vulns update

2024-06-17 12:19:46 +02:00 · 2024-06-17 12:19:46 +02:00 · e7b59b4fa5
commit e7b59b4fa5
parent af910869b8
8 changed files with 447 additions and 12 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,4 @@
 data
 venv
 .idea
-
+vulns.json
--- a/analyze_vulns.py
+++ b/analyze_vulns.py
@ -0,0 +1,99 @@
+import json
+import requests
+
+
+def download_vulns():
+    vulns = requests.get("https://security-tracker.debian.org/tracker/data/json").json()
+    with open('vulns.json', 'w+') as f:
+        json.dump(vulns, f, indent=4)
+
+
+fmt_str = '{:35s} {:20s} {:15s} {:10s} {:15s} {:10} {:20s} {:20s} {:40s} {:30s}'
+column_order = ['source_package', 'cve_name', 'release_name', 'status', 'nodsa_reason',
+                'state', 'urgency', 'fixed_version', 'repo_ver', 'nodsa']
+
+
+def process_vuln(d, column_order):
+    repo_ver = ''
+    for repository, version in d.get('repositories').items():
+        repo_ver += ', sec: ' if repository.endswith('-security') else ''
+        repo_ver += '{}'.format(version)
+    d['repo_ver'] = repo_ver
+    if d['status'] in ['undetermined']:
+        state = 'UNDET'
+    elif d['status'] in ['resolved'] and d['fixed_version'] in ['0']:
+        state = 'NOT_AFF'
+    elif d['status'] in ['open'] and d['nodsa_reason'] in ['postponed']:
+        state = 'FIX_LATER'
+    elif d['status'] in ['open'] and d['nodsa_reason'] in ['ignored']:
+        state = 'WONT_FIX'
+    elif d['status'] in ['open'] and d['nodsa'] not in [''] and 'Minor issue' in d['nodsa']:
+        state = 'VULN_MIN'
+    elif d['status'] in ['open'] and d['nodsa'] not in [''] and 'Minor issue' not in d['nodsa']:
+        state = 'VULN'
+    elif d['status'] in ['open'] and d['nodsa'] in ['']:
+        state = 'VULN_CHK'
+    elif d['status'] in ['resolved'] and d['fixed_version'] not in ['0', '']:
+        state = 'FIXED'
+    else:
+        state = 'UNKNOWN'
+    d['state'] = state
+    if state not in ['FIXED', 'NOT_AFF']:
+        print(fmt_str.format(*[d.get(c) for c in column_order]))
+
+
+def analyze(source_packages_filter, releases_filter):
+    with open('vulns.json') as f:
+        vulns_data = json.load(f)
+    print(fmt_str.format(*column_order))
+    for source_package, vulns in vulns_data.items():
+        # if source_packages_filter and source_package not in source_packages_filter:
+        if not source_package.startswith('python'):
+            continue
+        for cve_name, cve_details in vulns.items():
+            description = cve_details.get('description', '')
+            debianbug = cve_details.get('debianbug', '')
+            scope = cve_details.get('scope', '')
+            releases = cve_details.get('releases', {})
+            # TODO: for checking if not vulnerable in
+            # if 'sid' in releases and releases['sid']['status'] in ['open'] and \
+            #         (
+            #                 # 'bookworm' in releases and releases['bookworm']['status'] in ['resolved'] or \
+            #                 'bullseye' in releases and releases['bullseye']['status'] in ['resolved']
+            #         ):
+            #     print()
+            for release_name, release_details in releases.items():
+                if release_name not in releases_filter:
+                    continue
+                status = release_details.get('status', '')
+                fixed_version = release_details.get('fixed_version', '')
+                urgency = release_details.get('urgency', '')
+                nodsa = release_details.get('nodsa', '')
+                nodsa_reason = release_details.get('nodsa_reason', '')
+                repositories = release_details.get('repositories', {})
+                process_vuln(
+                    dict(
+                        source_package=source_package,
