def test_url_is_not_404(self):
all_urls = set()
invalid = []
for vuln_id in DBVuln.get_all_db_ids():
db_vuln = DBVuln.from_id(vuln_id)
if db_vuln.wasc:
for wasc_id in db_vuln.wasc:
all_urls.add(db_vuln.get_wasc_url(wasc_id))
if db_vuln.cwe:
for cwe_id in db_vuln.cwe:
all_urls.add(db_vuln.get_cwe_url(cwe_id))
for _, _, link in db_vuln.get_owasp_top_10_references():
all_urls.add(link)
for reference in db_vuln.references:
all_urls.add(reference.url)
session = requests.Session()
for url in all_urls:
if self.url_is_404(session, url):
invalid.append(url)
self.assertEqual(invalid, [])
def test_from_id(self):
dbv = DBVuln.from_id(123)
_file = os.path.join(DBVuln.DB_PATH, DBVuln.DEFAULT_LANG,
'123-spec-example.json')
self.assertEqual(dbv.db_file, _file)
expected_references = [
Reference("http://foo.com/xss",
"First reference to XSS vulnerability"),
Reference("http://asp.net/xss", "How to fix XSS vulns in ASP.NET")
]
self.assertEqual(dbv.title, u'Cross-Site Scripting')
self.assertEqual(
dbv.description, u'A very long text explaining what a XSS'
u' vulnerability is')
self.assertEqual(dbv.id, MOCK_ID)
self.assertEqual(dbv.severity, MOCK_SEVERITY)
self.assertEqual(dbv.wasc, [u'0003'])
self.assertEqual(dbv.tags, [u'xss', u'client side'])
self.assertEqual(dbv.cwe, [u'0003', u'0007'])
self.assertEqual(
dbv.owasp_top_10,
{
"2010": [1],
"2013": [2]
},
)
self.assertEqual(dbv.references, expected_references)
self.assertEqual(dbv.fix_effort, 50)
self.assertEqual(
dbv.fix_guidance, u'A very long text explaining how developers'
u' should prevent\nXSS vulnerabilities.\n')
def test_from_id(self):
dbv = DBVuln.from_id(123)
_file = os.path.join(DBVuln.DB_PATH, '123-spec-example.json')
self.assertEqual(dbv.db_file, _file)
expected_references = [Reference("http://foo.com/xss",
"First reference to XSS vulnerability"),
Reference("http://asp.net/xss",
"How to fix XSS vulns in ASP.NET")]
self.assertEqual(dbv.title, u'Cross-Site Scripting')
self.assertEqual(dbv.description, u'A very long description for'
u' Cross-Site Scripting')
self.assertEqual(dbv.id, MOCK_ID)
self.assertEqual(dbv.severity, MOCK_SEVERITY)
self.assertEqual(dbv.wasc, [u'0003'])
self.assertEqual(dbv.tags, [u'xss', u'client side'])
self.assertEqual(dbv.cwe, [u'0003', u'0007'])
self.assertEqual(dbv.owasp_top_10, {"2010": [1], "2013": [2]},)
self.assertEqual(dbv.fix, {u"guidance": u"A very long text explaining"
u" how to fix XSS"
u" vulnerabilities",
u"effort": 50})
self.assertEqual(dbv.references, expected_references)
self.assertEqual(dbv.fix_effort, 50)
self.assertEqual(dbv.fix_guidance, u"A very long text explaining"
u" how to fix XSS vulnerabilities")
def test_url_is_not_404(self):
all_urls = set()
invalid = []
for vuln_id in DBVuln.get_all_db_ids():
db_vuln = DBVuln.from_id(vuln_id)
if db_vuln.wasc:
for wasc_id in db_vuln.wasc:
all_urls.add(db_vuln.get_wasc_url(wasc_id))
if db_vuln.cwe:
for cwe_id in db_vuln.cwe:
all_urls.add(db_vuln.get_cwe_url(cwe_id))
for _, _, link in db_vuln.get_owasp_top_10_references():
all_urls.add(link)
for reference in db_vuln.references:
all_urls.add(reference.url)
session = requests.Session()
for url in all_urls:
if self.url_is_404(session, url):
invalid.append(url)
self.assertEqual(invalid, [])
def test_from_file(self):
_file = os.path.join(DBVuln.DB_PATH, '123-spec-example.json')
dbv_1 = DBVuln.from_file(_file)
dbv_2 = DBVuln.from_id(123)
self.assertEqual(dbv_1, dbv_2)
self.assertEqual(dbv_1.db_file, _file)
def get_vuln_info_from_db(self):
"""
Read the vulnerability information from the vulndb
"""
if self._vulndb is not None:
return self._vulndb
if self._vulndb_id is not None:
self._vulndb = DBVuln.from_id(self._vulndb_id)
return self._vulndb
def get_vuln_info_from_db(self):
"""
Read the vulnerability information from the vulndb
"""
if self._vulndb is not None:
