-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoverview.rb
More file actions
102 lines (92 loc) · 4.13 KB
/
Copy pathoverview.rb
File metadata and controls
102 lines (92 loc) · 4.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# coding: utf-8
require 'net/https'
require 'rexml/document'
require_relative 'cvssinfo'
def init(proxy_addr = nil, proxy_port = nil)
@proxy_addr = proxy_addr
@proxy_port = proxy_port
end
def printval(item, elem_name)
item.elements.each(elem_name) do |elem|
print "#{elem_name}: #{elem.text}\n"
end
end
def search(keyword)
http = Net::HTTP::Proxy(@proxy_addr, @proxy_port).new('jvndb.jvn.jp', 443)
http.use_ssl = true
http.ca_file = './DigiCertGlobalRootG2.crt.pem'
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.start do |session|
time = Time.new
start_year = time.year - 3
puts "Vuls of '#{keyword}' from #{start_year}"
response = session.get("/myjvn?method=getVulnOverviewList&feed=hnd&rangeDatePublic=n&rangeDatePublished=n&rangeDateFirstPublished=n&keyword=#{keyword}&lang=ja&xsl=1&dateFirstPublishedStartY=#{start_year}")
if response.code != '200'
warn "#{response.code} - #{response.message}"
break
end
xml = REXML::Document.new(response.body)
if xml.root.elements['/rdf:RDF/status:Status'].nil?
warn 'Fatal error'
break
end
if xml.root.elements['/rdf:RDF/status:Status'].attributes['totalResRet'] == '0'
warn 'No results'
break
end
xml.root.elements.each('/rdf:RDF/item') do |item|
puts '==================================================='
print "title: #{item.elements['title'].text}\n"
print "link: #{item.elements['link'].text}\n"
printval(item, 'description')
printval(item, 'dc:language')
printval(item, 'dc:publisher')
printval(item, 'dc:rights')
printval(item, 'dc:creator')
printval(item, 'dc:subject')
printval(item, 'dc:identifier')
printval(item, 'dc:relation')
printval(item, 'sec:identifier')
printval(item, 'sec:references')
# printval(item, 'sec:cpe-item')
item.elements.each('sec:cvss') do |sec_cvss|
puts "cvss:version: #{sec_cvss.attributes['version']}"
puts "cvss:severity: #{sec_cvss.attributes['severity']}"
puts "cvss:score: #{sec_cvss.attributes['score']}"
puts "cvss:vector: #{sec_cvss.attributes['vector']}"
if !sec_cvss.attributes['vector'].nil? && !sec_cvss.attributes['vector'].empty?
result = CvssInfo.new(sec_cvss.attributes['vector'], sec_cvss.attributes['version'])
if sec_cvss.attributes['version'] == '3.0'
mets = sec_cvss.attributes['vector'].match(/CVSS:3.0\/AV:(?<av>\w{1})\/AC:(?<ac>\w{1})\/PR:(?<pr>\w{1})\/UI:(?<ui>\w{1})\/S:(?<s>\w{1})\/C:(?<c>\w{1})\/I:(?<i>\w{1})\/A:(?<a>\w{1})/)
puts "\tAttack Vector: #{mets[:av]} #{result.av_str}"
puts "\tAttack Complexity: #{mets[:ac]} #{result.ac_str}"
puts "\tPrivileges Required: #{mets[:pr]} #{result.pr_str}"
puts "\tUser Interaction: #{mets[:ui]} #{result.ui_str}"
puts "\tScope: #{mets[:s]} #{result.s_str}"
puts "\tConfidentiality Impact: #{mets[:c]} #{result.c_str}"
puts "\tIntegrity Impact: #{mets[:i]} #{result.i_str}"
puts "\tAvailability Impact: #{mets[:a]} #{result.a_str}"
elsif sec_cvss.attributes['version'] == '2.0'
mets = sec_cvss.attributes['vector'].match(/AV:(?<av>\w{1})\/AC:(?<ac>\w{1})\/Au:(?<au>\w{1})\/C:(?<c>\w{1})\/I:(?<i>\w{1})\/A:(?<a>\w{1})/)
puts "\tAccess Vector: #{mets[:av]} #{result.av_str}"
puts "\tAccess Complexity: #{mets[:ac]} #{result.ac_str}"
puts "\tAuthentication: #{mets[:au]} #{result.au_str}"
puts "\tConfidentiality Impact: #{mets[:c]} #{result.c_str}"
puts "\tIntegrity Impact: #{mets[:i]} #{result.i_str}"
puts "\tAvailability Impact: #{mets[:a]} #{result.a_str}"
end
puts "calc score: #{result.score}"
puts "calc severity: #{result.severity}"
end
puts "cvss:type: #{sec_cvss.attributes['type']}"
end
printval(item, 'dc:date')
printval(item, 'dcterms:issued')
printval(item, 'dcterms:modified')
end
end
end
init # proxy なし
search('postgresql') # PostgreSQLをキーワードにして脆弱性情報取得
search('struts')
search('OpenSSL')