+                        cve_name=cve_name,
+                        release_name=release_name,
+                        status=status,
+                        fixed_version=fixed_version,
+                        nodsa_reason=nodsa_reason,
+                        nodsa=nodsa,
+                        repositories=repositories,
+                        urgency=urgency,
+                    ),
+                    column_order
+                )
+
+
+if __name__ == '__main__':
+    # download_vulns()
+    analyze([],
+            [
+                # 'buster', 'buster-security',
+                # 'bullseye', 'bullseye-security',
+                'bookworm', 'bookworm-security',
+                'trixie',
+                'sid',
+            ])
--- a/cve_20231017.py
+++ b/cve_20231017.py
@ -0,0 +1,76 @@
+['34.121.78.71', '34.72.1.93', '34.168.50.66']
+ips = [
+        '34.17.50.40', '104.196.20.254', '35.244.98.152', '34.125.91.203', '34.151.90.76', '35.247.38.100',
+        '34.147.14.201', '34.125.254.213', '34.17.46.84', '34.98.45.179', '34.102.107.190', '35.236.15.22',
+        '34.84.21.116', '34.116.86.232', '34.125.24.149', '34.146.118.1', '34.125.247.130', '34.84.188.103',
+        '34.142.80.126', '34.161.104.234', '34.96.212.90', '35.236.213.109', '34.174.165.41', '34.126.133.139',
+        '34.94.204.96', '34.97.236.156', '34.159.181.163', '34.143.128.188', '34.131.37.78', '35.201.190.19',
+        '34.129.189.124', '34.86.127.177', '34.135.183.123', '34.97.222.226', '35.246.84.100', '34.131.126.235',
+        '34.87.231.224', '34.161.250.109', '34.74.219.14', '35.227.71.21', '34.174.36.1', '34.130.48.237',
+        '34.84.61.94', '34.106.203.186', '34.97.208.10',
+        '34.162.156.82', '34.130.156.35', '34.145.159.215', '34.116.181.115', '34.84.140.240', '34.176.115.38',
+        '34.161.244.36', '34.163.7.34', '34.124.157.75', '35.200.239.85', '34.106.224.248', '34.74.79.159',
+        '34.64.217.221', '34.94.180.107', '34.94.2.165', '34.125.12.101', '34.97.236.167', '34.64.255.245',
+        '34.72.233.178', '34.125.161.13', '34.106.244.69', '34.147.14.138', '35.196.111.227', '34.105.202.84',
+        '34.95.176.127', '34.83.232.248', '35.201.3.147', '34.148.71.215', '34.18.35.18', '34.163.198.147',
+        '34.66.214.165', '34.94.246.39', '34.95.41.106', '34.174.135.125', '34.94.144.102', '34.165.216.109',
+        '34.98.32.81', '34.175.79.219', '34.126.169.11', '34.106.36.59', '34.94.176.165', '34.95.55.47',
+        '34.106.62.150', '35.244.59.124', '35.236.113.123', '34.84.65.71', '34.136.47.51', '34.142.89.43',
+        '34.102.92.205', '34.165.230.192', '34.146.28.82', '35.187.230.49', '34.125.80.154', '104.154.188.175',
+        '35.242.146.148', '34.79.171.22', '34.175.144.135', '34.176.238.164', '34.106.11.82', '35.190.138.225',
+        '35.228.227.119', '34.97.123.246', '35.190.230.203', '35.244.95.42', '34.140.0.83', '34.146.196.210',
+        '34.86.96.95', '35.221.25.124', '34.97.11.80', '34.174.71.148', '35.244.91.36', '35.230.146.50',
+        '35.220.246.85', '34.97.52.156', '34.93.91.247', '35.236.103.243', '34.145.207.88', '34.136.194.20',
+        '35.245.114.240', '34.101.120.210', '34.94.176.1', '34.155.30.208', '35.240.150.231', '34.122.4.179',
+        '34.131.138.55', '34.18.40.128', '34.145.36.128', '34.125.165.18', '104.196.140.115', '34.98.12.30',
+        '34.174.19.158', '34.106.225.178', '34.65.10.82', '35.242.136.209', '35.233.150.194', '35.199.0.163',
+        '34.162.149.214', '35.229.32.32', '34.80.248.33', '34.166.30.69', '34.125.25.238', '34.97.175.77',
+        '35.185.245.228', '35.197.165.68', '34.101.192.140', '34.161.40.198', '34.129.70.153', '34.142.21.24',
+        '34.88.245.143', '34.159.53.192', '34.125.217.11', '34.143.211.83', '34.116.230.247', '34.162.137.188',
