pwn 0.4.957 → 0.4.958

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/README.md +3 -3
  4. data/bin/pwn_defectdojo_importscan +2 -2
  5. data/bin/pwn_defectdojo_reimportscan +2 -2
  6. data/lib/pwn/plugins/defect_dojo.rb +4 -0
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +10 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a5a060877f96c4b402469f2889a26ab4c1b7a79b4d168e72ed88ab014d5ac996
4
- data.tar.gz: 8d59704a564668cbe8fb1c971b0bce667636dcd8f147f15a07405698a0bb1432
3
+ metadata.gz: c6b7d3647903d295b3b512ea781c69cc886b9fd5ba48d8dfd707171be61f4b33
4
+ data.tar.gz: a22b4e9e3954391f93ce25e6d0f6f59b814e36d0fb62b24c3c42c8e380d88016
5
5
  SHA512:
6
- metadata.gz: 4a861137f80f48f98a95d0250ee64f7dbda436033359d75376e9ec735c6b640ea8c76d156c98e782f92a8988e751424b102c31998db87e35be5e14e1c61e0e16
7
- data.tar.gz: f79281dfe8784e08ba1f47490a93c75dd50029513413d6c215cf3d4cbf43b8b8667823ac4244ccc7d8be28830cc805e3764c015c6571e916153da612f0f45c90
6
+ metadata.gz: 887c0e9ec4cd32ffd8fcbe6f5db832b88261ba3e8f51c382d0e7d01e72a38b66969608dd1286bb784b2db1d0135b2a30ddb31c0b90675eb5756e346edc0483d1
7
+ data.tar.gz: 19e71a82ede71aa0d4d5dbf1e4b2a999d3b9401ffe5eaf8203f0df65ac7f55627b5dd70a47158b620648328d8d442a9948e034168b65079383e51cb238aac0b3
data/Gemfile CHANGED
@@ -11,7 +11,7 @@ gemspec
11
11
  # In some circumstances custom flags are passed to gems in order
12
12
  # to build appropriately. Defer to ./reinstall_pwn_gemset.sh
13
13
  # to review these custom flags (e.g. pg, serialport, etc).
14
- gem 'activesupport', '7.1.2'
14
+ gem 'activesupport', '7.1.3'
15
15
  gem 'anemone', '0.7.2'
16
16
  gem 'authy', '3.0.1'
17
17
  gem 'aws-sdk', '3.2.0'
@@ -26,7 +26,7 @@ gem 'colorize', '1.1.0'
26
26
  gem 'credit_card_validations', '6.1.0'
27
27
  gem 'eventmachine', '1.2.7'
28
28
  gem 'executable-hooks', '1.7.1'
29
- gem 'faker', '3.2.2'
29
+ gem 'faker', '3.2.3'
30
30
  gem 'faye-websocket', '0.11.3'
31
31
  gem 'ffi', '1.16.3'
32
32
  gem 'fftw3', '0.3'
@@ -72,7 +72,7 @@ gem 'rmagick', '5.3.0'
72
72
  gem 'rqrcode', '2.2.0'
73
73
  gem 'rspec', '3.12.0'
74
74
  gem 'rtesseract', '3.1.3'
75
- gem 'rubocop', '1.59.0'
75
+ gem 'rubocop', '1.60.1'
76
76
  gem 'rubocop-rake', '0.6.0'
77
77
  gem 'rubocop-rspec', '2.26.1'
78
78
  gem 'ruby-audio', '1.6.1'
@@ -85,7 +85,7 @@ gem 'serialport', '1.3.2'
85
85
  gem 'sinatra', '3.2.0'
86
86
  gem 'slack-ruby-client', '2.2.0'
87
87
  gem 'socksify', '1.7.1'
88
- gem 'spreadsheet', '1.3.0'
88
+ gem 'spreadsheet', '1.3.1'
89
89
  gem 'sqlite3', '1.7.0'
90
90
  gem 'thin', '1.8.2'
91
91
  gem 'tty-prompt', '0.23.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.4.957]:001 >>> PWN.help
40
+ pwn[v0.4.958]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.957]:001 >>> PWN.help
55
+ pwn[v0.4.958]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.4.957]:001 >>> PWN.help
65
+ pwn[v0.4.958]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/bin/pwn_defectdojo_importscan CHANGED
@@ -62,11 +62,11 @@ OptionParser.new do |options|
62
62
  opts[:create_finding_groups] = g
63
63
  end
64
64
 
