def run(self, info): # Skip if the vulnerability doesn't have CVE or OSVDB tags. if not info.cve and not info.osvdb: Logger.log_more_verbose("No CVE or OSVDB tags found, skipped.") return # Search for public exploits in the exploit-db database. ids = self.query_exploitdb(info.cve, info.osvdb) # Add any previously existing IDs. ids.update(info.edb) # Are there any new IDs? new_ids = ids.difference(info.edb) if new_ids: # Log the new IDs. msg = "\n".join( " " + x for x in sorted( convert_vuln_ids_to_references(new_ids) ) ) Logger.log("Public exploits found:\n" + msg) # Update the Vulnerability object. info.edb = ids # Return the updated object. return info
def run(self, info): # Skip if the vulnerability doesn't have CVE or OSVDB tags. if not info.cve and not info.osvdb: Logger.log_more_verbose("No CVE or OSVDB tags found, skipped.") return # Search for public exploits in the exploit-db database. ids = self.query_exploitdb(info.cve, info.osvdb) # Add any previously existing IDs. ids.update(info.edb) # Are there any new IDs? new_ids = ids.difference(info.edb) if new_ids: # Log the new IDs. msg = "\n".join( " " + x for x in sorted(convert_vuln_ids_to_references(new_ids))) Logger.log("Public exploits found:\n" + msg) # Update the Vulnerability object. info.edb = ids # Return the updated object. return info
def test_vuln_id_parser(): DEBUG = False ##DEBUG = True if DEBUG: from pprint import pprint print "Testing the vulnerability ID parsers..." if DEBUG: print "-" * 79 pprint(_test_case_extract_solution) print "-" * 79 vulns = extract_vuln_ids(_test_case_extract) if DEBUG: pprint(vulns) print "-" * 79 assert vulns == _test_case_extract_solution all_vulns = [] for v in vulns.values(): all_vulns.extend(v) all_vulns.sort() if DEBUG: pprint(all_vulns) print "-" * 79 refs = convert_vuln_ids_to_references(all_vulns) if DEBUG: pprint(refs) print "-" * 79 unrefs = convert_references_to_vuln_ids(refs) if DEBUG: pprint(unrefs) print "-" * 79 assert unrefs == vulns print "Testing reference URLs..." import requests headers = {"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.62 Safari/537.36"} for url in refs: print "--> " + url requests.get(url, headers=headers)
def test_vuln_id_parser(): DEBUG = False ##DEBUG = True if DEBUG: from pprint import pprint print "Testing the vulnerability ID parsers..." if DEBUG: print "-" * 79 print "-- test case solution" pprint(_test_case_extract_solution) print "-" * 79 vulns = extract_vuln_ids(_test_case_extract) if DEBUG: print "-- extracted vuln ids" pprint(vulns) print "-" * 79 assert vulns == _test_case_extract_solution all_vulns = [] for v in vulns.values(): all_vulns.extend(v) all_vulns.sort() if DEBUG: print "-- only the ids" pprint(all_vulns) print "-" * 79 refs = convert_vuln_ids_to_references(all_vulns) if DEBUG: print "-- references" pprint(refs) print "-" * 79 unrefs = convert_references_to_vuln_ids(refs) if DEBUG: print "-- vuln ids back from references" pprint(unrefs) print "-" * 79 assert unrefs == vulns urls = [] for url in _test_case_url.split("\n"): url = url.strip() if not url: continue urls.append(url) parsed = set() for vuln_ids in convert_references_to_vuln_ids(urls).itervalues(): parsed.update(vuln_ids) if DEBUG: print "-- test case" pprint(urls) print "-" * 79 print "-- extracted vuln ids" pprint(sorted(parsed)) print "-" * 79 assert len(urls) == len(parsed), "%d vs %d" % (len(urls), len(parsed)) print "Testing reference URLs..." import requests headers = { "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.62 Safari/537.36" } for url in refs: print "--> " + url requests.get(url, headers=headers, verify=False) for url in urls: if url not in refs: print "--> " + url requests.get(url, headers=headers, verify=False)