pwn 0.5.4 → 0.5.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn_bdba_groups +13 -1
- data/bin/pwn_bdba_scan +1 -6
- data/lib/pwn/plugins/black_duck_binary_analysis.rb +7 -7
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 830ff0222ce1d91faa0cb731810085935ad1c9da2e1785d6468ba5419e3bfb87
|
4
|
+
data.tar.gz: efcb347f3225693b7b67ac78e09635c2c186cc9302dd1b37e103eaf658d156f2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cb81f182a1d8de751a45bf66fd73ccdfb64ab01bdbb9c5921d8673888f9de7744c9bc7a2c422e388566d1a8c20e778ee7e8870640f15969a6be40139d7ad763e
|
7
|
+
data.tar.gz: 3d3c30615ef6808af1b5441ee5642ab7acdb3a7989755f115f93c3e2cc4b56f0a75ad3c468743100377f327208e2c4154c326aa8e99c656afc9f96a5f3d6d5bc
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.5]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.5]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.5]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn_bdba_groups
CHANGED
@@ -26,6 +26,14 @@ OptionParser.new do |options|
|
|
26
26
|
options.on('-pID', '--parent-group-id=ID', '<Optional - Black Duck Binary Analysis Parent Group ID to Associate with Group>') do |p|
|
27
27
|
opts[:parent_group_id] = p
|
28
28
|
end
|
29
|
+
|
30
|
+
options.on('-bSEC', '--binary-cleanup-age=SEC', '<Optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)>') do |b|
|
31
|
+
opts[:binary_cleanup_age] = b
|
32
|
+
end
|
33
|
+
|
34
|
+
options.on('-PSEC', '--product-cleanup-age=SEC', '<Optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)>') do |p|
|
35
|
+
opts[:product_cleanup_age] = p
|
36
|
+
end
|
29
37
|
end.parse!
|
30
38
|
|
31
39
|
if opts.empty?
|
@@ -47,6 +55,8 @@ begin
|
|
47
55
|
|
48
56
|
list_group_name = opts[:list_group_name]
|
49
57
|
parent_group_id = opts[:parent_group_id]
|
58
|
+
binary_cleanup_age = opts[:binary_cleanup_age]
|
59
|
+
product_cleanup_age = opts[:product_cleanup_age]
|
50
60
|
|
51
61
|
if list_group_name
|
52
62
|
groups_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_groups(
|
@@ -95,7 +105,9 @@ begin
|
|
95
105
|
create_group_resp = PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
|
96
106
|
token: token,
|
97
107
|
name: group_name,
|
98
|
-
parent_id: parent_group_id
|
108
|
+
parent_id: parent_group_id,
|
109
|
+
binary_cleanup_age: binary_cleanup_age,
|
110
|
+
product_cleanup_age: product_cleanup_age
|
99
111
|
)
|
100
112
|
|
101
113
|
puts create_group_resp.to_json
|
data/bin/pwn_bdba_scan
CHANGED
@@ -149,12 +149,7 @@ begin
|
|
149
149
|
# File encoding conducting by synopsis is kinda goofy.
|
150
150
|
# The encode space w/ + (which is expected) but dont
|
151
151
|
# encode + to %2B (whiich _isn't_ expected)
|
152
|
-
target_basename = CGI.
|
153
|
-
File.basename(target_file)
|
154
|
-
).gsub(
|
155
|
-
'%2B',
|
156
|
-
'+'
|
157
|
-
)
|
152
|
+
target_basename = CGI.unescape_uri_component(File.basename(target_file))
|
158
153
|
|
159
154
|
find_product = scan_progress_resp[:products].find { |p| p[:name] == target_basename }
|
160
155
|
|
@@ -197,7 +197,7 @@ module PWN
|
|
197
197
|
response = bd_bin_analysis_rest_call(
|
198
198
|
http_method: :put,
|
199
199
|
token: token,
|
200
|
-
rest_call: "upload/#{CGI.
|
200
|
+
rest_call: "upload/#{CGI.escape_uri_component(file_name)}",
|
201
201
|
http_headers: http_headers,
|
202
202
|
http_body: http_body
|
203
203
|
)
|
@@ -326,8 +326,8 @@ module PWN
|
|
326
326
|
# desc: 'optional - group description',
|
327
327
|
# parent_id: 'optional - parent group id',
|
328
328
|
# delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
329
|
-
# binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default:
|
330
|
-
# product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default:
|
329
|
+
# binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
330
|
+
# product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
331
331
|
# file_download_enabled: 'optional - allow download of uploaded binaries from group (Default: false),
|
332
332
|
# low_risk_tolerance: 'optional - low risk tolerance nil|true|false (Default: nil == company default)',
|
333
333
|
# include_historical_vulns: 'optional - include historical vulns nil|true|false (Default: nil == company default)',
|
@@ -345,8 +345,8 @@ module PWN
|
|
345
345
|
desc = opts[:desc]
|
346
346
|
parent_id = opts[:parent_id]
|
347
347
|
delete_binary = opts[:delete_binary] ||= 'C'
|
348
|
-
binary_cleanup_age = opts[:binary_cleanup_age] ||=
|
349
|
-
product_cleanup_age = opts[:product_cleanup_age] ||=
|
348
|
+
binary_cleanup_age = opts[:binary_cleanup_age] ||= 2_592_000
|
349
|
+
product_cleanup_age = opts[:product_cleanup_age] ||= 2_592_000
|
350
350
|
file_download_enabled = opts[:file_download_enabled] ||= false
|
351
351
|
low_risk_tolerance = opts[:low_risk_tolerance]
|
352
352
|
include_historical_vulns = opts[:include_historical_vulns]
|
@@ -654,8 +654,8 @@ module PWN
|
|
654
654
|
desc: 'optional - group description',
|
655
655
|
parent_id: 'optional - parent_id group id',
|
656
656
|
delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
657
|
-
binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default:
|
658
|
-
product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default:
|
657
|
+
binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
658
|
+
product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
659
659
|
file_download_enabled: 'optional - allow download of uploaded binaries from group (Default: false),
|
660
660
|
low_risk_tolerance: 'optional - low risk tolerance nil|true|false (Default: nil == company default)',
|
661
661
|
include_historical_vulns: 'optional - include historical vulns nil|true|false (Default: nil == company default)',
|
data/lib/pwn/version.rb
CHANGED