making lib for parsing cves on msft

2020-10-26 18:49:45 -05:00 · 2020-10-26 18:49:45 -05:00 · ec21f3a3cb
commit ec21f3a3cb
parent e668654f47
2 changed files with 90 additions and 0 deletions
--- a/microsoft_kb/json_response.json
+++ b/microsoft_kb/json_response.json
--- a/microsoft_kb/microsoft_kb_checker.rb
+++ b/microsoft_kb/microsoft_kb_checker.rb
@ -0,0 +1,89 @@
 # frozen_string_literal: true
 # This will check microsoft security portal for the kbs assosicated with an operating system for a given CVE.
 #
 # usage: <script.rb> --cve CVE-2020-1234 --os "Windows Server 2012 R2"
 #
 require 'json'
 require 'rest-client'
 class MicrosoftKbChecker
  attr_accessor :cve_id, :os_name
  def initialize(cve_id, os_name)
    @cve_id = cve_id,
    @os_name = os_name
  end
  AVAILABLE_OS = [
    'Windows 10 Version 2004 for 32-bit Systems',
    'Windows 10 Version 2004 for ARM64-based Systems',
    'Windows 10 Version 2004 for x64-based Systems',
    'Windows Server, version 2004 (Server Core installation)',
    'Windows 10 Version 1803 for 32-bit Systems',
    'Windows 10 Version 1803 for x64-based Systems',
    'Windows 10 Version 1803 for ARM64-based Systems',
    'Windows 10 Version 1809 for 32-bit Systems',
    'Windows 10 Version 1809 for x64-based Systems',
    'Windows 10 Version 1809 for ARM64-based Systems',
    'Windows Server 2019',
    'Windows Server 2019  (Server Core installation)',
    'Windows 10 Version 1909 for 32-bit Systems',
    'Windows 10 Version 1909 for x64-based Systems',
    'Windows 10 Version 1909 for ARM64-based Systems',
    'Windows Server, version 1909 (Server Core installation)',
    'Windows 10 Version 1709 for 32-bit Systems',
    'Windows 10 Version 1709 for x64-based Systems',
    'Windows 10 Version 1709 for ARM64-based Systems',
    'Windows 10 Version 1903 for 32-bit Systems',
    'Windows 10 Version 1903 for x64-based Systems',
    'Windows 10 Version 1903 for ARM64-based Systems',
    'Windows Server, version 1903 (Server Core installation)',
    'Windows 10 for 32-bit Systems',
    'Windows 10 for x64-based Systems',
    'Windows 10 Version 1607 for 32-bit Systems',
    'Windows 10 Version 1607 for x64-based Systems',
    'Windows Server 2016',
    'Windows Server 2016  (Server Core installation)',
    'Windows 7 for 32-bit Systems Service Pack 1',
    'Windows 7 for x64-based Systems Service Pack 1',
    'Windows 8.1 for 32-bit systems',
    'Windows 8.1 for x64-based systems',
    'Windows RT 8.1',
    'Windows Server 2008 for 32-bit Systems Service Pack 2',
    'Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)',
    'Windows Server 2008 for x64-based Systems Service Pack 2',
    'Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)',
    'Windows Server 2008 R2 for x64-based Systems Service Pack 1',
    'Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)',
    'Windows Server 2012',
    'Windows Server 2012 (Server Core installation)',
    'Windows Server 2012 R2',
    'Windows Server 2012 R2 (Server Core installation)'
  ].freeze
  def cve_url
    "https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/#{cve}"
  end
  def make_request
    RestClient::Request.execute(
      method: :get,
      headers: { Host: 'portal.msrc.microsoft.com' },
      url: cve_url
    )
  end
  def parse_json(response)
    JSON.parse(response)
  end
  def find_os
    if AVAILABLE_OS.include?(os)
      response = make_request
      json_data = parse_json(response)
    else
      'Operating system not found.'
    end
  end
 end