+        '34.105.142.3', '34.105.202.179', '34.105.145.49', '34.82.24.224', '34.17.53.250', '34.148.117.75',
+        '34.174.125.187', '34.155.192.127', '34.74.174.175', '34.94.102.19', '34.130.14.196', '34.162.155.40',
+        '34.159.253.21', '34.129.229.139', '35.223.143.233', '34.154.230.83', '34.130.51.216', '35.200.169.126',
+        '35.221.12.243', '35.246.97.148', '34.86.4.240', '34.82.183.149', '34.142.64.199', '35.190.132.77',
+        '35.197.189.244', '34.87.232.208', '34.145.36.123', '34.151.100.177', '35.243.107.105', '35.189.21.0',
+        '34.166.30.245', '34.125.164.88', '34.94.241.35', '34.174.240.48', '35.221.69.248', '34.146.207.237',
+        '34.161.180.173', '34.150.128.43', '34.18.22.176', '34.174.195.180', '34.85.187.164', '34.131.44.113',
+        '34.97.252.193', '34.32.26.132', '34.105.133.23', '34.89.120.183', '35.235.64.48', '34.106.157.213',
+        '34.151.122.247', '34.174.211.178', '34.87.230.96', '34.93.147.85', '34.87.223.74', '34.88.53.172',
+        '34.121.78.71',
+        '34.32.31.210', '35.188.142.230', '34.134.211.37', '34.102.65.15', '34.175.14.254',
+        '34.162.19.214', '34.94.206.9', '34.129.242.117', '35.236.213.15', '34.70.251.14', '34.139.56.73',
+        '34.83.130.99', '34.162.165.77', '34.106.107.231', '34.101.85.130', '34.161.87.164', '34.97.253.249',
+        '34.154.204.198', '35.221.196.211', '34.166.12.105', '35.197.39.104', '35.200.183.102', '34.93.189.135',
+        '34.124.159.168', '34.163.91.207', '34.105.240.87', '34.93.237.208', '34.125.207.234', '34.118.111.90',
+        '34.125.154.163', '34.18.34.52', '34.106.96.12', '35.200.68.182', '34.89.80.87', '34.87.70.135',
+        '34.106.1.239', '34.145.27.87', '35.222.54.143', '35.189.20.218', '34.125.215.221', '34.161.94.187',
+        '34.151.232.179', '34.124.174.26', '34.131.61.160', '34.89.104.4', '34.150.246.15', '34.129.103.192',
+        '34.72.1.93',
+        '35.233.161.167', '35.187.210.70', '35.227.142.20', '34.17.54.10', '34.116.145.181',
+        '34.176.181.131', '34.145.54.98', '34.155.67.5', '34.150.93.213', '34.94.20.84', '34.93.211.212',
+        '35.235.111.158', '34.139.28.176', '34.116.119.248', '35.194.70.246', '34.94.189.65', '35.230.149.117',
+        '35.198.232.155', '34.116.68.83', '35.224.234.121', '34.97.42.131', '35.200.161.96', '35.199.65.205',
+        '34.97.41.253', '34.85.121.147', '34.154.28.126', '35.243.78.132', '35.196.185.2', '34.162.15.240',
+        '34.74.37.24', '34.152.57.233', '34.97.148.97', '34.66.228.179', '34.65.174.233', '34.65.137.25',
+        '34.131.73.134', '34.94.159.56', '35.227.6.168', '35.236.24.255', '34.74.129.243', '34.106.83.14',
+        '34.65.123.181', '34.151.215.177', '34.131.153.152', '34.87.161.220', '34.68.220.104', '34.83.140.99',
+        '34.91.176.19', '34.146.30.161', '104.196.185.143', '34.64.113.106', '34.125.12.17', '34.106.55.190',
+        '35.233.251.204', '34.32.33.55', '34.93.233.204', '34.125.247.98', '34.162.113.200', '34.106.203.9',
+        '34.106.164.9', '34.85.210.164', '34.86.124.225', '34.142.68.25', '34.97.199.43', '34.93.16.173',
+        '34.95.60.178', '34.126.157.206', '34.129.158.215', '34.154.236.127', '35.228.231.244', '35.227.170.237',
+        '34.106.86.160', '35.244.66.171', '35.244.11.213', '34.97.25.255', '34.162.174.74', '34.161.10.237',
+        '34.125.71.227', '34.81.60.155', '34.101.107.199', '34.162.201.134',
+        '34.168.50.66',
+        '35.236.44.102', '35.233.154.167', '104.198.51.28', '34.151.71.184', '34.87.32.113', '34.32.33.248',
+        '34.131.86.14',
+        '35.244.88.113', '34.97.76.205', '34.93.16.47', '34.175.144.104', '34.129.207.237', '34.93.102.230',
+        '34.138.142.201', '34.175.67.27', '34.133.194.6', '34.165.102.198', '34.93.239.39', '35.190.157.114',
+        '34.166.27.167', '35.240.175.107', '34.131.4.195', '34.106.224.85', '35.186.145.25', '35.242.159.226',
+        '34.106.145.170', '34.129.57.156', '35.200.106.75', '34.70.202.102', '34.93.37.186', '34.97.149.87',
+        '34.91.82.153', '35.200.162.133', '34.93.235.15', '35.185.29.84', '34.97.215.65', '34.86.24.227',
+        '34.143.133.122', '34.100.191.145', '34.72.72.217', '34.129.80.245', '34.174.47.33', '34.98.25.236',
+        '34.106.224.113', '34.85.102.14', '34.78.136.121', '34.174.201.225', '104.198.215.46', '34.161.146.212',
+        '104.155.102.22', '34.165.186.199', '34.84.5.70', '35.247.176.174', '34.131.25.158', '34.145.245.210',
+        '34.97.10.244', '35.247.174.86', '34.155.248.12', '35.232.10.153', '34.176.196.170', '34.150.115.171',
+        '34.161.97.190', '34.64.118.214', '34.162.255.172', '34.131.183.77', '34.155.195.167', '34.125.84.53',
+        '34.83.241.78', '34.161.52.245', '35.222.18.8']
--- a/debian_compare_versions.py
+++ b/debian_compare_versions.py
@ -0,0 +1,44 @@
+import os
+
+command_eq = "dpkg --compare-versions '{}' eq '{}'"
+command_gt = "dpkg --compare-versions '{}' gt '{}'"
+
+def debian_compare(a, b):
+    if os.system(command_eq.format(a, b)) == 0:
+        return 0
+    is_gt = os.system(command_gt.format(a, b))
+    if is_gt == 0:
+        return 1
+    return -1
+
+def get_debian_version_triplet(version):
+  # returns epoch, upstream, debian-revision tuple
+  epoch, upstream, debian_revision = '', version, ''
+  if '-' in version:
+    debian_revision = version.split('-')[-1]
+    upstream = upstream.rsplit('-' + debian_revision)
+  if ':' in version:
+    epoch = version.split(':')[0]
+    upstream = upstream.lsplit(epoch + ':')
+  return epoch, upstream, debian_revision  
+
+def naive_version_compare(a, b, pr=False):
+  versions1 = [int(v) for v in a.split(".")]
+  versions2 = [int(v) for v in b.split(".")]
+  for i in range(max(len(versions1),len(versions2))):
+    v1 = versions1[i] if i < len(a) else 0
+    v2 = versions2[i] if i < len(b) else 0
+    if v1 > v2:
+      return 1
+    elif v1 < v2:
+      return -1
+  return 0
+
+
+if __name__ == '__main__':
+    # assert debian_compare('3.8.6-1', '3.8.5') == 1
+    # assert debian_compare('3.8.5', '3.8.5') == 0
+    # assert debian_compare('3.8.5', '3.8.6-1') == -1
+    # print(get_debian_version_triplet('2.31.0+dfsg-1'))
+    print(naive_version_compare('3.8.6', '10.8.5'))
+  
--- a/main.py
+++ b/main.py
@ -22,9 +22,13 @@ def parse_args():
    parser = argparse.ArgumentParser()
    parser.add_argument('query', nargs='*', default="", help="freeform")
    parser.add_argument('--debug', dest='debug', action='store_true')
+    parser.add_argument('--raise-exceptions', dest='raise_exceptions', action='store_true')
    return parser.parse_args()


+args = parse_args()
+setup_logging_level(args.debug)
+
 DATA_DIR = os.path.join(os.path.dirname(__file__), 'data')
 PACKAGE_DETAILS_URL = 'https://tracker.debian.org/pkg/{pakage_name}'

@ -92,7 +96,9 @@ def get_cache_or_url(url, cache_file):
        logger.debug("Getting response from {}".format(url))
        response = requests.get(url)
        if response.status_code != 200:
-            raise Exception("Error getting response from {}".format(url))
+            if args.raise_exceptions:
+                raise Exception("Error getting response from {}".format(url))
+            logger.error("Error getting response from {}".format(url))
        response_text = response.text
        with open(cache_file, 'w+') as f:
            f.write(response.text)
@ -131,6 +137,8 @@ def parse_release_versions(text):
        if not line:
            continue
        package, version, release, archs = [e.strip() for e in line.split('|')]
+        if 'amd64' not in archs and 'source' not in archs:
+            continue
