├── .gitignore
├── 20Rank.py
├── LICENSE
├── README.md
├── good.py
├── rank.py
└── wooyun.db
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | env/
12 | build/
13 | develop-eggs/
14 | dist/
15 | downloads/
16 | eggs/
17 | .eggs/
18 | lib/
19 | lib64/
20 | parts/
21 | sdist/
22 | var/
23 | *.egg-info/
24 | .installed.cfg
25 | *.egg
26 |
27 | # PyInstaller
28 | # Usually these files are written by a python script from a template
29 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
30 | *.manifest
31 | *.spec
32 |
33 | # Installer logs
34 | pip-log.txt
35 | pip-delete-this-directory.txt
36 |
37 | # Unit test / coverage reports
38 | htmlcov/
39 | .tox/
40 | .coverage
41 | .coverage.*
42 | .cache
43 | nosetests.xml
44 | coverage.xml
45 | *,cover
46 | .hypothesis/
47 |
48 | # Translations
49 | *.mo
50 | *.pot
51 |
52 | # Django stuff:
53 | *.log
54 |
55 | # Sphinx documentation
56 | docs/_build/
57 |
58 | # PyBuilder
59 | target/
60 |
61 | #Ipython Notebook
62 | .ipynb_checkpoints
63 |
--------------------------------------------------------------------------------
/20Rank.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # coding=utf-8
3 | # code by 92ez.com
4 |
5 | import sqlite3
6 | import sys
7 |
8 | def get20Rank():
9 | try:
10 | cx = sqlite3.connect(sys.path[0]+"/wooyun.db")
11 | cu = cx.cursor()
12 | cu.execute("select * from record where rank = 20 order by publishtime desc")
13 | for row in cu.fetchall():
14 | print '-'*60
15 | print 'url: '+row[1]
16 | print 'title: '+row[2]
17 | print 'company: '+row[3]
18 | print 'status: '+row[4]
19 | print 'author: '+row[5]
20 | print 'type: '+row[6]
21 | print 'rank: '+row[7]
22 | print 'commit: '+row[8]
23 | print 'publish: '+row[9]
24 |
25 | cu.close()
26 | cx.close()
27 | except Exception, e:
28 | print e
29 |
30 | if __name__ == '__main__':
31 | get20Rank()
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | The MIT License (MIT)
2 |
3 | Copyright (c) 2016 一只猿
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ## 脚本
2 | 采集乌云已确认漏洞和已公开漏洞的状态、厂商、Rank等数据用于分析哪些是良心厂商
3 | ## 使用
4 | python rank.py 100
5 | ## 说明
6 | 纪念永远的乌云
--------------------------------------------------------------------------------
/good.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # coding=utf-8
3 | # code by 92ez.com
4 |
5 | import sqlite3
6 | import sys
7 |
8 | def get20Rank():
9 | try:
10 | cx = sqlite3.connect(sys.path[0]+"/wooyun.db")
11 | cu = cx.cursor()
12 | cu.execute("select count(company) as number,company from record where rank = 20 group by company order by number desc")
13 |
14 | for row in cu.fetchall():
15 | print 'company: '+row[1]+' ----> 20Rank count: '+str(row[0])
16 |
17 | cu.close()
18 | cx.close()
19 | except Exception, e:
20 | print e
21 |
22 | if __name__ == '__main__':
23 | get20Rank()
--------------------------------------------------------------------------------
/rank.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # coding=utf-8
3 | # code by 92ez.com
4 |
5 | import threading
6 | import subprocess
7 | import requests
8 | import sqlite3
9 | import Queue
10 | import sys
11 | import re
12 |
13 | reload(sys)
14 | sys.setdefaultencoding('utf8')
15 |
16 |
17 | #
18 | def bThread(urllist):
19 | threadl = []
20 | queue = Queue.Queue()
21 | for aimlink in urllist:
22 | queue.put(aimlink)
23 |
24 | for x in xrange(0, 10):
25 | threadl.append(tThread(queue))
26 |
27 | for t in threadl:
28 | t.start()
29 | for t in threadl:
30 | t.join()
31 |
32 | # create thread
33 |
34 |
35 | class tThread(threading.Thread):
36 | def __init__(self, queue):
37 | threading.Thread.__init__(self)
38 | self.queue = queue
39 |
40 | def run(self):
41 |
42 | while not self.queue.empty():
43 | aimlink = self.queue.get()
44 | try:
45 | getVulInfo(aimlink)
46 | except:
47 | continue
48 |
49 |
50 | def getVulInfo(url):
51 | header = {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"}
52 | try:
53 | req = requests.get(url=url, headers=header, timeout=10)
54 | result = req.content.replace('\r\n', '')
55 |
56 | title = re.findall(r"漏洞标题:(.+?)<", result)[0]
57 | title = ''.join(title.split())
58 | title = unicode(title)
59 |
60 | status = re.findall(r"漏洞状态:(.+?)<", result)[0]
