[SOAR-19013] Powershell Snyk vuln & SDK bump (#3242) (#3267)

* snyk vuln and sdk bump

* Update clean messages

* Update requirements.txt

---------

Co-authored-by: lcwiklinski-r7 <lukasz_cwiklinski@rapid7.com>

plugins/powershell/.CHECKSUM

@@ -1,7 +1,7 @@
 {
-	"spec": "83aaad93d431da06ba5cb00715586576",
-	"manifest": "61de88b740ca64a1828d828542d76aeb",
-	"setup": "6e825188d75fce9536419c1f67bacd39",
+	"spec": "7a78a602acad865514b45891a09c9b88",
+	"manifest": "a7493e0e762cb8729f7879f210126a6b",
+	"setup": "8bf6c8e3597437048722cda7f93baac1",
 	"schemas": [
 		{
 			"identifier": "execute_script/schema.py",

plugins/powershell/Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.3
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.5
 
 LABEL organization=rapid7
 LABEL sdk=python
@@ -41,7 +41,7 @@ RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
 
 ADD . /python/src
 
-RUN python setup.py build && python setup.py install
+RUN pip install .
 
 # User to run plugin code. The two supported users are: root, nobody
 USER root

plugins/powershell/bin/icon_powershell

@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "PowerShell"
 Vendor = "rapid7"
-Version = "3.0.7"
+Version = "3.0.8"
 Description = "[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator"
 
 

plugins/powershell/help.md

@@ -21,7 +21,7 @@
 
 ## Setup
 
-The connection configuration accepts the following parameters. SSL is enforced for all ports except 5985:
+The connection configuration accepts the following parameters:  
 
 |Name|Type|Default|Required|Description|Enum|Example|Placeholder|Tooltip|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
@@ -160,11 +160,11 @@ Example output:
 * When using the Kerberos connection option the username must be a domain account that has permission to join computers to the domain.
 * This plugin can connect over HTTP, the default port for this is 5985.
 It should be noted that this type of connection is not secure as all information passed is in plain text. In addition, Windows will not allow HTTP connections by default.
-
+ 
 The following commands must be run on the Windows computer that you want to connect to.
 
 For more information see [Compromising Yourself with WinRM's AllowUnencrypted = True](https://blogs.msdn.microsoft.com/PowerShell/2015/10/27/compromising-yourself-with-winrms-allowunencrypted-true/)
-
+ 
 ```
 winrm set winrm/config/client/auth '@{Basic="true"}'
 winrm set winrm/config/service/auth '@{Basic="true"}'
@@ -176,17 +176,19 @@ This plugin will join the Komand docker instance to the Windows domain as a comp
 For the Execute Script action PowerShell code should be submitted as base64. This can be done by copying a `.txt` file with the PowerShell code into the plugin.
 
 _This plugin does not validate the PowerShell code._
-Any errors generated on the remote computer by the PowerShell code are forwarded to the log file.
+ Any errors generated on the remote computer by the PowerShell code are forwarded to the log file.
 
 Run this PowerShell command on a Windows host first to set up a unsigned certificate for authentication:
 This will not be needed if the host already has a SSL certificate set up for Winrm
 
 ```
 Invoke-Expression ((New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1'))
 ```
+* SSL is not configured for port `5985`
 
 # Version History
 
+* 3.0.8 - Updated clean message | Updated SDK to the latest version (6.2.5) | bumping `cryptography` package
 * 3.0.7 - Updated dependencies | Updated SDK to the latest version
 * 3.0.6 - Bump SDK to 6.2.0
 * 3.0.5 - Bump requirements.txt | Bump SDK to 6.1.4 | Update help.md to enforce that the use of round-robin DNS lookups is not supported

plugins/powershell/icon_powershell/util/util.py

@@ -12,7 +12,7 @@ def run_ps(self, script: str) -> winrm.Response:  # Fixes string bug in python 3
         encoded_ps = base64.b64encode(script.encode("utf_16_le")).decode("ascii")
         rs = self.run_cmd(f"powershell -encodedcommand {encoded_ps}")
         if len(rs.std_err):
-            rs.std_err = self._clean_error_msg(rs.std_err.decode(DECODING_TYPE))
+            rs.std_err = self._clean_error_msg(rs.std_err)
         return rs
 
 

plugins/powershell/requirements.txt

@@ -1,10 +1,10 @@
 # List third-party dependencies here, separated by newlines. 
 # All dependencies must be version-pinned, eg. requests==1.2.0
 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files
-pywinrm==0.5.0
+pywinrm[kerberos]==0.5.0
 requests-kerberos==0.15.0
 requests-credssp==2.0.0
-parameterized==0.8.1
+parameterized==0.9.0
 requests==2.32.3
-cryptography==44.0.0
+cryptography==44.0.1
 idna==3.10

plugins/powershell/setup.py

@@ -3,7 +3,7 @@
 
 
 setup(name="powershell-rapid7-plugin",
-      version="3.0.7",
+      version="3.0.8",
       description="[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator",
       author="rapid7",
       author_email="",