Advertisement
Python253

cve_2016_4171_flash

Apr 9th, 2024
1,204
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.97 KB | None | 0 0
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-
  3. # Filename: cve_2016_4171_flash.py
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2016-4171
  7.  
  8. """
  9. Description:
  10. This script checks for the presence of vulnerable Adobe Flash Player configurations on the user's machine
  11. in relation to the CVE-2016-4171 vulnerability. It retrieves a list of installed software using the WMI module
  12. and compares it with a predefined list of vulnerable Adobe Flash Player configurations associated with the CVE.
  13. If any vulnerable configurations are found, it displays a warning message to prompt the user to take
  14. immediate action to mitigate the vulnerability.
  15.  
  16. Requirements:
  17. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
  18. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
  19.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
  20.  You can install it using pip: `pip install WMI`.
  21.  
  22. Usage:
  23. 1. Ensure Python 3.x is installed on your system.
  24. 2. Install the WMI module by running `pip install WMI`.
  25. 3. Run the script using the command `python cve_2016_4171_flash.py`.
  26. 4. The script will verify if any vulnerable Adobe Flash Player configurations are installed on your machine
  27.   and provide instructions for mitigation if necessary.
  28.  
  29. Functions:
  30. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
  31. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
  32.  Adobe Flash Player configurations and displays a warning message if any vulnerable configurations are found.
  33.  
  34. Important Notes:
  35. - The predefined list of vulnerable Adobe Flash Player configurations in this script corresponds to the CVE-2016-4171 vulnerability.
  36. """
  37.  
  38. import wmi
  39.  
  40. def get_installed_software():
  41.     """
  42.    Retrieves a list of installed software on the user's machine using the WMI module.
  43.    
  44.    Returns:
  45.        list: A list containing the names of installed software.
  46.    """
  47.     c = wmi.WMI()
  48.     installed_software = []
  49.     for item in c.Win32_Product():
  50.         installed_software.append(item.Caption)
  51.     return installed_software
  52.  
  53. def check_for_vulnerabilities():
  54.     """
  55.    Compares the list of installed software with a predefined list of vulnerable Adobe Flash Player configurations
  56.    and displays a warning message if any vulnerable configurations are found.
  57.    """
  58.     installed_software = get_installed_software()
  59.     vulnerable_flash_versions = [
  60.         "Adobe Flash Player 21.0.0.242",
  61.         "Adobe Flash Player for Linux up to (including) 11.2.202.621 running on/with Linux Kernel",
  62.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Apple MacOS X",
  63.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Windows",
  64.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Google Chrome OS",
  65.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Internet Explorer up to (including) 21.0.0.242 running on/with Microsoft Windows 8.1",
  66.         "Adobe Flash Player up to (including) 18.0.0.352 running on/with Apple MacOS X",
  67.         "Adobe Flash Player up to (including) 18.0.0.352 running on/with Microsoft Windows",
  68.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Microsoft Edge up to (including) 21.0.0.242 running on/with Microsoft Windows 10",
  69.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Desktop 5.0, 6.0",
  70.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Server 5.0, 6.0",
  71.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Redhat Enterprise Linux Workstation 5.0, 6.0",
  72.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with OpenSuse 13.1, 13.2",
  73.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Suse Linux Enterprise Desktop 12, 12 SP1",
  74.         "Adobe Flash Player up to (including) 21.0.0.242 running on/with Suse Linux Enterprise Workstation Extension 12, 12 SP1"
  75.     ]
  76.     vulnerable_installed = [software for software in installed_software if software in vulnerable_flash_versions]
  77.     if vulnerable_installed:
  78.         print("\nWarning:\nThe following vulnerable Adobe Flash Player configurations are installed on your machine:")
  79.         for software in vulnerable_installed:
  80.             print("- " + software)
  81.         print("\nPlease take immediate action to mitigate the vulnerability by applying updates per vendor instructions.\n")
  82.     else:
  83.         print("\nAll clear!\nNone of the vulnerable Adobe Flash Player configurations are installed on your machine.\n")
  84.  
  85. if __name__ == "__main__":
  86.     print("Verifying vulnerable Adobe Flash Player configurations...")
  87.     check_for_vulnerabilities()
  88.  
  89.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement