User Controls

Check out my CVE parser.

  1. #1
    Sophie Pedophile Tech Support
    So i had the idea to write a CVE parser, the idea was good but i think the implementation could use a little work. With that in mind i released it as BETA. Start it from teh command line with `python cveparser.py` and input your Shodan.io API key after which you will be prompted to install Searchsploit which is a CVE parser as well made by Offensive Security. It checks ExploitDB for CVE's. I figured i would just include it to get a more complete data set. In any case i will post the source below,


    #!/usr/bin/env python2.7

    import sys
    import csv
    import time
    import shodan
    import pickle
    import os.path
    import pycurl
    import json

    from blessings import Terminal

    t = Terminal()
    c = pycurl.Curl()

    edb = False
    logging = False

    # Print logo
    print t.cyan("""
    oo.ooooo. oooo ooo oo.ooooo. .oooo. oooo d8b .oooo.o .ooooo. oooo d8b
    888' `88b `88. .8' 888' `88b `P )88b `888""8P d88( "8 d88' `88b `888""8P
    888 888 `88..8' 888 888 .oP"888 888 `"Y88b. 888ooo888 888
    888 888 `888' 888 888 d8( 888 888 o. )88b 888 .o 888
    888bod8P' .8' 888bod8P' `Y888""8o d888b 8""888P' `Y8bod8P' d888b
    888 .o..P' 888
    o888o `Y8P' o888o
    Common Vulnerabilities and Exploits
    """)

    # We'll just go ahead and steal ExploitDB's hard work for this part (<3)
    def s_sploit():

    print "\n[" + t.green("+") + "]Please provide a search query. Multiple terms are allowed in this module."
    query = raw_input("\n<" + t.cyan("SEARCHSPLOIT") + ">$ " )

    try:
    result = os.system("searchsploit -j " + query)
    except Exception as e:
    print "\n[" + t.red("!") + "]Critical. An error was raised while attempting to retrieve data."
    print e

    if logging == True:
    with open('searchsploit.log', 'ab') as outfile:
    outfile.write(result)
    outfile.close()

    # Function to install and configure ExploitDB's Searchsploit utility
    def exploit_DB():
    global edb

    print "\n[" + t.green("+") + "]To get additional comprehensive search results, installing ExploitDB's"
    print "[" + t.green("+") + "]'Searchsploit' utility is recommended. Functionality from which will be"
    print "[" + t.green("+") + "]integrated into PyParser-CVE."

    print "\n[" + t.magenta("?") + "]Would you like PyParser to install this utility?"
    get_edb = raw_input("[Y]es/[N]o: ")

    if get_edb == 'y':
    print "\n[" + t.green("+") + "]Invoking git...\n"
    time.sleep(1)
    try:
    os.system("git clone https://github.com/offensive-security/exploit-database.git")
    os.system("cd exploit-database && abspath=$(pwd) && sudo ln -sf $abspath/searchsploit /usr/local/bin/searchsploit")
    os.system("chmod +x searchsploit")

    except Exception as e:
    print "\n[" + t.red("!") + "]Critical. An error was raised with the following message."
    print e

    sys.exit(0)

    print "\n[" + t.green("+") + "]Completed"
    edb = True

    elif get_edb == 'n':
    print "\n[" + t.green("+") + "]Not installing."
    edb = False
    else:
    print "\n[" + t.red("!") + "]Unhandled option"

    # Shodan CVE look up
    def shodan_q():
    global logging

    print "\n[" + t.green("+") + "]Please provide a search query. I.e 'cisco' will return all known vulns for that item"

    query = raw_input("\n<" + t.cyan("SHODAN") + ">$ " )

    try:
    api = shodan.Shodan(SHODAN_API_KEY)
    results = api.exploits.search(query, 5, 'author, platform, port, type')
    except Exception as e:
    print "\n[" + t.red("!") + "]Critical. An error was raised with the following error message"
    print e

    format = json.dumps(results, indent = 2)
    print format

    if logging == True:
    with open('shodan_cve.log', 'ab') as outfile:
    outfile.write(format)
    outfile.close()

    print "\n[" + t.green("+") + "]Results have been saved to 'shodan_cve.log' in the current directory."


