pwn 0.4.774 → 0.4.775

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7b725c4387d53b0c8a3f64b083c9905cd37619574d80c6d9d92d9a3488baae81
-  data.tar.gz: d9ea997a172da9f09c18fcb109f82e5d8840084b7b2e892e6951dbbd9250cf81
+  metadata.gz: c10eec4ac3e1712691c0031a5883fc2a2e11398748f1823a8d49b6b210e50aff
+  data.tar.gz: 289ca6ece7d3ae829aba16e87e8515e89a1e21e1bbdd2e9eef1aa3b631200f63
 SHA512:
-  metadata.gz: 9702c4eadf3c6390624895830e630c8a74b3b9a2ff63989fe8d1ed3be1755a2b3540b8a322e5ae45bb13896ca544b384bb342df82ca483287faf7adbfd8a9d20
-  data.tar.gz: 905e7d92d6feab9da7e6f49438fa0c4d0db26881e905c05c900d2b678c7337874288ebbf554a2734494afef3c2ffeb64049998622168c2f0cb07083075504846
+  metadata.gz: a0ac4410338cc0601beca35c142484a4bfadd7ea197b23e24338bd68e8f989c1e233a03d80a26e6dd35ac8169e7053fa039d259a7416bb2037280bff200d6908
+  data.tar.gz: a6289daeb468bf6255fb3594bf43c7fe61e7cb3c009d6b68ef19105675ed6f3e90466a3360b6632ee7709100ef8bd1dbd0c65fe8389c8e84baaf05cbfffb3f63

data/Gemfile

@@ -11,14 +11,14 @@ gemspec
 # In some circumstances custom flags are passed to gems in order
 # to build appropriately.  Defer to ./reinstall_pwn_gemset.sh
 # to review these custom flags (e.g. pg, serialport, etc).
-gem 'activesupport', '7.0.5.1'
+gem 'activesupport', '7.0.6'
 gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.1.0'
 # gem 'bettercap', '1.6.2'
 gem 'brakeman', '6.0.0'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.4.14'
+gem 'bundler', '>=2.4.15'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
 gem 'colorize', '1.1.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.774]:001 >>> PWN.help
+pwn[v0.4.775]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.774]:001 >>> PWN.help
+pwn[v0.4.775]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_jenkins_create_job

@@ -10,7 +10,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sIP', '--jenkins_ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:jenkins_ip] = s }
+  options.on('-sIP', '--ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:ip] = s }
 
   options.on('-dPORT', '--dest-port=PORT', '<Optional - Jenkins Server Port (Defaults to 8080)>') do |port|
     opts[:port] = port
@@ -38,7 +38,7 @@ if opts.empty?
   exit 1
 end
 
-jenkins_ip = opts[:jenkins_ip].to_s.scrub
+ip = opts[:ip].to_s.scrub
 port = opts[:port].to_i
 username = opts[:username]
 password = opts[:password]
@@ -47,14 +47,14 @@ config_xml = File.read(opts[:config_xml]) if File.exist?(opts[:config_xml])
 
 if port.positive?
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     port: port,
     username: username,
     password: password
   )
 else
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     username: username,
     password: password
   )

data/bin/pwn_jenkins_create_view

@@ -10,7 +10,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sIP', '--jenkins_ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:jenkins_ip] = s }
+  options.on('-sIP', '--ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:ip] = s }
 
   options.on('-dPORT', '--dest-port=PORT', '<Optional - Jenkins Server Port (Defaults to 8080)>') do |port|
     opts[:port] = port
@@ -38,7 +38,7 @@ if opts.empty?
   exit 1
 end
 
-jenkins_ip = opts[:jenkins_ip].to_s.scrub
+ip = opts[:ip].to_s.scrub
 port = opts[:port].to_i
 username = opts[:username]
 password = opts[:password]
@@ -47,14 +47,14 @@ regex_filter = opts[:regex_filter].to_s.chomp.strip.scrub
 
 if port.positive?
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     port: port,
     username: username,
     password: password
   )
 else
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     username: username,
     password: password
   )

data/bin/pwn_jenkins_install_plugin

@@ -10,7 +10,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sIP', '--jenkins_ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:jenkins_ip] = s }
+  options.on('-sIP', '--ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:ip] = s }
 
   options.on('-dPORT', '--dest-port=PORT', '<Optional - Jenkins Server Port (Defaults to 8080)>') do |port|
     opts[:port] = port
@@ -42,7 +42,7 @@ if opts.empty?
   exit 1
 end
 
-jenkins_ip = opts[:jenkins_ip].to_s.scrub
+ip = opts[:ip].to_s.scrub
 port = opts[:port].to_i
 username = opts[:username]
 password = opts[:password]
@@ -57,14 +57,14 @@ restart_jenkins = opts[:restart_jenkins].nil?
 
 if port.positive?
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     port: port,
     username: username,
     password: password
   )
 else
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     username: username,
     password: password
   )

data/bin/pwn_jenkins_update_plugins

@@ -10,7 +10,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sIP', '--jenkins_ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:jenkins_ip] = s }
+  options.on('-sIP', '--ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:ip] = s }
 
   options.on('-dPORT', '--dest-port=PORT', '<Optional - Jenkins Server Port (Defaults to 8080)>') do |port|
     opts[:port] = port
@@ -42,7 +42,7 @@ if opts.empty?
   exit 1
 end
 
-jenkins_ip = opts[:jenkins_ip].to_s.scrub
+ip = opts[:ip].to_s.scrub
 port = opts[:port].to_i
 username = opts[:username]
 password = opts[:password]
@@ -57,14 +57,14 @@ restart_jenkins = opts[:restart_jenkins].nil?
 
 if port.positive?
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     port: port,
     username: username,
     password: password
   )
 else
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     username: username,
     password: password
   )

data/bin/pwn_jenkins_useradd

@@ -10,7 +10,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-sIP', '--jenkins_ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:jenkins_ip] = s }
+  options.on('-sIP', '--ip=IP', '<Required - Jenkins Server IP>') { |s| opts[:ip] = s }
 
   options.on('-dPORT', '--dest-port=PORT', '<Optional - Jenkins Server Port (Defaults to 8080)>') do |port|
     opts[:port] = port
@@ -46,7 +46,7 @@ if opts.empty?
   exit 1
 end
 
-jenkins_ip = opts[:jenkins_ip].to_s.scrub
+ip = opts[:ip].to_s.scrub
 port = opts[:port].to_i
 
 admin_username = opts[:admin_username]
@@ -59,14 +59,14 @@ new_email = opts[:new_email]
 
 if port.positive?
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     port: port,
     username: admin_username,
     password: admin_password
   )
 else
   jenkins_obj = PWN::Plugins::Jenkins.connect(
-    jenkins_ip: jenkins_ip,
+    ip: ip,
     username: admin_username,
     password: admin_password
   )

data/lib/pwn/plugins/jenkins.rb

@@ -12,7 +12,7 @@ module PWN
 
       # Supported Method Parameters::
       # PWN::Plugins::Jenkins.connect(
-      #   jenkins_ip: 'required host/ip of Jenkins Server',
+      #   ip: 'required host/ip of Jenkins Server',
       #   port: 'optional tcp port (defaults to 8080),
       #   username: 'optional username (functionality will be limited if ommitted)',
       #   password: 'optional password (functionality will be limited if ommitted)'
@@ -22,14 +22,14 @@ module PWN
       # )
 
       public_class_method def self.connect(opts = {})
-        jenkins_ip = opts[:jenkins_ip]
+        ip = opts[:ip]
         port = if opts[:port]
                  opts[:port].to_i
                else
                  8080
                end
         username = opts[:username].to_s.scrub
-        base_jenkins_api_uri = "https://#{jenkins_ip}/ase/services".to_s.scrub
+        base_jenkins_api_uri = "https://#{ip}/ase/services".to_s.scrub
         password = opts[:password].to_s.scrub
         identity_file = opts[:identity_file].to_s.scrub
         ssl_bool = if opts[:ssl] == true
@@ -45,11 +45,11 @@ module PWN
           proxy_port = proxy.port
         end
 
