pwn 0.5.378 → 0.5.379
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn_sast +9 -10
- data/lib/pwn/plugins/file_fu.rb +27 -6
- data/lib/pwn/plugins/git.rb +2 -5
- data/lib/pwn/reports/sast.rb +2 -2
- data/lib/pwn/sast/amqp_connect_as_guest.rb +3 -6
- data/lib/pwn/sast/apache_file_system_util_api.rb +3 -6
- data/lib/pwn/sast/aws.rb +3 -6
- data/lib/pwn/sast/banned_function_calls_c.rb +3 -6
- data/lib/pwn/sast/base64.rb +3 -6
- data/lib/pwn/sast/beef_hook.rb +3 -6
- data/lib/pwn/sast/cmd_execution_java.rb +3 -6
- data/lib/pwn/sast/cmd_execution_python.rb +3 -6
- data/lib/pwn/sast/cmd_execution_ruby.rb +3 -6
- data/lib/pwn/sast/cmd_execution_scala.rb +3 -6
- data/lib/pwn/sast/csrf.rb +3 -6
- data/lib/pwn/sast/deserial_java.rb +3 -6
- data/lib/pwn/sast/emoticon.rb +3 -6
- data/lib/pwn/sast/eval.rb +3 -6
- data/lib/pwn/sast/factory.rb +3 -6
- data/lib/pwn/sast/http_authorization_header.rb +3 -6
- data/lib/pwn/sast/inner_html.rb +3 -6
- data/lib/pwn/sast/keystore.rb +3 -6
- data/lib/pwn/sast/local_storage.rb +3 -6
- data/lib/pwn/sast/location_hash.rb +3 -6
- data/lib/pwn/sast/log4j.rb +3 -6
- data/lib/pwn/sast/logger.rb +3 -6
- data/lib/pwn/sast/md5.rb +3 -6
- data/lib/pwn/sast/outer_html.rb +3 -6
- data/lib/pwn/sast/padding_oracle.rb +3 -6
- data/lib/pwn/sast/password.rb +3 -6
- data/lib/pwn/sast/php_input_mechanisms.rb +3 -6
- data/lib/pwn/sast/php_type_juggling.rb +3 -6
- data/lib/pwn/sast/pom_version.rb +3 -6
- data/lib/pwn/sast/port.rb +3 -6
- data/lib/pwn/sast/post_message.rb +3 -6
- data/lib/pwn/sast/private_key.rb +3 -6
- data/lib/pwn/sast/redirect.rb +3 -6
- data/lib/pwn/sast/redos.rb +3 -6
- data/lib/pwn/sast/shell.rb +3 -6
- data/lib/pwn/sast/signature.rb +3 -6
- data/lib/pwn/sast/sql.rb +3 -6
- data/lib/pwn/sast/ssl.rb +3 -6
- data/lib/pwn/sast/sudo.rb +3 -6
- data/lib/pwn/sast/task_tag.rb +3 -6
- data/lib/pwn/sast/throw_errors.rb +3 -6
- data/lib/pwn/sast/token.rb +3 -6
- data/lib/pwn/sast/type_script_type_juggling.rb +3 -6
- data/lib/pwn/sast/version.rb +3 -6
- data/lib/pwn/sast/window_location_hash.rb +3 -6
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '08c57893a7c8ff17823511aa3c0322a12a4f4ce089120f6067bf6e6b58e5d27e'
|
|
4
|
+
data.tar.gz: 3b8e0556e4de92f923a16e7a6e79bdbf017523ba952c4f617bc0bfa36e2e83e5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4b627e3542f5b38403e1a7ed028f0e82c2c060751acdecfe7fdfe9ed0ea5cd5196558a9da64b84bece55584d51ade3337bd5234576b5aa982c753f7a2988bfb8
|
|
7
|
+
data.tar.gz: 9a1966d1dd62ae3f06876895f3fa2b328cacc21441b7df0621d212406d7c78a8b7f2d44b8cdcef38cb16d3a03bc79ab45bca288b7c9fa80c010982110fa892b3
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.379]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.379]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.379]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn_sast
CHANGED
|
@@ -43,7 +43,7 @@ OptionParser.new do |options|
|
|
|
43
43
|
opts[:ai_fqdn] = f
|
|
44
44
|
end
|
|
45
45
|
|
|
46
|
-
options.on('-mMODEL', '--ai-model=MODEL', '<Optional AI Model to Use for Respective AI Engine (e.g., grok-
|
|
46
|
+
options.on('-mMODEL', '--ai-model=MODEL', '<Optional AI Model to Use for Respective AI Engine (e.g., grok-4-0709, grok-3-mini-fast, gpt5-chat-latest, chargpt-4o-latest, llama-3.1, etc.)>') do |m|
|
|
47
47
|
opts[:ai_model] = m
|
|
48
48
|
end
|
|
49
49
|
|
|
@@ -70,6 +70,7 @@ if opts.empty?
