From 060a55754aabc06af56c9b63c9dbcfb52307ed7f Mon Sep 17 00:00:00 2001 From: jasper Date: Tue, 12 Nov 2019 20:08:35 +0000 Subject: [PATCH] update to wesng-0.98 --- security/wesng/Makefile | 7 ++- security/wesng/distinfo | 4 +- security/wesng/patches/patch-wes_py | 76 ++--------------------------- security/wesng/pkg/PLIST | 17 +++---- 4 files changed, 16 insertions(+), 88 deletions(-) diff --git a/security/wesng/Makefile b/security/wesng/Makefile index 0764dc7fcab..6a8b047e3ca 100644 --- a/security/wesng/Makefile +++ b/security/wesng/Makefile @@ -1,13 +1,12 @@ -# $OpenBSD: Makefile,v 1.5 2019/07/12 20:49:38 sthen Exp $ +# $OpenBSD: Makefile,v 1.6 2019/11/12 20:08:35 jasper Exp $ COMMENT = Windows Exploit Suggester - Next Generation -MODPY_EGG_VERSION = 0.95 -GH_COMMIT = 444cb9c1549503db9c0740951c417c832696a8a8 +MODPY_EGG_VERSION = 0.98 +GH_COMMIT = 07ac559c1f63c0db0324a54713e078d5f26afd57 GH_PROJECT = wesng GH_ACCOUNT = bitsadmin DISTNAME = wesng-${MODPY_EGG_VERSION} -REVISION = 1 CATEGORIES = security diff --git a/security/wesng/distinfo b/security/wesng/distinfo index 37128f5ae73..0d4f827c261 100644 --- a/security/wesng/distinfo +++ b/security/wesng/distinfo @@ -1,2 +1,2 @@ -SHA256 (wesng-0.95-444cb9c1.tar.gz) = qGj8ClYGVArAOFn3rg/3sJ3L/ZZomZ/i3WgjFtLi8xQ= -SIZE (wesng-0.95-444cb9c1.tar.gz) = 2301183 +SHA256 (wesng-0.98-07ac559c.tar.gz) = a5WjjfMVdrHYliUi8JcPmqqE4PAnAvDeE/RiYZiLvcU= +SIZE (wesng-0.98-07ac559c.tar.gz) = 1672088 diff --git a/security/wesng/patches/patch-wes_py b/security/wesng/patches/patch-wes_py index 78c5e68545f..65d35624b8a 100644 --- a/security/wesng/patches/patch-wes_py +++ b/security/wesng/patches/patch-wes_py @@ -1,24 +1,11 @@ -$OpenBSD: patch-wes_py,v 1.3 2019/04/15 17:04:36 jasper Exp $ +$OpenBSD: patch-wes_py,v 1.4 2019/11/12 20:08:35 jasper Exp $ -- https://github.com/bitsadmin/wesng/pull/25 - The definitions database lives in ${PREFIX}/share/wesng/ Index: wes.py --- wes.py.orig +++ wes.py -@@ -190,9 +190,9 @@ def main(): - - # If specified, hide results containing the user-specified string - # in the AffectedComponent and AffectedProduct attributes -- if args.hiddenvuln or args.only_exploits: -+ if args.hiddenvuln or args.only_exploits or args.impacts: - print('[+] Applying display filters') -- filtered = apply_display_filters(found, args.hiddenvuln, args.only_exploits) -+ filtered = apply_display_filters(found, args.hiddenvuln, args.only_exploits, args.impacts) - else: - filtered = found - -@@ -219,7 +219,7 @@ def main(): +@@ -232,7 +232,7 @@ def main(): # Load definitions.zip containing a CSV with vulnerabilities collected by the WES collector module # and a file determining the minimum wes.py version the definitions are compatible with. def load_definitions(definitions): @@ -27,45 +14,7 @@ Index: wes.py files = definitionszip.namelist() # Version_X.XX.txt -@@ -253,10 +253,13 @@ def load_definitions(definitions): - return merged, cvesdate - - --# Hide results containing the user specified string(s) in the AffectedComponent or AffectedProduct attributes --def apply_display_filters(found, hiddenvulns, only_exploits): -+# Hide results based on filter(s) specified by the user. This can either be to only display results with -+# public exploits, results with a given impact or results containing the user specified string(s) in -+# the AffectedComponent or AffectedProduct attributes. -+def apply_display_filters(found, hiddenvulns, only_exploits, impacts): - # --hide 'Product 1' 'Product 2' - hiddenvulns = list(map(lambda s: s.lower(), hiddenvulns)) -+ impacts = list(map(lambda s: s.lower(), impacts)) - filtered = [] - for cve in found: - add = True -@@ -264,6 +267,12 @@ def apply_display_filters(found, hiddenvulns, only_exp - if hidden in cve['AffectedComponent'].lower() or hidden in