pwn 0.4.735 → 0.4.736
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/black_duck_binary_analysis.rb +69 -18
- data/lib/pwn/plugins/open_ai.rb +12 -13
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7fa87d4cde380f39c1615a4a34496608c6634cb4971a8d0c1b94972669a5ed24
|
4
|
+
data.tar.gz: ad164d84cf4d4b929af8fc32f01a255a753073060cad5d5f66c039a508221e0e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 950ddc535f1a67c26e3fe805734da25982d743b025bd22c63fb368c4f48296c16e40520ebb8a8a53532a48039103b230b02f00b5796c5631d963796bd7e0352c
|
7
|
+
data.tar.gz: e523580ad64849eb87f4da01ee96565a45fba96c976d4ad091bec5a9010aad324ba8a50fe2e7a745ba43a4282d095ba4609ed6c840efcb343b499a79ac18d94a
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.736]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.736]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -59,13 +59,25 @@ module PWN
|
|
59
59
|
)
|
60
60
|
|
61
61
|
when :post, :put
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
62
|
+
if http_body.key?(:multipart)
|
63
|
+
headers[:content_type] = 'multipart/form-data'
|
64
|
+
|
65
|
+
response = rest_client.execute(
|
66
|
+
method: :post,
|
67
|
+
url: "#{base_bd_bin_analysis_api_uri}/#{rest_call}",
|
68
|
+
headers: headers,
|
69
|
+
payload: http_body,
|
70
|
+
verify_ssl: false
|
71
|
+
)
|
72
|
+
else
|
73
|
+
response = rest_client.execute(
|
74
|
+
method: :post,
|
75
|
+
url: "#{base_bd_bin_analysis_api_uri}/#{rest_call}",
|
76
|
+
headers: headers,
|
77
|
+
payload: http_body.to_json,
|
78
|
+
verify_ssl: false
|
79
|
+
)
|
80
|
+
end
|
69
81
|
else
|
70
82
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
71
83
|
end
|
@@ -122,7 +134,16 @@ module PWN
|
|
122
134
|
# Supported Method Parameters::
|
123
135
|
# response = PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
|
124
136
|
# token: 'required - Bearer token',
|
125
|
-
# file: 'required - file to upload'
|
137
|
+
# file: 'required - path of file to upload',
|
138
|
+
# group_id: 'optional - group id',
|
139
|
+
# delete_binary: 'optional - delete binary after upload (defaults to false)',
|
140
|
+
# force_scan: 'optional - force scan (defaults to false)',
|
141
|
+
# callback_url: 'optional - callback url',
|
142
|
+
# scan_infoleak: 'optional - scan infoleak (defaults to true)',
|
143
|
+
# code_analysis: 'optional - code analysis (defaults to true)',
|
144
|
+
# scan_code_familiarity: 'optional - scan code familiarity (defaults to true)',
|
145
|
+
# version: 'optional - version',
|
146
|
+
# product_id: 'optional - product id'
|
126
147
|
# )
|
127
148
|
|
128
149
|
public_class_method def self.upload_file(opts = {})
|
@@ -130,8 +151,29 @@ module PWN
|
|
130
151
|
file = opts[:file]
|
131
152
|
raise "ERROR: #{file} not found." unless File.exist?(file)
|
132
153
|
|
154
|
+
file_name = File.basename(file)
|
155
|
+
|
156
|
+
group_id = opts[:group_id]
|
157
|
+
delete_binary = true if opts[:delete_binary] ||= false
|
158
|
+
force_scan = true if opts[:force_scan] ||= false
|
159
|
+
callback_url = opts[:callback_url]
|
160
|
+
scan_infoleak = false if opts[:scan_infoleak] ||= true
|
161
|
+
code_analysis = false if opts[:code_analysis] ||= true
|
162
|
+
scan_code_familiarity = false if opts[:scan_code_familiarity] ||= true
|
163
|
+
version = opts[:version]
|
164
|
+
product_id = opts[:product_id]
|
165
|
+
|
133
166
|
http_headers = {
|
134
|
-
authorization: "Bearer #{token}"
|
167
|
+
authorization: "Bearer #{token}",
|
168
|
+
delete_binary: delete_binary,
|
169
|
+
force_scan: force_scan,
|
170
|
+
group: group_id,
|
171
|
+
callback: callback_url,
|
172
|
+
scan_infoleak: scan_infoleak,
|
173
|
+
code_analysis: code_analysis,
|
174
|
+
scan_code_familiarity: scan_code_familiarity,
|
175
|
+
version: version,
|
176
|
+
replace: product_id
|
135
177
|
}
|
136
178
|
|
137
179
|
http_body = {
|
@@ -140,9 +182,9 @@ module PWN
|
|
140
182
|
}
|
141
183
|
|
142
184
|
response = bd_bin_analysis_rest_call(
|
143
|
-
http_method: :
|
185
|
+
http_method: :put,
|
144
186
|
token: token,
|
145
|
-
rest_call:
|
187
|
+
rest_call: "upload/#{file_name}",
|
146
188
|
http_headers: http_headers,
|
147
189
|
http_body: http_body
|
148
190
|
)
|
@@ -193,7 +235,7 @@ module PWN
|
|
193
235
|
# token: 'required - Bearer token',
|
194
236
|
# name: 'required - group name',
|
195
237
|
# desc: 'optional - group description',
|
196
|
-
#
|
238
|
+
# parent_id: 'optional - parent group id',
|
197
239
|
# delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
198
