import socket
import urllib2
import re

# Main function
def main():
    
    msg = \
    'M-SEARCH * HTTP/1.1\r\n' \
    'HOST:239.255.255.250:1900\r\n' \
    'ST:upnp:rootdevice\r\n' \
    'MX:2\r\n' \
    'MAN:"ssdp:discover"\r\n' \
    '\r\n'

    s = UDP_socket()
    sendMsg(s,msg)
    response_list = receiveMsg(s)
    search = raw_input("Search CVE via Internet : ")
    
    if search.lower() == "y" or search.lower() == "yes":
        for response in response_list:
            print ("IP address : " + filterIP(str(response[0])))
            request(response[1])

# Set up UDP socket
def UDP_socket():
    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
    s.settimeout(2)
    return s

# Send Broadcast UDP
def sendMsg(s, msg):
    s.sendto(msg, ('239.255.255.250', 1900) )

# Receive Broadcast & return the stored list of ip address with server version
def receiveMsg(s):
    store = []
    try:
        while True:
            data, addr = s.recvfrom(65507)
            print addr, data
            store.append([addr,data.splitlines()[5].split(" ")[-1]])
    except socket.timeout:
        pass
    return store

# GET request to search for potential CVE
def request(keyword):
    keyword = URLKeyword(keyword)
    req = urllib2.Request('https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=' + keyword)
    response = urllib2.urlopen(req)
    filterHTMLTag(response, keyword)

# Filter HTML TAG
def filterHTMLTag(content, keyword):
    CVE = ""
    DESC = ""
    for line in content:
        CVE = CVE_name(CVE, line)
        DESC = CVE_detail(DESC, line)
        
        if CVE != "" and DESC != "":
            print "Potential CVE : " + CVE
            print "Description : " + DESC + "\n"
            CVE = ""
            DESC = ""

# To filter out CVE name
def CVE_name(CVE, line):
    CVE_match = re.search('<td valign="top" nowrap="nowrap"><a href="/cgi-bin/cvename.cgi\?name=(.+?)">', line)
    if CVE_match:
        CVE = CVE_match.group(1)
    return CVE

# To filter out CVE detail 
def CVE_detail(DESC, line):
    DESC_match = re.search('<td valign="top">(\w.+)', line)
    if DESC_match:
        DESC = DESC_match.group(1)
    return DESC
    
# To replace the underscore with '+' sign, so that it can be search via the GET request
def URLKeyword(keyword):
    keyword = keyword.replace("_", "+")
    return keyword

# Only filter out the IP address
def filterIP(ip):
    ip_match = re.search("'(.+)'", ip)
    if ip_match:
        ip = ip_match.group(1)
    return ip

# Call the Main function
if __name__ == "__main__":
    main()