search

vulsio / go-exploitdb

Tool for searching Exploits from Exploit Databases, etc.
MIT License
249 stars 56 forks source link

fix(exploit): collect 305 new exploits that assigned CVE-ID #41

Closed kotakanbe closed 3 years ago

kotakanbe commented 3 years ago

Added support for unexpected formatting of NVD XML.

<Reference>
            <URL>https://www.exploit-db.com/exploits/49410</URL>
            <Description>MISC:https://www.exploit-db.com/exploits/49410</Description>
</Reference>

Vuls can now collect 305 new exploits that assigned CVE-ID.

Before

sqlite> select count(cve_id) from exploits where cve_id != "";
12236
sqlite> select count(distinct(cve_id)) from exploits where cve_id != "";
11544
sqlite> .mode csv
sqlite> .output /tmp/exploit-before.csv
sqlite> select cve_id from exploits where cve_id != "" order by cve_id;
sqlite> .output /tmp/exploit-before-uniq.csv
sqlite> select distinct(cve_id) from exploits where cve_id != "" order by cve_id;

After

sqlite>  select count(cve_id) from exploits where cve_id != "";
12551
sqlite> select count(distinct(cve_id)) from exploits where cve_id != "";
11849
sqlite> .mode csv
sqlite> .output /tmp/exploit-after.csv
sqlite> select cve_id from exploits where cve_id != "" order by cve_id;
sqlite> .output /tmp/exploit-after-uniq.csv
sqlite> select distinct(cve_id) from exploits where cve_id != "" order by cve_id;

Diff

 ubuntu@dev  │tmp  git diff exploit-before-uniq.csv exploit-after-uniq.csv | grep +CVE | wc -l
305