-        @@logger.info("Logging into Jenkins Server: #{jenkins_ip}")
+        @@logger.info("Logging into Jenkins Server: #{ip}")
         if username == '' && password == ''
           if identity_file == ''
             jenkins_obj = JenkinsApi::Client.new(
-              server_ip: jenkins_ip,
+              server_ip: ip,
               server_port: port,
               follow_redirects: true,
               ssl: ssl_bool,
@@ -59,7 +59,7 @@ module PWN
             )
           else
             jenkins_obj = JenkinsApi::Client.new(
-              server_ip: jenkins_ip,
+              server_ip: ip,
               server_port: port,
               identity_file: identity_file,
               follow_redirects: true,
@@ -72,7 +72,7 @@ module PWN
         else
           password = PWN::Plugins::AuthenticationHelper.mask_password if password == ''
           jenkins_obj = JenkinsApi::Client.new(
-            server_ip: jenkins_ip,
+            server_ip: ip,
             server_port: port,
             username: username,
             password: password,
@@ -452,7 +452,7 @@ module PWN
       public_class_method def self.help
         puts %{USAGE:
           jenkins_obj = #{self}.connect(
-            jenkins_ip: 'required host/ip of Jenkins Server',
+            ip: 'required host/ip of Jenkins Server',
             port: 'optional tcp port (defaults to 8080),
             username: 'optional username (functionality will be limited if ommitted)',
             password: 'optional password (functionality will be limited if ommitted)',

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.774'
+  VERSION = '0.4.775'
 end

data/packer/provisioners/jenkins.sh

@@ -20,7 +20,12 @@ rvm use ruby-$ruby_version@pwn
 
 printf "Installing Jenkins ********************************************************************"
 domain_name=`hostname -d`
-wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -
+curl -fsSL https://pkg.jenkins.io/debian/jenkins.io-2023.key | sudo tee \
+    /usr/share/keyrings/jenkins-keyring.asc > /dev/null
+
+echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
+    https://pkg.jenkins.io/debian binary/ | sudo tee \
+    /etc/apt/sources.list.d/jenkins.list > /dev/null
 
 # Get back to a Java version Jenkins supports
 sudo ln -sf /usr/lib/jvm/java-11-openjdk-amd64/bin/java /etc/alternatives/java
@@ -51,12 +56,12 @@ echo "JENKINS Initial Admin: ${initial_admin_pwd}"
 
 # TODO: Get this working
 # printf "Updating Pre-Installed Jenkins Plugins ************************************************"
-# pwn_jenkins_update_plugins --jenkins_ip 127.0.0.1 -U admin -P $initial_admin_pwd --no-restart-jenkins
+# pwn_jenkins_update_plugins --ip 127.0.0.1 -U admin --api-key $initial_admin_pwd --no-restart-jenkins
 
 printf "Installing Necessary Jenkins Plugins **************************************************"
-pwn_jenkins_install_plugin --jenkins_ip 127.0.0.1 \
+pwn_jenkins_install_plugin --ip 127.0.0.1 \
   -d 8888 \
   -U admin \
-  -P $initial_admin_pwd \
+  --api-key $initial_admin_pwd \
   --no-restart-jenkins \
   -p "ace-editor, analysis-core, ansicolor, ant, antisamy-markup-formatter, apache-httpcomponents-client-4-api, bouncycastle-api, build-pipeline-plugin, bulk-builder, command-launcher, conditional-buildstep, credentials, dashboard-view, dependency-check-jenkins-plugin, dependency-track, display-url-api, external-monitor-job, git, git-client, handlebars, htmlpublisher, jackson2-api, javadoc, jdk-tool, jquery, jquery-detached, jquery-ui, jsch, junit, ldap, log-parser, mailer, matrix-auth, matrix-project, maven-plugin, momentjs, nested-view, pam-auth, parameterized-trigger, pipeline-build-step, pipeline-graph-analysis, pipeline-input-step, pipeline-rest-api, pipeline-stage-step, pipeline-stage-view, plain-credentials, purge-build-queue-plugin, role-strategy, run-condition, scm-api, script-security, slack, ssh-agent, ssh-credentials, ssh-slaves, structs, token-macro, windows-slaves, workflow-api, workflow-cps, workflow-job, workflow-scm-step, workflow-step-api, workflow-support"

data/vagrant/provisioners/jenkins.sh

@@ -33,7 +33,7 @@ printf "Creating Self-Update and PWN-Template Jobs *****************************
 ls $jenkins_userland_root/jobs/*.xml | while read jenkins_xml_config; do
   file_name=`basename $jenkins_xml_config`
   job_name=${file_name%.*}
-  pwn_jenkins_create_job --jenkins_ip 127.0.0.1 \
+  pwn_jenkins_create_job --ip 127.0.0.1 \
     -d 8888 \
     -U admin \
     -P $initial_admin_pwd \
@@ -48,7 +48,7 @@ if [[ $? == 0 ]]; then
   ls $jenkins_userland_root/jobs_userland/*.xml | while read jenkins_xml_config; do
     file_name=`basename $jenkins_xml_config`
     job_name=${file_name%.*}
-    pwn_jenkins_create_job --jenkins_ip 127.0.0.1 \
+    pwn_jenkins_create_job --ip 127.0.0.1 \
       -d 8888 \
       -U admin \
       -P $initial_admin_pwd \
@@ -58,28 +58,28 @@ if [[ $? == 0 ]]; then
 fi
 
 printf "Creating Jenkins Views ****************************************************************"
-pwn_jenkins_create_view --jenkins_ip 127.0.0.1 \
+pwn_jenkins_create_view --ip 127.0.0.1 \
   -d 8888 \
   -U admin \
   -P $initial_admin_pwd \
   -v 'PWN-Templates' \
   -r '^pwntemplate-.+$'
 
-pwn_jenkins_create_view --jenkins_ip 127.0.0.1 \
+pwn_jenkins_create_view --ip 127.0.0.1 \
   -d 8888 \
   -U admin \
   -P $initial_admin_pwd \
   -v 'Self-Update' \
   -r '^selfupdate-.+$'
 
-pwn_jenkins_create_view --jenkins_ip 127.0.0.1 \
+pwn_jenkins_create_view --ip 127.0.0.1 \
   -d 8888 \
   -U admin \
   -P $initial_admin_pwd \
   -v 'Pipeline' \
   -r '^pipeline-.+$'
 
-pwn_jenkins_create_view --jenkins_ip 127.0.0.1 \
+pwn_jenkins_create_view --ip 127.0.0.1 \
   -d 8888 \
   -U admin \
   -P $initial_admin_pwd \

data/vagrant/provisioners/jenkins_ssh-keygen.rb

@@ -43,7 +43,7 @@ puts `
 
 # TODO: Create Jenkins SSH Credentials for all hosts referenced in vagrant.yaml (User-Land Config)
 jenkins_obj = PWN::Plugins::Jenkins.connect(
-  jenkins_ip: '127.0.0.1',
+  ip: '127.0.0.1',
   port: 8888,
   username: userland_user,
   password: userland_pass

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.774
+  version: 0.4.775
 platform: ruby
 authors:
 - 0day Inc.
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.5.1
+        version: 7.0.6
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.5.1
+        version: 7.0.6
 - !ruby/object:Gem::Dependency
   name: anemone
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.14
+        version: 2.4.15
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.14
+        version: 2.4.15
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -2155,7 +2155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.14
+rubygems_version: 3.4.15
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond