 2011-11-17 20:41 @903 |
|
|
Doddy
Perlero Senior
|
Registrado: 2009-03-01 18:39 @818
Mensajes: 387
|
|
|
SecurityFocus Manager
|
Bueno, quería mostrar el código que con la ayuda de explorer logré terminar. Este simple programa lista las últimas vulnerabilidades publicadas en securityfocus.com y podremos verlas desde consola viendo la información, exploit, solución... El código es el siguiente: Using perl Syntax Highlighting #!/usr/bin/perl #SecurityFocus Manager 0.3 #(C) Doddy Hackman 2011 ##ppm install http://www.bribes.org/perl/ppm/HTML-Strip.ppd use LWP::UserAgent; use HTML::Parser; use HTML::Strip; my $nave = LWP::UserAgent->new; $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); $nave->timeout(5); head(); refrescar(); sub refrescar { clean(); head(); print "\n\n[+] List of vulnerabilities\n\n\n"; my %links = getlinks($code); my $contador = -1; for my $da(keys %links) { $contador++; print "[$contador] : $da\n"; } print qq( [1] : Refresh [2] : Info [3] : Discussion [4] : Exploit [5] : Solution [6] : References [7] : Exit ); print "\n[Option] : "; chomp(my $op = <stdin>); if ($op eq 1) { clean(); refrescar(); } elsif ($op eq 2) { print "\n[+] Number : "; chomp(my $se=<stdin>); my $fin = (keys %links)[$se]; my $pro = (values %links)[$se]; dar($fin,$pro,"tres"); } elsif($op eq 3) { print "\n[+] Number : "; chomp(my $se=<stdin>); my $fin = (keys %links)[$se]; my $pro = (values %links)[$se]; dar($fin,$pro,"cuatro"); } elsif($op eq 4) { print "\n[+] Number : "; chomp(my $se=<stdin>); my $fin = (keys %links)[$se]; my $pro = (values %links)[$se]; dar($fin,$pro,"cinco"); } elsif ($op eq 5) { print "\n[+] Number : "; chomp(my $se=<stdin>); my $fin = (keys %links)[$se]; my $pro = (values %links)[$se]; dar($fin,$pro,"seis"); } elsif ($op eq 6) { print "\n[+] Number : "; chomp(my $se=<stdin>); my $fin = (keys %links)[$se]; my $pro = (values %links)[$se]; dar($fin,$pro,"siete"); } elsif ($op eq 7) { copyright(); exit(1); } else { refrescar(); } } sub dar { my($title,$numero,$op) = @_; print "\n\n[+] Getting data\n\n"; if ($op eq "tres") { $link = "http://www.securityfocus.com/bid/$numero/info"; } if ($op eq "cuatro") { $link = "http://www.securityfocus.com/bid/$numero/discuss"; } if ($op eq "cinco") { $link = "http://www.securityfocus.com/bid/$numero/exploit"; } if ($op eq "seis") { $link = "http://www.securityfocus.com/bid/$numero/solution"; } if ($op eq "siete") { $link = "http://www.securityfocus.com/bid/$numero/references"; } my $code = toma($link); if ($code=~/<div id="vulnerability">(.*?)<\/div>/s){ my $code = $1; chomp $code; my $uno = HTML::Strip->new(emit_spaces =>1); my $final = $uno->parse($code); $final =~ s/^[\t\f ]+|[\t\f ]+$//mg; $final =~s/$title/ /; print $final; } print "\n\n[+] Press any key to continue\n\n"; <stdin>; refrescar(); } sub getlinks { my $code = toma("http://www.securityfocus.com/"); my $test = HTML::Parser->new( start_h => [\&start, "tagname,attr"], text_h => [\&text, "dtext"], ); $test->parse($code); sub start { my($a,$b) = @_; my %e = %$b; unless($a ne "a") { $d = $e{href}; $c = $a; }} sub text { my $title = shift; chomp $title; unless($c ne "a") { if ($d=~/\/bid\/(.*)/) { my $id = $1; unless($title=~/www.securityfocus.com/) { $links{$title} = $id; }} $d = ""; }} return %links; } sub toma { return $nave->get($_[0])->content; } sub repes { foreach $test(@_) { push @limpio,$test unless $repe{$test}++; } return @limpio; } sub clean { #if ($^O =~/Win32/ig) { system("cls"); #} else { #system("clear"); #} } sub head { print "\n\n-- == SecurityFocus Manager 0.3 == --\n\n"; } sub copyright { print "\n\n\n(C) Doddy Hackman 2011\n\n"; } #Credits: Thanks to explorer (perlenespanol) # The End ?
|
| 2011-11-18 08:22 @390 |
|
|
Doddy
Perlero Senior
|
Registrado: 2009-03-01 18:39 @818
Mensajes: 387
|
|
|
Re: SecurityFocus Manager
|
|
Sí, en la parte del menú hay mucho código repetido pero no se me ocurrió cómo reducirlo...
|
| 2011-11-18 19:44 @864 |
|
|
 |
explorer
Administrador
|
Registrado: 2005-07-24 18:12 @800
Ubicación: Valladolid, España
Mensajes: 10272
|
|
|
Re: SecurityFocus Manager
|
Esta es mi versión, aunque hay alguna cosilla que no me gusta cómo ha quedado. Using perl Syntax Highlighting #!/usr/bin/perl # # SecurityFocus Manager 0.3.1 # (C) Doddy Hackman 2011 # # Show lastest vulnerabilities from SecurityFocus. # # JF version. use 5.010; use strict; use autodie; use warnings; use diagnostics; ### Modules ### use HTML::Strip; use Term::Menus; use WWW::Mechanize; ### Constants ### my $SECURITYFOCUS_URL = 'http://www.securityfocus.com'; my @SECURITYFOCUS_OPTIONS = qw(Info Discuss Exploit Solution References); ### Init ### my $html_strip_parser = HTML::Strip->new( emit_spaces => 0 ); my $mech = WWW::Mechanize->new(); $mech->agent_alias('Linux Mozilla'); $Term::Menus::noclear = 1; $Term::Menus::blanklines = "\n"; ### Program ### print "\n\n-- == SecurityFocus Manager 0.3.1 == --\n\n"; my $to_end = 0; my @vulnerabilities; do { if (!@vulnerabilities) { say "Refreshing..."; $mech->get($SECURITYFOCUS_URL); for my $url_ref ($mech->find_all_links( url_regex => qr(^/bid/))) { my($url, $text) = ($url_ref->url, $url_ref->text); next if $text =~ /^http/; push @vulnerabilities, [ $url, $text ]; } } say '[++] List of vulnerabilities: '; my $i = 1; for (@vulnerabilities) { printf "[%2d] : %s\n", $i++, $_->[1]; } # Menu my $selection = pick( [ 'Refresh', @SECURITYFOCUS_OPTIONS, ], '[Option] : ' ); given ($selection) { when ('Refresh') { system('clear'); undef @vulnerabilities; } when (']quit[') { $to_end = 'yes!'; } when (@SECURITYFOCUS_OPTIONS) { print "\n[$selection] Number? : "; chomp(my $sel = <>); say "\n[+] Getting data...\n"; if ($sel <= @vulnerabilities) { $sel--; $mech->get( $SECURITYFOCUS_URL . $vulnerabilities[$sel]->[0] . "/\L$selection" ); if ( $mech->content =~ /^<div id="vulnerability">(.*?)^<\/div>/sm ) { my $final = $html_strip_parser->parse($1); $final =~ s/^\s+$//gm; $final =~ s/\n+/\n/g; say $final; # open my $LESS, "|less -F -S -- -"; # print $LESS $final; # close $LESS; say "[+] Press Enter key to continue"; <>; } } } } } while (not $to_end); print "\n\n\n(C) Doddy Hackman 2011\n\n"; # Credits: Thanks to explorer (perlenespanol.com) # The End ? __END__
_________________
JF^D Perl programming
|
| 2011-11-19 12:38 @568 |
|
|
Doddy
Perlero Senior
|
Registrado: 2009-03-01 18:39 @818
Mensajes: 387
|
|
|
Re: SecurityFocus Manager
|
Yo había pensado algo así. Using perl Syntax Highlighting #!usr/bin/perl #SecurityFocus Manager 0.3 #(C) Doddy Hackman 2011 ##ppm install <!-- m --><a class="postlink" href="http://www.bribes.org/perl/ppm/HTML-Strip.ppd">http://www.bribes.org/perl/ppm/HTML-Strip.ppd</a><!