koutto/cvedetails-lookup

Break?

Closed this issue · 2 comments

Not sure what the problem, cvedetails change break the parsing?

└──╼ $python3 cvedetails-lookup.py --product IIS --version 7.5
[*] Looking for "IIS 7.5" in cvedetails.com database...
Traceback (most recent call last):
  File "cvedetails-lookup.py", line 274, in <module>
    versions_results = parse_html_table_versions(resp)
  File "cvedetails-lookup.py", line 141, in parse_html_table_versions
    for row in table_results.findAll('tr')[1:]:
AttributeError: 'NoneType' object has no attribute 'findAll'

This is strange, I just run the exact same command and i got no error:

root@jok3r-docker:~/jok3r/toolbox/multi/cvedetails-lookup# python3 cvedetails-lookup.py --product IIS --version 7.5
[*] Looking for "IIS 7.5" in cvedetails.com database...
[+] Exact match found in the database
[*] IDs summary: Vendor=Microsoft [26] | Product=IIS [3436] | Version=7.5 [92758]
[*] Fetch results for version id 92758 ...
[!] No CVE found in database

This code has been quickly developped and still require more error handling. I should also add a check to ensure we are connected to internet at the beginning.

But I don't know where the problem comes from in your example. If you have time to investigate ;)

Cheers !

Oh i think i find the problem, my bad, my proxy should be block my cvedetails, will try to investigate and at least catch this error. Will do a PR.