|
|
|
70
70
|
end
|
|
71
71
|
|
|
72
72
|
begin
|
|
73
|
+
timestamp = Time.now.strftime('%Y-%m-%d.%H:%M:%S%z')
|
|
73
74
|
pwn_provider = 'ruby-gem'
|
|
74
75
|
# pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.select { |s| s == 'PWN_PROVIDER' }.any?
|
|
75
76
|
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
|
|
@@ -88,7 +89,8 @@ begin
|
|
|
88
89
|
list_test_cases = opts[:list_test_cases]
|
|
89
90
|
|
|
90
91
|
report_name = opts[:report_name]
|
|
91
|
-
report_name ||= File.basename(Dir.pwd)
|
|
92
|
+
report_name ||= "#{File.basename(Dir.pwd)}-#{timestamp}" if dir_path == '.'
|
|
93
|
+
report_name ||= "#{File.basename(dir_path)}-#{timestamp}" unless dir_path == '.'
|
|
92
94
|
|
|
93
95
|
ai_engine = opts[:ai_engine]
|
|
94
96
|
if ai_engine
|
|
@@ -209,16 +211,13 @@ begin
|
|
|
209
211
|
|
|
210
212
|
# Start Simple HTTP Server (If Requested)
|
|
211
213
|
if start_reporting_server
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
if pwn_provider == 'docker'
|
|
215
|
-
listen_ip = '0.0.0.0'
|
|
216
|
-
else
|
|
217
|
-
listen_ip = '127.0.0.1'
|
|
218
|
-
end
|
|
214
|
+
Dir.chdir(dir_path)
|
|
219
215
|
|
|
216
|
+
listen_ip = '127.0.0.1'
|
|
217
|
+
listen_ip = '0.0.0.0' if pwn_provider == 'docker'
|
|
218
|
+
listen_port = PWN::Plugins::Sock.get_random_unused_port.to_s
|
|
220
219
|
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
|
|
221
|
-
|
|
220
|
+
|
|
222
221
|
system(
|
|
223
222
|
'pwn_simple_http_server',
|
|
224
223
|
'-i',
|
data/lib/pwn/plugins/file_fu.rb
CHANGED
|
@@ -12,18 +12,37 @@ module PWN
|
|
|
12
12
|
# built-in ruby classes (e.g. contains an easy to use recursion method that
|
|
13
13
|
# uses yield to interact with each entry on the fly).
|
|
14
14
|
module FileFu
|
|
15
|
+
# Supported Method Parameters::
|
|
16
|
+
# PWN::Plugins::FileFu.recurse_in_dir(
|
|
17
|
+
# dir_path: 'optional path to dir defaults to .'
|
|
18
|
+
# )
|
|
19
|
+
|
|
20
|
+
public_class_method def self.recurse_in_dir(opts = {})
|
|
21
|
+
dir_path = opts[:dir_path] ||= '.'
