Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#
# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS
# FOR A PARTICULAR PURPOSE. THIS CODE AND INFORMATION ARE NOT SUPPORTED BY XEBIALABS.
#
import re
import sys
import java.lang.IllegalArgumentException as IllegalArgumentException
from sets import Set
fileName = sys.argv[1]
infraset = set([])
print "\n\n"
print "Searching for uses of vulnerable file [%s]" % fileName
# For every application that is current deployed...
for deployedApp in repository.read(repository.search('udm.DeployedApplication')):
deploymentPackage = repository.read(deployedApp.version)
# For every deployable component within the deployment package...
for deployedId in deployedApp.deployeds:
try:
deployed = repository.read(deployedId)
deployable = repository.read(deployed.deployable)
if fileName in deployable.fileUri:
print "Application [%s] deployed to [%s] contains vulnerable file [%s]" % (deploymentPackage,deployedApp.environment,fileName)
# Add this to the infraset
infraset.add(deployed.container)
except IllegalArgumentException:
pass
# Generate a "report"
print "\n\nThe following infrastrucuture is affected by this vulnerability\n\n"
#print sorted(infraset)
#print ""
# Find the common items in our deployed environments and our infrastructure
template = "{0:45} | {1:10}"
print template.format("HOST ID", "ADDRESS")
print template.format("=============================================","==========")
for item in sorted(infraset):
try:
host = repository.read(repository.read(item).host)
print template.format(host.id, host.address)
except IllegalArgumentException:
print template.format(host.id, "LOCALHOST")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment