Fork: 0
0xRoM / DirtyScripts
Transfer to URL with SHA Find file
Newer
Older
DirtyScripts / ReportToolz / vdb.php
root on 13 May 2020 4 KB minor fixes and initial floss script
Raw Blame History 
  1. #!/usr/bin/php
  2. <?php
  3. //error_reporting(0);
  4. include('config.php');
  5.  
  6. /***
  7.  * Main program - Don't edit below
  8.  */
  9. #echo " +-+-+-+-+-+-+\n |V|u|l|n|D|B|\n +-+-+-+-+-+-+\n\n";
  10.  
  11.  
  12. foreach (glob($vdbPath."classes/*.php") as $filename)
  13.     include $filename;
  14.  
  15. $definitions = new \Clapp\CommandLineArgumentDefinition(
  16.     array(
  17.         "help|h"            => "Shows help message",
  18.         "search|s=s"        => "search term",
  19.         "id|i=i"        	=> "id of vuln to view details or copy (requires -p)",
  20.         "path|p=s"        	=> "path to copy vuln to (requires -i)",
  21.     )
  22. );
  23.  
  24. $filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
  25.  
  26. if ($filter->getParam('h') === true || $argc < 2) {
  27.     fwrite(STDERR, $definitions->getUsage());
  28.     exit(0);
  29. } 
  30.  
  31. // get all vulns
  32. $vuln = recursiveScan($vulnDB);
  33. $i = 1;
  34. foreach($vuln as $key => $value){
  35. 	$vuln[$key]['count'] = $i;
  36. 	$i++;
  37. }
  38.  
  39. // search for search term
  40. if($filter->getParam("search") == true){
  41. 	#echo "[!] Searching: ".$filter->getParam("search")."\n";
  42.  
  43.  
  44. 	echo"
  45. Ref    | Title                                            |  Description
  46. -------|--------------------------------------------------|----------------------------------------------------------------\n";
  47.  
  48.  
  49. 	foreach ($vuln as $key => $value) {
  50. 		$flag = 0;
  51. 		if (strpos(strtolower($vuln[$key]['title']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  52. 		if (strpos(strtolower($vuln[$key]['description']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  53. 		if (strpos(strtolower($vuln[$key]['tech_description']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  54. 		if (strpos(strtolower($vuln[$key]['impact']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  55. 		if (strpos(strtolower($vuln[$key]['solution']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  56. 		if (strpos(strtolower($vuln[$key]['tags']), strtolower($filter->getParam("search"))) == true){ $flag = 1; } 
  57. 		if($flag == 1){ // found search term
  58. 			$ref = str_pad($vuln[$key]['count'], 7);
  59. 			$title = str_pad($vuln[$key]['title'], 50);
  60. 			$desc = trim(preg_replace('/\s\s+/', ' ', $vuln[$key]['tech_description']));
  61. 			$desc = str_pad( $desc, 61);
  62.  
  63. 			echo substr($ref, 0, 7); echo "|";
  64. 			echo substr($title, 0, 50); echo "|";
  65. 			echo substr($desc, 0, 61); echo "\n";
  66. 		}
  67. 	}
  68. 	echo "\n";
  69. }
  70.  
  71. if($filter->getParam("id") == true){
  72. 	$id = $filter->getParam("id");
  73. 	foreach ($vuln as $key => $value) {
  74. 		if($vuln[$key]['count'] == $id){
  75. 			$chosenVuln = $vuln[$key];
  76. 			$path = $key;
  77. 			break;
  78. 		}
  79. 	}
  80.  
  81. 	echo "\033[1m\033[4m".$chosenVuln['count']." - ".$chosenVuln['title']."\033[0m\n";
  82. 	echo "\033[1mCVSS:\033[0m ".$chosenVuln['cvss_score']." ";
  83. 	echo "\033[1mRisk:\033[0m ".$chosenVuln['risk']." ";
  84. 	echo "\033[1mOWASP:\033[0m ".$chosenVuln['owasp']."\n";
  85. 	echo "\033[1mCVSS2:\033[0m ".$chosenVuln['cvss2_score']." ".$chosenVuln['cvss2_vector']."\n";
  86. 	echo "\033[1mCVSS3:\033[0m ".$chosenVuln['cvss3_score']." ".$chosenVuln['cvss3_vector']."\n";
  87. 	echo "\033[1mDescription:\033[0m ".$chosenVuln['description']."\n";
  88. 	echo "\033[1mTechnical Description:\033[0m ".$chosenVuln['tech_description']."\n";
  89. 	echo "\033[1mSoluton:\033[0m ".$chosenVuln['solution']."\n";
  90. 	echo "\033[1mImpact: \033[0m".$chosenVuln['impact']."\n";
  91. 	echo "\033[1mRemediation:\033[0m ".$chosenVuln['remediation']."\n";
  92. 	echo "\033[1mTags:\033[0m ".$chosenVuln['tags']."\n";
  93.  
  94. 	if($filter->getParam("path") == true){
  95. 		$resultsFolder = add_ending_slash($filter->getParam("path"));
  96. 		if(file_exists($resultsFolder)){
  97. 			if(!file_exists($resultsFolder.basename($path))){
  98. 				system("cp $path $resultsFolder".basename($path));
  99. 				echo "\n\033[0;92m\033[1m".basename($path)." copied to $resultsFolder\033[0m\n";
  100. 			}else{
  101. 				echo "\n\033[0;31m\033[1m".basename($path)." already in $resultsFolder\033[0m\n";
  102. 			}
  103. 		}else{
  104. 			echo "\n\033[0;31m\033[1m$resultsFolder does not exist!\033[0m\n";
  105. 		}
  106. 	}
  107. }
  108.  
  109. function recursiveScan($dir) {
  110. 	global $vuln; 
  111.     $tree = glob(rtrim($dir, '/') . '/*');
  112.     if (is_array($tree)) {
  113.         foreach($tree as $file) {
  114.             if (is_dir($file)) {
  115.                 #echo "dir - ".$file . "\n";
  116.                 recursiveScan($file);
  117.             } elseif (is_file($file)) {
  118.                 //echo $file . "\n";
  119.                 //$vuln[] = "test";
  120.                 if(substr($file, -5) == '.json'){
  121. 	                $vuln[$file] = json_decode(file_get_contents($file), true);
  122.                 }
  123.  
  124.             }
  125.         }
  126.     }
  127.     return $vuln;
  128. }
  129. function add_ending_slash( $path ){
  130. 	if ( substr( $path, ( 0 - ( int ) strlen( "/" ) ) ) !== "/" ){ $path .= "/"; }
  131. 	return $path;
  132. }
  133. ?>
Buy Me A Coffee