mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
Update Sun May 26 23:17:22 CEST 2024
This commit is contained in:
0xMarcio
parent
ab087c0419
commit
1f3d35410a
File diff suppressed because one or more lines are too long
@ -17,22 +17,22 @@ years = [year for year in years if year.isdigit()]
|
|||||||
years.sort(reverse=True)
|
years.sort(reverse=True)
|
||||||
|
|
||||||
#clean up the text blocks
|
#clean up the text blocks
|
||||||
def clean_text(description):
|
def clean_text(description_text):
|
||||||
|
description = re.sub(r'\n+', '\n', description_text)
|
||||||
#remove the '-' at the beginning of each line
|
#remove the '-' at the beginning of each line
|
||||||
description_lines = description.split('\n')
|
description_lines = description.split('\n')
|
||||||
description_lines = [line.lstrip('- ') for line in description_lines]
|
description_lines = [line.lstrip('- ') for line in description_lines]
|
||||||
|
|
||||||
#change urls with <a> links with regular expression
|
#change urls with <a> links with regular expression
|
||||||
description_lines = [re.sub(r'(https?:\/\/[^\s]+)', r'<a target="_blank" href="\1">\1</a>', line) for line in description_lines]
|
#description_lines = [re.sub(r'(https?:\/\/[^\s]+)', r'<a target="_blank" href="\1">\1</a>', line) for line in description_lines]
|
||||||
|
|
||||||
#add <br/> for each line
|
#add <br/> for each line
|
||||||
description = '<br/>'.join(description_lines)
|
description = '\n'.join(description_lines)
|
||||||
return description
|
return description
|
||||||
|
|
||||||
#generate JSON for each CVE
|
#generate JSON for each CVE
|
||||||
for year in years:
|
for year in years:
|
||||||
|
|
||||||
yearDir = os.path.join(dir, year)
|
yearDir = os.path.join(dir, year)
|
||||||
for CVE_filename in os.listdir(yearDir):
|
for CVE_filename in os.listdir(yearDir):
|
||||||
|
|
||||||
@ -45,20 +45,33 @@ for year in years:
|
|||||||
CVE_description = CVE_file_content.split('### Description')[1].split('###')[0].strip()
|
CVE_description = CVE_file_content.split('### Description')[1].split('###')[0].strip()
|
||||||
CVE_references = CVE_file_content.split('### Reference')[1].split('###')[0].strip()
|
CVE_references = CVE_file_content.split('### Reference')[1].split('###')[0].strip()
|
||||||
CVE_github = CVE_file_content.split('### Github')[1].split('###')[0].strip()
|
CVE_github = CVE_file_content.split('### Github')[1].split('###')[0].strip()
|
||||||
|
|
||||||
#TODO: extract imageshield label attributes
|
#TODO: extract imageshield label attributes
|
||||||
|
|
||||||
CVE_Name = CVE_filename.split('.')[0]
|
CVE_Name = CVE_filename.split('.')[0]
|
||||||
|
|
||||||
CVE_description = clean_text(CVE_description)
|
CVE_description = clean_text(CVE_description)
|
||||||
CVE_github = clean_text(CVE_github)
|
CVE_github = clean_text(CVE_github)
|
||||||
CVE_references = clean_text(CVE_references)
|
CVE_references = clean_text(CVE_references)
|
||||||
|
CVE_poc = []
|
||||||
|
if "No PoCs" not in CVE_references:
|
||||||
|
if '\n' in CVE_references:
|
||||||
|
for ref in CVE_references.split('\n'):
|
||||||
|
CVE_poc.append(ref)
|
||||||
|
else:
|
||||||
|
CVE_poc.append(CVE_references)
|
||||||
|
if "No PoCs" not in CVE_github:
|
||||||
|
if '\n' in CVE_github:
|
||||||
|
for poc in CVE_github.split('\n'):
|
||||||
|
CVE_poc.append(poc)
|
||||||
|
else:
|
||||||
|
CVE_poc.append(CVE_github)
|
||||||
|
|
||||||
thisCVE = [year,CVE_Name, CVE_description, CVE_github,CVE_references]
|
thisCVE = {"cve": CVE_Name, "desc": CVE_description, "poc": CVE_poc}
|
||||||
CVE_list.append(thisCVE)
|
CVE_list.append(thisCVE)
|
||||||
|
|
||||||
CVE_output = f"dataTable_data = {json.dumps(CVE_list)}"
|
CVE_output = f"{json.dumps(CVE_list)}"
|
||||||
|
|
||||||
#save CVE list to JSON file
|
#save CVE list to JSON file
|
||||||
with open('CVE_list.json', 'w') as outfile:
|
with open('CVE_list.json', 'w') as outfile:
|
||||||
outfile.write(CVE_output)
|
outfile.write(CVE_output)
|
||||||
|
|||||||
@ -20,7 +20,7 @@
|
|||||||
<input type="text" class="search" placeholder="ENTER SEARCH TERM" autocomplete="false">
|
<input type="text" class="search" placeholder="ENTER SEARCH TERM" autocomplete="false">
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
<div class="results">
|
<div class="results" style="display:none">
|
||||||
<br>
|
<br>
|
||||||
<div class="noResults">
|
<div class="noResults">
|
||||||
<h2>No Results Found</h2>
|
<h2>No Results Found</h2>
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
var searchResultFormat = '<tr><td class="cveNum"><b>$cve</b></td><td align="left">$description<hr>$poc</td></tr>';
|
const searchResultFormat = '<tr><td class="cveNum">$cve</td><td align="left">$description $poc</td></tr>';
|
||||||
var totalLimit = 500;
|
const totalLimit = 1000;
|
||||||
var replaceStrings = ['HackTheBox - ', 'VulnHub - ', 'UHC - '];
|
const replaceStrings = ['HackTheBox - ', 'VulnHub - ', 'UHC - '];
|
||||||
const results = document.querySelector('div.results');
|
const results = document.querySelector('div.results');
|
||||||
const searchValue = document.querySelector('input.search');
|
const searchValue = document.querySelector('input.search');
|
||||||
const form = document.querySelector('form.searchForm');
|
const form = document.querySelector('form.searchForm');
|
||||||
@ -22,53 +22,22 @@ function escapeHTML(str) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function convertLinksToList(content) {
|
function convertLinksToList(links) {
|
||||||
const tempDiv = document.createElement('div');
|
|
||||||
tempDiv.innerHTML = content;
|
|
||||||
|
|
||||||
const links = tempDiv.querySelectorAll('a');
|
|
||||||
if (links.length === 0) {
|
if (links.length === 0) {
|
||||||
return content;
|
return content;
|
||||||
}
|
}
|
||||||
|
let htmlOutput = `<hr><ul>`;
|
||||||
const list = document.createElement('ul');
|
|
||||||
links.forEach(link => {
|
links.forEach(link => {
|
||||||
const listItem = document.createElement('li');
|
htmlOutput += `<li><a target="_blank" href="${link}">${link}</a></li>`;
|
||||||
listItem.appendChild(link.cloneNode(true));
|
|
||||||
list.appendChild(listItem);
|
|
||||||
});
|
});
|
||||||
|
htmlOutput += `</ul>`
|
||||||
// Remove all original links from the tempDiv
|
return htmlOutput;
|
||||||
links.forEach(link => link.parentNode.removeChild(link));
|
|
||||||
|
|
||||||
// Append the newly created list to tempDiv
|
|
||||||
tempDiv.appendChild(list);
|
|
||||||
|
|
||||||
return tempDiv.innerHTML;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function convertToList(content) {
|
function getCveLink(cveId) {
|
||||||
// Create a temporary div to manipulate the content
|
return `<a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=${cveId}"><b>${cveId}</b></a>`
|
||||||
const tempDiv = document.createElement('div');
|
|
||||||
// Remove all <br> tags
|
|
||||||
content = content.replace(/<br\s*\/?>/gi, '');
|
|
||||||
tempDiv.innerHTML = content;
|
|
||||||
|
|
||||||
const list = document.createElement('ul');
|
|
||||||
Array.from(tempDiv.childNodes).forEach(node => {
|
|
||||||
const listItem = document.createElement('li');
|
|
||||||
if (node.nodeType === Node.TEXT_NODE) {
|
|
||||||
listItem.textContent = node.textContent.trim();
|
|
||||||
} else if (node.nodeType === Node.ELEMENT_NODE && node.tagName === 'A') {
|
|
||||||
listItem.appendChild(node.cloneNode(true));
|
|
||||||
}
|
|
||||||
list.appendChild(listItem);
|
|
||||||
});
|
|
||||||
|
|
||||||
return list.outerHTML;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
var controls = {
|
var controls = {
|
||||||
oldColor: '',
|
oldColor: '',
|
||||||
displayResults: function() {
|
displayResults: function() {
|
||||||
@ -86,8 +55,8 @@ var controls = {
|
|||||||
let negmatch = words.filter(word => word[0] === '-').map(word => word.substring(1));
|
let negmatch = words.filter(word => word[0] === '-').map(word => word.substring(1));
|
||||||
|
|
||||||
dataset.forEach(e => {
|
dataset.forEach(e => {
|
||||||
let description = replaceStrings.reduce((desc, str) => desc.replace(str, ''), e.description).toLowerCase();
|
let description = replaceStrings.reduce((desc, str) => desc.replace(str, ''), e.desc).toLowerCase();
|
||||||
let combinedText = (e.cve + e.poc + description).toLowerCase();
|
let combinedText = (e.cve + description).toLowerCase();
|
||||||
|
|
||||||
let positiveMatch = posmatch.every(word => combinedText.includes(word));
|
let positiveMatch = posmatch.every(word => combinedText.includes(word));
|
||||||
let negativeMatch = negmatch.some(word => combinedText.includes(word));
|
let negativeMatch = negmatch.some(word => combinedText.includes(word));
|
||||||
@ -118,10 +87,9 @@ var controls = {
|
|||||||
let fragment = document.createDocumentFragment();
|
let fragment = document.createDocumentFragment();
|
||||||
results.forEach(r => {
|
results.forEach(r => {
|
||||||
let el = searchResultFormat
|
let el = searchResultFormat
|
||||||
.replace('$cve', r.cve)
|
.replace('$cve', getCveLink(r.cve))
|
||||||
.replace('$description', escapeHTML(r.description) )
|
.replace('$description', escapeHTML(r.desc) )
|
||||||
//.replace('$poc', convertLinksToList(r.poc));
|
.replace('$poc', convertLinksToList(r.poc));
|
||||||
.replace('$poc', convertToList(r.poc));
|
|
||||||
let wrapper = document.createElement('table');
|
let wrapper = document.createElement('table');
|
||||||
wrapper.innerHTML = el;
|
wrapper.innerHTML = el;
|
||||||
fragment.appendChild(wrapper.querySelector('tr'));
|
fragment.appendChild(wrapper.querySelector('tr'));
|
||||||
@ -170,7 +138,7 @@ document.addEventListener('DOMContentLoaded', function() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fetch('./pocs.json')
|
fetch('./CVE_list.json')
|
||||||
.then(res => res.json())
|
.then(res => res.json())
|
||||||
.then(data => {
|
.then(data => {
|
||||||
window.dataset = data;
|
window.dataset = data;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user