61 | status = ''.join(status.split())
62 | status = unicode(status)
63 |
64 | if '忽略' in status:
65 | rank = '0'
66 | else:
67 | rank = re.findall(r"漏洞Rank:(.+?)<", result)[0]
68 | rank = ''.join(rank.split())
69 |
70 | vultype = re.findall(r"漏洞类型:(.+?)<", result)[0]
71 | vultype = ''.join(vultype.split())
72 | vultype = unicode(vultype)
73 |
74 | sumittime = re.findall(r"提交时间:(.+?)<", result)[0]
75 | sumittime = sumittime.replace('\t', '')
76 |
77 | publishtime = re.findall(r"公开时间:(.+?)<", result)[0]
78 | publishtime = publishtime.replace('\t', '')
79 |
80 | author = re.findall(r"漏洞作者:(.+?)", result)[0]
81 | author = re.findall(r'>(.+?)<', author)[0]
82 | author = ''.join(author.split())
83 | author = unicode(author)
84 |
85 | company = re.findall(r"相关厂商:(.+?)", result)[0]
86 | company = re.findall(r'>(.+?)<', company)[0]
87 | company = ''.join(company.split())
88 | company = unicode(company)
89 |
90 | try:
91 | cx = sqlite3.connect(sys.path[0] + "/wooyun.db")
92 | cu = cx.cursor()
93 | cu.execute("select * from record where url = '" + url + "'")
94 | if not cu.fetchone():
95 | cu.execute(
96 | "INSERT INTO record (title,url,company,status,author,vultype,rank,sumittime,publishtime) VALUES (?,?,?,?,?,?,?,?,?)",
97 | (title, url, company, status, author, vultype, rank, sumittime, publishtime))
98 | cx.commit()
99 | print '[+] Insert ' + url + ' into database successly.'
100 | else:
101 | print '[-] Found ' + url + ' in database, skipped.'
102 | cu.close()
103 | cx.close()
104 | except Exception, e:
105 | print e
106 | except Exception, e:
107 | print e
108 | pass
109 |
110 |
111 | def getPageCount(url):
112 | url = url + '1'
113 | header = {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"}
114 | wooyunUrlList = []
115 | try:
116 | req = requests.get(url=url, headers=header, timeout=5)
117 | htmlcode = req.content.replace('\r\n', '')
118 |
119 | pageCount = int(re.findall(r'录, (.+?) 页', htmlcode)[0])
120 | return pageCount
121 |
122 | except Exception, e:
123 | sys.exit('[e] Error, exception is %s' % e)
124 |
125 |
126 | def getUrllist(sp, pc, url):
127 | pageUrl = []
128 | wooyunUrlList = []
129 |
130 | for p in range(sp, pc + 1):
131 | pageUrl.append(url + str(p))
132 |
133 | for g in pageUrl:
134 | url = g
135 | header = {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"}
136 | try:
137 | req = requests.get(url=url, headers=header, timeout=5)
138 | htmlcode = req.content.replace('\r\n', '')
139 |
140 | trs = re.findall(r'(.+?)
', htmlcode)
141 |
142 | for tr in trs:
143 | if '漏洞标题' not in tr:
144 | tds = re.findall(r'(.+?) | ', tr)
145 | thisUrl = "http://www.wooyun.org/bugs/" + re.findall(r'bugs/(.+?)">', tds[0])[0]
146 | wooyunUrlList.append(thisUrl)
147 |
148 | print url + ' checked.'
149 | except Exception, e:
150 | sys.exit('[e] Error, exception is %s' % e)
151 |
152 | return wooyunUrlList
153 |
154 |
155 | if __name__ == '__main__':
156 | print '[*] Start...'
157 | url_public = 'http://wooyun.org/bugs/new_public/page/'
158 | url_confirm = 'http://wooyun.org/bugs/new_confirm/page/'
159 |
160 | # get public page count
161 | public_Count = getPageCount(url_public)
162 | print '[*] Public page count is ' + str(public_Count)
163 | # get confirm page count
164 | confirm_Count = getPageCount(url_confirm)
165 | print '[*] Confirm page count is ' + str(confirm_Count)
166 | # get confirm url list
167 | confirm_urllist = getUrllist(1, confirm_Count, url_confirm)
168 | print '[*] Confirm vul count is ' + str(len(confirm_urllist))
169 | # get public url list
170 | public_urllist = getUrllist(1, public_Count, url_public)
171 | print '[*] Public vul count is ' + str(len(public_urllist))
172 |
173 | ifstart = raw_input(
174 | '[*] Public and confirm is ' + str(len(public_urllist) + len(confirm_urllist)) + '! Start now?(y/n):')
175 | if ifstart == 'y':
176 | bThread(checkList)
177 | else:
178 | sys.exit('[-] Exit!')
--------------------------------------------------------------------------------
/wooyun.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kbdancer/wooyun_rank/c32c347b67d60052bcec3b7b5dc0288fd7d4b4c4/wooyun.db
--------------------------------------------------------------------------------