-- m --> use LWP::UserAgent; use HTML::Parser; use HTML::Strip; my $nave = LWP::UserAgent->new; $nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"); $nave->timeout(5); head(); refrescar(); sub refrescar { clean(); head(); print "\n\n[+] List of vulnerabilities\n\n\n"; my %links = getlinks($code); my $contador = -1; for my $da(keys %links) { $contador++; print "[$contador] : $da\n"; } print qq( [1] : Refresh [2] : Info [3] : Discussion [4] : Exploit [5] : Solution [6] : References [7] : Exit ); print "\n[Option] : "; chomp(my $op = <stdin>); if ($op eq 1) { clean(); refrescar(); } elsif ($op eq 2) { my $se = preguntar(); dar((keys %links)[$se],(values %links)[$se],"tres"); } elsif($op eq 3) { my $se = preguntar(); dar((keys %links)[$se],(values %links)[$se],"cuatro"); } elsif($op eq 4) { my $se = preguntar(); dar((keys %links)[$se],(values %links)[$se],"cinco"); } elsif ($op eq 5) { my $se = preguntar(); dar((keys %links)[$se],(values %links)[$se],"seis"); } elsif ($op eq 6) { my $se = preguntar(); dar((keys %links)[$se],(values %links)[$se],"siete"); } elsif ($op eq 7) { copyright(); exit(1); } else { refrescar(); } } sub preguntar { print "\n[+] Number : "; chomp(my $se=<stdin>); return $se; } sub dar { my($title,$numero,$op) = @_; print "\n\n[+] Getting data\n\n"; if ($op eq "tres") { $link = "http://www.securityfocus.com/bid/$numero/info"; } if ($op eq "cuatro") { $link = "http://www.securityfocus.com/bid/$numero/discuss"; } if ($op eq "cinco") { $link = "http://www.securityfocus.com/bid/$numero/exploit"; } if ($op eq "seis") { $link = "http://www.securityfocus.com/bid/$numero/solution"; } if ($op eq "siete") { $link = "http://www.securityfocus.com/bid/$numero/references"; } my $code = toma($link); if ($code=~/<div id="vulnerability">(.*?)<\/div>/s){ my $code = $1; chomp $code; my $uno = HTML::Strip->new(emit_spaces =>1); my $final = $uno->parse($code); $final =~ s/^[\t\f ]+|[\t\f ]+$//mg; $final =~s/$title/ /; print $final; } print "\n\n[+] Press any key to continue\n\n"; <stdin>; refrescar(); } sub getlinks { my $code = toma("http://www.securityfocus.com/"); my $test = HTML::Parser->new( start_h => [\&start, "tagname,attr"], text_h => [\&text, "dtext"], ); $test->parse($code); sub start { my($a,$b) = @_; my %e = %$b; unless($a ne "a") { $d = $e{href}; $c = $a; }} sub text { my $title = shift; chomp $title; unless($c ne "a") { if ($d=~/\/bid\/(.*)/) { my $id = $1; unless($title=~/www.securityfocus.com/) { $links{$title} = $id; }} $d = ""; }} return %links; } sub toma { return $nave->get($_[0])->content; } sub repes { foreach $test(@_) { push @limpio,$test unless $repe{$test}++; } return @limpio; } sub clean { #if ($^O =~/Win32/ig) { system("cls"); #} else { #system("clear"); #} } sub head { print "\n\n-- == SecurityFocus Manager 0.3 == --\n\n"; } sub copyright { print "\n\n\n(C) Doddy Hackman 2011\n\n"; } #Credits: Thanks to explorer (perlenespanol) # The End ?
|
| 2011-11-19 15:12 @675 |
|
|
Doddy
Perlero Senior
|
Registrado: 2009-03-01 18:39 @818
Mensajes: 387
|
|
|
Re: SecurityFocus Manager
|
|
Agregué una función para cuando se pregunte el número.
|
|
Página 1 de 1
|
[ 7 mensajes ] |
|
| Reglas del Foro |
|---|
No puedes abrir nuevos temas en este Foro
No puedes responder a temas en este Foro
No puedes editar tus mensajes en este Foro
No puedes borrar tus mensajes en este Foro
No puedes enviar adjuntos en este Foro
|
|
Socializa |
 |
|
