pwn 0.5.304 → 0.5.305

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b137a3b717375a238a9df5e4284375ff56020b02539c7d9d11f01fcfd4a7fc7f
-  data.tar.gz: cab62aa76f4d0d79516383f2e2ff1777fa727d6f7f8f88c1a588100441563d10
+  metadata.gz: 7212f39e5a45f10409275c4a73a5c7adab8792e5cc0e23bd489741193ef7140a
+  data.tar.gz: 12bdcbd741a7757d8acb612757c7f7eab0aa8bb3f1029f060ce728e44d86c497
 SHA512:
-  metadata.gz: 88a6d3aec66331f3eb96d92b7497036c58c36342e889b3007f3619dc4ea96f7af8043ae4329957d25a4af9ea83526d5f28cf8c3dde0b96b65a00c9dc2eb94f96
-  data.tar.gz: 9459fb242e006971376260765ddf71ed81f854fe745c0ea37ad8a95d18c1e12e5db364e81270760def032423ecd3125987639ccc560564447f2a9257c568b3f4
+  metadata.gz: 7cb9c161c8fb78f1e5ce98f722b5b996af9c1500be12938ff7696a76be7fc8b12bc8715143b64d68d53e9ef7b943cdfd15ec26285e07333bdb4a0a88c197b2c9
+  data.tar.gz: dbe25739420029d73a4bec8d6a4f9a70ae26e355f016862f188683ca126d2496764e49a96751f470c5e043cb498f9aebd1051c05f9ec8ec5281741440857a8dd

data/Gemfile

@@ -72,14 +72,14 @@ gem 'pry-doc', '1.6.0'
 gem 'rake', '13.3.0'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi2', '3.8.0'
-gem 'rdoc', '6.14.1'
+gem 'rdoc', '6.14.2'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '6.1.1'
 gem 'rqrcode', '3.1.0'
 gem 'rspec', '3.13.1'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.77.0'
+gem 'rubocop', '1.78.0'
 gem 'rubocop-rake', '0.7.1'
 gem 'rubocop-rspec', '3.6.0'
 gem 'ruby-audio', '1.6.1'
@@ -93,7 +93,7 @@ gem 'selenium-devtools', '0.138.0'
 gem 'slack-ruby-client', '2.6.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.4'
-gem 'sqlite3', '2.7.1'
+gem 'sqlite3', '2.7.2'
 gem 'thin', '2.0.1'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.304]:001 >>> PWN.help
+pwn[v0.5.305]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.304]:001 >>> PWN.help
+pwn[v0.5.305]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.304]:001 >>> PWN.help
+pwn[v0.5.305]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/reports/sast.rb

@@ -229,9 +229,10 @@ module PWN
                          var canned_email = email.replace("<", "").replace(">", "") + '?subject=Potential%20Bug%20within%20Source%20File:%20'+ encodeURIComponent(row.filename) +'&body=Greetings,%0A%0AThe%20following%20information%20likely%20represents%20a%20bug%20discovered%20through%20automated%20security%20testing%20initiatives:%0A%0A' + encodeURIComponent(canned_email_results) + 'Is%20this%20something%20that%20can%20be%20addressed%20immediately%20or%20would%20filing%20a%20bug%20be%20more%20appropriate?%20%20Please%20let%20us%20know%20at%20your%20earliest%20convenience%20to%20ensure%20we%20can%20meet%20security%20expectations%20for%20this%20release.%20%20Thanks%20and%20have%20a%20great%20day!';
 
                           domain = line_entry_uri.replace('http://','').replace('https://','').split(/[/?#]/)[0];
-                          if (domain.includes('stash')) {
+                          if (domain.includes('stash') || domain.includes('bitbucket') || domain.includes('gerrit')) {
                             to_line_number = line_entry_uri + '#' + data[i]['line_no'];
                           } else {
+                            // e.g. GitHub, GitLab, etc.
                             to_line_number = line_entry_uri + '#L' + data[i]['line_no'];
                           }
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.304'
+  VERSION = '0.5.305'
 end

data/third_party/pwn_rdoc.jsonl

@@ -665,14 +665,16 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::Jenkins.list_nested_jobs Usage"},{"role":"assistant","content":"`PWN::Plugins::Jenkins.list_nested_jobs`: Supported Method Parameters\n\nPWN::Plugins::Jenkins.list_nested_jobs(\n\njenkins_obj: 'required jenkins_obj returned from #connect method',\nview_path: 'required view path to list jobs'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Jenkins.list_nested_views Usage"},{"role":"assistant","content":"`PWN::Plugins::Jenkins.list_nested_views`: Supported Method Parameters\n\nPWN::Plugins::Jenkins.list_nested_views(\n\njenkins_obj: 'required jenkins_obj returned from #connect method',\nview_path: 'required view path list sub-views'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.create_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.create_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.create_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nproject_key: 'required - project key (e.g. PWN)',\nsummary: 'required - summary of the issue (e.g. Epic for PWN-1337)',\nissue_type: 'required - issue type (e.g. :epic, :story, :bug)',\ndescription: 'optional - description of the issue',\nepic_name: 'optional - name of the epic',\nadditional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'\nattachment: 'optional - attachment path to upload to the issue (e.g. \"/path/to/file1.txt\")'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.create_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.create_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.create_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nproject_key: 'required - project key (e.g. PWN)',\nsummary: 'required - summary of the issue (e.g. Epic for PWN-1337)',\nissue_type: 'required - issue type (e.g. :epic, :story, :bug)',\ndescription: 'optional - description of the issue',\nepic_name: 'optional - name of the epic',\nadditional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'\nattachments: 'optional - array of attachment paths to upload to the issue (e.g. [\"/tmp/file1.txt\", \"/tmp/file2.txt\"])',\ncomment: 'optional - comment to add to the issue (e.g. \"This is a comment\")'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.delete_attachment Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.delete_attachment`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.delete_attachment(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nid: 'required - attachment ID to delete (e.g. 10000) found in #get_issue method'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.delete_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.delete_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.delete_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nissue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.get_all_fields Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.get_all_fields`: Supported Method Parameters\n\nall_fields = PWN::Plugins::JiraServer.get_all_fields(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.get_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.get_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.get_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nissue: 'required - issue to lookup (e.g. Bug, Issue, Story, or Epic ID)',\nparams: 'optional - additional parameters to pass in the URI (e.g. fields, expand, etc.)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.get_user Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.get_user`: Supported Method Parameters\n\nuser = PWN::Plugins::JiraServer.get_user(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nusername: 'required - username to lookup (e.g. jane.doe)',\nparams: 'optional - additional parameters to pass in the URI (e.g. expand, etc.)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.help Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.help`: "}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.issue_comment Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.issue_comment`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.issue_comment(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nissue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)',\ncomment_action: 'required - action to perform on the issue comment (e.g. :delete, :add, :update - Defaults to :add)',\ncomment_id: 'optional - comment ID to delete or update (e.g. 10000)',\nauthor: 'optional - author of the comment (e.g. \"jane.doe\")',\ncomment: 'optional - comment to add or update in the issue (e.g. \"This is a comment\")'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.rest_call Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.rest_call`: Supported Method Parameters\n\nrest_call(\n\ntoken: 'required - personal access token',\nhttp_method: 'optional HTTP method (defaults to GET)',\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'\n\n)\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.update_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.update_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.update_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nfields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)',\nattachment: 'optional - attachment path to upload to the issue (e.g. \"/path/to/file1.txt\")'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.update_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.update_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.update_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - personal access token',\nfields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)',\nattachments: 'optional - array of attachment paths to upload to the issue (e.g. [\"/tmp/file1.txt\", \"/tmp/file2.txt\"])',\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.append Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.append`: Supported Method Parameters\n\nPWN::Log.create( )\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.help`: "}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.304
+  version: 0.5.305
 platform: ruby
 authors:
 - 0day Inc.
@@ -827,14 +827,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.14.1
+        version: 6.14.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.14.1
+        version: 6.14.2
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
@@ -925,14 +925,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.77.0
+        version: 1.78.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.77.0
+        version: 1.78.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -1093,14 +1093,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.1
+        version: 2.7.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.7.1
+        version: 2.7.2
 - !ruby/object:Gem::Dependency
   name: thin
   requirement: !ruby/object:Gem::Requirement