
87
87
|
print "Exporting results to #{path_to_export}..."
|
88
88
|
PWN::Plugins::NessusCloud.export_scan_results(
|
89
89
|
nessus_obj: nessus_obj,
|
90
|
-
|
90
|
+
scan_uuid: scan_uuid,
|
91
91
|
path_to_export: path_to_export,
|
92
92
|
format: format
|
93
93
|
)
|
@@ -442,20 +442,57 @@ module PWN
|
|
442
442
|
raise e
|
443
443
|
end
|
444
444
|
|
445
|
+
# Supported Method Parameters::
|
446
|
+
# PWN::Plugins::NessusCloud.update_scan(
|
447
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
448
|
+
# scan_uuid: 'required - the scan UUID to update. Run #get_scans for a list of UUIDs',
|
449
|
+
# scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use. Run #get_canned_scan_templates for a list of UUIDs',
|
450
|
+
# settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
|
451
|
+
# credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
|
452
|
+
# plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
|
453
|
+
# )
|
454
|
+
|
455
|
+
public_class_method def self.update_scan(opts = {})
|
456
|
+
nessus_obj = opts[:nessus_obj]
|
457
|
+
scan_uuid = opts[:scan_uuid]
|
458
|
+
scan_template_uuid = opts[:scan_template_uuid]
|
459
|
+
settings = opts[:settings]
|
460
|
+
credentials = opts[:credentials]
|
461
|
+
plugins = opts[:plugins]
|
462
|
+
|
463
|
+
http_body = {
|
464
|
+
uuid: scan_template_uuid,
|
465
|
+
settings: settings,
|
466
|
+
credentials: credentials,
|
467
|
+
plugins: plugins
|
468
|
+
}.to_json
|
469
|
+
|
470
|
+
update_scan_resp = nessus_cloud_rest_call(
|
471
|
+
http_method: :put,
|
472
|
+
nessus_obj: nessus_obj,
|
473
|
+
rest_call: "scans/#{scan_uuid}",
|
474
|
+
http_body: http_body
|
475
|
+
).body
|
476
|
+
|
477
|
+
JSON.parse(update_scan_resp, symbolize_names: true)
|
478
|
+
rescue StandardError, SystemExit, Interrupt => e
|
479
|
+
raise e
|
480
|
+
end
|
481
|
+
|
445
482
|
# Supported Method Parameters::
|
446
483
|
# PWN::Plugins::NessusCloud.launch_scan(
|
447
484
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
448
|
-
#
|
485
|
+
# scan_uuid: 'required - scan uuid to launch'
|
449
486
|
# )
|
450
487
|
|
451
488
|
public_class_method def self.launch_scan(opts = {})
|
452
489
|
nessus_obj = opts[:nessus_obj]
|
453
|
-
|
490
|
+
scan_uuid = opts[:scan_uuid]
|
454
491
|
|
455
492
|
launch_scan_resp = nessus_cloud_rest_call(
|
456
493
|
http_method: :post,
|
457
494
|
nessus_obj: nessus_obj,
|
458
|
-
rest_call: "scans/#{
|
495
|
+
rest_call: "scans/#{scan_uuid}/launch"
|
459
496
|
).body
|
460
497
|
|
461
498
|
JSON.parse(launch_scan_resp, symbolize_names: true)
|
@@ -466,16 +503,16 @@ module PWN
|
|
466
503
|
# Supported Method Parameters::
|
467
504
|
# PWN::Plugins::NessusCloud.get_scan_status(
|
468
505
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
469
|
-
#
|
506
|
+
# scan_uuid: 'required - scan uuid to retrieve status'
|
470
507
|
# )
|
471
508
|
|
472
509
|
public_class_method def self.get_scan_status(opts = {})
|
473
510
|
nessus_obj = opts[:nessus_obj]
|
474
|
-
|
511
|
+
scan_uuid = opts[:scan_uuid]
|
475
512
|
|
476
513
|
scan_status_resp = nessus_cloud_rest_call(
|
477
514
|
nessus_obj: nessus_obj,
|
478
|
-
rest_call: "scans/#{
|
515
|
+
rest_call: "scans/#{scan_uuid}/latest-status"
|
479
516
|
).body
|
480
517
|
|
481
518
|
JSON.parse(scan_status_resp, symbolize_names: true)
|
@@ -518,16 +555,16 @@ module PWN
|
|
518
555
|
# Supported Method Parameters::
|
519
556
|
# PWN::Plugins::NessusCloud.get_scan_history(
|
520
557
|
# nessus_obj: 'required - nessus_obj returned from #login method'
|
521
|
-
#
|
558
|
+
# scan_uuid: 'required - scan uuid to launch'
|
522
559
|
# )
|
523
560
|
|
524
561
|
public_class_method def self.get_scan_history(opts = {})
|
525
562
|
nessus_obj = opts[:nessus_obj]
|
526
|
-
|
563
|
+
scan_uuid = opts[:scan_uuid]
|
527
564
|
|
528
565
|
scan_hist_resp = nessus_cloud_rest_call(
|
529
566
|
nessus_obj: nessus_obj,
|
530
|
-
rest_call: "scans/#{
|
567
|
+
rest_call: "scans/#{scan_uuid}/history"
|
531
568
|
).body
|
532
569
|
|
533
570
|
JSON.parse(scan_hist_resp, symbolize_names: true)
|
@@ -538,7 +575,7 @@ module PWN
|
|
538
575
|
# Supported Method Parameters::
|
539
576
|
# PWN::Plugins::NessusCloud.export_scan_results(
|
540
577
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
541
|
-
#
|
578
|
+
# scan_uuid: 'required - scan uuid to export',
|
542
579
|
# path_to_export: 'required - filename to export results',
|
543
580
|
# history_id: 'optional - defaults to last scan',
|
544
581
|
# format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
|
@@ -546,14 +583,14 @@ module PWN
|
|
546
583
|
|
547
584
|
public_class_method def self.export_scan_results(opts = {})
|
548
585
|
nessus_obj = opts[:nessus_obj]
|
549
|
-
|
586
|
+
scan_uuid = opts[:scan_uuid]
|
550
587
|
path_to_export = opts[:path_to_export]
|
551
588
|
if opts[:history_id]
|
552
589
|
history_id = opts[:history_id]
|
553
590
|
else
|
554
591
|
scan_history_resp = get_scan_history(
|
555
592
|
nessus_obj: nessus_obj,
|
556
|
-
|
593
|
+
scan_uuid: scan_uuid
|
557
594
|
)
|
558
595
|
|
559
596
|
if scan_history_resp[:history].empty?
|
@@ -568,7 +605,7 @@ module PWN
|
|
568
605
|
format = opts[:format].to_s.to_sym if opts[:format]
|
569
606
|
|
570
607
|
http_body = {
|
571
|
-
|
608
|
+
scan_uuid: scan_uuid,
|
572
609
|
history_id: history_id,
|
573
610
|
format: format
|
574
611
|
}.to_json
|
@@ -576,7 +613,7 @@ module PWN
|
|
576
613
|
export_scan_resp = nessus_cloud_rest_call(
|
577
614
|
http_method: :post,
|
578
615
|
nessus_obj: nessus_obj,
|
579
|
-
rest_call: "scans/#{
|
616
|
+
rest_call: "scans/#{scan_uuid}/export",
|
580
617
|
http_body: http_body
|
581
618
|
).body
|
582
619
|
|
@@ -587,7 +624,7 @@ module PWN
|
|
587
624
|
|
588
625
|
download_export_resp = nessus_cloud_rest_call(
|
589
626
|
nessus_obj: nessus_obj,
|
590
|
-
rest_call: "scans/#{
|
627
|
+
rest_call: "scans/#{scan_uuid}/export/#{file_id}/download"
|
591
628
|
).body
|
592
629
|
|
593
630
|
File.open(path_to_export, 'wb') do |f|
|
@@ -660,14 +697,31 @@ module PWN
|
|
660
697
|
nessus_obj: 'required - nessus_obj returned from #login method'
|
661
698
|
)
|
662
699
|
|
700
|
+
#{self}.create_scan(
|
701
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
702
|
+
scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use. Run #get_canned_scan_templates for a list of UUIDs',
|
703
|
+
settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
|
704
|
+
credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
|
705
|
+
plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
|
706
|
+
)
|
707
|
+
|
708
|
+
#{self}.update_scan(
|
709
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
710
|
+
scan_uuid: 'required - the scan UUID to update. Run #get_scans for a list of UUIDs',
|
711
|
+
scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use. Run #get_canned_scan_templates for a list of UUIDs',
|
712
|
+
settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
|
713
|
+
credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
|
714
|
+
plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
|
715
|
+
)
|
716
|
+
|
663
717
|
#{self}.launch_scan(
|
664
718
|
nessus_obj: 'required - nessus_obj returned from #login method',
|
665
|
-
|
719
|
+
scan_uuid: 'required - scan uuid to launch'
|
666
720
|
)
|
667
721
|
|
668
722
|
#{self}.get_scan_status(
|
669
723
|
nessus_obj: 'required - nessus_obj returned from #login method',
|
670
|
-
|
724
|
+
scan_uuid: 'required - scan uuid to retrieve status'
|
671
725
|
)
|
672
726
|
|
673
727
|
#{self}.create_tag(
|
@@ -679,12 +733,12 @@ module PWN
|
|
679
733
|
|
680
734
|
#{self}.get_scan_history(
|
681
735
|
nessus_obj: 'required - nessus_obj returned from #login method'
|
682
|
-
|
736
|
+
scan_uuid: 'required - scan uuid to launch'
|
683
737
|
)
|
684
738
|
|
685
739
|
#{self}.export_scan_results(
|
686
740
|
nessus_obj: 'required - nessus_obj returned from #login method',
|
687
|
-
|
741
|
+
scan_uuid: 'required - scan uuid to export',
|
688
742
|
path_to_export: 'required - filename to export results',
|
689
743
|
history_id: 'optional - defaults to last scan',
|
690
744
|
format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.452
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
@@ -1007,7 +1007,7 @@ executables:
|
|
1007
1007
|
- pwn_jenkins_useradd
|
1008
1008
|
- pwn_mail_agent
|
1009
1009
|
- pwn_msf_postgres_login
|
1010
|
-
-
|
1010
|
+
- pwn_nessus_cloud_scan_crud
|
1011
1011
|
- pwn_nessus_cloud_vulnscan
|
1012
1012
|
- pwn_nexpose
|
1013
1013
|
- pwn_openvas_vulnscan
|
@@ -1066,7 +1066,7 @@ files:
|
|
1066
1066
|
- bin/pwn_jenkins_useradd
|
1067
1067
|
- bin/pwn_mail_agent
|
1068
1068
|
- bin/pwn_msf_postgres_login
|
1069
|
-
- bin/
|
1069
|
+
- bin/pwn_nessus_cloud_scan_crud
|
1070
1070
|
- bin/pwn_nessus_cloud_vulnscan
|
1071
1071
|
- bin/pwn_nexpose
|
1072
1072
|
- bin/pwn_openvas_vulnscan
|