cve['AffectedProduct'].lower(): - add = False - break -+ -+ for impact in impacts: -+ if not impact in cve['Impact'].lower(): -+ add = False -+ break -+ - if add: - filtered.append(cve) - -@@ -564,7 +573,7 @@ def print_summary(kbs, sp): - for line in grouped.most_common(): - kb = line[0] - number = line[1] -- print(' - KB%s: patches %s %s' % (kb, number, 'vulnerabilty' if number == 1 else 'vulnerabilities')) -+ print(' - KB%s: patches %s %s' % (kb, number, 'vulnerability' if number == 1 else 'vulnerabilities')) - - # Show in case a service pack is missing - if sp: -@@ -638,7 +647,7 @@ def check_file_exists(value): +@@ -684,7 +684,7 @@ def check_file_exists(value): # Validate file existence for definitions file def check_definitions_exists(value): @@ -74,22 +23,3 @@ Index: wes.py raise argparse.ArgumentTypeError('Definitions file \'%s\' does not exist. Try running %s --update first.' % (value, FILENAME)) return value -@@ -676,6 +685,10 @@ def parse_arguments(): - {0} systeminfo.txt --exploits-only --hide "Internet Explorer" Edge Flash - {0} systeminfo.txt -e --hide "Internet Explorer" Edge Flash - -+ Only show vulnerabilities of a certain impact (case insensitive match) -+ {0} systeminfo.txt --impact elevation -+ {0} systeminfo.txt -i elevation -+ - Download latest version of WES-NG - {0} --update-wes - '''.format(FILENAME) -@@ -723,6 +736,7 @@ def parse_arguments(): - parser.add_argument('-d', '--usekbdate', dest='usekbdate', action='store_true', help='Filter out vulnerabilities of KBs published before the publishing date of the most recent KB installed') - parser.add_argument('-e', '--exploits-only', dest='only_exploits', action='store_true', help='Show only vulnerabilities with known exploits') - parser.add_argument('--hide', dest='hiddenvuln', nargs='+', default='', help='Hide vulnerabilities of for example Adobe Flash Player and Microsoft Edge') -+ parser.add_argument('-i', '--impact', dest='impacts', nargs='+', default='', help='Only display vulnerabilities with a given impact') - parser.add_argument('-o', '--output', action='store', dest='outputfile', nargs='?', help='Store results in a file') - parser.add_argument('-h', '--help', action='help', help='Show this help message and exit') - diff --git a/security/wesng/pkg/PLIST b/security/wesng/pkg/PLIST index e075d8d3d4d..70c9c69a7da 100644 --- a/security/wesng/pkg/PLIST +++ b/security/wesng/pkg/PLIST @@ -1,14 +1,13 @@ -@comment $OpenBSD: PLIST,v 1.1.1.1 2019/03/31 00:45:19 jasper Exp $ +@comment $OpenBSD: PLIST,v 1.2 2019/11/12 20:08:35 jasper Exp $ bin/wes lib/python${MODPY_VERSION}/site-packages/${MODPY_PYCACHE}wes.${MODPY_PYC_MAGIC_TAG}pyc lib/python${MODPY_VERSION}/site-packages/wes.py -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/ -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/PKG-INFO -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/SOURCES.txt -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/dependency_links.txt -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/entry_points.txt -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/requires.txt -lib/python${MODPY_VERSION}/site-packages/wesng-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info/top_level.txt +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/ +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/PKG-INFO +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/SOURCES.txt +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/dependency_links.txt +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/entry_points.txt +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/requires.txt +lib/python${MODPY_VERSION}/site-packages/wesng-0.95-py${MODPY_VERSION}.egg-info/top_level.txt share/wesng/ -share/wesng/CVEs.zip share/wesng/definitions.zip