private static List <CveDetail> FindDetails(WebClient client, string page)
        {
            List <CveDetail> results = new List <CveDetail>();

            //Todo, support for multiple pages?
            string       source   = client.DownloadString(page);
            HtmlDocument document = new HtmlDocument();

            document.LoadHtml(source);

            HtmlNode headerNode  = document.DocumentNode.SelectSingleNode("//div[@id=\"contentdiv\"]/h1");
            string   serviceName = headerNode.ChildNodes[1].InnerText;

            HtmlNodeCollection nodes = document.DocumentNode.SelectNodes("//tr[@class='srrowns']");

            foreach (HtmlNode node in nodes)
            {
                HtmlNodeCollection children    = node.ChildNodes;
                string             description = node.NextSibling.NextSibling.InnerText;

                CveDetail detail = new CveDetail(serviceName, children, description);
                results.Add(detail);
            }

            return(results);
        }
        public override bool Equals(object obj)
        {
            if (!(obj is CveDetail))
            {
                return(false);
            }

            CveDetail b = (CveDetail)obj;

            if (b.CVE == CVE)
            {
                return(true);
            }

            return(false);
        }
예제 #3
0
        private static List<CveDetail> FindDetails(WebClient client, string page)
        {
            List<CveDetail> results = new List<CveDetail>();

            //Todo, support for multiple pages?
            string source = client.DownloadString(page);
            HtmlDocument document = new HtmlDocument();
            document.LoadHtml(source);

            HtmlNode headerNode = document.DocumentNode.SelectSingleNode("//div[@id=\"contentdiv\"]/h1");
            string serviceName = headerNode.ChildNodes[1].InnerText;

            HtmlNodeCollection nodes = document.DocumentNode.SelectNodes("//tr[@class='srrowns']");
            foreach (HtmlNode node in nodes)
            {
                HtmlNodeCollection children = node.ChildNodes;
                string description = node.NextSibling.NextSibling.InnerText;

                CveDetail detail = new CveDetail(serviceName, children, description);
                results.Add(detail);
            }

            return results;
        }
        public void LoadNvdCve(string path)
        {
            XDocument document = XDocument.Load(path);

            foreach (var node in document.Descendants())
            {
                if (node.Name.LocalName != "entry")
                {
                    continue;
                }

                CveId     id     = new CveId(node.Attribute("id").Value);
                CveDetail detail = new CveDetail();

                List <string> versions = null;

                try
                {
                    var vulnerableVersions = node.Descendants().Single(d => d.Name.LocalName == "vulnerable-software-list").Descendants().ToArray();
                    versions = new List <string>(vulnerableVersions.Length);

                    foreach (XElement vulnerableVersion in vulnerableVersions)
                    {
                        string[] tokens = vulnerableVersion.Value.Split(':');
                        detail.Company     = tokens[2];
                        detail.ServiceName = tokens[3];
                        if (tokens.Length > 4)
                        {
                            versions.Add(tokens[4]);
                        }
                    }
                }
                catch
                {
                    Console.WriteLine("Skipped " + id.ToString());
                    continue;
                }

                detail.CVE = node.Descendants().Single(d => d.Name.LocalName == "cve-id").Value;
                CveId cveId = new CveId(detail.CVE);

                detail.CWE         = TryGetDescendantAttributeValue(node, "cwe", "id");
                detail.PublishDate = TryGetDescendantValue(node, "published-datetime");
                detail.UpdateDate  = TryGetDescendantValue(node, "last-modified-datetime");

                var cvssNode = node.Descendants().Single(d => d.Name.LocalName == "cvss").Descendants().First();
                detail.Score             = double.Parse(cvssNode.Descendants().Single(d => d.Name.LocalName == "score").Value);
                detail.GainedAccessLevel = "";
                detail.Access            = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-vector").Value;
                detail.Complexity        = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-complexity").Value;
                detail.Authentication    = cvssNode.Descendants().Single(d => d.Name.LocalName == "authentication").Value;
                detail.Confidentiality   = cvssNode.Descendants().Single(d => d.Name.LocalName == "confidentiality-impact").Value;
                detail.Integrity         = cvssNode.Descendants().Single(d => d.Name.LocalName == "integrity-impact").Value;
                detail.Availability      = cvssNode.Descendants().Single(d => d.Name.LocalName == "availability-impact").Value;

                detail.Description = node.Descendants().Single(d => d.Name.LocalName == "summary").Value;

                if (versions == null)
                {
                    versions = new List <string>();
                }

                detail.AffectedVersions = versions.ToArray();

                if (!m_cveDetails.ContainsKey(cveId))
                {
                    m_cveDetails.Add(cveId, detail);
                }
            }
        }
예제 #5
0
        public void LoadNvdCve(string path)
        {
            XDocument document = XDocument.Load(path);

            foreach (var node in document.Descendants())
            {
                if (node.Name.LocalName != "entry")
                    continue;

                CveId id = new CveId(node.Attribute("id").Value);
                CveDetail detail = new CveDetail();

                List<string> versions = null;

                try
                {
                    var vulnerableVersions = node.Descendants().Single(d => d.Name.LocalName == "vulnerable-software-list").Descendants().ToArray();
                    versions = new List<string>(vulnerableVersions.Length);

                    foreach (XElement vulnerableVersion in vulnerableVersions)
                    {
                        string[] tokens = vulnerableVersion.Value.Split(':');
                        detail.Company = tokens[2];
                        detail.ServiceName = tokens[3];
                        if (tokens.Length > 4)
                            versions.Add(tokens[4]);
                    }
                }
                catch
                {
                    Console.WriteLine("Skipped " + id.ToString());
                    continue;
                }

                detail.CVE = node.Descendants().Single(d => d.Name.LocalName == "cve-id").Value;
                CveId cveId = new CveId(detail.CVE);

                detail.CWE = TryGetDescendantAttributeValue(node, "cwe", "id");
                detail.PublishDate = TryGetDescendantValue(node, "published-datetime");
                detail.UpdateDate = TryGetDescendantValue(node, "last-modified-datetime");

                var cvssNode = node.Descendants().Single(d => d.Name.LocalName == "cvss").Descendants().First();
                detail.Score = double.Parse(cvssNode.Descendants().Single(d => d.Name.LocalName == "score").Value);
                detail.GainedAccessLevel = "";
                detail.Access = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-vector").Value;
                detail.Complexity = cvssNode.Descendants().Single(d => d.Name.LocalName == "access-complexity").Value;
                detail.Authentication = cvssNode.Descendants().Single(d => d.Name.LocalName == "authentication").Value;
                detail.Confidentiality = cvssNode.Descendants().Single(d => d.Name.LocalName == "confidentiality-impact").Value;
                detail.Integrity = cvssNode.Descendants().Single(d => d.Name.LocalName == "integrity-impact").Value;
                detail.Availability = cvssNode.Descendants().Single(d => d.Name.LocalName == "availability-impact").Value;

                detail.Description = node.Descendants().Single(d => d.Name.LocalName == "summary").Value;

                if (versions == null)
                    versions = new List<string>();

                detail.AffectedVersions = versions.ToArray();

                if (!m_cveDetails.ContainsKey(cveId))
                    m_cveDetails.Add(cveId, detail);
            }
        }