xaitax / sploitscan Goto Github PK

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

License: GNU General Public License v3.0

Python 71.48% Dockerfile 0.31% HTML 28.20%

sploitscan's Issues

IndexError: list index out of range while processing EPSS data

Hello, Alexander,

I'd like to report that trying to run the current git version of Sploitscan, I get the following strack trace:

$ python3 ./sploitscan.py CVE-2024-7589
...
v0.10.4 / Alexander Hagenah / @xaitax / [email protected]
...
───[ ♾️ Exploit Prediction Score (EPSS) ]
|
└ ❌ No data found.
...
┌───[ 🕵️ HackerOne Hacktivity ]
|
└ ❌ No data found.

Traceback (most recent call last):
  File "/tmp/SploitScan/./sploitscan.py", line 6, in <module>
    cli()
  File "/tmp/SploitScan/sploitscan/sploitscan.py", line 1084, in cli
    main(args.cve_ids, args.export, args.import_file, args.type, args.config, args.debug)
  File "/tmp/SploitScan/sploitscan/sploitscan.py", line 1004, in main
    cve_details = compile_cve_details(cve_id, cve_data, epss_data, relevant_cisa_data, public_exploits)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/tmp/SploitScan/sploitscan/sploitscan.py", line 935, in compile_cve_details
    epss_score = epss_data["data"][0].get("epss", "N/A") if epss_data and "data" in epss_data else "N/A"
                 ~~~~~~~~~~~~~~~~~^^^
IndexError: list index out of range

Error fetching data from VulnCheck: 401

after adding my API key from VulnCheck this msg appears
Error fetching data from VulnCheck: 401 Client Error: Unauthorized for url: https://api.vulncheck.com/v3/index/vulncheck-kev?cve=CVE-2024-3494

and I`m already in the VulnCheck

Regression?

Try this
./sploitscan CVE-2020-8813...

With v0.10.2 I get
┌───[ 💥 VulnCheck Exploits ]
|
├ Date: 2022-09-30
└ URL: https://github.com/p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime
|
├ Date: 2021-05-11
└ URL: https://github.com/0xm4ud/Cacti-CVE-2020-8813

With v0.10.3 - no VulnCheck Exploit section in output! Nothing at all. Same with other CVEs...

AI-Powered Risk Assessment Error

I put in my API key from OpenAI and edited in the conf file. When I run with a nessus file, I got this error.

┌───[ 🤖 AI-Powered Risk Assessment ] | | ❌ Error fetching data from OpenAI: Error code: 404 - {'error': {'message': 'The model `gpt-4o` | does not exist or you do not have access to it.', 'type': 'invalid_request_error', 'param': None, | 'code': 'model_not_found'}}

Feature request: Microsoft monthly patch review

I would like to findout if you help automating the process of checking all the monthly patches from Microsoft on Patch Tuesday and passing each CVE ID through a script, I use the script https://github.com/Immersive-Labs-Sec/msrc-api/blob/main/patch_review.py, is it possible to take the each of the cve ID and pass it through your script to output?

File location

Hi Alexander!
I hope you are well!
It's always good to talk to you!

There is an RC bug open for sploitscan and I need to close it:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072816

The problem is that there are two files in the main package:
config.json
templates/report_template.html

I would like to know if they are necessary for the module to function?

If not, I will move to another location.
If you can explain I would be very grateful as I will reference this issue when closing Bug RC.

grateful!

API key for VulnCheck is not configured correctly

Hi,

I copied my VulnCheck API key to config.json file like this:

{
"vulncheck_api_key": "vulncheck_64b239d2f920 [etc..long alphanum string]...644a043",
"openai_api_key": ""
}

I have this config file in local directory, and in ~/.config/sploitscan and /etc/sploitscan directories.
I keep getting the error as in the title above:

"API key for VulnCheck is not configured correctly"

In html export file the section "VulnCheck exploits" is empty... Not even "N/A" as in other empty sections.

Regards,
cikasole

Read archive with CVEs

I thought about implementing a file entry, where it reads the file that contains the CVEs. This way, if the user wants to check a file with more CVEs, the input may be better.

`import pandas as pd

def read_cve_ids(file_path):
cve_pattern = r'\bCVE-\d{4}-\d{4,7}\b'
cve_ids = set()

try:
    if file_path.endswith('.csv'):
        data = pd.read_csv(file_path)
    elif file_path.endswith('.xlsx'):
        data = pd.read_excel(file_path)
    elif file_path.endswith('.json'):
        data = pd.read_json(file_path)
    else:
        with open(file_path, 'r') as file:
            data = file.read()

    cves_found = re.findall(cve_pattern, str(data))

    cve_ids.update(cves_found)

except Exception as e:
    print(f"Erro ao ler o arquivo: {e}")

return cve_ids`

-m parameter cannot be used

docker setting config.json

when i creat config.json file on the $(pwd) .

sudo docker run -v $(pwd)config.json:/etc/sploitscan/config.json --rm sploitscan CVE-2024-1709
┌───[  VulnCheck Exploits ]
|
└ API key for VulnCheck is not configured correctly.

┌───[ 烙 AI-Powered Risk Assessment ]
|
| ❌ OpenAI API key is not configured correctly.
|
└────────────────────────────────────────

Sometime crash with 'not enough values to unpack (expected 2, got 1)' for some CVE IDs

I'm using the version packaged by Debian: sploitscan/unstable,now 0.10.3-1
for some CVE IDs (not all), sploiscan crash (CVE-2024-36387 is OK for example)

❯ sploitscan CVE-2024-5535

███████╗██████╗ ██╗      ██████╗ ██╗████████╗███████╗ ██████╗ █████╗ ███╗   ██╗
██╔════╝██╔══██╗██║     ██╔═══██╗██║╚══██╔══╝██╔════╝██╔════╝██╔══██╗████╗  ██║
███████╗██████╔╝██║     ██║   ██║██║   ██║   ███████╗██║     ███████║██╔██╗ ██║
╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   ╚════██║██║     ██╔══██║██║╚██╗██║
███████║██║     ███████╗╚██████╔╝██║   ██║   ███████║╚██████╗██║  ██║██║ ╚████║
╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   ╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝
v0.10.3 / Alexander Hagenah / @xaitax / [email protected]

╔═══════════════════════╗
║ CVE ID: CVE-2024-5535 ║
╚═══════════════════════╝

┌───[ 🔍 Vulnerability information ]
|
├ Published:   2024-06-27
├ Base Score:  N/A (N/A)
├ Vector:      N/A
└ Description: 

[…]

┌───[ ♾️  Exploit Prediction Score (EPSS) ]
|
└ EPSS Score:  0.04% Probability of exploitation.

┌───[ 🛡️  CISA KEV Catalog ]
|
└ ❌ No data found.

Traceback (most recent call last):
  File "/usr/bin/sploitscan", line 8, in <module>
    sys.exit(cli())
             ^^^^^
  File "/usr/lib/python3/dist-packages/sploitscan/sploitscan.py", line 1067, in cli
    main(args.cve_ids, args.export, args.import_file, args.type, args.config, args.debug)
  File "/usr/lib/python3/dist-packages/sploitscan/sploitscan.py", line 984, in main
    public_exploits = fetch_and_display_public_exploits(cve_id)
                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/sploitscan/sploitscan.py", line 880, in fetch_and_display_public_exploits
    display_public_exploits(github_data, vulncheck_data, exploitdb_data, packetstorm_data, nuclei_data, vulncheck_error)
  File "/usr/lib/python3/dist-packages/sploitscan/sploitscan.py", line 365, in display_public_exploits
    exploits, total = template(True)
    ^^^^^^^^^^^^^^^
ValueError: not enough values to unpack (expected 2, got 1)

Nessus import errors

Have tried importing two different nessus files and both have returned the same error. Am not the best with python, so any thoughts? Is this coding, or did I miss a syntax where I needed to provide an api key?

