1、安装
使用的是mysql数据库,直接用yum装的。
#yum install mariadb-server mariadb -y
#systemctl start mariadb
#mysqladmin -u root password '123456'
2、安装编译环境
yum install gcc gcc-c++ automake mariadb-devel libconfig*
./configure --disable-sqlite3 --enable-mysql
make && make install
export CVECHECKER_CONFFILE=/usr/local/etc/cvechecker.conf
也可以使用yum来安装,需要配置epel的源。
3、创建库并授权
mysql -u root -p
mysql>CREATE DATABASE cvechecker;
mysql>CREATE USER 'cvechecker'@'%' IDENTIFIED BY 'cvecheckpass';
mysql>GRANT ALL ON cvechecker.* TO 'cvechecker'@'localhost';
mysql>GRANT ALL ON cvechecker.* TO 'cvechecker'@'%';
mysql>FLUSH PRIVILEGES;
导入库:
#source /usr/share/cvechecker/mysql_cvechecker.sql;
4、配置数据库
# Generic settings # #dbtype = "sqlite"; dbtype="mysql"; cvecache = "/var/cvechecker/cache"; datadir = "/usr/share/cvechecker"; stringcmd = "/usr/bin/strings -n 3 '@file@'"; version_url = "http://cvechecker.svn.sourceforge.net/viewvc/cvechecker/versions.dat"; #userkey = "servertag"; # # For Sqlite3 # sqlite3: { localdb = "/var/cvechecker/local"; globaldb = "/var/cvechecker/global.db"; }; # # For MySQL # mysql: { dbname = "cvechecker"; dbuser = "cvechecker"; dbpass = "cvecheckpass"; dbhost = "$IPADDRESS_OF_MYSQL_SERVER"; };
初始化表:
cvechecker -i
5、从cve网站拉数据
要求安装wget
#yum install wget -y
#pullcves pull
注使用最新版,要不会有问题。
6、生成二进制文件
find / -type f -perm -o+x > /tmp/cvecheck.tmp
cat /proc/version >> /tmp/cvecheck.tmp
7、做检查
cvechecker -b /tmp/cvecheck.tmp
8、生成报告
cvechecker -r
有问题可以咨询我。
相关的参考文档:
http://www.filewatcher.com/m/cvechecker-3.5-r1.apk.59182-0.html
https://www.zhihu.com/question/37822443
https://www.cnblogs.com/KevinGeorge/p/7889989.html
https://wiki.alpinelinux.org/wiki/Cvechecker
http://www.seteuid0.com/cvechecker%E5%AE%9E%E7%8E%B0%E5%88%86%E6%9E%90/
https://rawgit.com/sjvermeu/cvechecker/master/docs/design-architecture.html
https://rawgit.com/sjvermeu/cvechecker/master/docs/userguide.html