Skip to content

full names and working tagging for packetstorm script #1061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Mar 18, 2024
Merged

full names and working tagging for packetstorm script #1061

merged 28 commits into from
Mar 18, 2024

Conversation

HoxhaEndri
Copy link
Member

  • What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
    The names of the cves are now full and consistent. The tags should also be consistent now.
    Tested with the first 50 pages.

  • What is the current behavior? (You can also link to an open issue here)

  • What is the new behavior (if this is a feature change)? If possible add a screenshot.

  • Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)

  • Other information:

@HoxhaEndri HoxhaEndri changed the title full names and working tagging full names and working tagging for packetstorm script Mar 1, 2024
@m-1-k-3 m-1-k-3 added bug Something isn't working EMBArk ci/cd EMBA labels Mar 1, 2024
@m-1-k-3
Copy link
Member

m-1-k-3 commented Mar 1, 2024

Please add your name to the Authors

@m-1-k-3
Copy link
Member

m-1-k-3 commented Mar 1, 2024

looks as it gets out of sync:

[*] Generating list of URLs of packetstorm advisory page 1046
[+] Found PoC for CVE-2012-1664 in advisory osCmax 2.5.0 Cross Site Scripting SQL Injection / https://packetstormsecurity.com/files/111559/osCmax-2.5.0-Cross-Site-Scripting-SQL-Injection.html
[+] Found PoC for CVE-2012-1665 in advisory osCmax 2.5.0 Cross Site Scripting SQL Injection / https://packetstormsecurity.com/files/111559/osCmax-2.5.0-Cross-Site-Scripting-SQL-Injection.html
[+] Found PoC for CVE-2012-1671 in advisory phpPaleo 4.8b156 Local File Inclusion / https://packetstormsecurity.com/files/111545/phpPaleo-4.8b156-Local-File-Inclusion.html
[+] Found PoC for CVE-2012-1672 in advisory Pluck 4.7 Cross Site Request Forgery / https://packetstormsecurity.com/files/111582/Pluck-4.7-Cross-Site-Request-Forgery.html

If I go to site 1046 I can see the Pluck 4.7 CSRF entry ... but it has no CVE identifier:

image

@HoxhaEndri
Copy link
Member Author

looks as it gets out of sync:

[*] Generating list of URLs of packetstorm advisory page 1046
[+] Found PoC for CVE-2012-1664 in advisory osCmax 2.5.0 Cross Site Scripting SQL Injection / https://packetstormsecurity.com/files/111559/osCmax-2.5.0-Cross-Site-Scripting-SQL-Injection.html
[+] Found PoC for CVE-2012-1665 in advisory osCmax 2.5.0 Cross Site Scripting SQL Injection / https://packetstormsecurity.com/files/111559/osCmax-2.5.0-Cross-Site-Scripting-SQL-Injection.html
[+] Found PoC for CVE-2012-1671 in advisory phpPaleo 4.8b156 Local File Inclusion / https://packetstormsecurity.com/files/111545/phpPaleo-4.8b156-Local-File-Inclusion.html
[+] Found PoC for CVE-2012-1672 in advisory Pluck 4.7 Cross Site Request Forgery / https://packetstormsecurity.com/files/111582/Pluck-4.7-Cross-Site-Request-Forgery.html

If I go to site 1046 I can see the Pluck 4.7 CSRF entry ... but it has no CVE identifier:

I will look into it

@HoxhaEndri HoxhaEndri marked this pull request as draft March 4, 2024 15:14
@HoxhaEndri HoxhaEndri marked this pull request as ready for review March 18, 2024 08:19
@HoxhaEndri HoxhaEndri requested a review from m-1-k-3 March 18, 2024 08:56
m-1-k-3
m-1-k-3 requested changes Mar 18, 2024
View reviewed changes
Copy link
Member

@m-1-k-3 m-1-k-3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just two notes for review

.github/workflows/packet_storm_crawler.yml Outdated
schedule:
- cron: '0 0 * * 0' # do it every week

jobs:
update_packetstorm_db:
if: github.repository_owner == 'e-m-b-a'
if: github.repository_owner == 'HoxhaEndri'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs to be e-m-b-a

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah yes

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please fix for merge

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please fix for merge

I thought I did it, but I forgot that it gets ignored by git.

@HoxhaEndri HoxhaEndri requested a review from m-1-k-3 March 18, 2024 09:31
@m-1-k-3
Copy link
Member

m-1-k-3 commented Mar 18, 2024

Thank you for fixing this script!

@m-1-k-3 m-1-k-3 merged commit 0c696a4 into e-m-b-a:master Mar 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@m-1-k-3 m-1-k-3 m-1-k-3 approved these changes

Assignees
No one assigned
Labels
bug Something isn't working ci/cd EMBA EMBArk
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@HoxhaEndri @m-1-k-3