def NistDataDetailedQuery(request): #查询单个CVE细节数据 RequestLogRecord(request, request_api="nist_data_detailed_query") if request.method == "POST": try: Token = json.loads(request.body)["token"] CommonVulnerabilitiesAndExposures = json.loads( request.body)["common_vulnerabilities_and_exposures"] #CVE编号 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_data_detailed_query", uid=Uid) # 查询到了在计入 SearchResult = NistData().DetailedQuery( common_vulnerabilities_and_exposures= CommonVulnerabilitiesAndExposures) #获取数据 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistDataDetailedQuery(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistStatistics(request): #对当前的CVE个数进行统计 RequestLogRecord(request, request_api="nist_statistics") if request.method == "POST": try: Token = json.loads(request.body)["token"] Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_statistics", uid=Uid) # 查询到了在计入 SearchResult = NistData().StatisticalData() #统计的个数 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistStatistics(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistSeverityFilter(request): #严重程度筛选查询 RequestLogRecord(request, request_api="nist_severity_filter") if request.method == "POST": try: Token = json.loads(request.body)["token"] NumberOfPages = json.loads(request.body)["number_of_pages"] # 页数 Severity = json.loads(request.body)["severity"] # 严重性等级 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_severity_filter", uid=Uid) # 查询到了在计入 if int(NumberOfPages) < 0: return JsonResponse({ 'message': "你家有小于0的页码?", 'code': 503, }) else: FinalData = {} # 最终包含漏洞个数和分页的数据 FinalData["total"] = NistData().ModuleDataStatistics( module_name="v3_base_severity", module_content=Severity) # 查询漏洞总数 FinalData["data"] = NistData().SeverityQuery( number_of_pages=int(NumberOfPages), severity=Severity) # 对查询分页数据 return JsonResponse({ 'message': FinalData, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistSeverityFilter(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistDataBulkQuery(request): #查询Nist的基础数据监控数据 RequestLogRecord(request, request_api="nist_data_bulk_query") if request.method == "POST": try: Token = json.loads(request.body)["token"] NumberOfPages = json.loads(request.body)["number_of_pages"] #页数 Uid = UserInfo().QueryUidWithToken(Token) # 如果登录成功后就来查询UID if Uid != None: # 查到了UID UserOperationLogRecord(request, request_api="nist_data_bulk_query", uid=Uid) # 查询到了在计入 if int(NumberOfPages) < 0: return JsonResponse({ 'message': "你家有小于0的页码?", 'code': 503, }) else: SearchResult = NistData().BulkQuery( number_of_pages=int(NumberOfPages)) #获取数据 return JsonResponse({ 'message': SearchResult, 'code': 200, }) else: return JsonResponse({ 'message': "小宝贝这是非法查询哦(๑•̀ㅂ•́)و✧", 'code': 403, }) except Exception as e: ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_Nist_NistDataBulkQuery(def)", e) else: return JsonResponse({ 'message': '请使用Post请求', 'code': 500, })
def NistFirsRunProcessing(ZipFilePath, ZipFileData): #第一次运行数据处理 try: StartingTime = time.time() Nist = NistData() #初始化连接 zipFile = zipfile.ZipFile(ZipFilePath, 'r') #获取下载好的数据 ZipData = zipFile.read(ZipFileData).decode( 'utf-8') #读取到的byte类型进行转换到字符串类型 ExtractData = json.loads(ZipData)["CVE_Items"] #提取需要的数据 if len(ExtractData) == 0: #判断文件是否下载错误 ReportAnErrorAndRestartTheDownload( ZipFilePath[:-9], ZipFilePath[:-24]) # 如果下载错误就重新下载 return 0 DataSet = [] #存放500条tuple类型数据容器 for Data in ExtractData: VulnerabilityNumber = Data["cve"]["CVE_data_meta"]["ID"] #提取CVE编号 VulnerabilityDescription = Data["cve"]["description"][ "description_data"][0]["value"] # 漏洞说明 #上述两个必定存在的值,下面的参数不一定存在 try: V3BaseScore = Data["impact"]["baseMetricV3"]["cvssV3"][ "baseScore"] #CVSS v3版本分值 except: V3BaseScore = "" try: V3BaseSeverity = Data["impact"]["baseMetricV3"]["cvssV3"][ "baseSeverity"] # CVSS v3等级分类 except: V3BaseSeverity = "" try: V2BaseScore = Data["impact"]["baseMetricV2"]["cvssV2"][ "baseScore"] # CVSS v2版本分值 except: V2BaseScore = "" try: V2BaseSeverity = Data["impact"]["baseMetricV2"][ "severity"] # CVSS v2等级分类 except: V2BaseSeverity = "" try: LastUpDate = Data["lastModifiedDate"].partition('T')[ 0] #最后修改日期 except: LastUpDate = "" try: ConfigurationsNodes = Data["configurations"]["nodes"] Vendors = [] #存放供应商 VendorsTmp = [] # 存放未进行大小写转换的供应商数据 Products = [] #存放产品 ProductsTmp = [] # 存放未进行大小写转换的产品数据 for i in ConfigurationsNodes: VendorsTmp.append(i["cpe_match"][0]["cpe23Uri"].split(":") [3]) #对供应商数据进行提取分割 ProductsTmp.append(i["cpe_match"][0]["cpe23Uri"].split(":") [4]) #对产品数据进行提取分割 for i in VendorsTmp: #对供应商数据进行处理 Tmp = [] #临时数据 for x in i.split("_"): #进行数据分割 Tmp.append(x.capitalize()) #首字母大写化 Vendors.append(' '.join(Tmp)) #对数据进行拼接后发送到容器 for i in ProductsTmp: #对供产品据进行处理 Tmp = [] #临时数据 for x in i.split("_"): #进行数据分割 Tmp.append(x.capitalize()) #首字母大写化 Products.append(' '.join(Tmp)) #对数据进行拼接后发送到容器 except: Vendors = "" Products = "" if len(Vendors) == 0: #判断是否有数据 Vendors = "" if len(Products) == 0: Products = "" DataSet.append( (VulnerabilityNumber, V3BaseScore, V3BaseSeverity, V2BaseScore, V2BaseSeverity, LastUpDate, VulnerabilityDescription, str(Vendors), str(Products), str(Data))) if len(DataSet) == 500: #500写入一次数据库 Nist.Write(DataSet) DataSet.clear() #写入后清空数据库 Nist.Write(DataSet) #函数循环结束后也写入一次数据库,防止不足500的数据没写入 Nist.con.close() #关闭数据库连接 print("[ ~ ] 写入文件:\033[36m" + ZipFilePath + "\033[0m 耗时:\033[34m" + str(time.time() - StartingTime) + "S \033[0m 数据量:\033[32m" + str(len(ExtractData)) + "\033[0m条") zipFile.close() except Exception as e: ReportAnErrorAndRestartTheDownload( ZipFilePath[-13:-9], ZipFilePath[:-24]) #如果文件不是zip文件,就是表明可能下载错误了 ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_NistInitialization_FirsRunProcessing(def)", e)
