Improved the accuracy of the external vulnerabilities/exploits parser

README.md

@@ -228,7 +228,8 @@ Dagda 0.3.0 is currently in the planning phase.
 
 The following features are already implemented and included in the 0.2.0 release.
 * Minimized the false positives improving the accuracy of the matches between the information retrieved from the docker images and the stored information into the MongoDB
-* Improved the user feedback for the long time running processes such as the docker images analysis or the database update
+* Improved the user feedback for the long time running processes
+* Improved the accuracy of the external vulnerabilities/exploits parser
 * Created a quick starter with Docker
 * **Dagda** project included in a CI environment
 * Added tests for code coverage
@@ -239,7 +240,6 @@ If you want contribute to this project, feel free to do it. That's why the wish
 * Analyze more software than the installed software in the Operating System
     * Analyze Java dependencies such as the [OWASP dependency-check](https://github.com/jeremylong/DependencyCheck) project
     * Analyze Javascript dependencies such as the [Retire.js](https://github.com/RetireJS/retire.js) project
-* Improve the accuracy of the vulnerabilities/exploits parser, which are taken from the external sources
 
 ### 0.1.0 (Released)
 

dagda/vulnDB/ext_source_util.py

@@ -56,6 +56,17 @@ def get_exploit_db_list_from_csv(csv_content):
                         item = str(exploit_db_id) + "#" + description + "#" + str(version)
                         if item not in items:
                             items.add(item)
+                else:
+                    if '<' not in description and '>' not in description:
+                        iterator = re.finditer("\s([0-9])+$", description)
+                        match = next(iterator, None)
+                        if match:
+                            version = match.group()
+                            description = description[:description.index(version)].rstrip().lstrip()
+                            version = version.rstrip().lstrip()
+                            item = str(exploit_db_id) + "#" + description + "#" + str(version)
+                            if item not in items:
+                                items.add(item)
     # Return
     return list(items)
 

tests/vulnDB/test_ext_source_util.py

@@ -20,10 +20,11 @@ def test_get_cve_list_from_file(self):
 
     def test_get_exploit_db_list_from_csv(self):
         exploit_db_list = get_exploit_db_list_from_csv(mock_exploit_db_csv_content)
-        self.assertEqual(len(exploit_db_list), 2)
+        self.assertEqual(len(exploit_db_list), 3)
         # Check Exploits
         self.assertTrue("11#apache#2.0.44" in exploit_db_list)
         self.assertTrue("468#pigeon server#3.02.0143" in exploit_db_list)
+        self.assertTrue("37060#microsoft internet explorer#11" in exploit_db_list)
 
     def test_get_bug_traqs_lists_from_file(self):
         output = io.BytesIO(base64.b64decode(mock_bid_gz_file))
@@ -45,6 +46,7 @@ def test_get_bug_traqs_lists_from_file(self):
 262,platforms/hardware/dos/262.pl,"Cisco Multiple Products - Automated Exploit Tool",2001-01-27,hypoclear,hardware,dos,0
 11,platforms/linux/dos/11.c,"Apache 2.0.44 (Linux) - Remote Denial of Service",2003-04-11,"Daniel Nystram",linux,dos,0
 345,platforms/windows/dos/345.c,"UDP Stress Tester - Denial of Service",2002-09-10,Cys,windows,dos,0
+37060,platforms/windows/dos/37060.html,"Microsoft Internet Explorer 11 - Crash PoC (1)",2015-05-19,Garage4Hackers,windows,dos,0
 468,platforms/windows/dos/468.c,"Pigeon Server 3.02.0143 - Denial of Service",2004-09-19,"Luigi Auriemma",windows,dos,0
 """