pwn 0.4.954 → 0.4.955

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 28a14c2942755a7fb25aaf6346940cb30fa4d73e94289973fc23664c43cedc49
-  data.tar.gz: 11bd38353f2b36a52cd500a7675e3a7e238757ca11af8b6354cf0fafac6e9506
+  metadata.gz: 79f511213547613e95b15321c881eb7a7b8a6e423d91b3082a8e03d887dc617b
+  data.tar.gz: c30e67ed860a39ca0d06b55c0054463a743aca7ce6c0ed1b55d58e9d521782e6
 SHA512:
-  metadata.gz: 48151bcf8319ae6f1064eb372adea077ceeaa8bae09a7c4a09f8144c70b653181e1fcb605cdbad039278855938329eac71283d3e252b8b5dc8bab084960f0ae7
-  data.tar.gz: f27c1e884ef5c834d61283a1fc08b59f04504fe89548b3ea830914d0b5cb230f366bdb1fa0a26924c463b14984690c336461beb2d12ec866bf0fbe30ed692042
+  metadata.gz: ceb5802ae3f13a968f080d75eaf2186bd74ea61a5e3362f832d3e719aa2a4c7dd4c630a8a2ca666089b1584702063ea323daf5c45406977ab3f7b18abcfc2557
+  data.tar.gz: 435995106899a04601ef9140fa998f49fdb4939752ec47d8309c91415c634a5c97d304e6dba650eb6401609eecc508542cbaef56659247aff071f9ce287f8e7a

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.4.954]:001 >>> PWN.help
+pwn[v0.4.955]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.954]:001 >>> PWN.help
+pwn[v0.4.955]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.4.954]:001 >>> PWN.help
+pwn[v0.4.955]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.954'
+  VERSION = '0.4.955'
 end

data/lib/pwn/www/hacker_one.rb

@@ -75,6 +75,135 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # scope_details = PWN::WWW::HackerOne.get_scope_details(
+      #   program_name: 'required - program name from #get_bounty_programs method',
+      #   proxy: 'optional - scheme://proxy_host:port || tor'
+      # )
+
+      public_class_method def self.get_scope_details(opts = {})
+        program_name = opts[:program_name]
+        proxy = opts[:proxy]
+
+        browser_obj = PWN::Plugins::TransparentBrowser.open(
+          browser_type: :rest,
+          proxy: proxy
+        )
+        rest_client = browser_obj[:browser]
+        rest_request = rest_client::Request
+
+        graphql_endpoint = 'https://hackerone.com/graphql'
+        headers = { content_type: 'application/json' }
+        # NOTE: If you copy this payload to the pwn REPL
+        # the triple dots ... attempt to execute commands
+        # <cough>Pry CE</cough>
+        payload = {
+          operationName: 'PolicySearchStructuredScopesQuery',
+          variables: {
+            handle: program_name,
+            searchString: '',
+            eligibleForSubmission: nil,
+            eligibleForBounty: nil,
+            asmTagIds: [],
+            from: 0,
+            size: 100,
+            sort: {
+              field: 'cvss_score',
+              direction: 'DESC'
+            },
+            product_area: 'h1_assets',
+            product_feature: 'policy_scopes'
+          },
+          query: 'query PolicySearchStructuredScopesQuery(
+            $handle: String!,
+            $searchString: String,
+            $eligibleForSubmission: Boolean,
+            $eligibleForBounty: Boolean,
+            $minSeverityScore: SeverityRatingEnum,
+            $asmTagIds: [Int],
+            $from: Int, $size: Int, $sort: SortInput) {
+              team(handle: $handle) {
+                id
+                structured_scopes_search(
+                  search_string: $searchString
+                  eligible_for_submission: $eligibleForSubmission
+                  eligible_for_bounty: $eligibleForBounty
+                  min_severity_score: $minSeverityScore
+                  asm_tag_ids: $asmTagIds
+                  from: $from
+                  size: $size
+                  sort: $sort
+                ) {
+                  nodes {
+                    ... on StructuredScopeDocument {
+                      id
+                      ...PolicyScopeStructuredScopeDocument
+                      __typename
+                    }
+                    __typename
+                  }
+                  pageInfo {
+                    startCursor
+                    hasPreviousPage
+                    endCursor
+                    hasNextPage
+                    __typename
+                  }
+                  total_count
+                  __typename
+                }
+                __typename
+              }
+            }
+
+            fragment PolicyScopeStructuredScopeDocument on StructuredScopeDocument {
+              id
+              identifier
+              display_name
+              instruction
+              cvss_score
+              eligible_for_bounty
+              eligible_for_submission
+              asm_system_tags
+              created_at
+              updated_at
+              attachments {
+                id
+                file_name
+                file_size
+                content_type
+                expiring_url
+                __typename
+              }
+              __typename
+            }
+          '
+        }
+
+        rest_response = rest_request.execute(
+          method: :post,
+          url: graphql_endpoint,
+          headers: headers,
+          payload: payload.to_json.delete("\n"),
+          verify_ssl: false
+        )
+
+        JSON.parse(rest_response.body, symbolize_names: true)
+      rescue RestClient::ExceptionWithResponse => e
+        if e.response
+          puts "HTTP RESPONSE CODE: #{e.response.code}"
+          puts "HTTP RESPONSE HEADERS:\n#{e.response.headers}"
+          puts "HTTP RESPONSE BODY:\n#{e.response.body}\n\n\n"
+        end
+
+        raise e
+      rescue StandardError => e
+        raise e
+      ensure
+        browser_obj = PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj) if browser_obj
+        rest_client = nil if rest_client
+        rest_request = nil if rest_request
+      end
       # Supported Method Parameters::
       # PWN::WWW::HackerOne.save_burp_target_config_file(
       #   programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
@@ -229,6 +358,11 @@ module PWN
             min_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)'
           )
 
+          scope_details = PWN::WWW::HackerOne.get_scope_details(
+            program_name: 'required - program name from #get_bounty_programs method',
+            proxy: 'optional - scheme://proxy_host:port || tor'
+          )
+
           #{self}.save_burp_target_config_file(
             programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
             browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.954
+  version: 0.4.955
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-10 00:00:00.000000000 Z
+date: 2024-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport