Greetings All,
First... I'm definitely not dead... that first month of marriage kept me busier than I'm used to being, but I definitely plan on posting more.
This post is actually rather exciting for me. If you read back through my blog, my iniital posts (and the reason I registered a domain) were because I wanted an easy way to keep track of new versions of software. I happened to register this domain, so I wanted to call it the Computer Defense Version Tracker (CDVT). My plan was to develop a file scheme, where software authors could place a small cdvt file in their root and I would fetch and parse the file, creating an updated list of versions of software. A number of authors were on board with the idea, but it never built much steam.
Having progressed my development skills quite a bit in the past two and half years (or at least I like to think I have), I realized I could write a simple screen scraper to do the work. So here's the "new and improved" CDVT, which I'm currently calling version 0.1. The download consists of two files, cdvt.py and cdvt.xml. The XML file contains references to each piece of software that is being checked. The python does the work. You can provide a couple of inputs when you run the file, and if you provide incorrect input, you'll get this error:
htregz@securitysentience:~/cdvt$ python cdvt.py
CDVT 0.1 by Tyler Reguly (ht@computerdefense.org)
Error: Output Type not provided
Usage: cdvt.py <output type> <output interface>
output type: csv or text
output interface: stdout or file
This should be fairly straight forward, you can generate csv or plain text and either print to the screen or write to a file. The next version will parse proper arguments and allow you to specify a filename. Right now the filename will be either versions.csv or versions.txt (depending on the output type).
Output from the text mode looks like this:
htregz@securitysentience:~/cdvt$ python cdvt.py text stdout
2.4 Kernel: 2.4.36.6
2.6 Kernel: 2.6.25.7
Aircrack-ng: 1.0-rc1
Cain & Abel: 4.9.14
ettercap: NG-0.7.3
Kismet: Kismet-2008-05-R1
Metasploit Release: 3.1 Release
Metasploit SVN Revision: 5533
NetStumbler: Version Info Not Available
Nikto: 2.02
nmap: 4.65
Notepad++: 4.9.2
Pass the Hash: 1.3
PsTools: 2.44
PuTTy: 0.60
Snort: 2.8.2.1
TCPDump: 3.9.8
VMWare Server: 1.0.6
VMWare Workstation: 6.0.4
Wireshark: 1.0.0
Since I do perform screen scraping, it isn't the fastest process in the world, but it isn't overly slow either. When you see the message 'Version Info Not Available', that means that the page that's scraped wasn't available or the regex couldn't match. In the above case, the NetStumbler download page is currently returning a 404 error.
I would love feedback, suggestions of apps to add and anything else. Feel free to email me or leave a comment.