vulnerablecode
vulnerablecode copied to clipboard
nexB
Collect exploits from exploitdb
Collect exploits from exploitdb https://github.com/offensive-security/exploitdb and https://gitlab.com/exploit-database/exploitdb/-/blob/main/files_exploits.csv
See discussion document at https://docs.google.com/document/d/1XtMmxthmANhr-IqXsyMgFnrOq5fTGfsE/edit?usp=sharing&ouid=117241222429542576816&rtpof=true&sd=true See work-in-progress normalized model spreadsheet at https://docs.google.com/spreadsheets/d/1J2t2T_s015pnAouy5ss-AA0SI4e2xjT4uICjlL_Aa38/edit?usp=sharing
Collect exploits from exploitdb https://github.com/offensive-security/exploitdb and https://gitlab.com/exploit-database/exploitdb/-/blob/main/files_exploits.csv
@pombredanne Could you elaborate on the specific data we're aiming to store in VulnerableCode, particularly the information extracted from this file?
@pombredanne @ziadhany I do not understand the value of collecting exploits from exploitdb in the context of VulnerableCode. I don't see any PURLs or other identifiers in that database (perhaps I am missing something) that can relate or connect those bits of information to objects in Vulnerablecode. We need some kind of explanation here to clarify the strategy.
@DennisClark
I do not understand the value of collecting exploits from exploitdb in the context of VulnerableCode.
Exploit-DB is a well-known online public database and platform that offers detailed information about security vulnerabilities exploits, and associated proof-of-concept (PoC) code. It's widely used by penetration testers.
In the context of VulnerableCode, I tried to store the PoC as a reference. I believe this is an Improver, as it allows us to gather more detailed information (exploit URL, PoC source URL, ... ) about the vulnerabilities we have.
I don't see any PURLs or other identifiers in that database (perhaps I am missing something) that can relate or connect those bits of information to objects in Vulnerablecode.
Yes, Exploit-DB doesn’t provide any PURLs, but it does include an alias like CVE-xxxx-xxxx ( codes column). We can iterate over these aliases and update the reference list by appending the exploit URL, PoC source URL, and other relevant links.
Here's a sample of the CSV file:
| id | file | description | date_published | author | type | platform | port | date_added | date_updated | verified | codes | tags | aliases | screenshot_url | application_url | source_url |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 16929 | exploits/aix/dos/16929.rb | AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow (Metasploit) | 2010-11-11 | Metasploit | dos | aix | 2010-11-11 | 2011-03-06 | 1 | CVE-2009-3699;OSVDB-58726 | Metasploit Framework (MSF) | http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc | ||||
| 19046 | exploits/aix/dos/19046.txt | AppleShare IP Mail Server 5.0.3 - Buffer Overflow | 1999-10-15 | Chris Wedgwood | dos | aix | 1999-10-15 | 2014-01-02 | 1 | CVE-1999-1015;OSVDB-5970 | https://www.securityfocus.com/bid/61/info |
and I was wondering if we could treat the file as a reference, allowing us to create a reference link from a file exploits/aix/dos/16929.rb, similar to the source_url if one doesn't exist. For example, a link like this: 'https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/aix/dos/16929.rb'.
We need some kind of explanation here to clarify the strategy.
I hope this explanation clarifies what I was aiming to do. I apologize for any misunderstanding or confusion. I think it would be helpful to discuss further what we want to achieve with the exploits.