|
|
22
|
+
dir_path = dir_path.to_s.scrub unless dir_path.is_a?(String)
|
|
23
|
+
raise "PWN Error: Invalid Directory #{dir_path}" unless Dir.exist?(dir_path)
|
|
24
|
+
|
|
25
|
+
previous_dir = Dir.pwd
|
|
26
|
+
Dir.chdir(dir_path)
|
|
27
|
+
# Execute this like this:
|
|
28
|
+
# recurse_in_dir(:dir_path => 'path to dir') {|entry| puts entry}
|
|
29
|
+
Dir.glob('**/*').each { |entry| yield Shellwords.escape(entry) }
|
|
30
|
+
rescue StandardError => e
|
|
31
|
+
raise e
|
|
32
|
+
ensure
|
|
33
|
+
Dir.chdir(previous_dir) if Dir.exist?(previous_dir)
|
|
34
|
+
end
|
|
35
|
+
|
|
15
36
|
# Supported Method Parameters::
|
|
16
37
|
# PWN::Plugins::FileFu.recurse_dir(
|
|
17
38
|
# dir_path: 'optional path to dir defaults to .'
|
|
18
39
|
# )
|
|
19
40
|
|
|
20
41
|
public_class_method def self.recurse_dir(opts = {})
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
|
26
|
-
end
|
|
42
|
+
dir_path = opts[:dir_path] ||= '.'
|
|
43
|
+
dir_path = dir_path.to_s.scrub unless dir_path.is_a?(String)
|
|
44
|
+
raise "PWN Error: Invalid Directory #{dir_path}" unless Dir.exist?(dir_path)
|
|
45
|
+
|
|
27
46
|
# Execute this like this:
|
|
28
47
|
# recurse_dir(:dir_path => 'path to dir') {|entry| puts entry}
|
|
29
48
|
Dir.glob("#{dir_path}/**/*").each { |entry| yield Shellwords.escape(entry) }
|
|
@@ -59,6 +78,8 @@ module PWN
|
|
|
59
78
|
|
|
60
79
|
public_class_method def self.help
|
|
61
80
|
puts "USAGE:
|
|
81
|
+
#{self}.recurse_in_dir(dir_path: 'optional path to dir defaults to .') {|entry| puts entry}
|
|
82
|
+
|
|
62
83
|
#{self}.recurse_dir(dir_path: 'optional path to dir defaults to .') {|entry| puts entry}
|
|
63
84
|
|
|
64
85
|
#{self}.untar_gz_file(
|
data/lib/pwn/plugins/git.rb
CHANGED
|
@@ -49,11 +49,8 @@ module PWN
|
|
|
49
49
|
# )
|
|
50
50
|
|
|
51
51
|
private_class_method def self.get_author_by_line_range(opts = {})
|
|
52
|
-
repo_root =
|
|
53
|
-
|
|
54
|
-
else
|
|
55
|
-
opts[:repo_root].to_s
|
|
56
|
-
end
|
|
52
|
+
repo_root = opts[:repo_root] ||= '.'
|
|
53
|
+
repo_root = opts[:repo_root].to_s unless repor_root.is_a?(String)
|
|
57
54
|
from_line = opts[:from_line].to_i
|
|
58
55
|
to_line = opts[:to_line].to_i
|
|
59
56
|
target_file = opts[:target_file].to_s
|
data/lib/pwn/reports/sast.rb
CHANGED
|
@@ -44,7 +44,7 @@ module PWN
|
|
|
44
44
|
raise 'ERROR: AI Model is required for AI engine ollama.' if ai_engine == :ollama && ai_model.nil?
|
|
45
45
|
|
|
46
46
|
ai_key = opts[:ai_key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: "#{ai_engine} Token")
|
|
47
|
-
ai_system_role_content = opts[:ai_system_role_content] ||= 'Is this code vulnerable or a false positive? Valid responses are only: "VULNERABLE" or "FALSE+".
|
|
47
|
+
ai_system_role_content = opts[:ai_system_role_content] ||= 'Is this code vulnerable or a false positive? Valid responses are only: "VULNERABLE" or "FALSE+". If this code is VULNERABLE, why?'
