0xded093/sec_advisor_v7.py

## sec_advisor_v7.py
#!/usr/bin/python
# -*- coding: latin-1 -*-

import json
from pprint import pprint
import urllib2
import smtplib
import getpass

vendor = 'Check Point'
id = '136'

j = urllib2.urlopen('http://www.cvedetails.com/json-feed.php?numrows=1&orderby=1&vendor_id='+ id )
j_obj = json.load(j)
#pprint(j_obj)


#JSON parse
cve = j_obj[0]['cve_id']
summary = j_obj[0]['summary']
url = j_obj[0]['url']
cvvs = j_obj[0]['cvss_score']
publish_date = j_obj[0]['publish_date']
exploit_count = j_obj[0]['exploit_count']

# check new
check_new = open("last_cve_"+id+".txt","r")
last_cve = check_new.read()
check_new.close()

if cve != last_cve:
	fromaddr = 'mail'
	toaddrs  = 'mail'
	subject = vendor+' Sec Advisory'+" ["+cve+"]"+" [CVSS Score:"+cvvs+"]"

	msg = ("From: %s\r\nTo: %s\r\nMIME-Version: 1.0\r\nContent-type: text/html\r\nSubject: %s\r\n\r\n"
	       % (fromaddr, toaddrs, subject))

	logo = '<img alt="Embedded Image" src="data:image/png;base64,[base64image]=" />'
	#logo_vendor = 'logo_'+id

	text = '<br>Servizio di Security Advisory per la tecnologia ' + vendor + ', di seguito le info sulla vulnerabilita: </br><br>' +"<b>CVE: </b></br>"+ cve + '<br>'+'<br><b>Data di pubblicazione:</b><br> '+ publish_date + "<br><br><b>Summary: </b></br> " + summary + '<br>' +"<br><b>Maggiori info:</b></br> "+ url

	has_exploit = '<br><br><b>Non sono ancora presenti exploit per questa vulnerabilita</b></br>'

	if exploit_count == "0":
		msg =  msg + logo + text + has_exploit
		pass
	else:
		msg =  msg + logo + text
		pass

	# Credentials (if needed)
	username = 'mail'
	password = getpass.getpass("Password:");


	# The actual mail send
	server = smtplib.SMTP('mailserver')
	server.starttls()
	server.login(username,password)
	server.sendmail(fromaddr, toaddrs, msg)
	server.quit()

	#aggiorno last_cve
	out_file = open("last_cve_"+id+".txt","w")
	out_file.write(cve)
	out_file.close()
else:
	print "Non ci sono nuovi CVE"
	#!/usr/bin/python
	# -- coding: latin-1 --

	import json
	from pprint import pprint
	import urllib2
	import smtplib
	import getpass

	vendor = 'Check Point'
	id = '136'

	j = urllib2.urlopen('http://www.cvedetails.com/json-feed.php?numrows=1&orderby=1&vendor_id='+ id )
	j_obj = json.load(j)
	#pprint(j_obj)


	#JSON parse
	cve = j_obj[0]['cve_id']
	summary = j_obj[0]['summary']
	url = j_obj[0]['url']
	cvvs = j_obj[0]['cvss_score']
	publish_date = j_obj[0]['publish_date']
	exploit_count = j_obj[0]['exploit_count']

	# check new
	check_new = open("last_cve_"+id+".txt","r")
	last_cve = check_new.read()
	check_new.close()

	if cve != last_cve:
	fromaddr = 'mail'
	toaddrs = 'mail'
	subject = vendor+' Sec Advisory'+" ["+cve+"]"+" [CVSS Score:"+cvvs+"]"

	msg = ("From: %s\r\nTo: %s\r\nMIME-Version: 1.0\r\nContent-type: text/html\r\nSubject: %s\r\n\r\n"
	% (fromaddr, toaddrs, subject))

	logo = '<img alt="Embedded Image" src="data:image/png;base64,[base64image]=" />'
	#logo_vendor = 'logo_'+id

	text = '<br>Servizio di Security Advisory per la tecnologia ' + vendor + ', di seguito le info sulla vulnerabilita: </br><br>' +"<b>CVE: </b></br>"+ cve + '<br>'+'<br><b>Data di pubblicazione:</b><br> '+ publish_date + "<br><br><b>Summary: </b></br> " + summary + '<br>' +"<br><b>Maggiori info:</b></br> "+ url

	has_exploit = '<br><br><b>Non sono ancora presenti exploit per questa vulnerabilita</b></br>'

	if exploit_count == "0":
	msg = msg + logo + text + has_exploit
	pass
	else:
	msg = msg + logo + text
	pass

	# Credentials (if needed)
	username = 'mail'
	password = getpass.getpass("Password:");


	# The actual mail send
	server = smtplib.SMTP('mailserver')
	server.starttls()
	server.login(username,password)
	server.sendmail(fromaddr, toaddrs, msg)
	server.quit()

	#aggiorno last_cve
	out_file = open("last_cve_"+id+".txt","w")
	out_file.write(cve)
	out_file.close()
	else:
	print "Non ci sono nuovi CVE"