        if '/' in release:
            release = release.split('/')[0]
        release_versions[release] = version
@ -209,11 +217,10 @@ def get_package_news(package_name, allowed_channels, allowed_releases, max_pages
        cache_file = os.path.join(DATA_DIR, package_name, 'news_{}.html'.format(page_number))
        try:
            response_text = get_cache_or_url(url, cache_file)
+            new_channel_versions = parse_news(response_text, package_name, allowed_channels, allowed_releases)
        except Exception as e:
            logger.error(e)
            break
-
-        new_channel_versions = parse_news(response_text, package_name, allowed_channels, allowed_releases)
        for channel, versions in new_channel_versions.items():
            release = map_channel_to_release(channel)
            release_versions[release].extend(versions)
@ -225,8 +232,10 @@ def build_graph(package_name, releases_histories, release_versions):
    releases_graph = graphviz.Digraph()
    releases_graph.attr(rank='same')
    for idx, release in enumerate(RELEASES_ORDER[:-1]):
-        releases_graph.edge(release, RELEASES_ORDER[idx + 1], style='invis')
-    dot.subgraph(releases_graph)
+        if release in releases_histories or release in release_versions:
+            next_release = RELEASES_ORDER[idx + 1]
+            if next_release in releases_histories or next_release in release_versions:
+                releases_graph.edge(release, next_release, style='invis')
    dot.attr(rankdir='BT', label='Package: {}'.format(package_name))
    edges = set()
    for idx, release_histories in enumerate(releases_histories.items()):
@ -251,7 +260,7 @@ def build_graph(package_name, releases_histories, release_versions):
        for idx, version_date in enumerate(versions):
            version, date = version_date
            version_safe = version.replace(':', '_')
-            dot.node(version_safe, version)
+            dot.node(version_safe, "{}\n{}".format(version, date))
            if idx == 0:
                release_edges.add((version_safe, release))
            else:
@ -270,20 +279,21 @@ def get_package_details(package_name, allowed_releases=None):
    if not allowed_releases:
        allowed_releases = ['sid', 'trixie',
                            'bookworm', 'bookworm-backports', 'bookworm-security',
-                            'bullseye', 'bullseye-backports', 'bullseye-security',
+                            # 'bullseye', 'bullseye-backports', 'bullseye-security',
                            ]
    releases_histories = get_package_versions(package_name, allowed_releases)
    allowed_channels = [map_release_to_channel(release) for release in allowed_releases]
-    allowed_channels += ['experimental', 'proposed-updates']
+    allowed_channels += [
+        'experimental',
+        'proposed-updates',
+    ]
    release_versions = get_package_news(package_name, allowed_channels, allowed_releases)
    build_graph(package_name, releases_histories, release_versions)


 def main():
-    args = parse_args()
-    setup_logging_level(args.debug)
    os.makedirs(DATA_DIR, exist_ok=True)
-    get_package_details('curl')
+    get_package_details('thunderbird')


 if __name__ == '__main__':
--- a/osv_parse.py
+++ b/osv_parse.py
@ -0,0 +1,50 @@
+import argparse
+import json
+import logging
+import os
+
+logging.basicConfig()
+logger = logging.getLogger()
+
+OSV_DIR = 'osv'
+DATA_DIR = 'data'
+
+
+def setup_logging_level(debug=False):
+    log_level = logging.DEBUG if debug else logging.ERROR
+    logger.setLevel(log_level)
+    logger.debug("Debugging enabled")
+
+
+def parse_args():
+    parser = argparse.ArgumentParser()
+    parser.add_argument('query', nargs='*', default="", help="freeform")
+    parser.add_argument('--debug', dest='debug', action='store_true')