|
|
48
48
|
ai_temp = opts[:ai_temp] ||= 0.9
|
|
49
49
|
|
|
50
50
|
puts "Analyzing source code using AI engine: #{ai_engine}\nModel: #{ai_model}\nSystem Role Content: #{ai_system_role_content}\nTemperature: #{ai_temp}"
|
|
@@ -327,7 +327,7 @@ module PWN
|
|
|
327
327
|
to_line_number = line_entry_uri + '#L' + data[i]['line_no'];
|
|
328
328
|
}
|
|
329
329
|
|
|
330
|
-
pwn_rows = pwn_rows.concat('<tr class="' + tr_class + '"><td style="width:90px" align="left"><a href="' + htmlEntityEncode(to_line_number) + '" target="_blank">' + htmlEntityEncode(data[i]['line_no']) + '</a>: </td><td style="width:300px" align="left">' + htmlEntityEncode(data[i]['contents']) + '</td><td style="width:
|
|
330
|
+
pwn_rows = pwn_rows.concat('<tr class="' + tr_class + '"><td style="width:90px" align="left"><a href="' + htmlEntityEncode(to_line_number) + '" target="_blank">' + htmlEntityEncode(data[i]['line_no']) + '</a>: </td><td style="width:300px" align="left">' + htmlEntityEncode(data[i]['contents']) + '</td><td style="width:300px" align=:left">' + htmlEntityEncode(data[i]['ai_analysis']) + '</td><td style="width:200px" align="right"><a href="mailto:' + canned_email + '">' + htmlEntityEncode(data[i]['author']) + '</a></td></tr>');
|
|
331
331
|
}
|
|
332
332
|
pwn_rows = pwn_rows.concat('</tbody></table>');
|
|
333
333
|
return pwn_rows;
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -63,11 +63,8 @@ module PWN
|
|
|
63
63
|
while line_no_count > current_count
|
|
64
64
|
line_no = line_contents_split[current_count]
|
|
65
65
|
contents = line_contents_split[current_count + 1]
|
|
66
|
-
if Dir.exist?(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
repo_root = dir_path
|
|
70
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
66
|
+
if Dir.exist?('.git')
|
|
67
|
+
repo_root = '.'
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
|
73
70
|
from_line: line_no,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -62,11 +62,8 @@ module PWN
|
|
|
62
62
|
while line_no_count > current_count
|
|
63
63
|
line_no = line_contents_split[current_count]
|
|
64
64
|
contents = line_contents_split[current_count + 1]
|
|
65
|
-
if Dir.exist?(
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
repo_root = dir_path
|
|
69
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
65
|
+
if Dir.exist?('.git')
|
|
66
|
+
repo_root = '.'
|
|
70
67
|
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
data/lib/pwn/sast/aws.rb
CHANGED
|
@@ -20,7 +20,7 @@ module PWN
|
|
|
20
20
|
result_arr = []
|
|
21
21
|
logger_results = ''
|
|
22
22
|
|
|
23
|
-
PWN::Plugins::FileFu.
|
|
23
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
24
24
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
25
25
|
line_no_and_contents_arr = []
|
|
26
26
|
entry_beautified = false
|
|
@@ -63,11 +63,8 @@ module PWN
|
|
|
63
63
|
while line_no_count > current_count
|
|
64
64
|
line_no = line_contents_split[current_count]
|
|
65
65
|
contents = line_contents_split[current_count + 1]
|
|
66
|
-
if Dir.exist?(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
repo_root = dir_path
|
|
70
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
66
|
+
if Dir.exist?('.git')
|
|
67
|
+
repo_root = '.'
|
|
71
68
|
|
|
72
69
|
author = PWN::Plugins::Git.get_author(
|
|
73
70
|
repo_root: repo_root,
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.c' || File.extname(entry) == '.cpp' || File.extname(entry) == '.c++' || File.extname(entry) == '.cxx' || File.extname(entry) == '.h' || File.extname(entry) == '.hpp' || File.extname(entry) == '.h++' || File.extname(entry) == '.hh' || File.extname(entry) == '.hxx' || File.extname(entry) == '.ii' || File.extname(entry) == '.ixx' || File.extname(entry) == '.ipp' || File.extname(entry) == '.inl' || File.extname(entry) == '.txx' || File.extname(entry) == '.tpp' || File.extname(entry) == '.tpl') && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -190,11 +190,8 @@ module PWN
|
|
|
190
190
|
while line_no_count > current_count
|
|
191
191
|
line_no = line_contents_split[current_count]
|
|
192
192
|
contents = line_contents_split[current_count + 1]
|
|
193
|
-
if Dir.exist?(
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
repo_root = dir_path
|
|
197
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
193
|
+
if Dir.exist?('.git')
|
|
194
|
+
repo_root = '.'
|
|
198
195
|
|
|
199
196
|
author = PWN::Plugins::Git.get_author(
|
|
200
197
|
repo_root: repo_root,
|
data/lib/pwn/sast/base64.rb
CHANGED
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -62,11 +62,8 @@ module PWN
|
|
|
62
62
|
while line_no_count > current_count
|
|
63
63
|
line_no = line_contents_split[current_count]
|
|
64
64
|
contents = line_contents_split[current_count + 1]
|
|
65
|
-
if Dir.exist?(
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
repo_root = dir_path
|
|
69
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
65
|
+
if Dir.exist?('.git')
|
|
66
|
+
repo_root = '.'
|
|
70
67
|
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
data/lib/pwn/sast/beef_hook.rb
CHANGED
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -61,11 +61,8 @@ module PWN
|
|
|
61
61
|
while line_no_count > current_count
|
|
62
62
|
line_no = line_contents_split[current_count]
|
|
63
63
|
contents = line_contents_split[current_count + 1]
|
|
64
|
-
if Dir.exist?(
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
repo_root = dir_path
|
|
68
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
64
|
+
if Dir.exist?('.git')
|
|
65
|
+
repo_root = '.'
|
|
69
66
|
|
|
70
67
|
author = PWN::Plugins::Git.get_author(
|
|
71
68
|
repo_root: repo_root,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.java' && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -63,11 +63,8 @@ module PWN
|
|
|
63
63
|
while line_no_count > current_count
|
|
64
64
|
line_no = line_contents_split[current_count]
|
|
65
65
|
contents = line_contents_split[current_count + 1]
|
|
66
|
-
if Dir.exist?(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
repo_root = dir_path
|
|
70
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
66
|
+
if Dir.exist?('.git')
|
|
67
|
+
repo_root = '.'
|
|
71
68
|
|
|
72
69
|
author = PWN::Plugins::Git.get_author(
|
|
73
70
|
repo_root: repo_root,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.py' || File.extname(entry) == '.pyc' || File.extname(entry) == '.pyo' || File.extname(entry) == '.pyd') && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -65,11 +65,8 @@ module PWN
|
|
|
65
65
|
while line_no_count > current_count
|
|
66
66
|
line_no = line_contents_split[current_count]
|
|
67
67
|
contents = line_contents_split[current_count + 1]
|
|
68
|
-
if Dir.exist?(
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
repo_root = dir_path
|
|
72
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
68
|
+
if Dir.exist?('.git')
|
|
69
|
+
repo_root = '.'
|
|
73
70
|
|
|
74
71
|
author = PWN::Plugins::Git.get_author(
|
|
75
72
|
repo_root: repo_root,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.rb' || File.extname(entry) == '.rbw') && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -73,11 +73,8 @@ module PWN
|
|
|
73
73
|
while line_no_count > current_count
|
|
74
74
|
line_no = line_contents_split[current_count]
|
|
75
75
|
contents = line_contents_split[current_count + 1]
|
|
76
|
-
if Dir.exist?(
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
repo_root = dir_path
|
|
80
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
76
|
+
if Dir.exist?('.git')
|
|
77
|
+
repo_root = '.'
|
|
81
78
|
|
|
82
79
|
author = PWN::Plugins::Git.get_author(
|
|
83
80
|
repo_root: repo_root,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.scala' && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -63,11 +63,8 @@ module PWN
|
|
|
63
63
|
while line_no_count > current_count
|
|
64
64
|
line_no = line_contents_split[current_count]
|
|
65
65
|
contents = line_contents_split[current_count + 1]
|
|
66
|
-
if Dir.exist?(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
repo_root = dir_path
|
|
70
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
66
|
+
if Dir.exist?('.git')
|
|
67
|
+
repo_root = '.'
|
|
71
68
|
|
|
72
69
|
author = PWN::Plugins::Git.get_author(
|
|
73
70
|
repo_root: repo_root,
|
data/lib/pwn/sast/csrf.rb
CHANGED
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -62,11 +62,8 @@ module PWN
|
|
|
62
62
|
while line_no_count > current_count
|
|
63
63
|
line_no = line_contents_split[current_count]
|
|
64
64
|
contents = line_contents_split[current_count + 1]
|
|
65
|
-
if Dir.exist?(
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
repo_root = dir_path
|
|
69
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
65
|
+
if Dir.exist?('.git')
|
|
66
|
+
repo_root = '.'
|
|
70
67
|
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
|
@@ -23,7 +23,7 @@ module PWN
|
|
|
23
23
|
result_arr = []
|
|
24
24
|
logger_results = ''
|
|
25
25
|
|
|
26
|
-
PWN::Plugins::FileFu.
|
|
26
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
27
27
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
|
28
28
|
line_no_and_contents_arr = []
|
|
29
29
|
entry_beautified = false
|
|
@@ -70,11 +70,8 @@ module PWN
|
|
|
70
70
|
while line_no_count > current_count
|
|
71
71
|
line_no = line_contents_split[current_count]
|
|
72
72
|
contents = line_contents_split[current_count + 1]
|
|
73
|
-
if Dir.exist?(
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
repo_root = dir_path
|
|
77
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
73
|
+
if Dir.exist?('.git')
|
|
74
|
+
repo_root = '.'
|
|
78
75
|
|
|
79
76
|
author = PWN::Plugins::Git.get_author(
|
|
80
77
|
repo_root: repo_root,
|
data/lib/pwn/sast/emoticon.rb
CHANGED
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -68,11 +68,8 @@ module PWN
|
|
|
68
68
|
while line_no_count > current_count
|
|
69
69
|
line_no = line_contents_split[current_count]
|
|
70
70
|
contents = line_contents_split[current_count + 1]
|
|
71
|
-
if Dir.exist?(
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
repo_root = dir_path
|
|
75
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
71
|
+
if Dir.exist?('.git')
|
|
72
|
+
repo_root = '.'
|
|
76
73
|
|
|
77
74
|
author = PWN::Plugins::Git.get_author(
|
|
78
75
|
repo_root: repo_root,
|
data/lib/pwn/sast/eval.rb
CHANGED
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -62,11 +62,8 @@ module PWN
|
|
|
62
62
|
while line_no_count > current_count
|
|
63
63
|
line_no = line_contents_split[current_count]
|
|
64
64
|
contents = line_contents_split[current_count + 1]
|
|
65
|
-
if Dir.exist?(
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
repo_root = dir_path
|
|
69
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
65
|
+
if Dir.exist?('.git')
|
|
66
|
+
repo_root = '.'
|
|
70
67
|
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
data/lib/pwn/sast/factory.rb
CHANGED
|
@@ -23,7 +23,7 @@ module PWN
|
|
|
23
23
|
result_arr = []
|
|
24
24
|
logger_results = ''
|
|
25
25
|
|
|
26
|
-
PWN::Plugins::FileFu.
|
|
26
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
27
27
|
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
|
28
28
|
line_no_and_contents_arr = []
|
|
29
29
|
entry_beautified = false
|
|
@@ -65,11 +65,8 @@ module PWN
|
|
|
65
65
|
while line_no_count > current_count
|
|
66
66
|
line_no = line_contents_split[current_count]
|
|
67
67
|
contents = line_contents_split[current_count + 1]
|
|
68
|
-
if Dir.exist?(
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
repo_root = dir_path
|
|
72
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
68
|
+
if Dir.exist?('.git')
|
|
69
|
+
repo_root = '.'
|
|
73
70
|
|
|
74
71
|
author = PWN::Plugins::Git.get_author(
|
|
75
72
|
repo_root: repo_root,
|
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -70,11 +70,8 @@ module PWN
|
|
|
70
70
|
while line_no_count > current_count
|
|
71
71
|
line_no = line_contents_split[current_count]
|
|
72
72
|
contents = line_contents_split[current_count + 1]
|
|
73
|
-
if Dir.exist?(
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
repo_root = dir_path
|
|
77
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
73
|
+
if Dir.exist?('.git')
|
|
74
|
+
repo_root = '.'
|
|
78
75
|
|
|
79
76
|
author = PWN::Plugins::Git.get_author(
|
|
80
77
|
repo_root: repo_root,
|
data/lib/pwn/sast/inner_html.rb
CHANGED
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -62,11 +62,8 @@ module PWN
|
|
|
62
62
|
while line_no_count > current_count
|
|
63
63
|
line_no = line_contents_split[current_count]
|
|
64
64
|
contents = line_contents_split[current_count + 1]
|
|
65
|
-
if Dir.exist?(
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
repo_root = dir_path
|
|
69
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
65
|
+
if Dir.exist?('.git')
|
|
66
|
+
repo_root = '.'
|
|
70
67
|
|
|
71
68
|
author = PWN::Plugins::Git.get_author(
|
|
72
69
|
repo_root: repo_root,
|
data/lib/pwn/sast/keystore.rb
CHANGED
|
@@ -21,7 +21,7 @@ module PWN
|
|
|
21
21
|
result_arr = []
|
|
22
22
|
logger_results = ''
|
|
23
23
|
|
|
24
|
-
PWN::Plugins::FileFu.
|
|
24
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
25
25
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
26
26
|
line_no_and_contents_arr = []
|
|
27
27
|
entry_beautified = false
|
|
@@ -61,11 +61,8 @@ module PWN
|
|
|
61
61
|
while line_no_count > current_count
|
|
62
62
|
line_no = line_contents_split[current_count]
|
|
63
63
|
contents = line_contents_split[current_count + 1]
|
|
64
|
-
if Dir.exist?(
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
repo_root = dir_path
|
|
68
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
64
|
+
if Dir.exist?('.git')
|
|
65
|
+
repo_root = '.'
|
|
69
66
|
|
|
70
67
|
author = PWN::Plugins::Git.get_author(
|
|
71
68
|
repo_root: repo_root,
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
|
22
22
|
result_arr = []
|
|
23
23
|
logger_results = ''
|
|
24
24
|
|
|
25
|
-
PWN::Plugins::FileFu.
|
|
25
|
+
PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
|
|
26
26
|
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
|
27
27
|
line_no_and_contents_arr = []
|
|
28
28
|
entry_beautified = false
|
|
@@ -63,11 +63,8 @@ module PWN
|
|
|
63
63
|
while line_no_count > current_count
|
|
64
64
|
line_no = line_contents_split[current_count]
|
|
65
65
|
contents = line_contents_split[current_count + 1]
|
|
66
|
-
if Dir.exist?(
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
repo_root = dir_path
|
|
70
|
-
repo_root = '.' if Dir.exist?('.git')
|
|
66
|
+
if Dir.exist?('.git')
|
|
67
|
+
repo_root = '.'
|
|
71
68
|
|
|
72
69
|
author = PWN::Plugins::Git.get_author(
|
|
73
70
|
repo_root: repo_root,
|