    def cve_mitre():
    global logging

    if not os.path.isfile('cve_mitre.csv'):
    print "\n[" + t.green("+") + "]Fetching CVE Mitre data. This may take a while..."
    try:
    c.setopt(c.URL, "http://cve.mitre.org/data/downloads/allitems.csv")
    with open('cve_mitre.csv', 'wb') as outfile:
    c.setopt(c.WRITEFUNCTION, outfile.write)
    c.perform()
    c.close()
    except Exception as e:
    print "\n[" + t.red("!") + "]Critical. An error was raised while attempting to retrieve data"
    print e


    print "\n[" + t.green("+") + "]Complete"

    print "\n[" + t.green("+") + "]Please provide a search query."
    query = raw_input("\n<" + t.cyan("MITRE") + ">$ " )

    with open('cve_mitre.csv', 'rb') as infile:
    csv_reader = csv.DictReader(infile)
    rows = [row for row in csv_reader]
    for row in rows:
    for col_name in row:
    if query in row[col_name]:
    result = json.dumps(row)
    print result


    if logging == True:
    with open('cve_mitre.log', 'ab') as outfile:
    outfile.write(result)
    outfile.close

    def main():
    try:
    while True:
    print "\n[" + t.green("+") + "]Welcome to PyParser-CVE. Please select an action"
    print """

    1. Query Shodan 4. Logging
    2. Query CVE Mitre 5. Quit
    3. Invoke Searchsploit """

    action = raw_input("\n<" + t.cyan("PYPARSER") + ">$ ")

    if action == '1':
    shodan_q()
    elif action == '2':
    cve_mitre()
    elif action == '3':

    if edb == False:
    print "\n[" + t.red("!") + "]Warning! Searchsploit was not installed."
    print "[" + t.green("?") + "]Would you like PyParser to automatically resolve this issue?\n"

    get_edb = raw_input("[Y]es/[N]o: ")
    if get_edb == 'y':
    exploit_DB()
    elif get_edb == 'n':
    print "\n[" + t.green("+") + "]Not resolving."
    else:
    print "\n[" + t.red("!") + "]Unhandled option"
    else:
    s_sploit()

    elif action == '4':
    print "\n[" + t.magenta("?") + "]Enable logging?"
    query = raw_input("[Y]es/[N]o: ")

    if query == 'y':
    logging = True
    elif query == 'n':
    logging = False
    else:
    print "\n[" + t.red("!") + "]Unhandled option"

    elif action == '5':
    break
    else:
    print "\n[" + t.red("!") + "]Unhandled option"

    except KeyboardInterrupt:
    print "\n[" + t.red("!") + "]Critical. User aborted."

    if __name__ == '__main__':
    # Check to see if we have Shodan API key saved
    if not os.path.isfile('api.p'):
    print "\n[" + t.green("+") + "]Welcome to PyParser-CVE. Please provide your Shodan API Key"

    SHODAN_API_KEY = raw_input("API key: ")
    pickle.dump(SHODAN_API_KEY, open( "api.p", "wb" ))

    print "\n[" + t.green("+") + "]Your API key has been saved to 'Shodan_API.p' in the current directory.\n"

    # Once we have the API key properly stored/loaded check for ExploitDB directory
    # if we can't find it we will assume Searchsploit has not been installed and prompt to resolve
    if not os.path.isdir('exploit-database'):
    exploit_DB()
    else:
    SHODAN_API_KEY = pickle.load(open( "api.p", "rb" ))
    path = os.path.abspath("api.p")

    print "\n[" + t.green("+") + "]Your Shodan API key was sucesfully loaded from " + path
    if not os.path.isdir('exploit-database'):
    exploit_DB()

    main()
Jump to Top