65
- options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
65
+ options.on('-c', '--close-old-findings-product-scope', '<Optional - Select if close_old_findings applies to all findings of the same type in the product (defaults to false)') do |c|
66
66
  opts[:close_old_findings_product_scope] = c
67
67
  end
68
68
 
69
- options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
69
+ options.on('-C', '--close-old-findings', '<Optional - old findings no longer present in the report get closed as mitigated when importing (defaults to false)') do |c|
70
70
  opts[:close_old_findings] = c
71
71
  end
72
72
 
data/bin/pwn_defectdojo_reimportscan CHANGED
@@ -62,11 +62,11 @@ OptionParser.new do |options|
62
62
  opts[:create_finding_groups] = g
63
63
  end
64
64
 
65
- options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
65
+ options.on('-c', '--close-old-findings-product-scope', '<Optional - Select if close_old_findings applies to all findings of the same type in the product (defaults to false)') do |c|
66
66
  opts[:close_old_findings_product_scope] = c
67
67
  end
68
68
 
69
- options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
69
+ options.on('-C', '--close-old-findings', '<Optional - old findings no longer present in the report get closed as mitigated when importing (defaults to false)') do |c|
70
70
  opts[:close_old_findings] = c
71
71
  end
72
72
 
data/lib/pwn/plugins/defect_dojo.rb CHANGED
@@ -473,6 +473,8 @@ module PWN
473
473
 
474
474
  opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
475
475
 
476
+ opts[:close_old_findings] = true if opts[:close_old_findings_product_scope]
477
+
476
478
  opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
477
479
 
478
480
  opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
@@ -581,6 +583,8 @@ module PWN
581
583
 
582
584
  opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
583
585
 
586
+ opts[:close_old_findings] = true if opts[:close_old_findings_product_scope]
587
+
584
588
  opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
585
589
 
586
590
  opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.957'
4
+ VERSION = '0.4.958'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.957
4
+ version: 0.4.958
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-12 00:00:00.000000000 Z
11
+ date: 2024-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.1.2
19
+ version: 7.1.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.1.2
26
+ version: 7.1.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: anemone
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -212,14 +212,14 @@ dependencies:
212
212
  requirements:
213
213
  - - '='
214
214
  - !ruby/object:Gem::Version
215
- version: 3.2.2
215
+ version: 3.2.3
216
216
  type: :runtime
217
217
  prerelease: false
218
218
  version_requirements: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - '='
221
221
  - !ruby/object:Gem::Version
222
- version: 3.2.2
222
+ version: 3.2.3
223
223
  - !ruby/object:Gem::Dependency
224
224
  name: faye-websocket
225
225
  requirement: !ruby/object:Gem::Requirement
@@ -856,14 +856,14 @@ dependencies:
856
856
  requirements:
857
857
  - - '='
858
858
  - !ruby/object:Gem::Version
859
- version: 1.59.0
859
+ version: 1.60.1
860
860
  type: :runtime
861
861
  prerelease: false
862
862
  version_requirements: !ruby/object:Gem::Requirement
863
863
  requirements:
864
864
  - - '='
865
865
  - !ruby/object:Gem::Version
866
- version: 1.59.0
866
+ version: 1.60.1
867
867
  - !ruby/object:Gem::Dependency
868
868
  name: rubocop-rake
869
869
  requirement: !ruby/object:Gem::Requirement
@@ -1038,14 +1038,14 @@ dependencies:
1038
1038
  requirements:
1039
1039
  - - '='
1040
1040
  - !ruby/object:Gem::Version
1041
- version: 1.3.0
1041
+ version: 1.3.1
1042
1042
  type: :runtime
1043
1043
  prerelease: false
1044
1044
  version_requirements: !ruby/object:Gem::Requirement
1045
1045
  requirements:
1046
1046
  - - '='
1047
1047
  - !ruby/object:Gem::Version
1048
- version: 1.3.0
1048
+ version: 1.3.1
1049
1049
  - !ruby/object:Gem::Dependency
1050
1050
  name: sqlite3
1051
1051
  requirement: !ruby/object:Gem::Requirement