Newer
Older
DirtyScripts / ReportToolz / vdb.php
root on 16 Nov 2019 4 KB vdb.php added
#!/usr/bin/php
<?php
//error_reporting(0);

/***
 * Configuration options
 */
$vulnDB = "/opt/RossMarks/vdb/";

/***
 * Main program - Don't edit below
 */
#echo " +-+-+-+-+-+-+\n |V|u|l|n|D|B|\n +-+-+-+-+-+-+\n\n";


foreach (glob("classes/*.php") as $filename)
    include $filename;

$definitions = new \Clapp\CommandLineArgumentDefinition(
    array(
        "help|h"            => "Shows help message",
        "search|s=s"        => "search term",
        "id|i=i"        	=> "id of vuln to view details or copy (requires -p)",
        "path|p=s"        	=> "path to copy vuln to (requires -c)",
    )
);

$filter = new \Clapp\CommandArgumentFilter($definitions, $argv);

if ($filter->getParam('h') === true || $argc < 2) {
    fwrite(STDERR, $definitions->getUsage());
    exit(0);
} 

// get all vulns
$vuln = recursiveScan($vulnDB);
$i = 1;
foreach($vuln as $key => $value){
	$vuln[$key]['count'] = $i;
	$i++;
}

// search for search term
if($filter->getParam("search") == true){
	#echo "[!] Searching: ".$filter->getParam("search")."\n";


	echo"
Ref    | Title                                            |  Description
-------|--------------------------------------------------|----------------------------------------------------------------\n";


	foreach ($vuln as $key => $value) {
		$flag = 0;
		if (strpos($vuln[$key]['title'], $filter->getParam("search")) == true){ $flag = 1; } 
		if (strpos($vuln[$key]['description'], $filter->getParam("search")) == true){ $flag = 1; } 
		if (strpos($vuln[$key]['tech_description'], $filter->getParam("search")) == true){ $flag = 1; } 
		if (strpos($vuln[$key]['impact'], $filter->getParam("search")) == true){ $flag = 1; } 
		if (strpos($vuln[$key]['solution'], $filter->getParam("search")) == true){ $flag = 1; } 
		if (strpos($vuln[$key]['tags'], $filter->getParam("search")) == true){ $flag = 1; } 
		if($flag == 1){ // found search term
			$ref = str_pad($vuln[$key]['count'], 7);
			$title = str_pad($vuln[$key]['title'], 50);
			$desc = trim(preg_replace('/\s\s+/', ' ', $vuln[$key]['tech_description']));
			$desc = str_pad( $desc, 61);

			echo substr($ref, 0, 7); echo "|";
			echo substr($title, 0, 50); echo "|";
			echo substr($desc, 0, 61); echo "\n";
		}
	}
	echo "\n";
}

if($filter->getParam("id") == true){
	$id = $filter->getParam("id");
	foreach ($vuln as $key => $value) {
		if($vuln[$key]['count'] == $id){
			$chosenVuln = $vuln[$key];
			$path = $key;
			break;
		}
	}

	echo "\033[1m\033[4m".$chosenVuln['count']." - ".$chosenVuln['title']."\033[0m\n";
	echo "\033[1mCVSS:\033[0m ".$chosenVuln['cvss_score']." ";
	echo "\033[1mRisk:\033[0m ".$chosenVuln['risk']." ";
	echo "\033[1mOWASP:\033[0m ".$chosenVuln['owasp']."\n";
	echo "\033[1mCVSS2:\033[0m ".$chosenVuln['cvss2_score']." ".$chosenVuln['cvss2_vector']."\n";
	echo "\033[1mCVSS3:\033[0m ".$chosenVuln['cvss3_score']." ".$chosenVuln['cvss3_vector']."\n";
	echo "\033[1mDescription:\033[0m ".$chosenVuln['description']."\n";
	echo "\033[1mTechnical Description:\033[0m ".$chosenVuln['tech_description']."\n";
	echo "\033[1mSoluton:\033[0m ".$chosenVuln['solution']."\n";
	echo "\033[1mImpact: \033[0m".$chosenVuln['impact']."\n";
	echo "\033[1mRemediation:\033[0m ".$chosenVuln['remediation']."\n";
	echo "\033[1mTags:\033[0m ".$chosenVuln['tags']."\n";

	if($filter->getParam("path") == true){
		$resultsFolder = add_ending_slash($filter->getParam("path"));
		if(file_exists($resultsFolder)){
			if(!file_exists($resultsFolder.basename($path))){
				system("cp $path $resultsFolder".basename($path));
				echo "\n\033[0;92m\033[1m".basename($path)." copied to $resultsFolder\033[0m\n";
			}else{
				echo "\n\033[0;31m\033[1m".basename($path)." already in $resultsFolder\033[0m\n";
			}
		}else{
			echo "\n\033[0;31m\033[1m$resultsFolder does not exist!\033[0m\n";
		}
	}
}

function recursiveScan($dir) {
	global $vuln; 
    $tree = glob(rtrim($dir, '/') . '/*');
    if (is_array($tree)) {
        foreach($tree as $file) {
            if (is_dir($file)) {
                #echo "dir - ".$file . "\n";
                recursiveScan($file);
            } elseif (is_file($file)) {
                //echo $file . "\n";
                //$vuln[] = "test";
                if(substr($file, -5) == '.json'){
	                $vuln[$file] = json_decode(file_get_contents($file), true);
                }

            }
        }
    }
    return $vuln;
}
function add_ending_slash( $path ){
	if ( substr( $path, ( 0 - ( int ) strlen( "/" ) ) ) !== "/" ){ $path .= "/"; }
	return $path;
}
?>