simplify radically by removing fancy output, gettext and debug output
Hanno Böck commited on 2019-12-08 17:44:09
Zeige 1 geänderte Dateien mit 0 Einfügungen und 35 Löschungen.
- freewvs ad1b753..340bed7
| ... | ... |
@@ -27,16 +27,11 @@ import configparser |
| 27 | 27 |
|
| 28 | 28 |
import os |
| 29 | 29 |
import glob |
| 30 |
-import pprint |
|
| 31 | 30 |
import re |
| 32 | 31 |
import optparse |
| 33 | 32 |
import sys |
| 34 |
-import gettext |
|
| 35 | 33 |
from xml.sax.saxutils import escape |
| 36 | 34 |
|
| 37 |
-gettext.textdomain('freewvs')
|
|
| 38 |
-_ = gettext.gettext |
|
| 39 |
- |
|
| 40 | 35 |
|
| 41 | 36 |
def versioncompare(safe_version, find_version): |
| 42 | 37 |
if safe_version == [""]: |
| ... | ... |
@@ -55,23 +50,6 @@ def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, |
| 55 | 50 |
if not style: |
| 56 | 51 |
print("%(appname)s %(version)s (%(safeversion)s) %(vuln)s "
|
| 57 | 52 |
"%(appdir)s" % vars()) |
| 58 |
- elif style == 'fancy': |
|
| 59 |
- print(_("Directory: %(appdir)s") % vars())
|
|
| 60 |
- if safeversion != "ok": |
|
| 61 |
- if safeversion != "": |
|
| 62 |
- print(_("Vulnerable %(appname)s %(version)s found, please "
|
|
| 63 |
- "update to %(safeversion)s or above.") % vars()) |
|
| 64 |
- else: |
|
| 65 |
- print(_("Vulnerable %(appname)s %(version)s found, no fixed "
|
|
| 66 |
- "version available.") % vars()) |
|
| 67 |
- if vuln[:3] == "CVE": |
|
| 68 |
- print(_("https://cve.mitre.org/cgi-bin/cvename.cgi?name="
|
|
| 69 |
- "%(vuln)s") % vars()) |
|
| 70 |
- else: |
|
| 71 |
- print(vuln) |
|
| 72 |
- else: |
|
| 73 |
- print(_("%(appname)s %(version)s found.") % vars())
|
|
| 74 |
- print("")
|
|
| 75 | 53 |
elif style == 'xml': |
| 76 | 54 |
state = 'vulnerable' |
| 77 | 55 |
if safeversion == 'ok': |
| ... | ... |
@@ -86,18 +64,11 @@ def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, |
| 86 | 64 |
print(' </app>')
|
| 87 | 65 |
|
| 88 | 66 |
|
| 89 |
-pp = pprint.PrettyPrinter(indent=4) |
|
| 90 |
- |
|
| 91 | 67 |
# Command-line options |
| 92 | 68 |
parser = optparse.OptionParser(usage="usage: %prog [options] <path>" |
| 93 | 69 |
"[<path2> ...]") |
| 94 | 70 |
parser.add_option("-a", "--all", action="store_true", dest="ALL",
|
| 95 | 71 |
help="Show all webapps found, not just vulnerable") |
| 96 |
-parser.add_option("-d", "--debug", action="store_true", dest="DEBUG",
|
|
| 97 |
- help="Show lots of debugging output, mainly useful" |
|
| 98 |
- "for development") |
|
| 99 |
-parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT",
|
|
| 100 |
- const="fancy", help="Show more fancy output") |
|
| 101 | 72 |
parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT",
|
| 102 | 73 |
const="xml", help="Output results as XML") |
| 103 | 74 |
parser.add_option("-3", "--thirdparty", action="store_true", dest="THIRDPARTY",
|
| ... | ... |
@@ -156,8 +127,6 @@ for sect in config.sections(): |
| 156 | 127 |
item['old_safe'] = [] |
| 157 | 128 |
|
| 158 | 129 |
vdb.append(item) |
| 159 |
-if opts.DEBUG: |
|
| 160 |
- pp.pprint(vdb) |
|
| 161 | 130 |
|
| 162 | 131 |
if opts.OUTPUT == 'xml': |
| 163 | 132 |
print('<?xml version="1.0" ?>')
|
| ... | ... |
@@ -202,14 +171,10 @@ for fdir in args: |
| 202 | 171 |
findversion.split('.'))) or \
|
| 203 | 172 |
item['old_safe'].count(findversion) > 0: |
| 204 | 173 |
if opts.ALL: |
| 205 |
- if opts.DEBUG: |
|
| 206 |
- print("File " + mfile)
|
|
| 207 | 174 |
vulnprint(item['name'], findversion, |
| 208 | 175 |
"ok", "", mfile, item['subdir'], |
| 209 | 176 |
opts.OUTPUT) |
| 210 | 177 |
else: |
| 211 |
- if opts.DEBUG: |
|
| 212 |
- print("File " + mfile)
|
|
| 213 | 178 |
safev = "9999" |
| 214 | 179 |
for ver in item['old_safe']: |
| 215 | 180 |
if(versioncompare(ver.split('.'),
|
| 216 | 181 |