+    return parser.parse_args()
+
+
+def main():
+    args = parse_args()
+    setup_logging_level(args.debug)
+    print(' '.join(args.query))
+    osv_aliases = {}
+    for file in os.listdir(OSV_DIR):
+        if not file.endswith('.json'):
+            continue
+        with open(os.path.join(OSV_DIR, file)) as f:
+            try:
+                jdata = json.load(f)
+            except Exception as e:
+                logger.error("ERROR READING: {}".format(e))
+                continue
+        id_ = jdata.get('id', '')
+        if not (id_.startswith('GHSA-') or id_.startswith('PYSEC-')):
+            continue
+        aliases = jdata.get('aliases', [])
+        osv_aliases[id_] = aliases
+    with open(os.path.join(DATA_DIR, 'osv_aliases.json'), 'w+') as f:
+        json.dump(osv_aliases, f, indent=2)
+
+
+if __name__ == "__main__":
+    main()
--- a/test_cve.py
+++ b/test_cve.py
@ -0,0 +1,119 @@
+import requests
+import argparse
+import logging
+
+logging.basicConfig()
+logger = logging.getLogger()
+
+
+def setup_logging_level(debug=False):
+    log_level = logging.DEBUG if debug else logging.ERROR
+    logger.setLevel(log_level)
+    logger.debug("Debugging enabled")
+
+
+def parse_args():
+    parser = argparse.ArgumentParser()
+    parser.add_argument('query', nargs='*', default="", help="freeform")
+    parser.add_argument('--debug', dest='debug', action='store_true')
+    return parser.parse_args()
+
+
+def main():
+    args = parse_args()
+    setup_logging_level(args.debug)
+    exceptional_ips = []
+    ips = ['34.100.191.145', '34.142.64.199', '34.84.61.94', '35.222.18.8', '34.106.36.59', '34.106.55.190',
+           '34.154.230.83', '34.74.219.14', '35.200.169.126', '35.200.68.182', '34.97.236.167', '34.130.51.216',
+           '34.147.14.201', '34.106.224.85', '35.208.95.176', '34.150.93.213', '35.244.32.219', '35.242.136.209',
+           '34.166.30.245', '34.161.250.109', '34.162.201.134', '35.221.25.124', '34.116.230.247', '34.152.57.233',
+           '34.94.20.84', '34.131.37.78', '34.174.125.187', '35.230.146.50', '34.64.255.245', '35.240.150.231',
+           '34.161.180.173', '34.84.188.103', '34.145.36.128', '34.162.15.240', '34.146.28.82', '34.98.45.179',
+           '34.129.242.117', '34.159.37.52', '104.198.51.28', '34.101.107.199', '35.185.245.228', '34.145.207.88',
+           '34.131.61.160', '35.221.69.248', '34.89.80.87', '34.106.1.239', '34.136.194.20', '35.196.185.2',
+           '34.94.176.1', '34.145.36.123', '35.220.246.85', '34.97.199.43', '34.143.211.83', '35.247.38.100',
+           '35.226.255.38', '34.151.100.177', '34.129.189.124', '34.81.60.155', '34.102.92.205', '35.196.28.27',
+           '34.125.247.98', '34.106.11.82', '34.98.25.236', '35.197.159.158', '34.66.214.165', '34.155.30.208',
+           '34.129.207.237', '34.66.228.179', '34.94.204.96', '34.65.137.25', '34.83.241.78', '34.87.231.224',
+           '34.102.65.15', '34.118.111.90', '35.184.64.192', '35.201.3.147', '34.126.157.206', '34.159.53.192',
+           '34.176.115.38', '34.174.201.225', '34.131.4.195', '34.32.26.132', '35.199.65.205', '34.163.91.207',
+           '34.125.12.101', '34.125.24.149', '35.190.138.225', '34.130.156.35', '35.233.161.167', '34.93.16.173',
+           '35.236.44.102', '35.222.54.143', '34.74.174.175', '34.84.123.186', '34.131.138.55', '34.129.70.153',
+           '34.18.22.176', '35.186.145.25', '34.93.237.208', '35.221.196.211', '34.155.248.12', '34.161.40.198',
+           '35.245.114.240', '35.228.227.119', '34.139.56.73', '34.105.240.87', '34.150.115.171', '34.17.46.84',
+           '34.125.84.53', '34.64.113.106', '35.244.59.124', '34.87.32.113', '35.244.11.213', '34.97.222.226',
+           '34.166.27.167', '35.198.232.155', '34.105.202.84', '34.130.14.196', '34.162.149.214', '35.200.162.133',
+           '35.236.113.123', '34.95.176.127', '34.145.159.215', '34.150.246.15', '34.175.144.104', '34.97.52.156',
+           '34.131.126.235', '34.162.19.214', '34.106.225.178', '104.198.215.46', '104.196.185.143', '34.126.133.139',
+           '34.124.159.168', '34.154.204.198', '34.175.79.219', '34.155.195.167', '34.89.120.183', '34.88.245.143',
+           '34.143.133.122', '34.97.11.80', '34.142.68.25', '34.125.247.130', '35.244.66.171', '35.221.12.243',
+           '34.155.192.127', '34.125.215.221', '35.244.95.42', '34.80.248.33', '34.145.54.98', '34.125.207.234',
+           '35.243.78.132', '34.94.189.65', '35.223.143.233', '34.97.215.65', '34.96.212.90', '34.86.4.240',
+           '34.106.203.186', '34.162.255.172', '34.17.50.40', '34.143.128.188', '34.106.83.14', '34.97.123.246',
+           '35.190.132.77', '34.74.129.243', '34.106.224.248', '34.94.176.165', '34.131.86.14', '34.101.85.130',
+           '35.244.88.113', '34.86.124.225', '35.197.39.104', '34.17.53.250', '34.134.211.37', '34.116.181.115',
+           '35.243.107.105', '34.95.41.106', '35.227.71.21', '34.175.165.85', '34.94.246.39', '34.65.174.233',
+           '34.70.251.14', '34.97.175.77', '34.106.164.9', '34.106.145.170', '34.82.183.149', '35.235.111.158',
+           '34.150.128.43', '104.155.102.22', '34.93.235.15', '34.166.30.69', '35.236.103.243', '34.105.142.3',
+           '34.175.144.135', '34.174.36.1', '34.165.102.198', '34.87.70.135', '34.85.210.164', '34.87.223.74',
+           '34.174.240.48', '34.116.145.181', '34.85.187.164', '34.94.2.165', '34.97.76.205', '34.162.156.82',
+           '104.196.140.115', '35.196.111.227', '34.148.71.215', '34.154.236.127', '34.101.120.210', '34.116.68.83',
+           '34.129.158.215', '34.17.54.10', '34.151.122.247', '34.93.91.247', '34.175.67.27', '34.86.24.227',
+           '34.84.21.116', '35.200.239.85', '34.97.41.253', '35.190.157.114', '34.175.14.254', '34.140.0.83',
+           '34.176.196.170', '34.162.165.77', '34.93.16.47', '34.105.202.179', '34.125.91.203', '34.98.12.30',
+           '34.18.40.128', '34.87.232.208', '35.232.10.153', '34.125.165.18', '34.124.157.75', '34.154.28.126',
+           '34.94.159.56', '35.227.6.168', '35.228.231.244', '34.146.118.1', '34.106.157.213', '35.200.183.102',
+           '35.188.142.230', '35.235.64.48', '34.68.220.104', '34.161.146.212', '35.236.213.109', '34.74.37.24',
+           '34.65.123.181', '34.151.232.179', '34.151.90.76', '35.236.24.255', '35.242.146.148', '35.199.0.163',
+           '34.166.12.105', '34.174.71.148', '34.84.140.240', '35.189.20.218', '34.97.148.97', '34.159.181.163',
+           '34.126.169.11', '34.125.254.213', '34.106.107.231', '34.146.196.210', '34.161.104.234', '34.93.189.135',
+           '34.145.27.87', '34.93.211.212', '34.91.82.153', '34.130.48.237', '34.124.166.246', '35.242.159.226',
+           '34.163.198.147', '35.185.29.84', '34.83.232.248', '34.161.52.245', '35.246.97.148', '34.176.238.164',
+           '34.106.86.160', '34.129.229.139', '34.147.14.138', '34.106.62.150', '34.93.239.39', '34.176.181.131',
+           '34.84.65.71', '34.106.203.9', '35.244.91.36', '34.78.136.121', '34.174.195.180', '35.187.230.49',
+           '35.233.154.167', '34.155.67.5', '34.174.165.41', '34.146.207.237', '34.97.236.156', '34.131.73.134',
+           '34.161.94.187', '34.83.140.99', '34.105.145.49', '34.102.107.190', '34.82.24.224', '104.196.20.254',
+           '34.142.80.126', '34.125.154.163', '35.200.161.96', '34.93.233.204', '34.125.164.88', '35.197.165.68',
+           '34.32.31.210', '34.97.149.87', '34.18.35.18', '35.247.174.86', '34.94.144.102', '35.229.32.32',
+           '34.87.230.96', '34.174.47.33', '34.97.208.10', '35.227.142.20', '34.95.55.47', '34.106.224.113',
+           '34.97.253.249', '34.116.119.248', '34.161.87.164', '34.162.137.188', '34.72.72.217', '34.97.10.244',
+           '35.246.84.100', '34.139.28.176', '34.162.155.40', '34.93.102.230', '34.129.57.156', '34.131.25.158',
+           '34.84.5.70', '35.244.98.152', '104.154.188.175', '35.200.106.75', '35.224.234.121', '34.79.171.22',
+           '34.89.104.4', '34.125.12.17', '34.94.241.35', '34.124.174.26', '34.165.216.109', '34.162.174.74',
+           '34.125.161.253', '34.86.127.177', '35.236.213.15', '34.97.25.255', '34.174.19.158', '34.159.253.21',
+           '35.233.150.194', '34.72.233.178', '35.236.15.22', '34.101.192.140', '35.227.170.237', '34.162.113.200',
+           '34.129.80.245', '34.97.252.193', '34.133.194.6', '34.131.153.152', '34.74.79.159', '34.70.202.102',
+           '34.125.25.238', '34.151.215.177', '34.97.42.131', '34.174.211.178', '34.148.117.75', '35.201.190.19',
+           '34.161.97.190', '34.106.96.12', '34.131.183.77', '34.64.118.214', '34.131.44.113', '34.85.121.147',
+           '34.129.103.192', '34.85.102.14', '34.94.180.107', '34.165.186.199', '34.125.161.13', '35.197.189.244',
+           '35.247.176.174', '34.142.21.24', '34.65.10.82', '34.98.32.81', '34.106.244.69', '34.86.96.95',
+           '35.194.70.246', '34.32.33.55', '34.125.217.11', '34.174.135.125', '34.146.30.161', '34.18.34.52',
+           '34.83.130.99', '34.161.244.36', '35.190.230.203', '34.32.33.248', '35.240.175.107', '34.122.4.179',
+           '35.233.251.204', '34.136.47.51', '34.138.142.201', '34.93.37.186', '34.94.206.9', '34.88.53.172',
+           '34.135.183.123', '34.125.80.154', '34.116.86.232', '34.151.71.184', '34.95.60.178', '34.145.245.210',
+           '34.93.147.85', '35.230.149.117', '34.87.161.220', '35.187.210.70', '34.125.71.227', '34.94.102.19'
+           ]
+    for ip in ips:
+        if ip in exceptional_ips:
+            print('known exeptional: {}'.format(ip))
+            continue
+        reversed_ip = '.'.join(ip.split('.')[::-1])
+        try:
+            resp = requests.get('http://{}.bc.googleusercontent.com/webui'.format(reversed_ip))
+        except Exception as e:
+            print("{}: {}".format(ip, e))
+            continue
+        resp_text = resp.text
+        if resp_text.startswith('<!DOCTYPE'):
+            print("{} not vuln".format(ip))
+        else:
+            print()
+            print('>>>>>>>>>>>>>>>>>>>>>>')
+            print(ip)
+            print(resp_text)
+            print('<<<<<<<<<<<<<<<<<<<<<<')
+            print()
+
+
+if __name__ == "__main__":
+    main()
--- a/test_fp.py
+++ b/test_fp.py
@ -0,0 +1,37 @@
+def float_to_binary(f):
+    # Handle special cases: positive/negative infinity and NaN
+    if f == float('inf') or f == float('-inf') or f != f:
+        return bin(int.from_bytes(f.to_bytes(8, 'big', signed=True), 'big'))
+
+    # Extract sign, exponent, and mantissa
+    sign = 0 if f >= 0 else 1
+    f = abs(f)
+    exponent = 0
+    while f >= 2.0:
+        f /= 2.0
+        exponent += 1
+    while f < 1.0:
+        f *= 2.0
+        exponent -= 1
+
+    # Convert mantissa and exponent to binary
+    mantissa = bin(int((f - 1.0) * (2 ** 52)))
+    exponent_bits = bin(exponent + 1023)
+
+    # Format the binary representation
+    binary_representation = f"{sign}{exponent_bits[2:]:>011}{mantissa[2:]:<052}"
+
+    # Return the formatted binary representation
+    return binary_representation
+
+
+# Example usage
+if __name__ == "__main__":
+    # Get a floating-point number from the user
+    float_number = float(input("Enter a floating-point number: "))
+
+    # Convert the floating-point number to binary
+    binary_representation = float_to_binary(float_number)
+
+    # Print the binary representation
+    print(f"The binary representation of {float_number} is: {binary_representation}")