kekkan 0.0.0 → 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/NEWS.markdown +8 -0
- data/README.markdown +45 -5
- data/Rakefile +1 -0
- data/TODO.markdown +9 -0
- data/bin/kekkan +8 -6
- data/kekkan.gemspec +5 -8
- data/lib/kekkan.rb +20 -1
- data/lib/kekkan/base.rb +30 -0
- data/lib/kekkan/base/schema.rb +109 -0
- data/lib/kekkan/cli.rb +33 -0
- data/lib/kekkan/cli/application.rb +349 -0
- data/lib/kekkan/cli/banner.rb +49 -0
- data/lib/kekkan/models.rb +38 -0
- data/lib/kekkan/models/assessmentcheck.rb +35 -0
- data/lib/kekkan/models/cvss.rb +35 -0
- data/lib/kekkan/models/entry.rb +39 -0
- data/lib/kekkan/models/reference.rb +35 -0
- data/lib/kekkan/models/scanner.rb +35 -0
- data/lib/kekkan/models/version.rb +34 -0
- data/lib/kekkan/models/vulnerablesoftwarelist.rb +35 -0
- data/lib/kekkan/parsers.rb +32 -0
- data/lib/kekkan/parsers/cve_2_sax_listener.rb +182 -0
- metadata +57 -8
data/NEWS.markdown
ADDED
data/README.markdown
CHANGED
@@ -1,16 +1,56 @@
|
|
1
1
|
#Kekkan
|
2
2
|
|
3
|
-
Kekkan is a parser for
|
3
|
+
Kekkan is a parser and [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database for NVD CVE and CPE XML files.
|
4
4
|
|
5
|
-
The name comes from the Japanese word for flaw/defect.
|
5
|
+
The name comes from the Japanese word for 'flaw/defect'.
|
6
|
+
|
7
|
+
Version **0.0.1** is the current release.
|
8
|
+
|
9
|
+
# Requirements
|
10
|
+
|
11
|
+
##Ruby
|
12
|
+
Keigan has been tested with ruby-1.9.2-p320, ruby-1.9.3-p125. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it [here](https://rvm.beginrescueend.com/).
|
13
|
+
|
14
|
+
### RubyGems
|
15
|
+
Kekkan relies heavily on [RubyGems](http://rubygems.org/) to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of [Ruby](http://ruby-lang.org/).
|
16
|
+
|
17
|
+
- rails
|
18
|
+
- yaml
|
19
|
+
- nokogiri
|
20
|
+
|
21
|
+
# Installation
|
22
|
+
Installation is really easy just gem install!
|
23
|
+
|
24
|
+
% gem install kekkan
|
25
|
+
|
26
|
+
## Database Setup
|
27
|
+
|
28
|
+
% kekkan --create-config
|
29
|
+
% $EDITOR kekkan.cfg
|
30
|
+
% kekkan --create-tables
|
31
|
+
|
32
|
+
1. Generate the kekkan.cfg file.
|
33
|
+
2. Edit the kekkan.cfg file, filling in the variables as needed.
|
34
|
+
3. Migrate the database schema.
|
35
|
+
|
36
|
+
## Parsing NVD CVE XML
|
37
|
+
|
38
|
+
% kekkan nvdcve-2.0-2012.xml [nvdcve-2.0-2011.xml ...]
|
39
|
+
|
40
|
+
1. Parse the files by passing their names on the command line.
|
41
|
+
|
42
|
+
# Viewing Data
|
43
|
+
The data can be queried with a built in console or with an external database viewer. The data is mostly for consumption from another program.
|
44
|
+
|
45
|
+
% kekkan --console
|
6
46
|
|
7
47
|
# Contributing
|
8
|
-
If you would like to contribute
|
48
|
+
If you would like to contribute bug fixes/etc to Kekkan. The easiest way is to fork the project on [github](http://github.com/arxopia/kekkan) and make the changes in your fork and the submit a pull request to the project.
|
9
49
|
|
10
50
|
# Issues
|
11
51
|
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/arxopia/kekkan/issues).
|
12
52
|
|
13
53
|
# Contact
|
14
|
-
You can reach
|
54
|
+
You can reach the team at kekkan[at]arxopia[dot]com.
|
15
55
|
|
16
|
-
You can also contact
|
56
|
+
You can also contact the team on IRC on irc.freenode.net, #risu
|
data/Rakefile
CHANGED
data/TODO.markdown
ADDED
data/bin/kekkan
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
+
#
|
2
3
|
# Copyright (c) 2012 Arxopia LLC.
|
3
4
|
# All rights reserved.
|
4
|
-
|
5
|
+
#
|
5
6
|
# Redistribution and use in source and binary forms, with or without
|
6
7
|
# modification, are permitted provided that the following conditions are met:
|
7
|
-
|
8
|
+
#
|
8
9
|
# * Redistributions of source code must retain the above copyright
|
9
10
|
# notice, this list of conditions and the following disclaimer.
|
10
11
|
# * Redistributions in binary form must reproduce the above copyright
|
@@ -13,7 +14,7 @@
|
|
13
14
|
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
14
15
|
# may be used to endorse or promote products derived from this software
|
15
16
|
# without specific prior written permission.
|
16
|
-
|
17
|
+
#
|
17
18
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
18
19
|
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
19
20
|
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
@@ -22,8 +23,8 @@
|
|
22
23
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
23
24
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
24
25
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
25
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
26
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
27
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
27
28
|
|
28
29
|
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '/../lib'))
|
29
30
|
|
@@ -33,4 +34,5 @@ $stderr.sync = true
|
|
33
34
|
require 'rubygems'
|
34
35
|
require 'kekkan'
|
35
36
|
|
36
|
-
|
37
|
+
app = Kekkan::CLI::Application.new
|
38
|
+
app.run
|
data/kekkan.gemspec
CHANGED
@@ -33,13 +33,13 @@ require 'kekkan'
|
|
33
33
|
Gem::Specification.new do |s|
|
34
34
|
s.name = "#{Kekkan::APP_NAME}"
|
35
35
|
s.version = Kekkan::VERSION
|
36
|
-
s.homepage = "http://www.
|
36
|
+
s.homepage = "http://www.arxopia.com/projects/kekkan"
|
37
37
|
s.summary = "#{Kekkan::APP_NAME}"
|
38
|
-
s.description = "#{Kekkan::APP_NAME} is
|
38
|
+
s.description = "#{Kekkan::APP_NAME} is an SAX XML parser and database for NVD CVE and CPE XML files."
|
39
39
|
s.license = "BSD"
|
40
40
|
|
41
41
|
s.author = "Jacob Hammack"
|
42
|
-
s.email = "
|
42
|
+
s.email = "kekkan@arxopia.com"
|
43
43
|
|
44
44
|
s.files = Dir['[A-Z]*'] + Dir['lib/**/*'] + ['kekkan.gemspec']
|
45
45
|
s.bindir = "bin"
|
@@ -51,9 +51,6 @@ Gem::Specification.new do |s|
|
|
51
51
|
s.required_rubygems_version = ">= 1.8.24"
|
52
52
|
s.rubyforge_project = "#{Kekkan::APP_NAME}"
|
53
53
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
#s.add_dependency('rails', ['>= 3.0.7'])
|
58
|
-
#s.add_dependency('libxml-ruby', ['>= 1.1.4'])
|
54
|
+
s.add_dependency('rails', ['>= 3.8.7'])
|
55
|
+
s.add_dependency('nokogiri', ['>= 1.5.5'])
|
59
56
|
end
|
data/lib/kekkan.rb
CHANGED
@@ -26,5 +26,24 @@
|
|
26
26
|
|
27
27
|
module Kekkan
|
28
28
|
APP_NAME = "kekkan"
|
29
|
-
VERSION = "0.0.
|
29
|
+
VERSION = "0.0.1"
|
30
|
+
AUTHOR = "Arxopia LLC."