240
|
# binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 604_800 / 1 week)',
|
199
241
|
# product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 604_800 / 1 week)',
|
@@ -212,7 +254,7 @@ module PWN
|
|
212
254
|
token = opts[:token]
|
213
255
|
name = opts[:name]
|
214
256
|
desc = opts[:desc]
|
215
|
-
|
257
|
+
parent_id = opts[:parent_id]
|
216
258
|
delete_binary = opts[:delete_binary] ||= 'C'
|
217
259
|
binary_cleanup_age = opts[:binary_cleanup_age] ||= 604_800
|
218
260
|
product_cleanup_age = opts[:product_cleanup_age] ||= 604_800
|
@@ -230,7 +272,7 @@ module PWN
|
|
230
272
|
authorization: "Bearer #{token}",
|
231
273
|
name: name,
|
232
274
|
description: desc,
|
233
|
-
parent:
|
275
|
+
parent: parent_id,
|
234
276
|
delete_binary_after_scan: delete_binary,
|
235
277
|
binary_cleanup_age: binary_cleanup_age,
|
236
278
|
product_cleanup_age: product_cleanup_age,
|
@@ -473,9 +515,18 @@ module PWN
|
|
473
515
|
token: 'required - Bearer token'
|
474
516
|
)
|
475
517
|
|
476
|
-
response =
|
477
|
-
token: 'required -
|
478
|
-
file: 'required - file to upload'
|
518
|
+
response = PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
|
519
|
+
token: 'required - Bearer token',
|
520
|
+
file: 'required - path of file to upload',
|
521
|
+
group_id: 'optional - group id',
|
522
|
+
delete_binary: 'optional - delete binary after upload (defaults to false)',
|
523
|
+
force_scan: 'optional - force scan (defaults to false)',
|
524
|
+
callback_url: 'optional - callback url',
|
525
|
+
scan_infoleak: 'optional - scan infoleak (defaults to true)',
|
526
|
+
code_analysis: 'optional - code analysis (defaults to true)',
|
527
|
+
scan_code_familiarity: 'optional - scan code familiarity (defaults to true)',
|
528
|
+
version: 'optional - version',
|
529
|
+
product_id: 'optional - product id'
|
479
530
|
)
|
480
531
|
|
481
532
|
response = #{self}.get_tasks(
|
@@ -495,7 +546,7 @@ module PWN
|
|
495
546
|
token: 'required - Bearer token',
|
496
547
|
name: 'required - group name',
|
497
548
|
desc: 'optional - group description',
|
498
|
-
|
549
|
+
parent_id: 'optional - parent_id group id',
|
499
550
|
delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
500
551
|
binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 604_800 / 1 week)',
|
501
552
|
product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 604_800 / 1 week)',
|
data/lib/pwn/plugins/open_ai.rb
CHANGED
@@ -21,6 +21,7 @@ module PWN
|
|
21
21
|
# )
|
22
22
|
|
23
23
|
private_class_method def self.open_ai_rest_call(opts = {})
|
24
|
+
token = opts[:token]
|
24
25
|
http_method = if opts[:http_method].nil?
|
25
26
|
:get
|
26
27
|
else
|
@@ -28,10 +29,14 @@ module PWN
|
|
28
29
|
end
|
29
30
|
rest_call = opts[:rest_call].to_s.scrub
|
30
31
|
params = opts[:params]
|
32
|
+
headers = {
|
33
|
+
content_type: content_type,
|
34
|
+
authorization: "Bearer #{token}"
|
35
|
+
}
|
36
|
+
|
31
37
|
http_body = opts[:http_body]
|
32
38
|
http_body ||= {}
|
33
39
|
base_open_ai_api_uri = 'https://api.openai.com/v1'
|
34
|
-
token = opts[:token]
|
35
40
|
|
36
41
|
content_type = 'application/json; charset=UTF-8'
|
37
42
|
|
@@ -43,25 +48,22 @@ module PWN
|
|
43
48
|
|
44
49
|
case http_method
|
45
50
|
when :delete, :get
|
51
|
+
headers[:params] = params
|
46
52
|
response = rest_client.execute(
|
47
53
|
method: http2_method,
|
48
54
|
url: "#{base_open_ai_api_uri}/#{rest_call}",
|
49
|
-
headers:
|
50
|
-
content_type: content_type,
|
51
|
-
authorization: "Bearer #{token}",
|
52
|
-
params: params
|
53
|
-
},
|
55
|
+
headers: headers,
|
54
56
|
verify_ssl: false
|
55
57
|
)
|
56
58
|
|
57
59
|
when :post
|
58
60
|
if http_body.key?(:multipart)
|
61
|
+
headers[:content_type] = 'multipart/form-data'
|
62
|
+
|
59
63
|
response = rest_client.execute(
|
60
64
|
method: http_method,
|
61
65
|
url: "#{base_open_ai_api_uri}/#{rest_call}",
|
62
|
-
headers:
|
63
|
-
authorization: "Bearer #{token}"
|
64
|
-
},
|
66
|
+
headers: headers,
|
65
67
|
payload: http_body,
|
66
68
|
verify_ssl: false
|
67
69
|
)
|
@@ -69,10 +71,7 @@ module PWN
|
|
69
71
|
response = rest_client.execute(
|
70
72
|
method: http_method,
|
71
73
|
url: "#{base_open_ai_api_uri}/#{rest_call}",
|
72
|
-
headers:
|
73
|
-
content_type: content_type,
|
74
|
-
authorization: "Bearer #{token}"
|
75
|
-
},
|
74
|
+
headers: headers,
|
76
75
|
payload: http_body.to_json,
|
77
76
|
verify_ssl: false
|
78
77
|
)
|
data/lib/pwn/version.rb
CHANGED