Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from bs4 import BeautifulSoup as bs
- import requests
- from requests.adapters import HTTPAdapter
- # from requests.packages.urllib3.util.retry import Retry
- import random
- from threading import Thread
- import time
- import re
- import json
- from urllib3.util import Retry
- import sys
- import argparse
- parser = argparse.ArgumentParser(prog='getargy.py',add_help=False)
- parser.add_argument('-h', '--help', action="store_true")
- parser.add_argument('-s', '--start')
- parser.add_argument('-e', '--end')
- args = parser.parse_args()
- joomlacoredata = []
- drupaldata = []
- joomlacomponentdata = []
- otherdata = []
- desktop_agents = [
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/602.2.14 (KHTML, like Gecko) Version/10.0.1 Safari/602.2.14',
- 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0',
- 'Mozilla/5.0 (Linux; U; en-US) AppleWebKit/528.5+ (KHTML, like Gecko, Safari/528.5+) Version/4.0 Kindle/3.0 (screen 600x800; rotate)',
- 'Mozilla/5.0 (X11; U; Linux armv7l like Android; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Version/5.0 Safari/533.2+ Kindle/3.0+',
- 'Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)',
- 'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)',
- 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)',
- 'Mozilla/5.0 (Nintendo 3DS; U; ; en) Version/1.7412.EU',
- 'Mozilla/5.0 (PlayStation Vita 3.61) AppleWebKit/537.73 (KHTML, like Gecko) Silk/3.2',
- 'Mozilla/5.0 (PlayStation 4 3.11) AppleWebKit/537.73 (KHTML, like Gecko)',
- 'Mozilla/5.0 (Windows Phone 10.0; Android 4.2.1; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Mobile Safari/537.36 Edge/13.10586',
- 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; XBOX_ONE_ED) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393',
- 'Mozilla/5.0 (Nintendo WiiU) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.4.2.12 NintendoBrowser/4.3.1.11264.US',
- 'AppleTV5,3/9.1.1',
- 'AppleTV6,2/11.1',
- 'Dalvik/2.1.0 (Linux; U; Android 6.0.1; Nexus Player Build/MMB29T)',
- 'Mozilla/5.0 (Linux; Android 5.1; AFTS Build/LMY47O) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/41.99900.2250.0242 Safari/537.36',
- 'Mozilla/5.0 (Linux; U; Android 4.2.2; he-il; NEO-X5-116A Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/534.30',
- 'Roku4640X/DVP-7.70 (297.70E04154A)',
- 'Mozilla/5.0 (CrKey armv7l 1.5.16041) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.0 Safari/537.36',
- 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9',
- 'Mozilla/5.0 (X11; CrOS x86_64 8172.45.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.64 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246',
- 'Mozilla/5.0 (Linux; Android 5.0.2; LG-V410/V41020c Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/34.0.1847.118 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 4.4.3; KFTHWI Build/KTU84M) AppleWebKit/537.36 (KHTML, like Gecko) Silk/47.1.79 like Chrome/47.0.2526.80 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-T550 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 7.0; SM-T827R4 Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.116 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 6.0.1; SHIELD Tablet K1 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 6.0.1; SGP771 Build/32.2.A.0.253; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Safari/537.36',
- 'Mozilla/5.0 (Linux; Android 7.0; Pixel C Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Safari/537.36'
- ]
- def random_headers():
- return {'User-Agent': random.choice(desktop_agents),
- 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8'}
- def getInfoSecuritFocus(id):
- global jsondata
- title = ""
- bugtrag = ""
- typevul = ""
- cve = []
- remote = 0
- local = 0
- publisheddate = 0
- updateddate = 0
- authorname = ""
- vulvesion = []
- notvul = []
- session = requests.Session()
- retry = Retry(connect=3, backoff_factor=0.5)
- adapter = HTTPAdapter(max_retries=retry)
- session.mount('http://', adapter)
- session.mount('https://', adapter)
- try:
- # time.sleep(2)
- url = f"https://www.securityfocus.com/bid/{id}/info"
- infoSF = session.get(url, headers=random_headers())
- # print(infoSF.status_code)
- if(infoSF.status_code==200):
- print(url)
- allLowerHtml = infoSF.text.lower()
- soupWeb = bs(infoSF.text, 'html.parser')
- titlename = soupWeb.find(class_="title").text.strip()
- componentname = comtype(title)
- vulcontent = soupWeb.find(id="vulnerability")
- tables = vulcontent.find('table').find_all("td")
- indexnum=0
- for td in tables:
- # print(f"{td.text}: {id}")
- textdata = td.text.strip()
- if(indexnum==1):
- bugtrag = textdata
- elif(indexnum==3):
- typevul = textdata
- elif(indexnum==5):
- cve = findCVE(textdata)
- elif(indexnum==7):
- remote = yesno(textdata)
- elif(indexnum==9):
- local = yesno(textdata)
- elif(indexnum==11):
- publisheddate = textdata
- elif(indexnum==13):
- updateddate = textdata
- elif(indexnum==15):
- authorname = textdata
- elif(indexnum==17):
- vulvesion = versionDetect(textdata)
- elif(indexnum==20):
- notvul = versionDetect(textdata)
- indexnum+=1
- if 'drupal' in allLowerHtml:
- securityfocusdb = {
- # "iscore": 0,
- "bugtragid": bugtrag,
- "vul_ver": vulvesion, #set as array
- "not_vul_ver": notvul, # set as array
- "name": titlename,
- "cve": cve, # set as array
- "remote": remote,
- "local": local,
- "author": authorname,
- "type_vul": typevul,
- "published": publisheddate,
- "updated": updateddate,
- "component": componentname,
- "ref": {
- # "EDB": "",
- "securityfocus": url,
- "cve": cveUrl(cve),
- "other": otherref(id)
- }
- }
- # print(securityfocusdb)
- drupaldata.append(securityfocusdb)
- # return securityfocusdb
- if 'joomla' in allLowerHtml:
- if 'component' in allLowerHtml:
- securityfocusdb = {
- "bugtragid": bugtrag,
- "vul_ver": vulvesion, #set as array
- "not_vul_ver": notvul, # set as array
- "name": titlename,
- "cve": cve, # set as array
- "remote": remote,
- "local": local,
- "author": authorname,
- "type_vul": typevul,
- "published": publisheddate,
- "updated": updateddate,
- "component": componentname,
- "ref": {
- "securityfocus": url,
- "cve": cveUrl(cve),
- "other": otherref(id)
- }
- }
- joomlacomponentdata.append(securityfocusdb)
- else:
- securityfocusdb = {
- # "iscore": 1,
- "bugtragid": bugtrag,
- "vul_ver": vulvesion, #set as array
- "not_vul_ver": notvul, # set as array
- "name": titlename,
- "cve": cve, # set as array
- "remote": remote,
- "local": local,
- "author": authorname,
- "type_vul": typevul,
- "published": publisheddate,
- "updated": updateddate,
- "ref": {
- # "EDB": "",
- "securityfocus": url,
- "cve": cveUrl(cve),
- "other": otherref(id)
- }
- }
- joomlacoredata.append(securityfocusdb)
- else:
- securityfocusdb = {
- # "iscore": 1,
- "bugtragid": bugtrag,
- "vul_ver": vulvesion, #set as array
- "not_vul_ver": notvul, # set as array
- "name": titlename,
- "cve": cve, # set as array
- "remote": remote,
- "local": local,
- "author": authorname,
- "type_vul": typevul,
- "published": publisheddate,
- "updated": updateddate,
- "ref": {
- # "EDB": "",
- "securityfocus": url,
- "cve": cveUrl(cve),
- "other": otherref(id)
- }
- }
- otherdata.append(securityfocusdb)
- print("Done")
- else:
- print(infoSF.status_code)
- except Exception as err:
- print (err)
- def findCVE(text):
- r1 = re.findall(r"CVE-\d{4}-\d{4,7}",text)
- return r1
- def yesno(text):
- text = text.lower()
- if "y" in text:
- return 1
- return 0
- def versionDetect(text):
- listversion = []
- r1 = re.findall(r"(\d+(\.\d+){2})(\-[\w\d\.\-]*)?(\+[\w\d\.\-]*)?",text)
- for r in r1:
- listversion.append(r[0])
- return listversion
- def cveUrl(cve):
- refcve = []
- urlquery = "https://cve.mitre.org/cgi-bin/cvename.cgi?name="
- for c in cve:
- refcve.append(f"{urlquery}{c}")
- return refcve
- def comtype(title):
- result = []
- r1 = re.findall(r"""(?:'|").*(?:'|")""",title)
- for r in r1:
- result.append(r.strip("'".strip('"')))
- return result
- def otherref(id):
- listurl = []
- url = f"https://www.securityfocus.com/bid/{id}/references"
- infoSF = requests.get(url, headers=random_headers())
- print(infoSF.status_code)
- if(infoSF.status_code==200):
- soupWeb = bs(infoSF.text, 'html.parser')
- vulcontent = soupWeb.find(id="vulnerability")
- url = vulcontent.find_all('a', href=True)
- # print(url)
- for a in url:
- # print(a['href'])
- listurl.append(a['href'])
- return listurl
- else:
- return []
- def help():
- print("""
- -h | --help\t - to get help
- -s | --start \t - start index search in www.securityfocus.com
- -e | --end \t - end index search in www.securityfocus.com
- """)
- if __name__ == "__main__":
- startrange = 0
- endrange = 0
- parser = argparse.ArgumentParser(prog='getargy.py',add_help=False)
- parser.add_argument('-h', '--help', action="store_true")
- parser.add_argument('-s', '--start', type=int)
- parser.add_argument('-e', '--end', type=int)
- # parser.add_argument('--search')
- args = parser.parse_args()
- if len(sys.argv) == 1:
- help()
- if args.help:
- help()
- if args.start is not None:
- startrange = args.start
- if startrange == 0:
- print("Error: Please set value more then 0")
- sys.exit()
- if args.end is not None:
- endrange = args.end
- if endrange == 0:
- print("Error: Please set value more then 0")
- sys.exit()
- if(args.start is not None or args.end is not None):
- if startrange > endrange:
- print("Error: Start Value less then End Value")
- sys.exit()
- origin_time = time.time()
- processes = list()
- timetosleep = 0
- # for i in range(1,107179):
- for i in range(startrange,endrange):
- processes.append(Thread(target=getInfoSecuritFocus, args=(i,)))
- for x in range(0, len(processes)):
- if timetosleep < 40:
- timetosleep+=1
- processes[x].start()
- else:
- print("Sleeping")
- time.sleep(15)
- processes[x].start()
- timetosleep=0
- for x in range(0, len(processes)):
- processes[x].join()
- with open('joomlacoresecuritfocus.json', 'w') as outfile:
- json.dump(joomlacoredata, outfile)
- with open('joomlacomponentsecuritfocus.json', 'w') as outfile:
- json.dump(joomlacomponentdata, outfile)
- with open('drupalsecurityfocus.json', 'w') as outfile:
- json.dump(drupaldata, outfile)
- with open('othersecurityfocus.json', 'w') as outfile:
- json.dump(otherdata, outfile)
- # # print(json.dumps(jsondata,indent=4))
- time_interval = time.time() - origin_time
- print("With Multiproc: ", time_interval)
- # https://www.securityfocus.com/bid/99999/info
- # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7739 #
Add Comment
Please, Sign In to add comment