pwn 0.5.13 → 0.5.14

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 077f484f2b9500cfa05ca631d5cf9d3b733e22bb098ab496040b6547eb250efc
-  data.tar.gz: 4cb5019625d4760c5a88df2787d0c64e2f9c8cd7b7ba207538674bb814ccd0c6
+  metadata.gz: f4d7b49643615ac659c6e353df43344d16d7493733d6340401307e16665867b9
+  data.tar.gz: c0ce6888a69879255a2521b05f092d8468159c0e53f10af3595b920d2e4923d2
 SHA512:
-  metadata.gz: a09a9d8f7eee168d9dbef8d90c52b8c7cfcc0bd3740c89e11d8d801cf81934e3e4dcc8d1a72c8d02aa565883580b44039e75a0fb0b23f1d32a2eaec5367170d3
-  data.tar.gz: 22129979d248c5027eece2188d42b7f693183b31e7c0a9b0fa9935bf340edc425110034ed4be2d84d857b3d231ad6b56b9fcba9ba5f38dee03605dad9e18aede
+  metadata.gz: 02be3e9266a579b45c97c30b735686651920225baf55098fea0351e44988d731d9139d5989d926256c245cd7e808ae86d454a4f12adcd163773c4486ea245744
+  data.tar.gz: afd7274cfbdaa8ef552501ef574532748a88f4e0879779852e4e2b234972a37c479f8f0646118c11102c7f0084e103ac42c475eb8a8f78e138b34be34346853d

data/Gemfile

@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.2.0'
 # gem 'bettercap', '1.6.2'
 gem 'barby', '0.6.9'
 gem 'brakeman', '6.1.2'
-gem 'bson', '4.15.0'
+gem 'bson', '5.0.0'
 gem 'bundler', '>=2.5.6'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
@@ -44,7 +44,7 @@ gem 'jwt', '2.7.1'
 gem 'libusb', '0.6.4'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
-gem 'mongo', '2.19.3'
+# gem 'mongo', '2.19.3'
 gem 'msfrpc-client', '1.1.2'
 gem 'netaddr', '2.0.6'
 gem 'net-ldap', '0.19.0'
@@ -68,7 +68,7 @@ gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.6.2'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '5.4.2'
+gem 'rmagick', '5.4.3'
 gem 'rqrcode', '2.2.0'
 gem 'rspec', '3.13.0'
 gem 'rtesseract', '3.1.3'
@@ -79,7 +79,7 @@ gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.16.0'
 gem 'rvm', '1.11.3.9'
-gem 'savon', '2.14.0'
+gem 'savon', '2.15.0'
 gem 'selenium-devtools', '0.121.0'
 gem 'serialport', '1.3.2'
 # gem 'sinatra', '4.0.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.13]:001 >>> PWN.help
+pwn[v0.5.14]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.13]:001 >>> PWN.help
+pwn[v0.5.14]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.13]:001 >>> PWN.help
+pwn[v0.5.14]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_openvas_vulnscan

@@ -3,6 +3,7 @@
 
 require 'pwn'
 require 'optparse'
+require 'yaml'
 
 opts = {}
 OptionParser.new do |options|
@@ -10,6 +11,10 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
+  options.on('-cYPATH', '--yaml-config=YPATH', '<Required - YAML Config Containing Username & Password for Authentication>') do |c|
+    opts[:yaml_config] = c
+  end
+
   options.on('-tTASK_NAME', '--task-name=TASK_NAME', '<Required - Task Name to Start>') do |t|
     opts[:task_name] = t
   end
@@ -18,14 +23,6 @@ OptionParser.new do |options|
     opts[:report_dir] = d
   end
 
-  options.on('-uUSERNAME', '--username=USERNAME', '<Required - Username to AuthN>') do |u|
-    opts[:username] = u
-  end
-
-  options.on('-pPASSWORD', '--password=PASSWORD', '<Optional - Password to AuthN (Will Prompt if nil)>') do |p|
-    opts[:password] = p
-  end
-
   options.on('-fFILTER', '--report-filter=FILTER', '<Optional - GVM Results Filter (Default: "apply_overrides=0 levels=hml rows=1000 min_qod=70 first=1 sort-reverse=severity")>') do |p|
     opts[:password] = p
   end
@@ -43,11 +40,20 @@ raise "#{report_dir} Does Not Exist." unless Dir.exist?(
   report_dir
 )
 
-username = opts[:username]
-password = if opts[:password].nil?
+yaml_config = opts[:yaml_config]
+
+raise "YAML Config Not Found: #{yaml_config}" unless File.exist?(yaml_config)
+
+yaml = YAML.load_file(
+  yaml_config,
+  symbolize_names: true
+)
+
+username = yaml[:username]
+password = if yaml[:password].nil?
              PWN::Plugins::AuthenticationHelper.mask_password
            else
-             opts[:password].to_s.scrub
+             yaml[:password].to_s.scrub
            end
 
 report_filter = opts[:report_filter]

data/lib/pwn/plugins/dao_mongo.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'mongo'
+# require 'mongo'
 
 module PWN
   module Plugins

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.13'
+  VERSION = '0.5.14'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.13
+  version: 0.5.14
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-12 00:00:00.000000000 Z
+date: 2024-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.15.0
+        version: 5.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.15.0
+        version: 5.0.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -458,20 +458,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.8.1
-- !ruby/object:Gem::Dependency
-  name: mongo
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.19.3
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.19.3
 - !ruby/object:Gem::Dependency
   name: msfrpc-client
   requirement: !ruby/object:Gem::Requirement
@@ -800,14 +786,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.4.2
+        version: 5.4.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.4.2
+        version: 5.4.3
 - !ruby/object:Gem::Dependency
   name: rqrcode
   requirement: !ruby/object:Gem::Requirement
@@ -954,14 +940,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.14.0
+        version: 2.15.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.14.0
+        version: 2.15.0
 - !ruby/object:Gem::Dependency
   name: selenium-devtools
   requirement: !ruby/object:Gem::Requirement