Last active
August 16, 2016 15:38
-
-
Save xlcommunity/fb2f63dcf4f118dd07725d8b761c55b8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR | |
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS | |
# FOR A PARTICULAR PURPOSE. THIS CODE AND INFORMATION ARE NOT SUPPORTED BY XEBIALABS. | |
# | |
import re | |
import sys | |
import java.lang.IllegalArgumentException as IllegalArgumentException | |
from sets import Set | |
fileName = sys.argv[1] | |
infraset = set([]) | |
print "\n\n" | |
print "Searching for uses of vulnerable file [%s]" % fileName | |
# For every application that is current deployed... | |
for deployedApp in repository.read(repository.search('udm.DeployedApplication')): | |
deploymentPackage = repository.read(deployedApp.version) | |
# For every deployable component within the deployment package... | |
for deployedId in deployedApp.deployeds: | |
try: | |
deployed = repository.read(deployedId) | |
deployable = repository.read(deployed.deployable) | |
if fileName in deployable.fileUri: | |
print "Application [%s] deployed to [%s] contains vulnerable file [%s]" % (deploymentPackage,deployedApp.environment,fileName) | |
# Add this to the infraset | |
infraset.add(deployed.container) | |
except IllegalArgumentException: | |
pass | |
# Generate a "report" | |
print "\n\nThe following infrastrucuture is affected by this vulnerability\n\n" | |
#print sorted(infraset) | |
#print "" | |
# Find the common items in our deployed environments and our infrastructure | |
template = "{0:45} | {1:10}" | |
print template.format("HOST ID", "ADDRESS") | |
print template.format("=============================================","==========") | |
for item in sorted(infraset): | |
try: | |
host = repository.read(repository.read(item).host) | |
print template.format(host.id, host.address) | |
except IllegalArgumentException: | |
print template.format(host.id, "LOCALHOST") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment