Adding CVE vulneralities list generation
This commit is contained in:
root
parent
985c7d790c
commit
7394833f80
3 changed files with 34 additions and 10 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -1,3 +1,5 @@
|
|||
build/mysqltuner-*
|
||||
build/mysqltuner.spec
|
||||
build/build.log
|
||||
build/cve*
|
||||
build/vulnerabilities*
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ install -p %{name}.pl $RPM_BUILD_ROOT%{_bindir}/%{name}
|
|||
install -d $RPM_BUILD_ROOT%{_datarootdir}/%{name}
|
||||
install -p LICENSE $RPM_BUILD_ROOT%{_datarootdir}/%{name}
|
||||
install -p basic_passwords.txt $RPM_BUILD_ROOT%{_datarootdir}/%{name}
|
||||
install -p vulnerabilities.csv $RPM_BUILD_ROOT%{_datarootdir}/%{name}
|
||||
install -p %{name}.1.gz $RPM_BUILD_ROOT/%{_mandir}/man1
|
||||
|
||||
%clean
|
||||
|
|
@ -45,6 +46,6 @@ rm -rf $RPM_BUILD_ROOT
|
|||
%{_mandir}/man1/*
|
||||
|
||||
%changelog
|
||||
* Thu Jun 18 2015 Jean-Marie RENOUARD <jmrenouard@gmail.com> %VERSION%-1
|
||||
* Tue Jan 05 2015 Jean-Marie RENOUARD <jmrenouard@gmail.com> %VERSION%-1
|
||||
- Initial RPM release
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@ use warnings;
|
|||
use strict;
|
||||
use WWW::Mechanize::GZip;
|
||||
use File::Util;
|
||||
use Data::Dumper;
|
||||
use List::MoreUtils qw(uniq);
|
||||
my $verbose;
|
||||
sub AUTOLOAD {
|
||||
use vars qw($AUTOLOAD);
|
||||
|
|
@ -36,19 +38,38 @@ $mech->add_handler("response_redirect" => sub { print '#'x80,"\nREDIRECT RESPONS
|
|||
|
||||
|
||||
my $url = 'http://cve.mitre.org/data/downloads/allitems.csv';
|
||||
my $resp=$mech->get($url);
|
||||
my $resp;
|
||||
|
||||
unlink 'cve.cvs' if -f 'cve.csv';
|
||||
$mech->save_content( "cve.csv" );
|
||||
unless (-f 'cve.csv')
|
||||
{
|
||||
$resp=$mech->get($url);
|
||||
$mech->save_content( "cve.csv" );
|
||||
}
|
||||
|
||||
my $f=File::Util->new('readlimit' => 100000000, 'use_flock'=>'false');
|
||||
my(@lines) = $f->load_file('cve.csv', '--as-lines');
|
||||
|
||||
unlink 'vulnerability.csv' if -f 'vulnerability.csv';
|
||||
my @versions;
|
||||
my $temp;
|
||||
unlink 'vulnerabilities.csv' if -f 'vulnerabilities.csv';
|
||||
foreach my $line (@lines) {
|
||||
if ($line =~ /(mysql|mariadb)/i and $line =~ /server/i) {
|
||||
$f->write_file('file' => 'vulnerability.csv', 'content' => "$line\n", 'mode' => 'append');
|
||||
if ($line =~ /(mysql|mariadb)/i
|
||||
and $line =~ /server/i
|
||||
and $line =~ /CANDIDATE/i
|
||||
and $line !~ /MaxDB/i
|
||||
and $line !~ /\*\* REJECT \*\* /i
|
||||
and $line !~ /\*\* DISPUTED \*\* /i
|
||||
and $line !~ /(Radius|Proofpoint|Active\ Record|XAMPP|TGS\ Content|e107|post-installation|Apache\ HTTP|Zmanda|pforum|phpMyAdmin|Proxy\ Server|on\ Windows|ADOdb|Mac\ OS|Dreamweaver|InterWorx|libapache2|cisco|ProFTPD)/i) {
|
||||
$line =~ s/,/;/g;
|
||||
|
||||
@versions = $line =~/(\d{1,2}\.\d+\.[\d|x]+)/g;
|
||||
|
||||
foreach my $vers (uniq(@versions)) {
|
||||
my @nb=split('\.', $vers);
|
||||
#print $vers."\n".Dumper @nb;
|
||||
#exit 0;
|
||||
$f->write_file('file' => 'vulnerabilities.csv', 'content' => "$vers;$nb[0];$nb[1];$nb[2];$line\n", 'mode' => 'append');
|
||||
}
|
||||
}
|
||||
}
|
||||
unlink 'cve.cvs' if -f 'cve.csv';
|
||||
exit(0);
|
||||
|
||||
exit(0);
|
||||
Loading…
Reference in a new issue