Created
July 22, 2015 08:54
-
-
Save m1el/44e2500910a0dba31cbc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wget https://cve.mitre.org/data/downloads/allitems-cvrf.xml | |
python3 vgrep.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rexec: 19268 | |
DoS: 14849 | |
xss: 9236 | |
memory: 8212 | |
sqlinj: 6230 | |
privilege: 3321 | |
dirtraversal: 2762 | |
arith: 1260 | |
csrf: 1117 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from lxml import etree | |
from collections import defaultdict | |
import re | |
ns = { | |
'cvrf': 'http://www.icasi.org/CVRF/schema/cvrf/1.1', | |
'vuln': 'http://www.icasi.org/CVRF/schema/vuln/1.1' | |
} | |
vuln_xpath = '/cvrf:cvrfdoc/vuln:Vulnerability' | |
desc_xpath = 'vuln:Notes/vuln:Note[@Type="Description"]' | |
vuln_texts = [ | |
('sqlinj', re.compile(r'SQL injection', re.I)), | |
('xss', re.compile(r'cross.site.scripting|script injection', re.I)), | |
('privilege', re.compile(r'gain privileges|root privileges|dropping privileges|additional privileges|gain additional group privileges', re.I)), | |
('DoS', re.compile(r'denial of service', re.I)), | |
('memory', re.compile(r'buffer overflow|double free|stack corruption|Use.after.free|ASLR', re.I)), | |
('csrf', re.compile(r'Cross-site request forgery', re.I)), | |
('rexec', re.compile(r'remote( code| command)? execution|execute.*?(arbitrary code|programs|command)')), | |
#('reserved', re.compile(r'^\*\* RESERVED \*\*')), | |
#('reject', re.compile(r'^\*\* REJECT \*\*')), | |
#('unspecified', re.compile(r'Unspecified vulnerability', re.I)), | |
('dirtraversal', re.compile(r'directory traversal', re.I)), | |
('arith', re.compile(r'Integer overflow|integer underflow|Integer signedness|signed integer', re.I)), | |
] | |
if __name__ == '__main__': | |
count = defaultdict(int) | |
tree = etree.parse('allitems-cvrf.xml') | |
for vuln in tree.xpath(vuln_xpath, namespaces=ns): | |
description = vuln.xpath(desc_xpath, namespaces=ns) | |
if not description: | |
continue | |
description = description[0].text.replace('\n', ' ') | |
for typ, regex in vuln_texts: | |
if re.search(regex, description): | |
count[typ] += 1 | |
keys = [x[0] for x in vuln_texts] | |
keys = sorted(keys, key=lambda x:count[x], reverse=True) | |
for k in keys: | |
print('%s: %d' % (k, count[k])) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment