Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!(cmd): add vulncheck #138

Merged
merged 1 commit into from
Aug 30, 2024
Merged

feat!(cmd): add vulncheck #138

merged 1 commit into from
Aug 30, 2024

Conversation

MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Aug 19, 2024
edited
Loading

If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

add vulncheck-kev

Type of change

Please delete options that are not relevant.

  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

$ go-kev fetch vulncheck
INFO[08-19|19:47:30] Fetching VulnCheck Known Exploited Vulnerabilities 
INFO[08-19|19:47:31] Insert VulnCheck Known Exploited Vulnerabilities into go-kev. db=sqlite3
INFO[08-19|19:47:31] Inserting VulnCheck Known Exploited Vulnerabilities... 
2827 / 2827 [---------------------------------------------------------------------------------------] 100.00% 3502 p/s
INFO[08-19|19:47:32] CveID Count                              count=2827

$ go-kev server

$ curl -s http://127.0.0.1:1328/cves/CVE-2023-43177 | jq
{
  "vulncheck": [
    {
      "vendorProject": "crushftp",
      "product": "CrushFTP",
      "shortDescription": "CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.",
      "vulnerabilityName": "crushftp CrushFTP Improper Control of Dynamically-Managed Code Resources",
      "required_action": "Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.",
      "knownRansomwareCampaignUse": "Unknown",
      "cve": [
        {
          "cveID": "CVE-2023-43177"
        }
      ],
      "vulncheck_xdb": [
        {
          "xdb_id": "6d8fca1e85b0",
          "xdb_url": "https://vulncheck.com/xdb/6d8fca1e85b0",
          "date_added": "2023-12-27T00:06:20Z",
          "exploit_type": "initial-access",
          "clone_ssh_url": "git@github.com:the-emmons/CVE-2023-43177.git"
        }
      ],
      "vulncheck_reported_exploitation": [
        {
          "url": "https://go.recordedfuture.com/hubfs/reports/ta-2024-0321.pdf",
          "date_added": "2024-03-21T00:00:00Z"
        }
      ],
      "date_added": "2024-03-21T00:00:00Z"
    }
  ]
}

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Aug 19, 2024
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch 2 times, most recently from 89e68ec to d12e704 Compare August 22, 2024 17:32
@MaineK00n MaineK00n changed the title feat(cmd): add vulncheck feat!(cmd): add vulncheck Aug 22, 2024
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch from d12e704 to e1cf59b Compare August 22, 2024 17:36
@MaineK00n MaineK00n marked this pull request as ready for review August 22, 2024 17:36
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch from e1cf59b to a3661b1 Compare August 22, 2024 17:40
@MaineK00n MaineK00n requested a review from shino August 22, 2024 17:43
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch from a3661b1 to 72ea3f9 Compare August 23, 2024 06:46
shino
shino reviewed Aug 23, 2024
View reviewed changes
db/redis.go Show resolved Hide resolved
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch 2 times, most recently from f0e9def to 0e963e9 Compare August 24, 2024 05:46
shino
shino reviewed Aug 26, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
shino
shino approved these changes Aug 26, 2024
View reviewed changes
Copy link
Contributor

@shino shino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎊

@MaineK00n MaineK00n mentioned this pull request Aug 29, 2024
Merged
9 tasks
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch from 0e963e9 to 98dd60e Compare August 29, 2024 15:48
shino
shino reviewed Aug 30, 2024
View reviewed changes
README.md Show resolved Hide resolved
@MaineK00n MaineK00n force-pushed the MaineK00n/vulncheck-kev branch from 98dd60e to c904827 Compare August 30, 2024 02:25
shino
shino approved these changes Aug 30, 2024
View reviewed changes
Copy link
Contributor

@shino shino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🍻

shino
shino approved these changes Aug 30, 2024
View reviewed changes
Copy link
Contributor

@shino shino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎊

@MaineK00n MaineK00n merged commit 169d680 into main Aug 30, 2024
3 checks passed
@MaineK00n MaineK00n deleted the MaineK00n/vulncheck-kev branch August 30, 2024 05:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shino shino shino approved these changes

Assignees

@MaineK00n MaineK00n

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MaineK00n @shino