public static void Main(string[] args)
{
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82.ConnectionString("Server=" + ConfigurationManager.AppSettings ["PostgreSQL"] + ";Port=5432;Database=rising_sun;User Id=" +
ConfigurationManager.AppSettings ["PostgreSQLUser"] + ";Password="******"PostgreSQLPassword"] + ";SSL=true;");
ISessionFactory factory = Fluently.Configure()
.Database(config)
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNVD> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNessusScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNexposeScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentOpenVASTask> ())
.BuildSessionFactory();
using (ISession session = factory.OpenSession()) {
List <string> nvdExports = new List <string>();
foreach (FileInfo file in new System.IO.DirectoryInfo(ConfigurationManager.AppSettings["nvdExportDir"]).EnumerateFiles())
{
nvdExports.Add(file.FullName);
}
foreach (string export in nvdExports)
{
using (ITransaction trans = session.BeginTransaction()) {
string xml = System.IO.File.ReadAllText(export);
XmlDocument doc = new XmlDocument();
doc.LoadXml(xml);
foreach (XmlNode child in doc.LastChild.ChildNodes)
{
PersistentNVD nvd = new PersistentNVD(new NVD(child));
// bool exists = session.CreateCriteria<PersistentNVD> ()
// .Add (NHibernate.Criterion.Restrictions.Eq ("CVEID", nvd.CVEID))
// .List<PersistentNVD> ()
// .Any ();
//
// if (exists) {
// Console.WriteLine ("Skipping NVD: " + nvd.CVEID);
// continue;
// }
if (!string.IsNullOrEmpty(nvd.CVEID))
{
PersistentCVE cve = session.CreateCriteria <PersistentCVE> ()
.Add(NHibernate.Criterion.Restrictions.Eq("Name", nvd.CVEID))
.List <PersistentCVE> ()
.SingleOrDefault();
if (cve == null)
{
throw new Exception("CVE " + nvd.CVEID + " doesn't exist.");
}
nvd.CVE = cve;
}
Console.WriteLine(nvd.NVDID);
nvd.SetCreationInfo(Guid.Empty);
if (nvd.CVSS != null)
{
nvd.CVSS.SetCreationInfo(Guid.Empty);
}
if (nvd.References != null)
{
foreach (PersistentNVDReference reference in nvd.References)
{
reference.SetCreationInfo(Guid.Empty);
}
}
if (nvd.VulnerableSoftware != null)
{
foreach (PersistentVulnerableSoftware vs in nvd.VulnerableSoftware)
{
vs.SetCreationInfo(Guid.Empty);
}
}
session.SaveOrUpdate(nvd);
}
try {
Console.WriteLine("Committing...");
trans.Commit();
} catch (Exception ex) {
trans.Rollback();
throw ex;
}
}
}
}
}
public static void Main(string[] args)
{
IPersistenceConfigurer config = PostgreSQLConfiguration.PostgreSQL82.ConnectionString("Server=" + ConfigurationManager.AppSettings ["PostgreSQL"] + ";Port=5432;Database=rising_sun;User Id=postgres;Password=password;SSL=true;");
ISessionFactory factory = Fluently.Configure()
.Database(config)
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentCVE> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNessusScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentNexposeScan> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentOpenVASTask> ())
.Mappings(m =>
m.FluentMappings.AddFromAssemblyOf <PersistentOneSixtyOneResults> ())
.BuildSessionFactory();
List <PersistentCVE> cves = new List <PersistentCVE> ();
using (ISession session = factory.OpenSession()) {
string xml = System.IO.File.ReadAllText("/home/bperry/tmp/cve/allitems.xml");
XmlDocument doc = new XmlDocument();
doc.LoadXml(xml);
using (ITransaction trans = session.BeginTransaction()) {
foreach (XmlNode child in doc.LastChild.ChildNodes)
{
PersistentCVE cve = new PersistentCVE(new CVE(child));
cve.SetCreationInfo(Guid.Empty);
foreach (PersistentCVEReference reference in cve.PersistentReferences)
{
reference.CVE = cve;
reference.SetCreationInfo(Guid.Empty);
}
foreach (PersistentCVEComment comment in cve.PersistentComments)
{
comment.CVE = cve;
comment.SetCreationInfo(Guid.Empty);
}
Console.WriteLine("Saving " + cve.Name);
session.Save(cve);
cves.Add(cve);
}
List <string> nvdExports = new List <string>();
foreach (FileInfo file in new System.IO.DirectoryInfo(ConfigurationManager.AppSettings["nvdExportDir"]).EnumerateFiles())
{
nvdExports.Add(file.FullName);
}
foreach (string export in nvdExports)
{
xml = System.IO.File.ReadAllText(export);
doc = new XmlDocument();
doc.LoadXml(xml);
foreach (XmlNode child in doc.LastChild.ChildNodes)
{
PersistentNVD nvd = new PersistentNVD(new NVD(child));
if (cves.Where(c => c.Name == nvd.CVEID).Count() != 1)
{
continue;
}
if (!string.IsNullOrEmpty(nvd.CVEID))
{
PersistentCVE cve = cves.Where(c => c.Name == nvd.CVEID).Single();
if (cve == null)
{
throw new Exception("CVE " + nvd.CVEID + " doesn't exist.");
}
nvd.CVE = cve;
}
Console.WriteLine(nvd.NVDID);
nvd.SetCreationInfo(Guid.Empty);
if (nvd.CVSS != null)
{
nvd.CVSS.SetCreationInfo(Guid.Empty);
}
if (nvd.References != null)
{
foreach (PersistentNVDReference reference in nvd.References)
{
reference.SetCreationInfo(Guid.Empty);
}
}
if (nvd.VulnerableSoftware != null)
{
foreach (PersistentVulnerableSoftware vs in nvd.VulnerableSoftware)
{
vs.SetCreationInfo(Guid.Empty);
}
}
session.SaveOrUpdate(nvd);
}
}
try {
Console.WriteLine("Committing...");
trans.Commit();
} catch (Exception ex) {
trans.Rollback();
throw ex;
}
}
}
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
//if (string.IsNullOrEmpty(Request["cveid"]))
// return;
PersistentNVD nvd = this.CurrentScanSession.CreateCriteria <PersistentNVD>()
.Add(NHibernate.Criterion.Restrictions.Eq("CVEID", Request["cveid"]))
.List <PersistentNVD>()
.SingleOrDefault();
if (nvd == null)
{
lblSummary.Text = "Example Vulnerability Summary";
lblAuthentication.Text = "<div style=\"display:inline-block;width:220px;\">Authentication required:</div> <b>" + "NONE" + "</b>";
lblAvailabilityImpact.Text = "<div style=\"display:inline-block;width:220px;\">Availability Impact:</div> <b>" + "COMPLETE" + "</b>";
lblComplexity.Text = "<div style=\"display:inline-block;width:220px;\">Vulnerability Complexity:</div> <b>" + "NOVICE" + "</b>";
lblIntegrityImpact.Text = "<div style=\"display:inline-block;width:220px;\">Integrity Impact:</div> <b>" + "COMPLETE" + "</b>";
lblVulnVector.Text = "<div style=\"display:inline-block;width:220px;\">Vulnerability vector:</div> <b>" + "NETWORK" + "</b>";
lblScore.Text = "<div style=\"display:inline-block;width:220px;\">CVSS Score:</div> <b>" + "10" + "</b>";
return;
}
lblSummary.Text = nvd.Summary;
if (nvd.CVSS != null)
{
if (!string.IsNullOrEmpty(nvd.CVSS.Authentication))
{
lblAuthentication.Text = "<div style=\"display:inline-block;width:200px;\">Authentication required:</div> <b>" + nvd.CVSS.Authentication + "</b>";
}
if (!string.IsNullOrEmpty(nvd.CVSS.AvailabilityImpact))
{
lblAvailabilityImpact.Text = "<div style=\"display:inline-block;width:200px;\">Availability Impact:</div> <b>" + nvd.CVSS.AvailabilityImpact + "</b>";
}
if (!string.IsNullOrEmpty(nvd.CVSS.Complexity))
{
lblComplexity.Text = "<div style=\"display:inline-block;width:200px;\">Vulnerability Complexity:</div> <b>" + nvd.CVSS.Complexity + "</b>";
}
if (!string.IsNullOrEmpty(nvd.CVSS.IntegrityImpact))
{
lblIntegrityImpact.Text = "<div style=\"display:inline-block;width:200px;\">Integrity Impact:</div> <b>" + nvd.CVSS.IntegrityImpact + "</b>";
}
if (!string.IsNullOrEmpty(nvd.CVSS.Vector))
{
lblVulnVector.Text = "<div style=\"display:inline-block;width:200px;\">Vulnerability vector:</div> <b>" + nvd.CVSS.Vector + "</b>";
}
//score is a double, it can't be null (not double?)
if (nvd.CVSS.Score != 0d)
{
lblScore.Text = "CVSS Score: " + nvd.CVSS.Score.ToString();
}
}
foreach (PersistentNVDReference reference in nvd.References)
{
if (reference.Type == "VENDOR_ADVISORY")
{
lblVendorTitle.Text = "<h3><u>Vendor Advisories:</u></h3>";
string html = "<p>" + reference.Source;
html = html + ": <a href=\"" + reference.URL + "\">" + reference.Description + "</a></p>";
divVendorLinkList.Controls.Add(new Label()
{
Text = html
});
}
else if (reference.Type == "PATCH")
{
lblPatchTitle.Text = "<h3><u>Patches:</u></h3>";
string html = "<p>" + reference.Source;
html = html + ": <a href=\"" + reference.URL + "\">" + reference.Description + "</a></p>";
divPatchLinkList.Controls.Add(new Label()
{
Text = html
});
}
else if (reference.Type == "OTHER")
{
}
else if (reference.Type == "UNKNOWN")
{
}
}
}
