def whitelistlast(r): if not r: r = 0 cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.get(limit=50, skip=r) cve=whitelist_logic(cve) return render_template('whitelist.html', cve=cve, r=r)
def cve(cveid): cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.getcve(cveid=cveid) cve = markCPEs(cve) if cve is None: return page_not_found(404) return render_template('cve.html', cve=cve)
action='store_true', default=False, help='Verbose logging') argParser.add_argument('-l', default=None, help='Number of last entries to index') argParser.add_argument( '-n', action='store_true', default=False, help= 'lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration to add in the index' ) args = argParser.parse_args() c = cves.last(namelookup=args.n) indexpath = Configuration.getIndexdir() from whoosh.index import create_in, exists_in, open_dir from whoosh.fields import * schema = Schema(title=TEXT(stored=True), path=ID(stored=True, unique=True), content=TEXT) if not os.path.exists(indexpath): os.mkdir(indexpath) if not exists_in(indexpath): ix = create_in(indexpath, schema)
argParser.add_argument('-c', action='append', help='search one or more CVE-ID') argParser.add_argument('-o', type=str, help='O = output format [csv|html|json|xml|cveid]') argParser.add_argument('-l', action='store_true', help='sort in descending mode') argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration') argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration') argParser.add_argument('-v', type=str, help='vendor name to lookup in reference URLs') args = argParser.parse_args() vSearch = args.p cveSearch = args.c vOutput = args.o vFreeSearch = args.f sLatest = args.l namelookup = args.n rankinglookup = args.r cves = cves.last(rankinglookup = rankinglookup, namelookup = namelookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r'\(','%28', vSearch) vSearch = re.sub(r'\)','%29', vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 from xml.etree.ElementTree import Element, SubElement, tostring
collection = db.cves def dumpallcveid(): cveid = [] for x in collection.find({}).sort('_id', 1): cveid.append(x['id']) return cveid argParser = argparse.ArgumentParser(description='Dump database in JSON format') argParser.add_argument('-r', action='store_true', help='Include ranking value') argParser.add_argument('-v', action='store_true', help='Include vfeed map') args = argParser.parse_args() if args.r: rankinglookup = True else: rankinglookup = False if args.v: vfeedlookup = True else: vfeedlookup = False l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup) for cveid in dumpallcveid(): item = l.getcve(cveid=cveid) print(json.dumps(item, sort_keys=True, default=json_util.default))
import argparse sys.path.append("./lib/") import cves connect = pymongo.Connection() db = connect.cvedb collection = db.cves argParser = argparse.ArgumentParser(description='Fulltext indexer for the MongoDB CVE collection') argParser.add_argument('-v', action='store_true', help='Verbose logging', default=False) argParser.add_argument('-l', help='Number of last entries to index', default=None) argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration to add in the index', default=False) args = argParser.parse_args() c = cves.last(namelookup = args.n) indexpath = "./indexdir" from whoosh.index import create_in, exists_in, open_dir from whoosh.fields import * schema = Schema(title=TEXT(stored=True), path=ID(stored=True,unique=True), content=TEXT) if not os.path.exists(indexpath): os.mkdir(indexpath) if not exists_in("indexdir"): ix = create_in("indexdir", schema) else: ix = open_dir("indexdir")
def lastrange(r): if not r: r = 0 cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.get(limit=50, skip=r) return render_template('index.html', cve=cve, r=r)
sys.path.append("./lib/") import cves argParser = argparse.ArgumentParser(description='Dump last CVE entries in RSS/Atom format ') argParser.add_argument('-f', type=str, help='Output format (rss1,rss2,atom)',default='rss1') argParser.add_argument('-l', type=int, help='Last n items (default:10)', default=10) args = argParser.parse_args() if args.l: last = args.l else: last = 10 ref = "http://adulau.github.com/cve-search/" cves = cves.last(rankinglookup = False, namelookup = False) from feedformatter import Feed feed = Feed() feed.feed['title'] = "cve-search Last "+str(last)+" CVE entries generated on "+str(datetime.datetime.now()) feed.feed['link'] = "http://adulau.github.com/cve-search/" feed.feed['author'] = "Generated with cve-search available at http://adulau.github.com/cve-search/" feed.feed['description'] = "" for x in cves.get(limit=last): item = {} item['title'] = str(x['id']) + " " + x['summary'][90:] item['description'] = x['summary'] item['pubDate'] = time.localtime() item['guid'] = x['id']
def whitelist(): cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.get(limit=50) cve=whitelist_logic(cve) return render_template('whitelist.html', cve=cve, r=0)
def last(): cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.get(limit=50) return render_template('index.html', cve=cve, r=0)
# connect to db db = Configuration.getMongoConnection() collection = db.cves def dumpallcveid (): cveid = [] for x in collection.find({}).sort('_id',1): cveid.append(x['id']) return cveid argParser = argparse.ArgumentParser(description='Dump database in JSON format') argParser.add_argument('-r', action='store_true', help='Include ranking value') argParser.add_argument('-v', action='store_true', help='Include vfeed map') args = argParser.parse_args() if args.r: rankinglookup=True else: rankinglookup=False if args.v: vfeedlookup=True else: vfeedlookup=False l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup) for cveid in dumpallcveid(): item = l.getcve(cveid=cveid) print (json.dumps(item, sort_keys=True, default=json_util.default))
argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration') argParser.add_argument('-v', type=str, help='vendor name to lookup in reference URLs') args = argParser.parse_args() vSearch = args.p cveSearch = args.c vOutput = args.o vFreeSearch = args.f sLatest = args.l namelookup = args.n rankinglookup = args.r cves = cves.last(rankinglookup=rankinglookup, namelookup=namelookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r'\(', '%28', vSearch) vSearch = re.sub(r'\)', '%29', vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 from xml.etree.ElementTree import Element, SubElement, tostring
argParser.add_argument('-f', action='store_true', help='output matching CVE(s) in JSON') argParser.add_argument('-m', type=int, default=False, help='most frequent terms)') argParser.add_argument('-l', action='store_true', default=False, help='dump all terms encountered in CVE description') argParser.add_argument('-g', action='store_true', default=False, help='graph of most frequent terms with each matching CVE (JSON output)') argParser.add_argument('-s', action='store_true', default=False, help='enable stemming on graph JSON output (default is False)') argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration') argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration') args = argParser.parse_args() if not args.q and not args.l and not args.g and not args.m: argParser.print_help() exit(1) if args.f or args.t: import cves cves = cves.last(rankinglookup=args.r, namelookup=args.n) from whoosh.query import * if args.q: with ix.searcher() as searcher: query = QueryParser("content", ix.schema).parse(" ".join(args.q)) results = searcher.search(query, limit=None) for x in results: if not args.f: print (x['path']) else: print(json.dumps(cves.getcve(x['path']), sort_keys=True, default=json_util.default)) if args.t and not args.f: print (" -- "+x['title']) elif args.m: xr = ix.searcher().reader()
help='Disable lookup CPE name (default is True)') argParser.add_argument( '-r', action='store_true', help= 'Enable CVE ranking (default is False) and only print entries with ranking' ) args = argParser.parse_args() if args.l: last = args.l else: last = 10 ref = "http://adulau.github.com/cve-search/" cves = cves.last(rankinglookup=args.r, namelookup=args.n) if not (args.f == "html"): from feedformatter import Feed feed = Feed() feed.feed['title'] = "cve-search Last " + str( last) + " CVE entries generated on " + str(datetime.datetime.now()) feed.feed['link'] = "http://adulau.github.com/cve-search/" feed.feed[ 'author'] = "Generated with cve-search available at http://adulau.github.com/cve-search/" feed.feed['description'] = "" else: print("<html><head>") print( "<style>.cve table { border-collapse: collapse; text-align: left; width: 100%; } .cve {font: normal 12px/150% Geneva, Arial, Helvetica, sans-serif; background: #fff; overflow: hidden; border: 1px solid #006699; -webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px; }.cve table td, .cve table th { padding: 3px 10px; }.cve table tbody td { color: #00496B; border-left: 1px solid #E1EEF4;font-size: 12px;font-weight: normal; }.cve table tbody .alt td { background: #E1EEF4; color: #00496B; }.cve table tbody td:first-child { border-left: none; }.cve table tbody tr:last-child td { border-bottom: none; }.cve table tfoot td div { border-top: 1px solid #006699;background: #E1EEF4;} .cve table tfoot td { padding: 0; font-size: 12px } .cve table tfoot td div{ padding: 0px; }</style>"
def main(): # Imports import os import sys _runPath = os.path.dirname(os.path.realpath(__file__)) sys.path.append(os.path.join(_runPath, "./lib/")) import re import argparse import csv from urllib.parse import urlparse import json from bson import json_util import cves from Config import Configuration # connect to DB db = Configuration.getMongoConnection() collection = db.cves # init control variables csvOutput = 0 htmlOutput = 0 jsonOutput = 0 xmlOutput = 0 # init various variables :-) vSearch = "" vOutput = "" vFreeSearch = "" # parse command-line arguments argParser = argparse.ArgumentParser(description='Search for vulnerabilities in the National Vulnerability DB. Data from http://nvd.nist.org.') argParser.add_argument('-p', type=str, help='S = search product, e.g. o:microsoft:windows_7 or o:cisco:ios:12.1') argParser.add_argument('-f', type=str, help='F = free text search in vulnerability summary') argParser.add_argument('-c', action='append', help='search one or more CVE-ID') argParser.add_argument('-o', type=str, help='O = output format [csv|html|json|xml|cveid]') argParser.add_argument('-l', action='store_true', help='sort in descending mode') argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration') argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration') argParser.add_argument('-v', type=str, help='vendor name to lookup in reference URLs') args = argParser.parse_args() vSearch = args.p cveSearch = args.c vOutput = args.o vFreeSearch = args.f sLatest = args.l namelookup = args.n rankinglookup = args.r cves = cves.last(rankinglookup = rankinglookup, namelookup = namelookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r'\(','%28', vSearch) vSearch = re.sub(r'\)','%29', vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 from xml.etree.ElementTree import Element, SubElement, tostring from xml.sax.saxutils import escape as SaxEscape r = Element('cve-search') elif vOutput == "json": jsonOutput = 1 elif vOutput == "cveid": cveidOutput = 1 else: cveidOutput = False # Print first line of html output if htmlOutput and args.p is not None: print("<html><body><h1>CVE search "+ args.p +" </h1>") elif htmlOutput and args.c is not None: print("<html><body><h1>CVE-ID "+ str(args.c) +" </h1>") # search default is ascending mode sorttype=1 if sLatest:sorttype=-1 def printCVE(item): if not namelookup and not rankinglookup: print(json.dumps(item, sort_keys=True, default=json_util.default)) else: if "vulnerable_configuration" in item: vulconf = [] ranking = [] for conf in item['vulnerable_configuration']: if namelookup: vulconf.append(cves.getcpe(cpeid=conf)) if rankinglookup: rank = cves.getranking(cpeid=conf) if rank and rank not in ranking: ranking.append(rank) if namelookup: item['vulnerable_configuration'] = vulconf if rankinglookup: item['ranking'] = ranking print(json.dumps(item, sort_keys=True, default=json_util.default)) if cveSearch: for cveid in cveSearch: for item in collection.find({'id': cveid}).sort("Modified",sorttype): printCVE(item) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: for item in collection.find({'summary': {'$regex' : re.compile(vFreeSearch, re.IGNORECASE)}}).sort("Modified",sorttype): print(item) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in collection.find({"vulnerable_configuration": {'$regex' : vSearch}}).sort("Modified",sorttype): if csvOutput: # We assume that the vendor name is usually in the hostame of the # URL to avoid any match on the resource part refs=[] for entry in item['references']: if args.v is not None: url = urlparse(entry) hostname = url.netloc if re.search(args.v, hostname): refs.append(entry) if not refs: refs = "[no vendor link found]" if namelookup: nl = " ".join(item['vulnerable_configuration']) csvoutput = csv.writer(sys.stdout, delimiter='|', quotechar='|', quoting=csv.QUOTE_MINIMAL) if not namelookup: csvoutput.writerow([item['id'],item['Published'],item['cvss'],item['summary'],refs]) else: csvoutput.writerow([item['id'],item['Published'],item['cvss'],item['summary'],refs,nl]) elif htmlOutput: print("<h2>"+item['id']+"<br></h2>CVSS score: "+item['cvss']+"<br>"+"<b>"+item['Published']+"<b><br>"+item['summary']+"<br>") print("References:<br>") for entry in item['references']: print(entry+"<br>") print("<hr><hr>") # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE(item) elif xmlOutput: c = SubElement(r,'id') c.text = item['id'] c = SubElement(r,'Published') c.text = item['Published'] c = SubElement(r,'cvss') c.text = item['cvss'] c = SubElement(r,'summary') c.text = SaxEscape(item['summary']) for e in item['references']: c = SubElement(r,'references') c.text = SaxEscape(e) for e in item['vulnerable_configuration']: c = SubElement(r,'vulnerable_configuration') c.text = SaxEscape(e) elif cveidOutput: print(item['id']) else: print("CVE\t: " + item['id']) print("DATE\t: " + item['Published']) print("CVSS\t: " + str(item['cvss'])) print(item['summary']) print("\nReferences:") print("-----------") for entry in item['references']: print(entry) print("\nVulnerable Configs:") print("-------------------") for entry in item['vulnerable_configuration']: if not namelookup: print(entry) else: print(cves.getcpe(cpeid=entry)) print("\n\n") if htmlOutput: print("</body></html>") if xmlOutput: # default encoding is UTF-8. Should this be detected on the terminal? s = tostring(r).decode("utf-8") print(s)