get_securityfocus.pl

#!/usr/bin/perl -w

use strict;
use warnings;

NAME

 get_securityfocus - load exploit Infos from securityfocus

use constant VERSION  => "0.0.1";

SYNOPSIS

 get_securityfocus <startid> <endid>

DESCRIPTION

 Load exploit Infos from securityfocus.
 You need links to running this script.

use diagnostics;
use Getopt::Long;
use Pod::Usage;

ARGUMENTS

 Place
 --help      print Options and Arguments
 --man       print complete man page

OPTIONS

my ($opt_help, $opt_man, $opt_versions);

GetOptions(
  'help!'     => \$opt_help,
  'man!'      => \$opt_man,
) or pod2usage(-verbose => 0,
               -output  => \*STDERR ) && exit;

pod2usage(-verbose => 1,
          -exitval => 0) && exit if defined $opt_help;
pod2usage(-verbose => 2, 
          -exitval => 0) && exit if defined $opt_man;

my $von = shift or pod2usage(-verbose => 1, -exitval => 1);
my $bis = shift or pod2usage(-verbose => 1, -exitval => 1);

sub dump($)
{
  my $url=shift;
  my @return;
  open( URL, "/usr/bin/links.main -dump $url |") or die "cannot open links: $!\n";
#TODO I have to fix this regexp.
  foreach my $line (<URL>) {
    next if $line =~ /^\s*$/;
    next if $line =~ /^Page\s+$/;
    next if $line =~ /Home\s+Foundations\s+Microsoft\s+Unix\s+IDS\s+
                                            Incidents\s+Virus\s+Pen-Test\s+
                                            Firewalls\s+Bugtraq\s+Newsletters\s+MailingLists/x;  
    next if $line =~ /\[USEMAP\]\s+RSS\s+Feeds/;
    next if $line =~ /___________\s+\[___________________\]\s+\[\s+Submit/;
    next if $line =~ /SecurityFocus\s+Search\s+\]/;
    next if $line =~ /^\s+\[USEMAP\]\s+$/;
    next if $line =~ /\[IMG\]\s+Subscribe\s+$/;
    next if $line =~ /Privacy Statement/;
    next if $line =~ /Copyright \(c\) 1999-2004 SecurityFocus/;
    next if $line =~ /^\s+VULNERABILITIES\s+$/;
    next if $line =~ /info\s+discussion\s+exploit\s+solution\s+credit\s+help/;
    next if $line =~ /For additions or corrections please email vuldb\@securityfocus\.com/;
    next if $line =~ /Disclaimer \| About The Vulnerability Database/;
    $line =~ s/\s+$/\n/;
    push @return, $line;
  }
  return @return;
}

my $baseurl = 'http://www.securityfocus.com/bid/';
foreach my $i ( $von .. $bis ) {
  my $url=$baseurl . $i;
  foreach my $s qw(info discussion exploit solution credit) {
    printf"------------------------------- bid-%08d %-12s -------------------------------------\n", $i, $s;
    print &dump($url . "/$s" );
  }
}

__END__

LICENSE

This software is released under the same terms as perl itself.

AUTHOR

Copyright 2004 by Urs Stotz <stotz@gmx.ch>. All rights reserved