def getCriticalCVE():
conn = get_db_connection()
db_result = conn.execute('SELECT * FROM CVE_DATA', ).fetchall()
critical_cve_id = []
cve_list_CRITICAL = []
count = 0
for result in db_result:
current_cve = []
for data in result:
current_cve.append(data)
current_cve.pop(0)
if current_cve[3] != "N/A":
current_cve[3] = current_cve[3].split(" ")[0]
if 9.0 < float(current_cve[3]) <= 10:
critical_cve_id.append(current_cve[0])
count += 1
for cve in critical_cve_id:
infos = getRegisteredCveInfos(cve, full=False)
it = []
it.append(infos['cve_id'])
it.append(infos['cve_description'])
it.append(infos['cve_date'])
it.append(infos['cve_score'])
it.append(infos['cve_status'])
it.append(infos['cve_cpe'])
it.append(infos['cve_sources'])
it.append(infos['cve_mgmt_status'])
cve_list_CRITICAL.append(it)
if count == 0:
result = False
return render_template('details-cve-critical.html', result=result)
else:
return render_template('details-cve-critical.html',
cve_list_CRITICAL=cve_list_CRITICAL)
def cveUpdates():
conn = get_db_connection()
script_path = os.path.abspath(__file__)
dir_path = script_path.replace("secmon_web.py", "")
logfile = dir_path + "logs.txt"
count = 0
cves = []
if os.path.isfile(logfile) == True:
for line in reversed(list(open(logfile, encoding='utf8'))):
if "cve_updater" in line and 'type="update"' in line:
it = []
cve_id = re.findall('CVE-\d{4}-\d{4,7}', line)[0]
it.append(cve_id)
it.append(
line.split('"')[23].replace('message="',
"").replace('"', " "))
cves.append(it)
count += 1
if count >= 20:
break
if cves == []:
return render_template('cve-updates.html',
cves=cves,
no_updates="No CVE updates found recently.")
else:
return render_template('cve-updates.html', cves=cves)
def cveAlerts():
conn = get_db_connection()
script_path = os.path.abspath(__file__)
dir_path = script_path.replace("secmon_web.py", "")
logfile = dir_path + "logs.txt"
count = 0
cves = []
if os.path.isfile(logfile) == True:
for line in reversed(list(open(logfile, encoding='utf8'))):
if """source_script="cve_poller" """ in line and """type="new" """ in line:
it = []
cve_id = re.findall('CVE-\d{4}-\d{4,7}', line)[0]
infos = getRegisteredCveInfos(cve_id, full=False)
if infos != None:
it.append(infos['cve_id'])
it.append(infos['cve_description'])
it.append(infos['cve_date'])
it.append(infos['cve_score'])
it.append(infos['cve_status'])
it.append(infos['cve_cpe'])
it.append(infos['cve_sources'])
it.append(infos['cve_mgmt_status'])
else:
it.append(cve_id)
it.append(
"This CVE is no longer in the database. This may be due to a deletion of the product that concerns it."
)
cves.append(it)
count += 1
if count >= 10:
break
if cves == []:
return render_template('cve-alerts.html',
cves=cves,
no_alerts="No alert for the moment.")
else:
return render_template('cve-alerts.html', cves=cves)
def rssNews():
conn = get_db_connection()
script_path = os.path.abspath(__file__)
dir_path = script_path.replace("secmon_web.py", "")
logfile = dir_path + "logs.txt"
count = 0
if os.path.isfile(logfile) == True:
news = []
for line in reversed(list(open(logfile, encoding='utf8'))):
if "rss_poller" in line:
log_rss_url = line.split('"')[11].replace('news_url="',
"").replace('"', "")
data = conn.execute(
"SELECT RSS_URL, title, rss_f, summary FROM RSS_DATA WHERE RSS_URL = (?);",
(log_rss_url, )).fetchone()
rss_data = []
if data != None:
for r_data in data:
rss_data.append(r_data)
rss_data[3] = str(removeHTMLtags(rss_data[3]))
current_entry = [
str(rss_data[0]),
str(rss_data[1]),
line.split('"')[5].replace('news_url="',
"").replace('"', ""),
str(rss_data[3])
]
news.append(current_entry)
count += 1
if count >= 10:
break
if news == []:
return render_template('rss-news.html',
news=news,
no_news="No news for the moment.")
else:
return render_template('rss-news.html', news=news)
__version__ = "2.0"
__maintainer__ = "Aubin Custodio"
__email__ = "*****@*****.**"
from secmon_lib import writeNewExploitFoundLog, getUnexploitableCveIdList, getGithubAPISettings, getRegisteredCveInfos, get_db_connection, getUnregisteredCveInfos, getFormatedProductList, getCveByProduct, writeNewHighRiskProductLog, writeCveTypeLog
from datetime import datetime
import os, requests
import cve_searchsploit as CS
script_path = os.path.abspath(__file__)
dir_path = script_path.replace("cve_updater.py", "")
log_file = dir_path + "logs.txt"
print("------------ CVE Module - Update ------------")
timestamp = datetime.now().strftime("%d/%m/%Y %H:%M:%S")
print("Starting at : " + timestamp)
print("---------------------------------------------")
CS.update_db()
con = get_db_connection()
cur = con.cursor()
cve_list = getUnexploitableCveIdList()
for cve in cve_list:
exploitdb_exploits = CS.edbid_from_cve(cve)
if len(exploitdb_exploits) > 0:
cur.execute(
"UPDATE CVE_DATA SET EXPLOIT_FIND = (?) WHERE CVE_ID = (?)",
("True", cve))
con.commit()
print("Exploit found for " + cve + " from Exploit-DB")
writeNewExploitFoundLog(
"cve_updater", "exploit-db", cve,
f"New(s) exploit found for {cve} from Exploit-DB !")
print("\nSearch Github Exploit for registered CVE...")
cve_list = getUnexploitableCveIdList()