Tools to make working the Arch Linux Security Tracker easier

Overview

Arch Linux Security Tracker Tools

This is a collection of Python scripts to make working with the Arch Linux Security Tracker easier.

Features

  • CVE entry parsing from multiple sources (currently NVD, Mozilla and Chromium) into a JSON format consumable by the tracker
  • Automatic batch addition of the parsed CVE entries to the tracker

Dependencies

  • python >= 3.6
  • python-lxml

CVE entry parsing

CVEs from multiple sources can be parsed. All parser scripts take the CVEs to be considered as a list of arguments and write the parsed CVE entries to stdout in JSON form. The JSON format follows the one used by the tracker as part of its API endpoints, e.g. https://security.archlinux.org/CVE-2019-9956.json.

NVD

tracker_get_nvd.py parses CVE entries from the official NVD database. It is used as

./tracker_get_nvd.py CVE...

Description and references are taken verbatim from the NVD CVE entry. Severity and attack vector are derived from the CVSS v3 if present (this usually takes a few day after the CVE has been published). The type of the vulnerability is always set to "Unknown" and needs to be filled by hand by the user.

This is mostly included as an example for working with the JSON format. CVEs obtained from this source often require manual changes to the description and references before they can be used for the tracker.

Mozilla

tracker_get_mozilla.py parses CVEs issued by Mozilla, mostly for Firefox and Thunderbird. It is used as

./tracker_get_nvd.py CVE... MFSA...

where MFSA is an advisory number issued by Mozilla, e.g. mfsa2021-01. If a MFSA is specified, all CVEs included in this advisory will be parsed.

Description, references and severity are taken verbatim from the Mozilla advisory. The attack vector is assumed to be "Remote" by default due to the nature of the Mozilla products. The type of the vulnerability is always set to "Unknown" and needs to be filled by hand by the user.

Chromium

tracker_get_chromium.py parses CVEs issued for Chrome. It is used as

./tracker_get_chromium.py URL...

where URL is the URL of a Chrome release blog post, e.g. https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop.html.

The description is of the form "A type security issue has been found in the component component of the Chromium browser before version new_version.", where type, component and new_version are parsed from the blog post. The corresponding severity is taken from the blog post as well. The URL of the blog post and the link to the corresponding Chromium bug report as specified in the blog post are used as references. The attack vector is assumed to be "Remote" by default as Chromium is a browser. The type of the vulnerability is always set to "Unknown" and needs to be filled by hand by the user.

CVE upload to the security tracker

tracker_add.py adds CVEs to the Arch Linux Security Tracker. It reads a JSON file generated by one of the parsers from stdin and tries to create a new CVE for each of the items found in there. The necessary login credentials can be supplied using the TRACKER_USERNAME and TRACKER_PASSWORD environment variables, or will otherwise be asked queried on the TTY.

Note that only adding new CVEs is supported at the moment. Trying to add an already existing CVE will try to merge the data according to the upstream tracker logic, which will only partially succeed if the data is conflicting.

The URL to the tracker is set as https://security.archlinux.org by default, but can be changed for debugging purposes by setting the TRACKER_URL environment variable, e.g. to a tracker instance running locally:

TRACKER_URL='http://127.0.0.32:5000' ./tracker_add.py

Example workflow

  1. Download a set of CVEs using one of the parsers to a JSON file, e.g.

    ./tracker_get_mozilla.py mfsa2021-01 > mfsa2021-01.json
  2. Edit the file to check the generated data and add missing information like the vulnerability type:

    $EDITOR mfsa2021-01.json
  3. Upload the CVEs to the tracker:

    ./tracker_add.py < mfsa2021-01.json

If you are feeling brave, you can omit the editing step and directly upload the generated data to the tracker:

./tracker_get_mozilla.py mfsa2021-01 | ./tracker_add.py

Missing or incorrect information can be edited afterwards using the web interface of the tracker. Be careful with this approach, mass-editing messed up CVE entries has not been implemented yet...

TODO

  • Implement more parsers
  • Validation of the generated JSON files, at least in tracker_add.py
  • Better error handling
  • SSO support using Keycloak
  • Batch editing of existing CVEs
Owner
Jonas Witschel
Arch Linux Trusted User, tpm2-software member
Jonas Witschel
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.

SSLyze SSLyze is a fast and powerful SSL/TLS scanning tool and Python library. SSLyze can analyze the SSL/TLS configuration of a server by connecting

Alban Diquet 2.8k Jan 03, 2023
macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

Leo Pitt 206 Dec 31, 2022
JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you.

JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's j

Quatrecentquatre 3 May 01, 2022
log4j-tools: CVE-2021-44228 poses a serious threat to a wide range of Java-based applications

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview

JFrog Ltd. 171 Dec 25, 2022
Tools Crack Fb Terbaru

Tools Crack Fb Terbaru

Jeeck 12 Jan 06, 2022
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source

Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg

m4ll0k (mallok) 1.8k Jan 04, 2023
A Telegram Bot to force users to join a specific channel before sending messages in a group.

Promoter A Telegram Bot to force users to join a specific channel before sending messages in a group. Introduction A Telegram Bot to force users to jo

Mr. Dynamic 1 Jan 27, 2022
I hacked my own webcam from a Kali Linux VM in my local network, using Ettercap to do the MiTM ARP poisoning attack, sniffing with Wireshark, and using metasploit

plan I - Linux Fundamentals Les utilisateurs et les droits Installer des programmes avec apt-get Surveiller l'activité du système Exécuter des program

148 Dec 22, 2022
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
Denial Attacks by Various Methods

Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::

Baris Dincer 9 Nov 26, 2022
A Superfast SMS & Call bomber for Linux And Termux !

A Superfast SMS & Call bomber for Linux And Termux !

Anubhav Kashyap 15 Feb 21, 2022
Directory Traversal in Afterlogic webmail aurora and pro

CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a

Ashish Kunwar 8 Nov 09, 2022
GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

Mythic Agents 37 Dec 06, 2022
利用NTLM Hash读取Exchange邮件

GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。

<a href=[email protected]"> 388 Dec 27, 2022
Proof of concept to check if hosts are vulnerable to CVE-2021-41773

CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV

Jordan Jay 43 Nov 09, 2022
Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha

Hendrik Agung 2 Dec 30, 2021
GitLab CI security tools runner

Common Security Pipeline Описание проекта: Данный проект является вариантом реализации DevSecOps практик, на базе: GitLab DefectDojo OpenSouce tools g

Сити-Мобил 14 Dec 23, 2022
GDID (Google Dorks for Information Disclosure)

GDID (Google Dorks for Information Disclosure) Script made for your recon automation in Bug Bounty or Pentest. It will help you to find Information Di

Nischacid 5 Mar 10, 2022
The First Python Compatible Camera Hacking Tool

ZCam Hack webcam using python by sending malicious link. FEATURES : [+] Real-time Camera hacking [+] Python compatible [+] URL Shortener using bitly [

Sanketh J 109 Dec 28, 2022