Last active
November 24, 2017 06:51
-
-
Save mattintosh4/c752770cef8be74730755b021b6aa3f0 to your computer and use it in GitHub Desktop.
VULS 環境を構築してローカルスキャンを実行するとこまで勝手にやるナニカ
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ################################################################################ | |
| # Distributor ID: CentOS | |
| # Description: CentOS Linux release 7.3.1611 (Core) | |
| # Release: 7.3.1611 | |
| # Codename: Core | |
| ################################################################################ | |
| set -e | |
| set -u | |
| PS4=$'\e[33;7mCOMMAND\e[m ' | |
| set -x | |
| years="2016 2017" | |
| ### ENVIRONMENT VARIABLE ### | |
| echo 'c6adde41d303da2a56021bb45d11c234cd992c94 /etc/profile.d/goenv.sh' > goenv.sh.sha1 | |
| if ! sha1sum --check goenv.sh.sha1 | |
| then | |
| cat <<\! | sudo tee -a /etc/profile.d/goenv.sh | |
| export GOROOT=/usr/local/go | |
| export GOPATH=$HOME/go | |
| export PATH=$PATH:$GOROOT/bin:$GOPATH/bin | |
| ! | |
| fi | |
| . /etc/profile.d/goenv.sh | |
| ### YUM ### | |
| sudo yum install -y \ | |
| gcc \ | |
| git \ | |
| make \ | |
| sqlite \ | |
| wget \ | |
| yum-utils | |
| ### GO ### | |
| echo '838c415896ef5ecd395dfabde5e7e6f8ac943c8e go1.8.3.linux-amd64.tar.gz' > go1.8.3.linux-amd64.tar.gz.sha1 | |
| if ! sha1sum --check go1.8.3.linux-amd64.tar.gz.sha1 | |
| then | |
| wget https://storage.googleapis.com/golang/go1.8.3.linux-amd64.tar.gz | |
| fi | |
| sudo tar xzf go1.8.3.linux-amd64.tar.gz -C /usr/local | |
| ### CVE DICTIONARY ### | |
| mkdir -p $GOPATH/src/github.com/kotakanbe | |
| cd $_ | |
| git clone https://github.com/kotakanbe/go-cve-dictionary.git | |
| cd go-cve-dictionary | |
| make install | |
| cd | |
| sudo mkdir -p -m 0700 /var/log/vuls | |
| sudo chown $USER /var/log/vuls | |
| for i in ${years} | |
| do | |
| go-cve-dictionary fetchnvd -years $i | |
| go-cve-dictionary fetchjvn -years $i # Japanese | |
| done | |
| ### OVAL DICTIONARY ### | |
| cd $GOPATH/src/github.com/kotakanbe | |
| git clone https://github.com/kotakanbe/goval-dictionary.git | |
| cd goval-dictionary | |
| make install | |
| cd | |
| goval-dictionary fetch-redhat 7 | |
| ### VULS ### | |
| mkdir -p $GOPATH/src/github.com/future-architect | |
| cd $_ | |
| git clone https://github.com/future-architect/vuls.git | |
| cd vuls | |
| make install | |
| ### CONFIG ### | |
| cd | |
| cat <<! >config.toml | |
| [servers] | |
| [servers.localhost] | |
| host = "localhost" | |
| port = "local" | |
| ! | |
| ### VULS TEST ### | |
| vuls configtest | |
| ### VULS SCAN ### | |
| vuls scan | |
| ### VULS REPORT ### | |
| vuls report -lang=ja -format-one-line-text -cvedb-path=$PWD/cve.sqlite3 -ovaldb-path=$PWD/oval.sqlite3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment