Ejemplo n.º 1
0
 def generate_full_query(self, f):
     query = self.generate_minimal_query(f)
     if current_user.is_authenticated():
         if f['blacklistSelect'] == "on":
             regexes = db.getRules('blacklist')
             if len(regexes) != 0:
                 exp = "^(?!" + "|".join(regexes) + ")"
                 query.append({
                     '$or': [{
                         'vulnerable_configuration': re.compile(exp)
                     }, {
                         'vulnerable_configuration': {
                             '$exists': False
                         }
                     }, {
                         'vulnerable_configuration': []
                     }]
                 })
         if f['whitelistSelect'] == "hide":
             regexes = db.getRules('whitelist')
             if len(regexes) != 0:
                 exp = "^(?!" + "|".join(regexes) + ")"
                 query.append({
                     '$or': [{
                         'vulnerable_configuration': re.compile(exp)
                     }, {
                         'vulnerable_configuration': {
                             '$exists': False
                         }
                     }, {
                         'vulnerable_configuration': []
                     }]
                 })
         if f['unlistedSelect'] == "hide":
             wlregexes = tk.compile(db.getRules('whitelist'))
             blregexes = tk.compile(db.getRules('blacklist'))
             query.append({
                 '$or': [{
                     'vulnerable_configuration': {
                         '$in': wlregexes
                     }
                 }, {
                     'vulnerable_configuration': {
                         '$in': blregexes
                     }
                 }]
             })
     return query
Ejemplo n.º 2
0
    def markCPEs(self, cve):
        blacklist = tk.compile(db.getRules('blacklist'))
        whitelist = tk.compile(db.getRules('whitelist'))

        for conf in cve['vulnerable_configuration']:
            conf['list'] = 'none'
            conf['match'] = 'none'
            for w in whitelist:
                if w.match(conf['id']):
                    conf['list'] = 'white'
                    conf['match'] = w
            for b in blacklist:
                if b.match(conf['id']):
                    conf['list'] = 'black'
                    conf['match'] = b
        return cve
Ejemplo n.º 3
0
  def markCPEs(self, cve):
    blacklist = tk.compile(db.getRules('blacklist'))
    whitelist = tk.compile(db.getRules('whitelist'))

    for conf in cve['vulnerable_configuration']:
        conf['list'] = 'none'
        conf['match'] = 'none'
        for w in whitelist:
            if w.match(conf['id']):
                conf['list'] = 'white'
                conf['match'] = w
        for b in blacklist:
            if b.match(conf['id']):
                conf['list'] = 'black'
                conf['match'] = b
    return cve
Ejemplo n.º 4
0
 def list_mark(self, listed, cveList):
   if listed not in ['white', 'black']: return list(cves)
   items = tk.compile(db.getRules(listed+'list'))
   # check the cpes (full or partially) in the black/whitelist
   for i, cve in enumerate(list(cveList)): # the list() is to ensure we don't have a pymongo cursor object
     for c in cve['vulnerable_configuration']:
       if any(regex.match(c) for regex in items):
         cveList[i][listed+'listed'] = 'yes'
   return cveList
Ejemplo n.º 5
0
 def list_mark(self, listed, cveList):
   if listed not in ['white', 'black']: return list(cves)
   items = tk.compile(db.getRules(listed+'list'))
   # check the cpes (full or partially) in the black/whitelist
   for i, cve in enumerate(list(cveList)): # the list() is to ensure we don't have a pymongo cursor object
     for c in cve['vulnerable_configuration']:
       if any(regex.match(c) for regex in items):
         cveList[i][listed+'listed'] = 'yes'
   return cveList
Ejemplo n.º 6
0
 def generate_full_query(self, f):
   query = self.generate_minimal_query(f)
   if current_user.is_authenticated():
       if f['blacklistSelect'] == "on":
           regexes = db.getRules('blacklist')
           if len(regexes) != 0:
               exp = "^(?!" + "|".join(regexes) + ")"
               query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                     {'vulnerable_configuration': {'$exists': False}},
                                     {'vulnerable_configuration': []} ]})
       if f['whitelistSelect'] == "hide":
           regexes = db.getRules('whitelist')
           if len(regexes) != 0:
               exp = "^(?!" + "|".join(regexes) + ")"
               query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                     {'vulnerable_configuration': {'$exists': False}},
                                     {'vulnerable_configuration': []} ]})
       if f['unlistedSelect'] == "hide":
           wlregexes = tk.compile(db.getRules('whitelist'))
           blregexes = tk.compile(db.getRules('blacklist'))
           query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
                                 {'vulnerable_configuration': {'$in': blregexes}}]})
   return query