API tools faq
paste
Advertisement
Python253

cve_2016_4171_flash

Python253
Apr 9th, 2024
1,195
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.97 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-
  3. # Filename: cve_2016_4171_flash.py
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2016-4171
  7.  
  8. """
  9. Description:
  10. This script checks for the presence of vulnerable Adobe Flash Player configurations on the user's machine
  11. in relation to the CVE-2016-4171 vulnerability. It retrieves a list of installed software using the WMI module
  12. and compares it with a predefined list of vulnerable Adobe Flash Player configurations associated with the CVE.
  13. If any vulnerable configurations are found, it displays a warning message to prompt the user to take
  14. immediate action to mitigate the vulnerability.
  15.  
  16. Requirements:
  17. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
  18. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
  19.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
  20.  You can install it using pip: `pip install WMI`.
  21.  
  22. Usage:
  23. 1. Ensure Python 3.x is installed on your system.
  24. 2. Install the WMI module by running `pip install WMI`.
  25. 3. Run the script using the command `python cve_2016_4171_flash.py`.
  26. 4. The script will verify if any vulnerable Adobe Flash Player configurations are installed on your machine
  27.   and provide instructions for mitigation if necessary.
  28.  
  29. Functions:
  30. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
  31. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
  32.  Adobe Flash Player configurations and displays a warning message if any vulnerable configurations are found.
  33.  
  34. Important Notes:
  35. - The predefined list of vulnerable Adobe Flash Player configurations in this script corresponds to the CVE-2016-4171 vulnerability.
  36. """
  37.  
  38. import wmi
  39.  
  40. def get_installed_software():
  41.     """
  42.    Retrieves a list of installed software on the user's machine using the WMI module.
  43.    
  44.    Returns:
  45.        list: A list containing the names of installed software.
  46.    """
  47.     c = wmi.WMI()
  48.     installed_software = []
  49.     for item in c.Win32_Product():
  50.         installed_software.append(item.Caption)
  51.     return installed_software
  52.  
  53. def check_for_vulnerabilities():
  54.     """
  55.    Compares the list of installed software with a predefined list of vulnerable Adobe Flash Player configurations
  56.    and displays a warning message if any vulnerable configurations are found.
  57.    """
  58.     installed_software = get_installed_software()
  59.     vulnerable_flash_versions = [
  60.         "Adobe Flash Player 21.0.0.242",
  61.         "Adobe Flash Player for Linux up to (including) 11.2.202.621 running on/with Linux Kernel",
  62.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Apple MacOS X",
  63.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Windows",
  64.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Google Chrome OS",
  65.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Internet Explorer up to (including) 21.0.0.242 running on/with Microsoft Windows 8.1",
  66.         "Adobe Flash Player up to (including) 18.0.0.352 running on/with Apple MacOS X",
  67.         "Adobe Flash Player up to (including) 18.0.0.352 running on/with Microsoft Windows",
  68.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Edge up to (including) 21.0.0.242 running on/with Microsoft Windows 10",
  69.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Desktop 5.0, 6.0",
  70.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Server 5.0, 6.0",
  71.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Workstation 5.0, 6.0",
  72.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with OpenSuse 13.1, 13.2",
  73.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Suse Linux Enterprise Desktop 12, 12 SP1",
  74.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Suse Linux Enterprise Workstation Extension 12, 12 SP1"
  75.     ]
  76.     vulnerable_installed = [software for software in installed_software if software in vulnerable_flash_versions]
  77.     if vulnerable_installed:
  78.         print("\nWarning:\nThe following vulnerable Adobe Flash Player configurations are installed on your machine:")
  79.         for software in vulnerable_installed:
  80.             print("- " + software)
  81.         print("\nPlease take immediate action to mitigate the vulnerability by applying updates per vendor instructions.\n")
  82.     else:
  83.         print("\nAll clear!\nNone of the vulnerable Adobe Flash Player configurations are installed on your machine.\n")
  84.  
  85. if __name__ == "__main__":
  86.     print("Verifying vulnerable Adobe Flash Player configurations...")
  87.     check_for_vulnerabilities()
  88.  
  89.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!