-
Notifications
You must be signed in to change notification settings - Fork 0
/
cve-grep-helper.py
executable file
·78 lines (71 loc) · 2.79 KB
/
cve-grep-helper.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/python3
import csv, sys, errno, requests, tqdm
cve_local = "/usr/share/mitre-cve/allitems.csv"
cve_remote = "https://cve.mitre.org/data/downloads/allitems.csv"
description = (
"""
Reads the MITRE CVE list in CSV format and spits out only the desired columns.
This is useful for searching for CVEs with comand line tools (e.g. grep, awk...).
See https://cve.mitre.org/
Variables:
\tcve_local = '""" + cve_local + """'
\t\tExpected location of the MITRE CSV.
\tcve_remote = '""" + cve_remote + """'
\t\tMITRE CSV list source
Usage:
\t""" + sys.argv[0] + """
\t\tPrints the Name and Description columns of each line in the CSV database.
\t\tUse with grep or similar tools to look for CVEs of interest.
\t""" + sys.argv[0] + """ [--help or -h]
\t\tPrints this description and usage
\t""" + sys.argv[0] + """ [--update or -u]
\t\tDownload the fresh CVE list from [cve_remote] to [cve_local].
\t\tOverwrites the old one if it exists.
""")
if "--help" in sys.argv or "-h" in sys.argv:
print(description)
exit(0)
if "--update" in sys.argv or "-u" in sys.argv:
try:
with open(cve_local, "wb") as outfile:
response = requests.get(cve_remote, stream=True)
total_size = int(response.headers.get('content-length', 0))
block_size = 1024 # 1 kibibyte
t = tqdm.tqdm(total=total_size, unit='iB', unit_scale=True)
for data in response.iter_content(block_size):
t.update(len(data))
outfile.write(data)
t.close()
if total_size != 0 and t.n != total_size:
print("Something went wrong with the update.")
exit(1)
except IOError as e:
if e.errno == errno.EACCES:
print("No write permissions for file " + cve_local)
print("Either update with root or set permissions accordingly.")
exit(1)
exit(0)
try:
with open(cve_local, "r", encoding="Latin-1") as csvfile:
reader = csv.DictReader(csvfile, ["Name","Status","Description","References","Phase","Votes","Comments"])
# skip the first 10 lines (version, date, headers, "Candidates must be reviewed...")
for i in range(10):
next(reader)
for row in reader:
print(row["Name"] + "\t" + row["Description"])
except IOError as e:
if e.errno == errno.ENOENT:
print("File does not exist: " + cve_local)
print("Update it with --update or -u")
exit(1)
elif e.errno == errno.EACCES:
print("No read permissions for file " + cve_local)
print("Set permissions accordingly.")
exit(1)
elif e.errno == errno.EPIPE:
# Broken pipe errors show up when piping into something like head.
# Just ignore it and exit.
exit(0)
else:
print(description)
exit(1)