Merge pull request #453 from ninp0/master

ninp0 · web-flow · commit a66ec1b47a08 · 2023-12-15T14:05:06.000-07:00
PWN::Plugins::DefectDojo module / pwn_defectdojo_importscan, pwn_defe…
diff --git a/Gemfile b/Gemfile
@@ -16,10 +16,10 @@ gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.2.0'
 # gem 'bettercap', '1.6.2'
-gem 'barby', '0.6.8'
-gem 'brakeman', '6.0.1'
+gem 'barby', '0.6.9'
+gem 'brakeman', '6.1.0'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.4.22'
+gem 'bundler', '>=2.5.0'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
 gem 'colorize', '1.1.0'
@@ -38,9 +38,10 @@ gem 'htmlentities', '4.3.4'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
 gem 'js-beautify', '0.1.8'
-gem 'json', '2.7.0'
+gem 'json', '2.7.1'
 gem 'jsonpath', '1.1.5'
 gem 'jwt', '2.7.1'
+gem 'libusb', '0.6.4'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
 gem 'mongo', '2.19.3'
@@ -56,29 +57,30 @@ gem 'oily_png', '1.2.1'
 gem 'open3', '0.2.0'
 gem 'os', '1.1.4'
 gem 'packetfu', '2.0.0'
+gem 'packetgen', '3.3.0'
 gem 'pdf-reader', '2.11.0'
 gem 'pg', '1.5.4'
 gem 'pry', '0.14.2'
 gem 'pry-doc', '1.4.0'
 gem 'rake', '13.1.0'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi', '3.0.0'
-gem 'rdoc', '6.6.0'
+gem 'rdoc', '6.6.1'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '5.3.0'
 gem 'rqrcode', '2.2.0'
 gem 'rspec', '3.12.0'
 gem 'rtesseract', '3.1.3'
-gem 'rubocop', '1.58.0'
+gem 'rubocop', '1.59.0'
 gem 'rubocop-rake', '0.6.0'
 gem 'rubocop-rspec', '2.25.0'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.2'
 gem 'ruby-saml', '1.16.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.14.0'
-gem 'selenium-devtools', '0.119.0'
+gem 'selenium-devtools', '0.120.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '3.1.0'
 gem 'slack-ruby-client', '2.2.0'
diff --git a/README.md b/README.md
@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.4.935]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.935]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.4.935]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 
diff --git a/bin/pwn_defectdojo_importscan b/bin/pwn_defectdojo_importscan
@@ -61,6 +61,18 @@ OptionParser.new do |options|
   options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
     opts[:create_finding_groups] = g
   end
+
+  options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
+    opts[:close_old_findings_product_scope] = c
+  end
+
+  options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
+    opts[:close_old_findings] = c
+  end
+
+  options.on('-j', '--push-to-jira', '<Optional - push findings to JIRA (defaults to false)') do |j|
+    opts[:push_to_jira] = j
+  end
 end.parse!
 
 if opts.empty?
@@ -84,6 +96,9 @@ minimum_severity = opts[:minimum_severity]
 scan_date = opts[:scan_date]
 verified = opts[:verified]
 create_findings_groups = opts[:create_finding_groups]
+close_old_findings_product_scope = opts[:close_old_findings_product_scope]
+close_old_findings = opts[:close_old_findings]
+push_to_jira = opts[:push_to_jira]
 
 begin
   dd_obj = PWN::Plugins::DefectDojo.login(
@@ -103,7 +118,10 @@ begin
     minimum_severity: minimum_severity,
     scan_date: scan_date,
     verified: verified,
-    create_findings_groups: create_findings_groups
+    create_findings_groups: create_findings_groups,
+    close_old_findings_product_scope: close_old_findings_product_scope,
+    close_old_findings: close_old_findings,
+    push_to_jira: push_to_jira
   )
 rescue StandardError => e
   raise e
diff --git a/bin/pwn_defectdojo_reimportscan b/bin/pwn_defectdojo_reimportscan
@@ -61,6 +61,18 @@ OptionParser.new do |options|
   options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
     opts[:create_finding_groups] = g
   end
+
+  options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
+    opts[:close_old_findings_product_scope] = c
+  end
+
+  options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
+    opts[:close_old_findings] = c
+  end
+
+  options.on('-j', '--push-to-jira', '<Optional - push findings to JIRA (defaults to false)') do |j|
+    opts[:push_to_jira] = j
+  end
 end.parse!
 
 if opts.empty?
@@ -84,6 +96,9 @@ minimum_severity = opts[:minimum_severity]
 scan_date = opts[:scan_date]
 verified = opts[:verified]
 create_finding_groups = opts[:create_finding_groups]
+close_old_findings_product_scope = opts[:close_old_findings_product_scope]
+close_old_findings = opts[:close_old_findings]
+push_to_jira = opts[:push_to_jira]
 
 begin
   dd_obj = PWN::Plugins::DefectDojo.login(
@@ -103,7 +118,10 @@ begin
     minimum_severity: minimum_severity,
     scan_date: scan_date,
     verified: verified,
-    create_finding_groups: create_finding_groups
+    create_finding_groups: create_finding_groups,
+    close_old_findings_product_scope: close_old_findings_product_scope,
+    close_old_findings: close_old_findings,
+    push_to_jira: push_to_jira
   )
 rescue StandardError => e
   raise e
diff --git a/lib/pwn/plugins/defect_dojo.rb b/lib/pwn/plugins/defect_dojo.rb
@@ -388,6 +388,9 @@ module DefectDojo
       #   scan_date: 'optional - date in which scan was kicked off (defaults to now)',
       #   verified: 'optional - flag finding as verified by a tester (defaults to false)',
       #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+      #   close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+      #   close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+      #   push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
       # )
 
       public_class_method def self.importscan(opts = {})
@@ -465,6 +468,12 @@ module DefectDojo
 
         opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
 
+        opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
+
+        opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
+
+        opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
+
         api_path = 'import-scan/'
         api_path = 'importscan/' if api_version == 'v1'
 
@@ -489,7 +498,10 @@ module DefectDojo
       #   minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
       #   scan_date: 'optional - date in which scan was kicked off (defaults to now)',
       #   verified: 'optional - flag finding as verified by a tester (defaults to false)',
-      #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+      #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+      #   close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+      #   close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+      #   push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
       # )
 
       public_class_method def self.reimportscan(opts = {})
@@ -570,6 +582,12 @@ module DefectDojo
 
         opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
 
+        opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
+
+        opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
+
+        opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
+
         api_path = 'reimport-scan/'
         api_path = 'reimportscan/' if api_version == 'v1'
 
@@ -726,7 +744,10 @@ module DefectDojo
             minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
             scan_date: 'optional - date in which scan was kicked off (defaults to now)',
             verified: 'optional - flag finding as verified by a tester (defaults to false)',
-            create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+            create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+            close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+            close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+            push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
           )
 
           reimportscan_response = #{self}.reimportscan(
@@ -739,7 +760,10 @@ module DefectDojo
             minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
             scan_date: 'optional - date in which scan was kicked off (defaults to now)',
             verified: 'optional - flag finding as verified by a tester (defaults to false)',
-            create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+            create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+            close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+            close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+            push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
           )
 
           finding_list = #{self}.finding_list(
diff --git a/lib/pwn/version.rb b/lib/pwn/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.935'
+  VERSION = '0.4.936'
 end