return self._vulndb
if self._vulndb_id is not None:
self._vulndb = DBVuln.from_id(self._vulndb_id)
return self._vulndb
def test_no_multiple_spaces(self):
invalid = []
for vuln_id in DBVuln.get_all_db_ids():
db_vuln = DBVuln.from_id(vuln_id)
if ' ' in db_vuln.fix_guidance:
invalid.append((db_vuln.db_file, 'fix_guidance'))
if ' ' in db_vuln.description:
invalid.append((db_vuln.db_file, 'description'))
self.assertEqual(invalid, [])
def test_no_multiple_spaces(self):
invalid = []
for vuln_id in DBVuln.get_all_db_ids():
db_vuln = DBVuln.from_id(vuln_id)
if ' ' in db_vuln.fix_guidance:
invalid.append((db_vuln.db_file, 'fix_guidance'))
if ' ' in db_vuln.description:
invalid.append((db_vuln.db_file, 'description'))
self.assertEqual(invalid, [])
def test_load_es_lang(self):
language = 'es'
_file = os.path.join(DBVuln.DB_PATH, language, '123-spec-example.json')
dbv_1 = DBVuln.from_file(_file, language=language)
dbv_2 = DBVuln.from_id(123, language=language)
self.assertEqual(dbv_1, dbv_2)
self.assertEqual(dbv_1.db_file, _file)
dbv = dbv_1
expected_references = [
Reference("http://foo.es/xss",
"Primera referencia a una vulnerabilidad de XSS"),
Reference("http://asp.net/xss", "Como arreglar XSS en .NET")
]
self.assertEqual(dbv.title, u'Cross-Site Scripting en ES')
self.assertEqual(dbv.description,
u'Un texto largo donde se explica que es un XSS')
self.assertEqual(dbv.id, MOCK_ID)
self.assertEqual(dbv.severity, MOCK_SEVERITY)
self.assertEqual(dbv.wasc, [u'0003'])
self.assertEqual(dbv.tags, [u'xss', u'client side'])
self.assertEqual(dbv.cwe, [u'0003', u'0007'])
self.assertEqual(
dbv.owasp_top_10,
{
"2010": [1],
"2013": [2]
},
)
self.assertEqual(dbv.references, expected_references)
self.assertEqual(dbv.fix_effort, 50)
self.assertEqual(
dbv.fix_guidance, u'Y otro texto largo donde se explica como'
u' arreglar vulnerabilidades de XSS')
print i['uuid'], "-", i['id']
url = "https://127.0.0.1:8834/scans/" + str(i['id'])
sonuc = requests.get(url=url, headers=header, verify=False)
print sonuc.json()
print "zafiyetler"
for i in sonuc.json()['vulnerabilities']:
print i['plugin_name']
print i
print "===="
for i in sonuc.json()['vulnerabilities']:
pluginName = i['plugin_name']
IPler = sonuc.json()['info']['targets']
if "SQL" in pluginName:
from vulndb import DBVuln
veritabaniID = DBVuln.from_id(42)
rapor = "Tanim:" + str(veritabaniID.title) + "\n"
rapor += "IP:" + str(IPler) + "\n"
rapor += "Aciklama" + str(veritabaniID.description) + "\n"
dosya = open("rapor.txt", "a")
dosya.write(rapor)
dosya.close()
try:
print "Taranan IPler:", sonuc.json()['info']['targets']
publicIP = sozluk[str(sonuc.json()['info']['targets'])]
url = "https://api.shodan.io/shodan/host/" + str(
publicIP) + "?key=SLs2hD4d6Si43BPpEclUdsmDbA6ZNV70"
sonuc = requests.get(url=url, verify=False)
except:
pass
def test_long_lines_with_new_line(self):
dbv = DBVuln.from_id(125)
self.assertEqual(dbv.description, u'Start line 1\n'
u' Start line 2\n')
def test_long_lines(self):
dbv = DBVuln.from_id(124)
self.assertEqual(dbv.description, u'A very long description for'
u' Cross-Site Scripting')
# Name: VulnDB_Json_serpico
# Description: Script to Parse VulnDB to Serpico Vulnerability Findings
# Author: SAINTz
# Twitter: @__SAINTz__
# Version: 0.1 - 17 August 2018
# License: GNU/GPL
##
import json
from vulndb import DBVuln
DB_IDs = DBVuln.get_all_db_ids()
export_json = []
for x in DB_IDs:
dbv = DBVuln.from_id(x)
data_tmp = {
"affected_hosts": "null",
"affected_users": 10,
"approved": "true",
"damage": 10,
"discoverability": 10,
"dread_total": 0,
"effort": "Planned",
"exploitability": 10,
"id": dbv.id,
"overview": "<paragraph>" + dbv.description + "</paragraph>",
"poc": "<paragraph></paragraph>",
"references": dbv.references,
"remediation": "<paragraph>" + dbv.fix_guidance + "</paragraph>",
"reproducability": 10,