def NistUpdateProcessing(ZipFilePath, ZipFileData): #更新数据库处理函数 try: StartingTime = time.time() Nist = NistData() #初始化连接 zipFile = zipfile.ZipFile(ZipFilePath, 'r') #获取下载好的数据 ZipData = zipFile.read(ZipFileData).decode( 'utf-8') #读取到的byte类型进行转换到字符串类型 ExtractData = json.loads(ZipData)["CVE_Items"] #提取需要的数据 if len(ExtractData) == 0: #判断文件是否下载错误 NistUpdateDownload(TempFilePath) # 如果下载错误就重新下载 return 0 DataSet = [] #存放所有tuple类型数据容器 UpdateData = [] # 存放所有需要更新的数据 InsertData = [] # 存放所有需要插入的数据 UpdateCount = 0 #更新数据计数 InsertCount = 0 #插入数据计数 for Data in ExtractData: VulnerabilityNumber = Data["cve"]["CVE_data_meta"]["ID"] #提取CVE编号 VulnerabilityDescription = Data["cve"]["description"][ "description_data"][0]["value"] # 漏洞说明 #上述两个必定存在的值,下面的参数不一定存在 try: V3BaseScore = Data["impact"]["baseMetricV3"]["cvssV3"][ "baseScore"] #CVSS v3版本分值 except: V3BaseScore = "" try: V3BaseSeverity = Data["impact"]["baseMetricV3"]["cvssV3"][ "baseSeverity"] # CVSS v3等级分类 except: V3BaseSeverity = "" try: V2BaseScore = Data["impact"]["baseMetricV2"]["cvssV2"][ "baseScore"] # CVSS v2版本分值 except: V2BaseScore = "" try: V2BaseSeverity = Data["impact"]["baseMetricV2"][ "severity"] # CVSS v2等级分类 except: V2BaseSeverity = "" try: LastUpDate = Data["lastModifiedDate"].partition('T')[ 0] #最后修改日期 except: LastUpDate = "" try: ConfigurationsNodes = Data["configurations"]["nodes"] Vendors = [] #存放供应商 VendorsTmp = [] # 存放未进行大小写转换的供应商数据 Products = [] #存放产品 ProductsTmp = [] # 存放未进行大小写转换的产品数据 for i in ConfigurationsNodes: VendorsTmp.append(i["cpe_match"][0]["cpe23Uri"].split(":") [3]) #对供应商数据进行提取分割 ProductsTmp.append(i["cpe_match"][0]["cpe23Uri"].split(":") [4]) #对产品数据进行提取分割 for i in VendorsTmp: #对供应商数据进行处理 Tmp = [] #临时数据 for x in i.split("_"): #进行数据分割 Tmp.append(x.capitalize()) #首字母大写化 Vendors.append(' '.join(Tmp)) #对数据进行拼接后发送到容器 for i in ProductsTmp: #对供产品据进行处理 Tmp = [] #临时数据 for x in i.split("_"): #进行数据分割 Tmp.append(x.capitalize()) #首字母大写化 Products.append(' '.join(Tmp)) #对数据进行拼接后发送到容器 except: Vendors = "" Products = "" if len(Vendors) == 0: #判断是否有数据 Vendors = "" if len(Products) == 0: Products = "" DataSet.append( (VulnerabilityNumber, V3BaseScore, V3BaseSeverity, V2BaseScore, V2BaseSeverity, LastUpDate, VulnerabilityDescription, str(Vendors), str(Products), str(Data))) for i in DataSet: SearchResult = Nist.UniqueInquiry( vulnerability_number=i[0]) #获取查询结果 if SearchResult: #如果有数据 UpdateData.append( i + (i[0], )) #在后面添加上vulnerability_number值用来作为更新的key else: InsertData.append(i) if len(UpdateData) == 500: #500写入一次数据库 Nist.Update(UpdateData) UpdateCount += 500 UpdateData.clear() #写入后清空数据库 if len(InsertData) == 500: #500写入一次数据库 Nist.Write(InsertData) InsertCount += 500 InsertData.clear() #写入后清空数据库 #不足500的数据写入 Nist.Update(UpdateData) UpdateCount += len(UpdateData) UpdateData.clear() #写入后清空数据库 Nist.Write(InsertData) InsertCount += len(InsertData) InsertData.clear() #写入后清空数据库 if nist_update_banner: print("[ ~ ] 更新文件来源:\033[36m" + ZipFilePath + "\033[0m 耗时:\033[34m" + str(time.time() - StartingTime) + "S \033[0m 更新数据:\033[32m" + str(UpdateCount) + "\033[0m条" + " 插入数据:\033[32m" + str(InsertCount) + "\033[0m条") zipFile.close() except Exception as e: NistUpdateDownload(TempFilePath) #如果文件不是zip文件,就是表明可能下载错误了 ErrorLog().Write( "Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityNumberMonitoring_NistUpdata_NistUpdateProcessing(def)", e)