pwn 0.4.957 → 0.4.958

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/README.md +3 -3
  4. data/bin/pwn_defectdojo_importscan +2 -2
  5. data/bin/pwn_defectdojo_reimportscan +2 -2
  6. data/lib/pwn/plugins/defect_dojo.rb +4 -0
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +10 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a5a060877f96c4b402469f2889a26ab4c1b7a79b4d168e72ed88ab014d5ac996
4
- data.tar.gz: 8d59704a564668cbe8fb1c971b0bce667636dcd8f147f15a07405698a0bb1432
3
+ metadata.gz: c6b7d3647903d295b3b512ea781c69cc886b9fd5ba48d8dfd707171be61f4b33
4
+ data.tar.gz: a22b4e9e3954391f93ce25e6d0f6f59b814e36d0fb62b24c3c42c8e380d88016
5
5
  SHA512:
6
- metadata.gz: 4a861137f80f48f98a95d0250ee64f7dbda436033359d75376e9ec735c6b640ea8c76d156c98e782f92a8988e751424b102c31998db87e35be5e14e1c61e0e16
7
- data.tar.gz: f79281dfe8784e08ba1f47490a93c75dd50029513413d6c215cf3d4cbf43b8b8667823ac4244ccc7d8be28830cc805e3764c015c6571e916153da612f0f45c90
6
+ metadata.gz: 887c0e9ec4cd32ffd8fcbe6f5db832b88261ba3e8f51c382d0e7d01e72a38b66969608dd1286bb784b2db1d0135b2a30ddb31c0b90675eb5756e346edc0483d1
7
+ data.tar.gz: 19e71a82ede71aa0d4d5dbf1e4b2a999d3b9401ffe5eaf8203f0df65ac7f55627b5dd70a47158b620648328d8d442a9948e034168b65079383e51cb238aac0b3
data/Gemfile CHANGED
@@ -11,7 +11,7 @@ gemspec
11
11
  # In some circumstances custom flags are passed to gems in order
12
12
  # to build appropriately. Defer to ./reinstall_pwn_gemset.sh
13
13
  # to review these custom flags (e.g. pg, serialport, etc).
14
- gem 'activesupport', '7.1.2'
14
+ gem 'activesupport', '7.1.3'
15
15
  gem 'anemone', '0.7.2'
16
16
  gem 'authy', '3.0.1'
17
17
  gem 'aws-sdk', '3.2.0'
@@ -26,7 +26,7 @@ gem 'colorize', '1.1.0'
26
26
  gem 'credit_card_validations', '6.1.0'
27
27
  gem 'eventmachine', '1.2.7'
28
28
  gem 'executable-hooks', '1.7.1'
29
- gem 'faker', '3.2.2'
29
+ gem 'faker', '3.2.3'
30
30
  gem 'faye-websocket', '0.11.3'
31
31
  gem 'ffi', '1.16.3'
32
32
  gem 'fftw3', '0.3'
@@ -72,7 +72,7 @@ gem 'rmagick', '5.3.0'
72
72
  gem 'rqrcode', '2.2.0'
73
73
  gem 'rspec', '3.12.0'
74
74
  gem 'rtesseract', '3.1.3'
75
- gem 'rubocop', '1.59.0'
75
+ gem 'rubocop', '1.60.1'
76
76
  gem 'rubocop-rake', '0.6.0'
77
77
  gem 'rubocop-rspec', '2.26.1'
78
78
  gem 'ruby-audio', '1.6.1'
@@ -85,7 +85,7 @@ gem 'serialport', '1.3.2'
85
85
  gem 'sinatra', '3.2.0'
86
86
  gem 'slack-ruby-client', '2.2.0'
87
87
  gem 'socksify', '1.7.1'
88
- gem 'spreadsheet', '1.3.0'
88
+ gem 'spreadsheet', '1.3.1'
89
89
  gem 'sqlite3', '1.7.0'
90
90
  gem 'thin', '1.8.2'
91
91
  gem 'tty-prompt', '0.23.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.4.957]:001 >>> PWN.help
40
+ pwn[v0.4.958]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.957]:001 >>> PWN.help
55
+ pwn[v0.4.958]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.4.957]:001 >>> PWN.help
65
+ pwn[v0.4.958]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/bin/pwn_defectdojo_importscan CHANGED
@@ -62,11 +62,11 @@ OptionParser.new do |options|
62
62
  opts[:create_finding_groups] = g
63
63
  end
64
64
 
65
- options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
65
+ options.on('-c', '--close-old-findings-product-scope', '<Optional - Select if close_old_findings applies to all findings of the same type in the product (defaults to false)') do |c|
66
66
  opts[:close_old_findings_product_scope] = c
67
67
  end
68
68
 
69
- options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
69
+ options.on('-C', '--close-old-findings', '<Optional - old findings no longer present in the report get closed as mitigated when importing (defaults to false)') do |c|
70
70
  opts[:close_old_findings] = c
71
71
  end
72
72
 
data/bin/pwn_defectdojo_reimportscan CHANGED
@@ -62,11 +62,11 @@ OptionParser.new do |options|
62
62
  opts[:create_finding_groups] = g
63
63
  end
64
64
 
65
- options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
65
+ options.on('-c', '--close-old-findings-product-scope', '<Optional - Select if close_old_findings applies to all findings of the same type in the product (defaults to false)') do |c|
66
66
  opts[:close_old_findings_product_scope] = c
67
67
  end
68
68
 
69
- options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
69
+ options.on('-C', '--close-old-findings', '<Optional - old findings no longer present in the report get closed as mitigated when importing (defaults to false)') do |c|
70
70
  opts[:close_old_findings] = c
71
71
  end
72
72
 
data/lib/pwn/plugins/defect_dojo.rb CHANGED
@@ -473,6 +473,8 @@ module PWN
473
473
 
474
474
  opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
475
475
 
476
+ opts[:close_old_findings] = true if opts[:close_old_findings_product_scope]
477
+
476
478
  opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
477
479
 
478
480
  opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
@@ -581,6 +583,8 @@ module PWN
581
583
 
582
584
  opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
583
585
 
586
+ opts[:close_old_findings] = true if opts[:close_old_findings_product_scope]
587
+
584
588
  opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
585
589
 
586
590
  opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.957'
4
+ VERSION = '0.4.958'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.957
4
+ version: 0.4.958
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-12 00:00:00.000000000 Z
11
+ date: 2024-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.1.2
19
+ version: 7.1.3
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.1.2
26
+ version: 7.1.3
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: anemone
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -212,14 +212,14 @@ dependencies:
212
212
  requirements:
213
213
  - - '='
214
214
  - !ruby/object:Gem::Version
215
- version: 3.2.2
215
+ version: 3.2.3
216
216
  type: :runtime
217
217
  prerelease: false
218
218
  version_requirements: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - '='
221
221
  - !ruby/object:Gem::Version
222
- version: 3.2.2
222
+ version: 3.2.3
223
223
  - !ruby/object:Gem::Dependency
224
224
  name: faye-websocket
225
225
  requirement: !ruby/object:Gem::Requirement
@@ -856,14 +856,14 @@ dependencies:
856
856
  requirements:
857
857
  - - '='
858
858
  - !ruby/object:Gem::Version
859
- version: 1.59.0
859
+ version: 1.60.1
860
860
  type: :runtime
861
861
  prerelease: false
862
862
  version_requirements: !ruby/object:Gem::Requirement
863
863
  requirements:
864
864
  - - '='
865
865
  - !ruby/object:Gem::Version
866
- version: 1.59.0
866
+ version: 1.60.1
867
867
  - !ruby/object:Gem::Dependency
868
868
  name: rubocop-rake
869
869
  requirement: !ruby/object:Gem::Requirement
@@ -1038,14 +1038,14 @@ dependencies:
1038
1038
  requirements:
1039
1039
  - - '='
1040
1040
  - !ruby/object:Gem::Version
1041
- version: 1.3.0
1041
+ version: 1.3.1
1042
1042
  type: :runtime
1043
1043
  prerelease: false
1044
1044
  version_requirements: !ruby/object:Gem::Requirement
1045
1045
  requirements:
1046
1046
  - - '='
1047
1047
  - !ruby/object:Gem::Version
1048
- version: 1.3.0
1048
+ version: 1.3.1
1049
1049
  - !ruby/object:Gem::Dependency
1050
1050
  name: sqlite3
1051
1051
  requirement: !ruby/object:Gem::Requirement