xml parsing and mysql insert

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import urllib2
from BeautifulSoup import BeautifulStoneSoup
import MySQLdb
db = MySQLdb.connect("localhost", "xml", "xml", "xml")
cursor = db.cursor()
xml = urllib2.urlopen("http://nvd.nist.gov/download/nvdcve-2008.xml")
soup = BeautifulStoneSoup(xml)
entries = soup.findAll('entry')
for i in entries:
for k in i.findAll('ref'):
cursor.execute("""INSERT INTO main_reference SET
source = %s, url = %s, vulnerability_id = (select max(id)+1 from main_vulnerability)""", (k['source'], k['url'] ))
for v in i.vuln_soft.prod.findAll('vers'):
cursor.execute("""INSERT INTO main_version SET
version = %s, vulnerability_id = (select max(id)+1 from main_vulnerability)""", (v['num']))
if getattr(i.vuln_soft, 'prod', None):
prod = i.vuln_soft.prod['name']
else:
prod = ""
print """INSERT INTO main_vulnerability SET
name = %s, seq = %s, published = %d, modified = %d, severity = %s, cvss_score = %s, cvss_version = %s, cvss_base_score = %s, cvss_impact_subscore = %s,
cvss_exploit_subscore = %s, description = %s, product = %s, vendor = %s
""", (i['name'], i['seq'], i['published'], i['modified'], i['severity'], i['cvss_score'], i['cvss_version'], i['cvss_base_score'], i['cvss_impact_subscore'],
i['cvss_exploit_subscore'], i.desc.descript.contents, prod, i.vuln_soft.prod['vendor'] )
cursor.execute("""INSERT INTO main_vulnerability SET
name = %s, seq = %s, published = %s, modified = %s, severity = %s, cvss_score = %s, cvss_version = %s, cvss_base_score = %s, cvss_impact_subscore = %s,
cvss_exploit_subscore = %s, description = %s, product = %s, vendor = %s
""", (i['name'], i['seq'], i['published'], i['modified'], i['severity'], i['cvss_score'], i['cvss_version'], i['cvss_base_score'], i['cvss_impact_subscore'],
i['cvss_exploit_subscore'], "".join(i.desc.descript.contents), prod, i.vuln_soft.prod['vendor'] ))