-
Notifications
You must be signed in to change notification settings - Fork 8
/
vulnfinder.sh
49 lines (40 loc) · 1.24 KB
/
vulnfinder.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/usr/bin/env bash
# Two parameters:
# $1 : full path to local Anaconda environment being examined,
# e.g. /Applications/anaconda/anaconda/envs/py27
# or for Windows, say C:/Users/johnsmith/Anaconda2/py27
# Note the Unix-y path separators -- since this needs to be run (in Windows) under Cygwin
# $2 : location of vulnerabilities JSON file (from NVD)
export SP=`find $1 -name site-packages`
if uname -a | egrep -s CYGWIN
then
export LIBSUFFIX=dll
else
export LIBSUFFIX=so
fi
export TDIR=`python ./mktempfile.py`
# Find top-level modules
# Query: include sub-module names too?
find $SP -name "__init__.py" \
| sed -e "s|$SP||" \
| cut -f 2 -d '/' \
| cut -f 1 -d '-' \
| sort \
| uniq \
> $TDIR/modules.txt
# Find libraries
find $1 -name "*\.$LIBSUFFIX" \
| grep -o "/[^/]*\.$LIBSUFFIX" \
| sed -e "s'/''g" \
| sed -e "s/\.$LIBSUFFIX$//g" \
>$TDIR/libraries.txt
# Find packages
conda list -p $1 \
| tr -s ' ' \
| cut -f 1 -d ' ' \
| grep -v '#' \
> $TDIR/packages.txt
python vulndigester.py -d -i ignore-words.txt --env $1 $2 $TDIR/packages.txt $TDIR/libraries.txt $TDIR/modules.txt
# vulndigester.py has a number of options
# python vulndigester.py -h will explain them, a bit tersely
rm -rf $TDIR