private static List <CveDetail> FindDetails(WebClient client, string page) { List <CveDetail> results = new List <CveDetail>(); //Todo, support for multiple pages? string source = client.DownloadString(page); HtmlDocument document = new HtmlDocument(); document.LoadHtml(source); HtmlNode headerNode = document.DocumentNode.SelectSingleNode("//div[@id=\"contentdiv\"]/h1"); string serviceName = headerNode.ChildNodes[1].InnerText; HtmlNodeCollection nodes = document.DocumentNode.SelectNodes("//tr[@class='srrowns']"); foreach (HtmlNode node in nodes) { HtmlNodeCollection children = node.ChildNodes; string description = node.NextSibling.NextSibling.InnerText; CveDetail detail = new CveDetail(serviceName, children, description); results.Add(detail); } return(results); }
public override bool Equals(object obj) { if (!(obj is CveDetail)) { return(false); } CveDetail b = (CveDetail)obj; if (b.CVE == CVE) { return(true); } return(false); }
private static List<CveDetail> FindDetails(WebClient client, string page) { List<CveDetail> results = new List<CveDetail>(); //Todo, support for multiple pages? string source = client.DownloadString(page); HtmlDocument document = new HtmlDocument(); document.LoadHtml(source); HtmlNode headerNode = document.DocumentNode.SelectSingleNode("//div[@id=\"contentdiv\"]/h1"); string serviceName = headerNode.ChildNodes[1].InnerText; HtmlNodeCollection nodes = document.DocumentNode.SelectNodes("//tr[@class='srrowns']"); foreach (HtmlNode node in nodes) { HtmlNodeCollection children = node.ChildNodes; string description = node.NextSibling.NextSibling.InnerText; CveDetail detail = new CveDetail(serviceName, children, description); results.Add(detail); } return results; }
public void LoadNvdCve(string path) { XDocument document = XDocument.Load(path); foreach (var node in document.Descendants()) { if (node.Name.LocalName != "entry") { continue; } CveId id = new CveId(node.Attribute("id").Value); CveDetail detail = new CveDetail(); List <string> versions = null; try { var vulnerableVersions = node.Descendants().Single(d => d.Name.LocalName == "vulnerable-software-list").Descendants().ToArray(); versions = new List <string>(vulnerableVersions.Length); foreach (XElement vulnerableVersion in vulnerableVersions) { string[] tokens = vulnerableVersion.Value.Split(':'); detail.Company = tokens[2]; detail.ServiceName = tokens[3]; if (tokens.Length > 4) { versions.Add(tokens[4]); } } } catch { Console.WriteLine("Skipped " + id.ToString()); continue; } detail.CVE = node.Descendants().Single(d => d.Name.LocalName == "cve-id").Value; CveId cveId = new CveId(detail.CVE); detail.CWE = TryGetDescendantAttributeValue(node, "cwe", "id"); detail.PublishDate = TryGetDescendantValue(node, "published-datetime"); detail.UpdateDate = TryGetDescendantValue(node, "last-modified-datetime"); var cvssNode = node.Descendants().Single(d => d.Name.LocalName == "cvss").Descendants().First(); detail.Score = double.Parse(cvssNode.Descendants().Single(d => d.Name.LocalName == "score").Value); detail.GainedAccessLevel = ""; detail.Access = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-vector").Value; detail.Complexity = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-complexity").Value; detail.Authentication = cvssNode.Descendants().Single(d => d.Name.LocalName == "authentication").Value; detail.Confidentiality = cvssNode.Descendants().Single(d => d.Name.LocalName == "confidentiality-impact").Value; detail.Integrity = cvssNode.Descendants().Single(d => d.Name.LocalName == "integrity-impact").Value; detail.Availability = cvssNode.Descendants().Single(d => d.Name.LocalName == "availability-impact").Value; detail.Description = node.Descendants().Single(d => d.Name.LocalName == "summary").Value; if (versions == null) { versions = new List <string>(); } detail.AffectedVersions = versions.ToArray(); if (!m_cveDetails.ContainsKey(cveId)) { m_cveDetails.Add(cveId, detail); } } }
public void LoadNvdCve(string path) { XDocument document = XDocument.Load(path); foreach (var node in document.Descendants()) { if (node.Name.LocalName != "entry") continue; CveId id = new CveId(node.Attribute("id").Value); CveDetail detail = new CveDetail(); List<string> versions = null; try { var vulnerableVersions = node.Descendants().Single(d => d.Name.LocalName == "vulnerable-software-list").Descendants().ToArray(); versions = new List<string>(vulnerableVersions.Length); foreach (XElement vulnerableVersion in vulnerableVersions) { string[] tokens = vulnerableVersion.Value.Split(':'); detail.Company = tokens[2]; detail.ServiceName = tokens[3]; if (tokens.Length > 4) versions.Add(tokens[4]); } } catch { Console.WriteLine("Skipped " + id.ToString()); continue; } detail.CVE = node.Descendants().Single(d => d.Name.LocalName == "cve-id").Value; CveId cveId = new CveId(detail.CVE); detail.CWE = TryGetDescendantAttributeValue(node, "cwe", "id"); detail.PublishDate = TryGetDescendantValue(node, "published-datetime"); detail.UpdateDate = TryGetDescendantValue(node, "last-modified-datetime"); var cvssNode = node.Descendants().Single(d => d.Name.LocalName == "cvss").Descendants().First(); detail.Score = double.Parse(cvssNode.Descendants().Single(d => d.Name.LocalName == "score").Value); detail.GainedAccessLevel = ""; detail.Access = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-vector").Value; detail.Complexity = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-complexity").Value; detail.Authentication = cvssNode.Descendants().Single(d => d.Name.LocalName == "authentication").Value; detail.Confidentiality = cvssNode.Descendants().Single(d => d.Name.LocalName == "confidentiality-impact").Value; detail.Integrity = cvssNode.Descendants().Single(d => d.Name.LocalName == "integrity-impact").Value; detail.Availability = cvssNode.Descendants().Single(d => d.Name.LocalName == "availability-impact").Value; detail.Description = node.Descendants().Single(d => d.Name.LocalName == "summary").Value; if (versions == null) versions = new List<string>(); detail.AffectedVersions = versions.ToArray(); if (!m_cveDetails.ContainsKey(cveId)) m_cveDetails.Add(cveId, detail); } }