Syntax used:
python sploitscan.py --import-file /path/to/file/filename.nessus --type nessus

Fetching GitHub exploits / PoC:

❌ An error occurred fetching PoC data: HTTPSConnectionPool(host='poc-in-github.motikan2010.net', port=443): Max retries exceeded with url: /api/v1/?cve_id=CVE-2012-0159&sort=stargazers_count (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')))
Traceback (most recent call last):
File "/home/kali/Desktop/SploitScan/sploitscan.py", line 703, in
main(args.cve_ids, args.export, args.import_file, args.type)
File "/home/kali/Desktop/SploitScan/sploitscan.py", line 586, in main
cve_result = collect_cve_data(cve_id)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/kali/Desktop/SploitScan/sploitscan.py", line 622, in collect_cve_data
display_github_data(github_data)
File "/home/kali/Desktop/SploitScan/sploitscan.py", line 164, in display_github_data
if "pocs" in data and len(data["pocs"]) > 0:
^^^^^^^^^^^^^^
TypeError: argument of type 'NoneType' is not iterable

CVE numbers in title lines are missing (in html output)?

Hi,

I've tried -e html option on v0.10.3.
It seems that the titles for CVEs in output html report are missing.

I tried on a long list of CVEs, and on just one CVE... Only grey strips without CVE numbers.

Best regards,

Search Exploit in ExploitDB

I implemented a query in exploitDB, where it queries the existence of exploits for that CVE. I believe this new implemented base could be interesting

`def fetch_exploitdb_data(cve_id):
try:
response = requests.get("https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv?ref_type=heads")
response.raise_for_status()
exploitdb_data = response.text

    # Procurando a CVE no campo "codes"
    cve_pattern = re.compile(r"CVE-\d{4}-\d{4,7}")
    csv_reader = csv.DictReader(exploitdb_data.splitlines())
    relevant_data = []
    for row in csv_reader:
        if cve_pattern.search(row["codes"]) and cve_id in row["codes"]:
            relevant_data.append(row)
    
    return relevant_data
    
except requests.exceptions.RequestException as e:
    print(f"❌ An error occurred fetching exploitdb data: {e}")
    return None

def display_exploitdb_data(exploitdb_data, cve_id):
if exploitdb_data:
print("ExploitDB Data:\n")
headers = ["Name", "Author", "Date", "URL"]
table = []

    for data in exploitdb_data:
        cve_id_display = cve_id
        date_published = data.get("date", "N/A")
        author = data.get("author", "N/A")
        exploit_id = data.get("id", "N/A")
        url = f"https://www.exploit-db.com/exploits/{exploit_id}"

        row = [cve_id_display, author, date_published, url]
        table.append(row)

    print(tabulate(table, headers=headers, tablefmt="fancy_grid") + "\n")
else:
    print("No ExploitDB data found.\n")`

Error while exporting to html

Hi,

I get an error with this CVE code:

└─# ./sploitscan.py CVE-2023-5678 -e html
....
....
Error exporting to HTML: 'dict object' has no attribute 'cvssV3_1'

I tried export to csv, and it works fine.
Can you, please, help me with this?

Best regards,
cikasole

CSV Export crash

python3 sploitscan.py -e csv CVE-2024-26600 CVE-2024-26808

███████╗██████╗ ██╗ ██████╗ ██╗████████╗███████╗ ██████╗ █████╗ ███╗ ██╗
██╔════╝██╔══██╗██║ ██╔═══██╗██║╚══██╔══╝██╔════╝██╔════╝██╔══██╗████╗ ██║
███████╗██████╔╝██║ ██║ ██║██║ ██║ ███████╗██║ ███████║██╔██╗ ██║
╚════██║██╔═══╝ ██║ ██║ ██║██║ ██║ ╚════██║██║ ██╔══██║██║╚██╗██║
███████║██║ ███████╗╚██████╔╝██║ ██║ ███████║╚██████╗██║ ██║██║ ╚████║
╚══════╝╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚══════╝ ╚═════╝╚═╝ ╚═╝╚═╝ ╚═══╝
v0.10.5 / Alexander Hagenah / @xaitax / [email protected]

╔════════════════════════╗
║ CVE ID: CVE-2024-26600 ║
╚════════════════════════╝

┌───[ 🔍 Vulnerability information ]
|
├ Published: 2024-02-24
├ Base Score: N/A (N/A)
├ Vector: N/A
└ Description: In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL
pointer dereference for SRP If the external phy working together with phy-omap-usb2
does not implement send_srp(), we may still attempt to call it. This can happen on an
idle Ethernet gadget triggering a wakeup for example: configfs-gadget.g1 gadget.0:
ECM Suspend configfs-gadget.g1 gadget.0: Port suspended. Triggering wakeup ... Unable
to handle kernel NULL pointer dereference at virtual address 00000000 when execute
... PC is at 0x0 LR is at musb_gadget_wakeup+0x1d4/0x254 [musb_hdrc] ...
musb_gadget_wakeup [musb_hdrc] from usb_gadget_wakeup+0x1c/0x3c [udc_core]
usb_gadget_wakeup [udc_core] from eth_start_xmit+0x3b0/0x3d4 [u_ether] eth_start_xmit
[u_ether] from dev_hard_start_xmit+0x94/0x24c dev_hard_start_xmit from
sch_direct_xmit+0x104/0x2e4 sch_direct_xmit from __dev_queue_xmit+0x334/0xd88
__dev_queue_xmit from arp_solicit+0xf0/0x268 arp_solicit from neigh_probe+0x54/0x7c
neigh_probe from __neigh_event_send+0x22c/0x47c __neigh_event_send from
neigh_resolve_output+0x14c/0x1c0 neigh_resolve_output from
ip_finish_output2+0x1c8/0x628 ip_finish_output2 from ip_send_skb+0x40/0xd8
ip_send_skb from udp_send_skb+0x124/0x340 udp_send_skb from udp_sendmsg+0x780/0x984
udp_sendmsg from __sys_sendto+0xd8/0x158 __sys_sendto from ret_fast_syscall+0x0/0x58
Let's fix the issue by checking for send_srp() and set_vbus() before calling them.
For USB peripheral only cases these both could be NULL.

┌───[ ♾️ Exploit Prediction Score (EPSS) ]
|
└ EPSS Score: 0.04% Probability of exploitation.

┌───[ 🛡️ CISA KEV Catalog ]
|
└ ❌ No data found.

┌───[ 💣 Public Exploits (Total: 0) ]
|
│
└ Other
└ PacketStorm: https://packetstormsecurity.com/search/?q=CVE-2024-26600

┌───[ 🕵️ HackerOne Hacktivity ]
|
├ Rank: 6916
├ Reports: 0
└ Severity: Unknown: 0 / None: 0 / Low: 0 / Medium: 0 / High: 0 / Critical: 0

┌───[ 🤖 AI-Powered Risk Assessment ]
|
|
| ❌ OpenAI API key is not configured correctly.
|
└────────────────────────────────────────

┌───[ ⚠️ Patching Priority Rating ]
|
└ Priority: D

╔════════════════════════╗
║ CVE ID: CVE-2024-26808 ║
╚════════════════════════╝

┌───[ 🔍 Vulnerability information ]
|
├ Published: 2024-04-04
├ Base Score: N/A (N/A)
├ Vector: N/A
└ Description: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter:
handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from
inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale
reference to netdevice remains in the hook list.

┌───[ ♾️ Exploit Prediction Score (EPSS) ]
|
└ EPSS Score: 0.04% Probability of exploitation.

┌───[ 🛡️ CISA KEV Catalog ]
|
└ ❌ No data found.

┌───[ 💣 Public Exploits (Total: 0) ]
|
└ ❌ No data found.

┌───[ 🕵️ HackerOne Hacktivity ]
|
├ Rank: 6916
├ Reports: 0
└ Severity: Unknown: 0 / None: 0 / Low: 0 / Medium: 0 / High: 0 / Critical: 0

┌───[ ⚠️ Patching Priority Rating ]
|
└ Priority: D

┌───[ 📚 Further References ]
|
├ https://git.kernel.org/stable/c/9489e214ea8f2a90345516016aa51f2db3a8cc2f
├ https://git.kernel.org/stable/c/70f17b48c86622217a58d5099d29242fc9adac58
├ https://git.kernel.org/stable/c/af149a46890e8285d1618bd68b8d159bdb87fdb3
├ https://git.kernel.org/stable/c/e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4
├ https://git.kernel.org/stable/c/36a0a80f32209238469deb481967d777a3d539ee
├ https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913
└ https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

┌───[ 📁 CSV Export ]
|
Traceback (most recent call last):
File "C:\Users\Admin\SploitScan\sploitscan.py", line 6, in
cli()
File "C:\Users\Admin\SploitScan\sploitscan\sploitscan.py", line 1087, in cli
main(args.cve_ids, args.export, args.import_file, args.type, args.config, args.debug)
File "C:\Users\Admin\SploitScan\sploitscan\sploitscan.py", line 1037, in main
export_to_csv(all_results, cve_ids)
File "C:\Users\Admin\SploitScan\sploitscan\sploitscan.py", line 849, in export_to_csv
display_data("📁 CSV Export", all_results, template)
File "C:\Users\Admin\SploitScan\sploitscan\sploitscan.py", line 203, in display_data
for line in template(data):
File "C:\Users\Admin\SploitScan\sploitscan\sploitscan.py", line 846, in template
writer.writerow(item)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\csv.py", line 154, in writerow
return self.writer.writerow(self._dict_to_list(rowdict))
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\encodings\cp1252.py", line 19, in encode
return codecs.charmap_encode(input,self.errors,encoding_table)[0]
UnicodeEncodeError: 'charmap' codec can't encode character '\u274c' in position 7668: character maps to

include python3 shebang

w0rd up,

nice work, minimal change proposal: how about including

#!/usr/bin/env python3

in the first line of sploitscan.py,

regards

Package for Debian

Hi!
I'm a Debian packager, I found your work interesting. I'm taking it to our distro.
I noticed that you didn't make the setupy /pyproject.tolm configuration file available.
What version of this project would be? Would you like to version it?

Nilson

Read CVSS 2.0

I change the code so that it can read oldest CVSS type 2.0, but always giving priority to 3.x

`def display_nvd_data(cve_data):
if (
cve_data
and "vulnerabilities" in cve_data
and len(cve_data["vulnerabilities"]) > 0
):
cve_item = cve_data["vulnerabilities"][0]["cve"]
published = cve_item.get("published", "")
if published:
published_date = datetime.datetime.fromisoformat(published)
published = published_date.strftime("%Y-%m-%d")

    descriptions = cve_item.get("descriptions", [])
    description = next(
        (desc["value"] for desc in descriptions if desc["lang"] == "en"),
        "No description available",
    )

    metrics = cve_item.get("metrics", {})
    baseScore = baseSeverity = vectorString = "N/A"

    # First try to get CVSS v3*
    for key, value in metrics.items():
        if key.startswith("cvssMetricV3"):
            cvss_data = value[0].get("cvssData", {})
            baseScore = cvss_data.get("baseScore", "N/A")
            baseSeverity = cvss_data.get("baseSeverity", "N/A")
            vectorString = cvss_data.get("vectorString", "N/A")
            break  # Stop at the first occurrence

    # If CVSS v3* is not available, try to get CVSS v2
    if baseScore == "N/A":
        for key, value in metrics.items():
            if key.startswith("cvssMetricV2"):
                cvss_data = value[0].get("cvssData", {})
                baseScore = cvss_data.get("baseScore", "N/A")
                baseSeverity = cvss_data.get("baseSeverity", "N/A")
                vectorString = cvss_data.get("vectorString", "N/A")
                break  # Stop at the first occurrence

    label_width = max(
        len("Description:"),
        len("Published:"),
        len("Base Score:"),
        len("Base Severity:"),
        len("Vector String:"),
    )
    description_label = "Description:".ljust(label_width)
    published_label = "Published:".ljust(label_width)
    base_score_label = "Base Score:".ljust(label_width)
    base_severity_label = "Base Severity:".ljust(label_width)
    vector_string_label = "Vector String:".ljust(label_width)

    print(
        f"\n{description_label} {description}\n"
        f"{published_label} {published}\n"
        f"{base_score_label} {baseScore}\n"
        f"{base_severity_label} {baseSeverity}\n"
        f"{vector_string_label} {vectorString}\n"
    )
else:
    print("\n❌ No NVD data found for this CVE ID.\n")`

The import xml from openVAS is alredy work?

API Key issues with load_config() logic and config.json issues

Parsing API keys took a few stabs...

Config.json, despite creating in ~/.sploitscan/ will not be honoured in current logic if the default one provided is not removed, which isn't necessarily clear in the instructions/README
Config.json, kept complaining about "Error decoding JSON from the config file", and after adding some debugging to the code, python 3.12.3 on Ubuntu 24 complained about the extra spaces between colon : and start of variable in double quotes "Error decoding JSON from the config file /home/jasonh/SploitScan/sploitscan/config.json: Expecting property name enclosed in double quotes: line 2 column 1 (char 2)". Removing the extra space helped.
Made some minor code changes to better handle errors during load_config, you may wish to consider these

def load_config():
    default_config = {"vulncheck_api_key": None, "openai_api_key": None}
    base_path = os.path.dirname(os.path.abspath(__file__))
    config_paths = [
        os.path.join(base_path, "config.json"),
        os.path.expanduser("~/.sploitscan/config.json"),
        os.path.expanduser("~/.config/sploitscan/config.json"),
        "/etc/sploitscan/config.json",
    ]

    for config_path in config_paths:
        if os.path.exists(config_path):
            try:
                print(f"Attempting to load config file from: {config_path}")  # Debugging statement
                with open(config_path, "r", encoding="utf-8") as file:
                    config = json.load(file)
                    print(f"Successfully loaded config file: {config_path}")  # Debugging statement
                    return config
            except json.JSONDecodeError as e:
                print(f"⚠️ Error decoding JSON from the config file {config_path}: {e}")
            except Exception as e:
                print(f"⚠️ Unexpected error reading config file {config_path}: {e}")
    
    print("⚠️ Config file not found in any checked locations, using default settings.")
    return default_config

Error with variable vulncheck_data: 'NoneType' object has no attribute 'get'

When vulncheck_data is "None" the script gives the following error
https://github.com/xaitax/SploitScan/blob/main/sploitscan.py#L385

Traceback (most recent call last):
  File "/usr/bin/sploitscan", line 31, in <module>
    main(args.cve_ids, args.export)
  File "/usr/share/sploitscan/sploitscan.py", line 708, in main
    cve_result = collect_cve_data(cve_id)
                 ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/share/sploitscan/sploitscan.py", line 658, in collect_cve_data
    priority = calculate_priority(
               ^^^^^^^^^^^^^^^^^^^
  File "/usr/share/sploitscan/sploitscan.py", line 385, in calculate_priority
    or bool(vulncheck_data.get("data"))
            ^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'get'

xaitax / sploitscan Goto Github PK

sploitscan's Issues

Recommend Projects

Recommend Topics

Recommend Org