|
31
|
+
EMAIL = "kekkan@arxopia.com"
|
32
|
+
SITE = "http:://www.arxopia.com/projects/kekkan"
|
33
|
+
CONFIG_FILE = "./kekkan.cfg"
|
30
34
|
end
|
35
|
+
|
36
|
+
require 'rails'
|
37
|
+
require 'active_record'
|
38
|
+
require "active_support"
|
39
|
+
require 'optparse'
|
40
|
+
require 'irb'
|
41
|
+
require 'yaml'
|
42
|
+
require 'nokogiri'
|
43
|
+
|
44
|
+
require 'kekkan/base'
|
45
|
+
require 'kekkan/cli'
|
46
|
+
require 'kekkan/models'
|
47
|
+
require 'kekkan/parsers'
|
48
|
+
|
49
|
+
include Kekkan::Models
|
data/lib/kekkan/base.rb
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Kekkan
|
28
|
+
module Base
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,109 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Kekkan
|
28
|
+
module Base
|
29
|
+
|
30
|
+
# Kekkan database Schema
|
31
|
+
class Schema < ActiveRecord::Migration
|
32
|
+
|
33
|
+
# Creates all of the database tables required by the parser
|
34
|
+
#
|
35
|
+
def self.up
|
36
|
+
create_table :entries do |t|
|
37
|
+
t.string :cve
|
38
|
+
t.string :published_datetime
|
39
|
+
t.string :last_modified_datetime
|
40
|
+
t.string :summary
|
41
|
+
t.string :cwe
|
42
|
+
t.string :security_protection
|
43
|
+
end
|
44
|
+
|
45
|
+
#create_table :vulnerable_configurations do |t|
|
46
|
+
#ignoring for now
|
47
|
+
#end
|
48
|
+
|
49
|
+
create_table :vulnerable_software_lists do |t|
|
50
|
+
t.integer :entry_id
|
51
|
+
t.string :product
|
52
|
+
end
|
53
|
+
|
54
|
+
create_table :cvsses do |t|
|
55
|
+
t.integer :entry_id
|
56
|
+
t.string :score
|
57
|
+
t.string :access_vector
|
58
|
+
t.string :access_complexity
|
59
|
+
t.string :authenication
|
60
|
+
t.string :confidentiality_impact
|
61
|
+
t.string :integrity_impact
|
62
|
+
t.string :availability_impact
|
63
|
+
t.string :source
|
64
|
+
t.string :generated_on_datetime
|
65
|
+
end
|
66
|
+
|
67
|
+
create_table :references do |t|
|
68
|
+
t.integer :entry_id
|
69
|
+
t.string :source
|
70
|
+
t.string :ref_type
|
71
|
+
t.string :reference
|
72
|
+
t.string :href
|
73
|
+
t.string :language
|
74
|
+
end
|
75
|
+
|
76
|
+
create_table :assessment_checks do |t|
|
77
|
+
t.integer :entry_id
|
78
|
+
t.string :name
|
79
|
+
t.string :href
|
80
|
+
t.string :system
|
81
|
+
end
|
82
|
+
|
83
|
+
create_table :scanners do |t|
|
84
|
+
t.integer :entry_id
|
85
|
+
t.string :name
|
86
|
+
t.string :href
|
87
|
+
t.string :system
|
88
|
+
end
|
89
|
+
|
90
|
+
create_table :versions do |t|
|
91
|
+
t.string :version
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
# Deletes all of the database tables created
|
96
|
+
#
|
97
|
+
def self.down
|
98
|
+
drop_table :entries
|
99
|
+
#drop_table :vulnerable_configurations
|
100
|
+
drop_table :vulnerable_software_lists
|
101
|
+
drop_table :cvsses
|
102
|
+
drop_table :references
|
103
|
+
drop_table :assessment_checks
|
104
|
+
drop_table :scanners
|
105
|
+
drop_table :versions
|
106
|
+
end
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
data/lib/kekkan/cli.rb
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Kekkan
|
28
|
+
module CLI
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
require 'kekkan/cli/application'
|
33
|
+
require 'kekkan/cli/banner'
|
@@ -0,0 +1,349 @@
|
|
1
|
+
# Copyright (c) 2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Kekkan
|
28
|
+
module CLI
|
29
|
+
|
30
|
+
#
|
31
|
+
class Application
|
32
|
+
include Kekkan::Base
|
33
|
+
attr_accessor :database
|
34
|
+
|
35
|
+
#
|
36
|
+
def initialize
|
37
|
+
@options = {}
|
38
|
+
@database = {}
|
39
|
+
|
40
|
+
@options[:debug] = false
|
41
|
+
end
|
42
|
+
|
43
|
+
#
|
44
|
+
def create_config(file=CONFIG_FILE)
|
45
|
+
File.open(file, 'w+') do |f|
|
46
|
+
f.write("database:\n")
|
47
|
+
f.write(" adapter: \n")
|
48
|
+
f.write(" host: \n")
|
49
|
+
f.write(" port: \n")
|
50
|
+
f.write(" database: \n")
|
51
|
+
f.write(" username: \n")
|
52
|
+
f.write(" password: \n")
|
53
|
+
f.write(" timeout: \n\n")
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
#
|
58
|
+
def load_config(file=CONFIG_FILE, memory_config=false)
|
59
|
+
if File.exists?(file) == true or memory_config == true
|
60
|
+
begin
|
61
|
+
if memory_config
|
62
|
+
yaml = YAML::load(file)
|
63
|
+
else
|
64
|
+
yaml = YAML::load(File.open(file))
|
65
|
+
end
|
66
|
+
|
67
|
+
@database = yaml["database"]
|
68
|
+
|
69
|
+
puts @database.inspect if @options[:debug]
|
70
|
+
|
71
|
+
rescue => e
|
72
|
+
puts "[!] Error loading configuration! - #{e.message}"
|
73
|
+
exit
|
74
|
+
end
|
75
|
+
else
|
76
|
+
puts "[!] Configuration file does not exist!"
|
77
|
+
exit
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
# Initiator for [ActiveRecord] migrations.
|
82
|
+
#
|
83
|
+
# @param direction [Symbol] :up or :down
|
84
|
+
def migrate(direction)
|
85
|
+
begin
|
86
|
+
if @database["adapter"] == nil
|
87
|
+
return false, "[!] Invalid database adapter, please check your configuration file"
|
88
|
+
end
|
89
|
+
|
90
|
+
ActiveRecord::Base.establish_connection(@database)
|
91
|
+
require 'kekkan/base/schema'
|
92
|
+
Schema.migrate(direction)
|
93
|
+
|
94
|
+
if direction == :up
|
95
|
+
puts "[*] Creating tables"
|
96
|
+
ver = Version.create
|
97
|
+
ver.version = Kekkan::VERSION
|
98
|
+
ver.save
|
99
|
+
end
|
100
|
+
|
101
|
+
puts "[*] Dropping tables" if direction == :down
|
102
|
+
|
103
|
+
#@todo temp hack, fix this by checking the schema on :up or :down for exiting data
|
104
|
+
rescue SQLite3::SQLException => sqlitex
|
105
|
+
puts "#{sqlitex.message}\n #{sqlitex.backtrace}" if @options[:debug]
|
106
|
+
continue
|
107
|
+
rescue ActiveRecord::AdapterNotSpecified => ans
|
108
|
+
puts "[!] Database adapter not found, please check your configuration file"
|
109
|
+
puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
|
110
|
+
exit
|
111
|
+
rescue ActiveRecord::AdapterNotFound => anf
|
112
|
+
puts "[!] Database adapter not found, please check your configuration file"
|
113
|
+
puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
|
114
|
+
exit
|
115
|
+
rescue => e
|
116
|
+
puts "[!] Exception! #{e.message}\n#{e.backtrace}"
|
117
|
+
exit
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
#
|
122
|
+
def db_connect
|
123
|
+
begin
|
124
|
+
if @database["adapter"] == nil
|
125
|
+
puts "[!] #{@database['adapter']}" if @options[:debug]
|
126
|
+
|
127
|
+
return false, "[!] Invalid database adapter, please check your configuration file"
|
128
|
+
end
|
129
|
+
|
130
|
+
ActiveRecord::Base.establish_connection(@database)
|
131
|
+
connection = ActiveRecord::Base.connection
|
132
|
+
|
133
|
+
if @database["adapter"] =~ /sqlite/
|
134
|
+
connection.execute("PRAGMA default_synchronous=OFF;")
|
135
|
+
connection.execute("PRAGMA synchronous=OFF;")
|
136
|
+
connection.execute("PRAGMA journal_mode=OFF;")
|
137
|
+
end
|
138
|
+
|
139
|
+
connection
|
140
|
+
rescue ActiveRecord::AdapterNotSpecified => ans
|
141
|
+
puts "[!] Database adapter not found, please check your configuration file"
|
142
|
+
puts "#{ans.message}\n #{ans.backtrace}" if @options[:debug]
|
143
|
+
exit
|
144
|
+
rescue ActiveRecord::AdapterNotFound => anf
|
145
|
+
puts "[!] Database adapter not found, please check your configuration file"
|
146
|
+
puts "#{anf.message}\n #{anf.backtrace}" if @options[:debug]
|
147
|
+
exit
|
148
|
+
rescue => e
|
149
|
+
puts "[!] Exception! #{e.message}\n #{e.backtrace}"
|
150
|
+
end
|
151
|
+
end
|
152
|
+
|
153
|
+
#
|
154
|
+
def test_connection?
|
155
|
+
begin
|
156
|
+
|
157
|
+
db_connect
|
158
|
+
|
159
|
+
if ActiveRecord::Base.connected? == true
|
160
|
+
return true, "[*] Connection Test Successful"
|
161
|
+
else
|
162
|
+
return false, "[!] Connection Test Failed"
|
163
|
+
end
|
164
|
+
rescue => e
|
165
|
+
puts "[!] Exception! #{e.message}\n #{e.backtrace}"
|
166
|
+
end
|
167
|
+
end
|
168
|
+
|
169
|
+
# Starts a console and executes anything in a block sent to it
|
170
|
+
#
|
171
|
+
# @param block Code block to transfer control
|
172
|
+
def consolize &block
|
173
|
+
|
174
|
+
yield
|
175
|
+
|
176
|
+
IRB.setup(nil)
|
177
|
+
IRB.conf[:USE_READLINE] = true
|
178
|
+
IRB.conf[:PROMPT_MODE] = :SIMPLE
|
179
|
+
|
180
|
+
irb = IRB::Irb.new
|
181
|
+
IRB.conf[:MAIN_CONTEXT] = irb.context
|
182
|
+
|
183
|
+
irb.context.evaluate("require 'irb/completion'", 0)
|
184
|
+
|
185
|
+
trap("SIGINT") do
|
186
|
+
irb.signal_handle
|
187
|
+
end
|
188
|
+
catch(:IRB_EXIT) do
|
189
|
+
irb.eval_input
|
190
|
+
end
|
191
|
+
end
|
192
|
+
|
193
|
+
#
|
194
|
+
def parse_options
|
195
|
+
begin
|
196
|
+
opts = OptionParser.new do |opt|
|
197
|
+
opt.banner = "#{APP_NAME} v#{VERSION}\nJacob Hammack\n#{SITE}\n\n"
|
198
|
+
opt.banner << "Usage: #{APP_NAME} [options] [files_to_parse]"
|
199
|
+
|
200
|
+
opt.separator('')
|
201
|
+
opt.separator('Configuration Options')
|
202
|
+
|
203
|
+
opt.on('--config-file FILE', "Loads configuration settings for the specified file. By default #{APP_NAME} loads #{CONFIG_FILE}") do |option|
|
204
|
+
if File.exists?(option) == true
|
205
|
+
@options[:config_file] = option
|
206
|
+
else
|
207
|
+
puts "[!] Specified config file does not exist. Please specify a file that exists."
|
208
|
+
exit
|
209
|
+
end
|
210
|
+
end
|
211
|
+
|
212
|
+
opt.on('--create-config-file [FILE]',"Creates a configuration file in the current directory with the specified name, Default is #{CONFIG_FILE}") do |option|
|
213
|
+
if option == nil
|
214
|
+
option = CONFIG_FILE
|
215
|
+
end
|
216
|
+
|
217
|
+
if File.exists?(option) == true
|
218
|
+
puts "[!] Configuration file already exists; If you wish to over-write this file please delete it."
|
219
|
+
else
|
220
|
+
if option == nil
|
221
|
+
create_config
|
222
|
+
else
|
223
|
+
create_config option
|
224
|
+
end
|
225
|
+
|
226
|
+
exit
|
227
|
+
end
|
228
|
+
end
|
229
|
+
|
230
|
+
opt.separator('')
|
231
|
+
opt.separator('Database Options')
|
232
|
+
|
233
|
+
opt.on('--test-connection','Tests the database connection settings') do |option|
|
234
|
+
@options[:test_connection] = option
|
235
|
+
end
|
236
|
+
|
237
|
+
opt.on('--create-tables',"Creates the tables required for #{APP_NAME}") do |option|
|
238
|
+
@options[:create_tables] = option
|
239
|
+
end
|
240
|
+
|
241
|
+
opt.on('--drop-tables', "Deletes the tables and data from #{APP_NAME}") do |option|
|
242
|
+
@options[:drop_tables] = option
|
243
|
+
end
|
244
|
+
|
245
|
+
opt.separator ''
|
246
|
+
opt.separator 'Other Options'
|
247
|
+
|
248
|
+
opt.on_tail('-v', '--version', "Shows application version information") do
|
249
|
+
puts "#{APP_NAME}: #{VERSION}\nRuby Version: #{RUBY_VERSION}\nRubygems Version: #{Gem::VERSION}"
|
250
|
+
exit
|
251
|
+
end
|
252
|
+
|
253
|
+
opt.on('-d','--debug','Enable Debug Mode (More verbose output)') do |option|
|
254
|
+
@options[:debug] = true
|
255
|
+
end
|
256
|
+
|
257
|
+
opt.on('--console', 'Starts an ActiveRecord console into the configured database') do |option|
|
258
|
+
@options[:console] = option
|
259
|
+
end
|
260
|
+
|
261
|
+
opt.on_tail("-?", "--help", "Show this message") do
|
262
|
+
puts opt.to_s + "\n"
|
263
|
+
exit
|
264
|
+
end
|
265
|
+
end
|
266
|
+
|
267
|
+
if ARGV.length != 0
|
268
|
+
opts.parse!
|
269
|
+
else
|
270
|
+
puts opts.to_s + "\n"
|
271
|
+
exit
|
272
|
+
end
|
273
|
+
rescue OptionParser::MissingArgument => m
|
274
|
+
puts opts.to_s + "\n"
|
275
|
+
exit
|
276
|
+
rescue OptionParser::InvalidOption => i
|
277
|
+
puts opts.to_s + "\n"
|
278
|
+
exit
|
279
|
+
end
|
280
|
+
end
|
281
|
+
|
282
|
+
#
|
283
|
+
def parse_file file
|
284
|
+
begin
|
285
|
+
parser = Nokogiri::XML::SAX::Parser.new(Kekkan::Parsers::Cve2Document.new)
|
286
|
+
|
287
|
+
parser.parse(File.open(file))
|
288
|
+
|
289
|
+
rescue => e
|
290
|
+
raise e
|
291
|
+
end
|
292
|
+
end
|
293
|
+
|
294
|
+
#
|
295
|
+
def run
|
296
|
+
parse_options
|
297
|
+
|
298
|
+
if @options[:debug]
|
299
|
+
puts "[*] Enabling Debug Mode"
|
300
|
+
end
|
301
|
+
|
302
|
+
if @options[:config_file] != nil
|
303
|
+
load_config @options[:config_file]
|
304
|
+
else
|
305
|
+
load_config
|
306
|
+
end
|
307
|
+
|
308
|
+
db_connect
|
309
|
+
|
310
|
+
if @options[:console] != nil
|
311
|
+
consolize do
|
312
|
+
puts Kekkan::CLI::Banner
|
313
|
+
puts "#{APP_NAME} Console v#{VERSION}"
|
314
|
+
end
|
315
|
+
exit
|
316
|
+
end
|
317
|
+
|
318
|
+
if @options[:test_connection] != nil
|
319
|
+
result = test_connection?
|
320
|
+
|
321
|
+
puts "#{result[1]}"
|
322
|
+
exit
|
323
|
+
end
|
324
|
+
|
325
|
+
if @options[:create_tables] != nil
|
326
|
+
migrate(:up)
|
327
|
+
exit
|
328
|
+
end
|
329
|
+
|
330
|
+
if @options[:drop_tables] != nil
|
331
|
+
migrate(:down)
|
332
|
+
exit
|
333
|
+
end
|
334
|
+
|
335
|
+
ARGV.each do |file|
|
336
|
+
begin
|
337
|
+
parse_file file
|
338
|
+
|
339
|
+
rescue => e
|
340
|
+
puts e.inspect
|
341
|
+
puts "[!] #{e.message}\n #{e.backtrace.join("\n")}\n"
|
342
|
+
puts "[!] Error: #{file}"
|
343
|
+
next
|
344
|
+
end
|
345
|
+
end
|
346
|
+
end
|
347
|
+
end
|
348
|
+
end
|
349
|
+
end
|