From fd9c865416b9c951020e11bc1f4c62c888d2e449 Mon Sep 17 00:00:00 2001
From: sullo <sullo@cirt.net>
Date: Fri, 8 Jul 2022 10:58:22 -0400
Subject: [PATCH] Add new sites to ban list (#2215)

* Add new sites to ban list
* ntelbras.com/
* andmp.com/
* blacklanternsecurity.com/
* pwnwiki.org/
* 0dayhack.net/
* correkt.horse/
* poc.wgpsec.org
* ctf\-writeup.revers3c.com/

* Update cve-annotate to use a contains instead of regex, as it's slightly faster

* Tighten up matchers a little

* small refactor

* Remove lead / from skip domains
Remove stray debug printf

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
---
 v2/cmd/cve-annotate/main.go | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/v2/cmd/cve-annotate/main.go b/v2/cmd/cve-annotate/main.go
index e2259326..1cc2fb47 100644
--- a/v2/cmd/cve-annotate/main.go
+++ b/v2/cmd/cve-annotate/main.go
@@ -74,12 +74,19 @@ var (
 const maxReferenceCount = 5
 
 // dead sites to skip for references
-var badrefsRegexes = []*regexp.Regexp{
-	regexp.MustCompile(`(www\.|\/)secunia\.com\/`),
-	regexp.MustCompile(`(www\.|\/)osvdb\.org\/`),
-	regexp.MustCompile(`(www\.|\/)securityfocus\.com\/`),
-	regexp.MustCompile(`(www\.|\/)iss\.net\/`),
-	regexp.MustCompile(`\/archives\.neohapsis\.com\/`),
+var badRefs = []string{
+	"osvdb.org/",
+	"securityfocus.com/",
+	"archives.neohapsis.com/",
+	"iss.net/",
+	"ntelbras.com/",
+	"andmp.com/",
+	"blacklanternsecurity.com/",
+	"pwnwiki.org/",
+	"0dayhack.net/",
+	"correkt.horse/",
+	"poc.wgpsec.org/",
+	"ctf-writeup.revers3c.com/",
 }
 
 func getCVEData(client *nvd.Client, filePath, data string) {
@@ -165,16 +172,10 @@ func getCVEData(client *nvd.Client, filePath, data string) {
 
 	// skip sites that are no longer alive
 	for _, reference := range cveItem.CVE.References.ReferenceData {
-		skip := false
-		for _, badrefsRegex := range badrefsRegexes {
-			if badrefsRegex.MatchString(reference.URL) {
-				skip = true
-				break
-			}
-		}
-		if !skip {
-			referenceDataURLs = append(referenceDataURLs, reference.URL)
+		if stringsutil.ContainsAny(reference.URL, badRefs...) {
+			continue
 		}
+		referenceDataURLs = append(referenceDataURLs, reference.URL)
 	}
 	hasReferenceData := len(cveItem.CVE.References.ReferenceData) > 0
 	areCveReferencesContained := sliceutil.ContainsItems(infoBlock.Info.Reference, referenceDataURLs)