Advertisement
Python253

cve_2023_29360_streaming_service

Apr 9th, 2024
1,227
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.63 KB | None | 0 0
  1. #!/usr/bin/env python3
  2. # -*- coding: utf-8 -*-
  3. # Filename: cve_2023_29360_streaming_service.py
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2023-29360
  7.  
  8. """
  9. Description:
  10. This script checks for the presence of vulnerable configurations related to the CVE-2023-29360 vulnerability
  11. on the user's machine. It retrieves a list of installed software using the WMI module and compares it with
  12. a predefined list of vulnerable configurations associated with the CVE. If any vulnerable configurations
  13. are found, it displays a warning message to prompt the user to take immediate action to mitigate the vulnerability.
  14.  
  15. Requirements:
  16. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
  17. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
  18.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
  19.  You can install it using pip: `pip install WMI`.
  20.  
  21. Usage:
  22. 1. Ensure Python 3.x is installed on your system.
  23. 2. Install the WMI module by running `pip install WMI`.
  24. 3. Run the script using the command `python cve_2023_29360_streaming_service.py`.
  25. 4. The script will verify if any vulnerable configurations are installed on your machine
  26.   and provide instructions for mitigation if necessary.
  27.  
  28. Functions:
  29. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
  30. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
  31.  configurations and displays a warning message if any vulnerable configurations are found.
  32.  
  33. Important Notes:
  34. - The predefined list of vulnerable configurations in this script corresponds to the CVE-2023-29360 vulnerability.
  35. """
  36.  
  37. import wmi
  38.  
  39. def get_installed_software():
  40.     """
  41.    Retrieves a list of installed software on the user's machine using the WMI module.
  42.    
  43.    Returns:
  44.        list: A list containing the names of installed software.
  45.    """
  46.     c = wmi.WMI()
  47.     installed_software = []
  48.     for item in c.Win32_Product():
  49.         installed_software.append(item.Caption)
  50.     return installed_software
  51.  
  52. def check_for_vulnerabilities():
  53.     """
  54.    Compares the list of installed software with a predefined list of vulnerable configurations
  55.    and displays a warning message if any vulnerable configurations are found.
  56.    """
  57.     installed_software = get_installed_software()
  58.     vulnerable_versions = [
  59.         "Microsoft Windows 10 1607 x64 up to (excluding) 10.0.14393.5989",
  60.         "Microsoft Windows 10 1607 x86 up to (excluding) 10.0.14393.5989",
  61.         "Microsoft Windows 10 1809 arm64 up to (excluding) 10.0.17763.4499",
  62.         "Microsoft Windows 10 1809 x64 up to (excluding) 10.0.17763.4499",
  63.         "Microsoft Windows 10 1809 x86 up to (excluding) 10.0.17763.4499",
  64.         "Microsoft Windows 10 21H2 arm64 up to (excluding) 10.0.19044.3086",
  65.         "Microsoft Windows 10 21H2 x64 up to (excluding) 10.0.19044.3086",
  66.         "Microsoft Windows 10 21H2 x86 up to (excluding) 10.0.19044.3086",
  67.         "Microsoft Windows 10 22H2 arm64 up to (excluding) 10.0.19045.3086",
  68.         "Microsoft Windows 10 22H2 x64 up to (excluding) 10.0.19045.3086",
  69.         "Microsoft Windows 10 22H2 x86 up to (excluding) 10.0.19045.3086",
  70.         "Microsoft Windows 11 21H2 arm64 up to (excluding) 10.0.22000.2057",
  71.         "Microsoft Windows 11 21H2 x64 up to (excluding) 10.0.22000.2057",
  72.         "Microsoft Windows 11 22H2 arm64 up to (including) 10.0.22621.1848",
  73.         "Microsoft Windows 11 22H2 x64 up to (including) 10.0.22621.1848",
  74.         "Microsoft Windows Server 2016 up to (excluding) 10.0.14393.5989",
  75.         "Microsoft Windows Server 2019 up to (excluding) 10.0.17763.4499",
  76.         "Microsoft Windows Server 2022 up to (excluding) 10.0.20348.1784"
  77.     ]
  78.     vulnerable_installed = [software for software in installed_software if software in vulnerable_versions]
  79.     if vulnerable_installed:
  80.         print("\nWarning:\nThe following vulnerable configurations are installed on your machine:")
  81.         for software in vulnerable_installed:
  82.             print("- " + software)
  83.         print("\nPlease take immediate action to mitigate the vulnerability by applying updates per vendor instructions or discontinuing use of the product if mitigations are unavailable.\n")
  84.     else:
  85.         print("\nAll clear!\nNone of the vulnerable configurations are installed on your machine.\n")
  86.  
  87. if __name__ == "__main__":
  88.     print("Verifying vulnerable configurations...")
  89.     check_for_vulnerabilities()
  90.  
  91.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement