Beispiel #1
0
    def getAndLoadProjectVersionIssuesHidden(self, id, elasticUrl):

        es = elasticUtil(elasticUrl)

        _issues = {'data': [], 'count': 0}
        
        _url = 'https://fortify.1dc.com/ssc/api/v1/projectVersions/{}/issues?start=0&limit=500&showhidden=true&showremoved=true&showsuppressed=true&showshortfilenames=true'.format(id)

        _moreRecords = True

        iCurrentRecord = 0

        while _moreRecords:

            response = requests.get(_url, auth=HTTPBasicAuth(self.sscUser, self.sscPassword), headers=self.headers)
            issues = json.loads(response.text)

            
            if _issues['count'] == 0:
                _issues['count'] = issues['count']
                logging.info('Downloading for {} issues'.format(_issues['count']))
            else:
                logging.info('Downloading at {} - {} of {} total records'.format(iCurrentRecord, len(issues['data']), _issues['count']))

            for issue in issues['data']:
                iCurrentRecord = iCurrentRecord + 1

                #logging.info(issue)

                if (issue['hidden'] == True):
                    
                    es.postSSCProjIssuesHidden(json.dumps(issue))
                #_issues['data'].append(issue)
                                   
            try:
                _url = issues['links']['next']['href']
        
            except KeyError:
                _moreRecords = False
                logging.info('no more records to download')
            except:
                _moreRecords = False
                logging.info('something else happened trying to get next href')
                '''print('In getProjectVersionIssues - Unexpected error:{}'.format(sys.exc_info()[0]))
                '''

        
        return True
Beispiel #2
0
    def getAndLoadFODVulnerability(self, releaseIdv, elasticUrl):

        logging.info('ReleaseId: {}'.format(releaseIdv))

        es = elasticUtil(elasticUrl)

        _fodvuls = {'data': [], 'count': 0}

        _Headers = {
            'Authorization': 'Bearer {}'.format(self.access_token),
            'Accept': 'application/json'
        }

        limit = 50
        vMore = True

        vCount = 0

        totalvCount = 9999

        while vMore:

            #print ('got into getVulnerability loop')

            _url = '{}/api/v3/releases/{}/vulnerabilities?offset={}&limit=50&includeFixed=true&includeSuppressed=true'.format(
                'https://api.ams.fortify.com', releaseIdv, vCount)
            logging.info(_url)

            response = requests.get(_url,
                                    headers=_Headers,
                                    proxies=self.proxyDict)

            _fodvuls = json.loads(response.text)

            if totalvCount == 9999:
                totalvCount = _fodvuls['totalCount']
                logging.info(totalvCount)

            for vulrel in _fodvuls['items']:
                #logging.info(vulrel)
                es.postFODRelIssues(vulrel)
                vCount = vCount + 1

            if vCount >= totalvCount:
                vMore = False

        return True
Beispiel #3
0
from ABCelasticUtils import elasticUtil
from configLogging import configLogging
from sscOpenVulCount import sscVulCounts
from fodOpenIssCount import fodIssCounts
from fodRemovedIssCount import fodRemIssCounts

with open('ABCsettings.json') as json_data:
    settings = json.load(json_data)

configLogging(settings)

fod = fodUtils()
fod.FODAuth(settings['client_id'], settings['client_secret'])

_url = settings['elasticURL']
es = elasticUtil(_url)
ssc = sscUtils()

ssc.sscAuth('F86GW27', 'FDKAppa268!')


def addVuls(vuls, inCount):

    loopCount = inCount
    for vul in vuls['hits']['hits']:

        loopCount = loopCount + 1

        sscVulns.addVul(vul)
        '''if (loopCount % 1000) == 0: