Fork: 0
0xRoM / DirtyScripts
Transfer to URL with SHA Find file
Newer
Older
DirtyScripts / ReportToolz / vdb.php
root on 11 Dec 2019 4 KB refactor for bashrc integration
Raw Blame History 
  1. #!/usr/bin/php
  2. <?php
  3. //error_reporting(0);
  4.  
  5. /***
  6.  * Configuration options
  7.  */
  8. $vulnDB = "/opt/RossMarks/vdb/";
  9. $vdbPath = "/opt/RossMarks/DirtyScripts/ReportToolz/";
  10.  
  11. /***
  12.  * Main program - Don't edit below
  13.  */
  14. #echo " +-+-+-+-+-+-+\n |V|u|l|n|D|B|\n +-+-+-+-+-+-+\n\n";
  15.  
  16.  
  17. foreach (glob($vdbPath."classes/*.php") as $filename)
  18.     include $filename;
  19.  
  20. $definitions = new \Clapp\CommandLineArgumentDefinition(
  21.     array(
  22.         "help|h"            => "Shows help message",
  23.         "search|s=s"        => "search term",
  24.         "id|i=i"        	=> "id of vuln to view details or copy (requires -p)",
  25.         "path|p=s"        	=> "path to copy vuln to (requires -i)",
  26.     )
  27. );
  28.  
  29. $filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
  30.  
  31. if ($filter->getParam('h') === true || $argc < 2) {
  32.     fwrite(STDERR, $definitions->getUsage());
  33.     exit(0);
  34. } 
  35.  
  36. // get all vulns
  37. $vuln = recursiveScan($vulnDB);
  38. $i = 1;
  39. foreach($vuln as $key => $value){
  40. 	$vuln[$key]['count'] = $i;
  41. 	$i++;
  42. }
  43.  
  44. // search for search term
  45. if($filter->getParam("search") == true){
  46. 	#echo "[!] Searching: ".$filter->getParam("search")."\n";
  47.  
  48.  
  49. 	echo"
  50. Ref    | Title                                            |  Description
  51. -------|--------------------------------------------------|----------------------------------------------------------------\n";
  52.  
  53.  
  54. 	foreach ($vuln as $key => $value) {
  55. 		$flag = 0;
  56. 		if (strpos($vuln[$key]['title'], $filter->getParam("search")) == true){ $flag = 1; } 
  57. 		if (strpos($vuln[$key]['description'], $filter->getParam("search")) == true){ $flag = 1; } 
  58. 		if (strpos($vuln[$key]['tech_description'], $filter->getParam("search")) == true){ $flag = 1; } 
  59. 		if (strpos($vuln[$key]['impact'], $filter->getParam("search")) == true){ $flag = 1; } 
  60. 		if (strpos($vuln[$key]['solution'], $filter->getParam("search")) == true){ $flag = 1; } 
  61. 		if (strpos($vuln[$key]['tags'], $filter->getParam("search")) == true){ $flag = 1; } 
  62. 		if($flag == 1){ // found search term
  63. 			$ref = str_pad($vuln[$key]['count'], 7);
  64. 			$title = str_pad($vuln[$key]['title'], 50);
  65. 			$desc = trim(preg_replace('/\s\s+/', ' ', $vuln[$key]['tech_description']));
  66. 			$desc = str_pad( $desc, 61);
  67.  
  68. 			echo substr($ref, 0, 7); echo "|";
  69. 			echo substr($title, 0, 50); echo "|";
  70. 			echo substr($desc, 0, 61); echo "\n";
  71. 		}
  72. 	}
  73. 	echo "\n";
  74. }
  75.  
  76. if($filter->getParam("id") == true){
  77. 	$id = $filter->getParam("id");
  78. 	foreach ($vuln as $key => $value) {
  79. 		if($vuln[$key]['count'] == $id){
  80. 			$chosenVuln = $vuln[$key];
  81. 			$path = $key;
  82. 			break;
  83. 		}
  84. 	}
  85.  
  86. 	echo "\033[1m\033[4m".$chosenVuln['count']." - ".$chosenVuln['title']."\033[0m\n";
  87. 	echo "\033[1mCVSS:\033[0m ".$chosenVuln['cvss_score']." ";
  88. 	echo "\033[1mRisk:\033[0m ".$chosenVuln['risk']." ";
  89. 	echo "\033[1mOWASP:\033[0m ".$chosenVuln['owasp']."\n";
  90. 	echo "\033[1mCVSS2:\033[0m ".$chosenVuln['cvss2_score']." ".$chosenVuln['cvss2_vector']."\n";
  91. 	echo "\033[1mCVSS3:\033[0m ".$chosenVuln['cvss3_score']." ".$chosenVuln['cvss3_vector']."\n";
  92. 	echo "\033[1mDescription:\033[0m ".$chosenVuln['description']."\n";
  93. 	echo "\033[1mTechnical Description:\033[0m ".$chosenVuln['tech_description']."\n";
  94. 	echo "\033[1mSoluton:\033[0m ".$chosenVuln['solution']."\n";
  95. 	echo "\033[1mImpact: \033[0m".$chosenVuln['impact']."\n";
  96. 	echo "\033[1mRemediation:\033[0m ".$chosenVuln['remediation']."\n";
  97. 	echo "\033[1mTags:\033[0m ".$chosenVuln['tags']."\n";
  98.  
  99. 	if($filter->getParam("path") == true){
  100. 		$resultsFolder = add_ending_slash($filter->getParam("path"));
  101. 		if(file_exists($resultsFolder)){
  102. 			if(!file_exists($resultsFolder.basename($path))){
  103. 				system("cp $path $resultsFolder".basename($path));
  104. 				echo "\n\033[0;92m\033[1m".basename($path)." copied to $resultsFolder\033[0m\n";
  105. 			}else{
  106. 				echo "\n\033[0;31m\033[1m".basename($path)." already in $resultsFolder\033[0m\n";
  107. 			}
  108. 		}else{
  109. 			echo "\n\033[0;31m\033[1m$resultsFolder does not exist!\033[0m\n";
  110. 		}
  111. 	}
  112. }
  113.  
  114. function recursiveScan($dir) {
  115. 	global $vuln; 
  116.     $tree = glob(rtrim($dir, '/') . '/*');
  117.     if (is_array($tree)) {
  118.         foreach($tree as $file) {
  119.             if (is_dir($file)) {
  120.                 #echo "dir - ".$file . "\n";
  121.                 recursiveScan($file);
  122.             } elseif (is_file($file)) {
  123.                 //echo $file . "\n";
  124.                 //$vuln[] = "test";
  125.                 if(substr($file, -5) == '.json'){
  126. 	                $vuln[$file] = json_decode(file_get_contents($file), true);
  127.                 }
  128.  
  129.             }
  130.         }
  131.     }
  132.     return $vuln;
  133. }
  134. function add_ending_slash( $path ){
  135. 	if ( substr( $path, ( 0 - ( int ) strlen( "/" ) ) ) !== "/" ){ $path .= "/"; }
  136. 	return $path;
  137. }
  138. ?>
Buy Me A Coffee