1

我正在尝试解析这个 XML 文件:http ://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml

<?xml version='1.0' encoding='UTF-8'?>
<nvd xmlns:cvss="http://scap.nist.gov/schema/cvss-v2/0.2" xmlns="http://scap.nist.gov/schema/feed/vulnerability/2.0" xmlns:vuln="http://scap.nist.gov/schema/vulnerability/0.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:scap-core="http://scap.nist.gov/schema/scap-core/0.1" xmlns:cpe-lang="http://cpe.mitre.org/language/2.0" xmlns:patch="http://scap.nist.gov/schema/patch/0.1" nvd_xml_version="2.0" pub_date="2013-07-11T12:00:45" xsi:schemaLocation="http://scap.nist.gov/schema/patch/0.1 http://nvd.nist.gov/schema/patch_0.1.xsd http://scap.nist.gov/schema/scap-core/0.1 http://nvd.nist.gov/schema/scap-core_0.1.xsd http://scap.nist.gov/schema/feed/vulnerability/2.0 http://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd">
  <entry id="CVE-2000-0851">
    <vuln:vulnerable-configuration id="http://nvd.nist.gov/">
      <cpe-lang:logical-test negate="false" operator="OR">
        <cpe-lang:fact-ref name="cpe:/o:microsoft:windows_2000"/>
      </cpe-lang:logical-test>
    </vuln:vulnerable-configuration>
    <vuln:vulnerable-software-list>
      <vuln:product>cpe:/o:microsoft:windows_2000</vuln:product>
    </vuln:vulnerable-software-list>
    <vuln:cve-id>CVE-2000-0851</vuln:cve-id>
    <vuln:published-datetime>2000-11-14T00:00:00.000-05:00</vuln:published-datetime>
    <vuln:last-modified-datetime>2013-07-06T00:11:34.357-04:00</vuln:last-modified-datetime>
    <vuln:cvss>
      <cvss:base_metrics upgraded-from-version="1.0">
        <cvss:score>4.6</cvss:score>
        <cvss:access-vector>LOCAL</cvss:access-vector>
        <cvss:access-complexity>LOW</cvss:access-complexity>
        <cvss:authentication>NONE</cvss:authentication>
        <cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
        <cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
        <cvss:availability-impact>PARTIAL</cvss:availability-impact>
        <cvss:source>http://nvd.nist.gov</cvss:source>
        <cvss:generated-on-datetime>2004-01-01T00:00:00.000-05:00</cvss:generated-on-datetime>
      </cvss:base_metrics>
    </vuln:cvss>
    <vuln:security-protection>ALLOWS_OTHER_ACCESS</vuln:security-protection>
    <vuln:references xml:lang="en" reference_type="VENDOR_ADVISORY">
      <vuln:source>BID</vuln:source>
      <vuln:reference href="http://www.securityfocus.com/bid/1651" xml:lang="en">1651</vuln:reference>
    </vuln:references>
    <vuln:references xml:lang="en" reference_type="UNKNOWN">
      <vuln:source>MS</vuln:source>
      <vuln:reference href="http://www.microsoft.com/technet/security/bulletin/ms00-065.asp" xml:lang="en">MS00-065</vuln:reference>
    </vuln:references>
    <vuln:references xml:lang="en" reference_type="UNKNOWN">
      <vuln:source>ATSTAKE</vuln:source>
      <vuln:reference href="http://www.atstake.com/research/advisories/2000/a090700-1.txt" xml:lang="en">A090700-1</vuln:reference>
    </vuln:references>
    <vuln:references xml:lang="en" reference_type="UNKNOWN">
      <vuln:source>XF</vuln:source>
      <vuln:reference href="http://xforce.iss.net/static/5203.php" xml:lang="en">w2k-still-image-service</vuln:reference>
    </vuln:references>
    <vuln:summary>Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.</vuln:summary>
  </entry>
  <entry id="CVE-2004-0685">
  ...

我执行以下操作

$url    = 'http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml';
$source = file_get_contents($url);
$xml    = new SimpleXMLElement($source);

如果我回显 $source,那么我会看到整个 XML 文件已被加载,但如果我 print_r $xml,则只有 id 被回显:

SimpleXMLElement Object
(
    [@attributes] => Array
        (
            [nvd_xml_version] => 2.0
            [pub_date] => 2013-07-11T12:00:45
        )

    [entry] => Array
        (
            [0] => SimpleXMLElement Object
                (
                    [@attributes] => Array
                        (
                            [id] => CVE-2000-0851
                        )

                )

            [1] => SimpleXMLElement Object
                (
                    [@attributes] => Array
                        (
                            [id] => CVE-2004-0685
                        )

                )

为什么我错过了“条目”标签中的所有信息

4

1 回答 1

2

也许这可以让你开始:

<?php

$url    = 'http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml';
$source = file_get_contents($url);
$xml    = new SimpleXMLElement($source);

$entries = $xml->entry;

foreach ($entries as $entry) {
    $namespace = $entry->getNameSpaces(true);
    $tmp       = $entry->children($namespace['vuln']);
    //print_r($namespace);
    print_r($tmp);
    break;
}

输出:

SimpleXMLElement Object
(
    [vulnerable-configuration] => SimpleXMLElement Object
        (
        )

    [vulnerable-software-list] => SimpleXMLElement Object
        (
            [product] => cpe:/o:microsoft:windows_2000
        )

    [cve-id] => CVE-2000-0851
    [published-datetime] => 2000-11-14T00:00:00.000-05:00
    [last-modified-datetime] => 2013-07-06T00:11:34.357-04:00
    [cvss] => SimpleXMLElement Object
        (
        )

    [security-protection] => ALLOWS_OTHER_ACCESS
    [references] => Array
        (
            [0] => SimpleXMLElement Object
                (
                    [source] => BID
                    [reference] => 1651
                )

            [1] => SimpleXMLElement Object
                (
                    [source] => MS
                    [reference] => MS00-065
                )

            [2] => SimpleXMLElement Object
                (
                    [source] => ATSTAKE
                    [reference] => A090700-1
                )

            [3] => SimpleXMLElement Object
                (
                    [source] => XF
                    [reference] => w2k-still-image-service
                )

        )

    [summary] => Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
)

您可以取消注释print_r($namespace),以查看自定义命名空间包含的内容。

如果我打印出来$namespace,输出是:

Array
(
    [] => http://scap.nist.gov/schema/feed/vulnerability/2.0
    [vuln] => http://scap.nist.gov/schema/vulnerability/0.4
    [cpe-lang] => http://cpe.mitre.org/language/2.0
    [cvss] => http://scap.nist.gov/schema/cvss-v2/0.2
    [xml] => http://www.w3.org/XML/1998/namespace
)

然后要获取vulnerable-configuration的属性,只需使用->getAttribute('name')

这方面的一个例子是:

print_r($tmp->{"vulnerable-configuration"}->attributes());

您应该将名称放入其中,{}因为它包含无效字符。

上面应该打印出来:

SimpleXMLElement Object
(
    [@attributes] => Array
        (
            [id] => http://nvd.nist.gov/
        )

)

如果您事先不知道这些值,您仍然可以遍历$namespace变量:

foreach ($namespaces as $namespace) {
    $tmp = $entry->children($namespace);
    print_r($tmp);
}

其输出将是:

SimpleXMLElement Object
(
)
SimpleXMLElement Object
(
    [vulnerable-configuration] => SimpleXMLElement Object
        (
        )

    [vulnerable-software-list] => SimpleXMLElement Object
        (
            [product] => cpe:/o:microsoft:windows_2000
        )

    [cve-id] => CVE-2000-0851
    [published-datetime] => 2000-11-14T00:00:00.000-05:00
    [last-modified-datetime] => 2013-07-06T00:11:34.357-04:00
    [cvss] => SimpleXMLElement Object
        (
        )

    [security-protection] => ALLOWS_OTHER_ACCESS
    [references] => Array
        (
            [0] => SimpleXMLElement Object
                (
                    [source] => BID
                    [reference] => 1651
                )

            [1] => SimpleXMLElement Object
                (
                    [source] => MS
                    [reference] => MS00-065
                )

            [2] => SimpleXMLElement Object
                (
                    [source] => ATSTAKE
                    [reference] => A090700-1
                )

            [3] => SimpleXMLElement Object
                (
                    [source] => XF
                    [reference] => w2k-still-image-service
                )

        )

    [summary] => Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
)
SimpleXMLElement Object
(
)
SimpleXMLElement Object
(
)
SimpleXMLElement Object
(
)
于 2013-07-11T18:03:12.457 回答