def whitelistlast(r):
if not r:
r = 0
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50, skip=r)
cve=whitelist_logic(cve)
return render_template('whitelist.html', cve=cve, r=r)
def cve(cveid):
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.getcve(cveid=cveid)
cve = markCPEs(cve)
if cve is None:
return page_not_found(404)
return render_template('cve.html', cve=cve)
action='store_true',
default=False,
help='Verbose logging')
argParser.add_argument('-l',
default=None,
help='Number of last entries to index')
argParser.add_argument(
'-n',
action='store_true',
default=False,
help=
'lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration to add in the index'
)
args = argParser.parse_args()
c = cves.last(namelookup=args.n)
indexpath = Configuration.getIndexdir()
from whoosh.index import create_in, exists_in, open_dir
from whoosh.fields import *
schema = Schema(title=TEXT(stored=True),
path=ID(stored=True, unique=True),
content=TEXT)
if not os.path.exists(indexpath):
os.mkdir(indexpath)
if not exists_in(indexpath):
ix = create_in(indexpath, schema)
argParser.add_argument('-c', action='append', help='search one or more CVE-ID')
argParser.add_argument('-o', type=str, help='O = output format [csv|html|json|xml|cveid]')
argParser.add_argument('-l', action='store_true', help='sort in descending mode')
argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration')
argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration')
argParser.add_argument('-v', type=str, help='vendor name to lookup in reference URLs')
args = argParser.parse_args()
vSearch = args.p
cveSearch = args.c
vOutput = args.o
vFreeSearch = args.f
sLatest = args.l
namelookup = args.n
rankinglookup = args.r
cves = cves.last(rankinglookup = rankinglookup, namelookup = namelookup)
# replace special characters in vSearch with encoded version.
# Basically cuz I'm to lazy to handle conversion on DB creation ...
if vSearch:
vSearch = re.sub(r'\(','%28', vSearch)
vSearch = re.sub(r'\)','%29', vSearch)
# define which output to generate.
if vOutput == "csv":
csvOutput = 1
elif vOutput == "html":
htmlOutput = 1
elif vOutput == "xml":
xmlOutput = 1
from xml.etree.ElementTree import Element, SubElement, tostring
collection = db.cves
def dumpallcveid():
cveid = []
for x in collection.find({}).sort('_id', 1):
cveid.append(x['id'])
return cveid
argParser = argparse.ArgumentParser(description='Dump database in JSON format')
argParser.add_argument('-r', action='store_true', help='Include ranking value')
argParser.add_argument('-v', action='store_true', help='Include vfeed map')
args = argParser.parse_args()
if args.r:
rankinglookup = True
else:
rankinglookup = False
if args.v:
vfeedlookup = True
else:
vfeedlookup = False
l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup)
for cveid in dumpallcveid():
item = l.getcve(cveid=cveid)
print(json.dumps(item, sort_keys=True, default=json_util.default))
import argparse
sys.path.append("./lib/")
import cves
connect = pymongo.Connection()
db = connect.cvedb
collection = db.cves
argParser = argparse.ArgumentParser(description='Fulltext indexer for the MongoDB CVE collection')
argParser.add_argument('-v', action='store_true', help='Verbose logging', default=False)
argParser.add_argument('-l', help='Number of last entries to index', default=None)
argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration to add in the index', default=False)
args = argParser.parse_args()
c = cves.last(namelookup = args.n)
indexpath = "./indexdir"
from whoosh.index import create_in, exists_in, open_dir
from whoosh.fields import *
schema = Schema(title=TEXT(stored=True), path=ID(stored=True,unique=True), content=TEXT)
if not os.path.exists(indexpath):
os.mkdir(indexpath)
if not exists_in("indexdir"):
ix = create_in("indexdir", schema)
else:
ix = open_dir("indexdir")
def lastrange(r):
if not r:
r = 0
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50, skip=r)
return render_template('index.html', cve=cve, r=r)
sys.path.append("./lib/")
import cves
argParser = argparse.ArgumentParser(description='Dump last CVE entries in RSS/Atom format ')
argParser.add_argument('-f', type=str, help='Output format (rss1,rss2,atom)',default='rss1')
argParser.add_argument('-l', type=int, help='Last n items (default:10)', default=10)
args = argParser.parse_args()
if args.l:
last = args.l
else:
last = 10
ref = "http://adulau.github.com/cve-search/"
cves = cves.last(rankinglookup = False, namelookup = False)
from feedformatter import Feed
feed = Feed()
feed.feed['title'] = "cve-search Last "+str(last)+" CVE entries generated on "+str(datetime.datetime.now())
feed.feed['link'] = "http://adulau.github.com/cve-search/"
feed.feed['author'] = "Generated with cve-search available at http://adulau.github.com/cve-search/"
feed.feed['description'] = ""
for x in cves.get(limit=last):
item = {}
item['title'] = str(x['id']) + " " + x['summary'][90:]
item['description'] = x['summary']
item['pubDate'] = time.localtime()
item['guid'] = x['id']
def lastrange(r):
if not r:
r = 0
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50, skip=r)
return render_template('index.html', cve=cve, r=r)
def whitelist():
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50)
cve=whitelist_logic(cve)
return render_template('whitelist.html', cve=cve, r=0)
def last():
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50)
return render_template('index.html', cve=cve, r=0)
# connect to db
db = Configuration.getMongoConnection()
collection = db.cves
def dumpallcveid ():
cveid = []
for x in collection.find({}).sort('_id',1):
cveid.append(x['id'])
return cveid
argParser = argparse.ArgumentParser(description='Dump database in JSON format')
argParser.add_argument('-r', action='store_true', help='Include ranking value')
argParser.add_argument('-v', action='store_true', help='Include vfeed map')
args = argParser.parse_args()
if args.r:
rankinglookup=True
else:
rankinglookup=False
if args.v:
vfeedlookup=True
else:
vfeedlookup=False
l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup)
for cveid in dumpallcveid():
item = l.getcve(cveid=cveid)
print (json.dumps(item, sort_keys=True, default=json_util.default))
argParser.add_argument('-r',
action='store_true',
help='lookup ranking of vulnerable configuration')
argParser.add_argument('-v',
type=str,
help='vendor name to lookup in reference URLs')
args = argParser.parse_args()
vSearch = args.p
cveSearch = args.c
vOutput = args.o
vFreeSearch = args.f
sLatest = args.l
namelookup = args.n
rankinglookup = args.r
cves = cves.last(rankinglookup=rankinglookup, namelookup=namelookup)
# replace special characters in vSearch with encoded version.
# Basically cuz I'm to lazy to handle conversion on DB creation ...
if vSearch:
vSearch = re.sub(r'\(', '%28', vSearch)
vSearch = re.sub(r'\)', '%29', vSearch)
# define which output to generate.
if vOutput == "csv":
csvOutput = 1
elif vOutput == "html":
htmlOutput = 1
elif vOutput == "xml":
xmlOutput = 1
from xml.etree.ElementTree import Element, SubElement, tostring
argParser.add_argument('-f', action='store_true', help='output matching CVE(s) in JSON')
argParser.add_argument('-m', type=int, default=False, help='most frequent terms)')
argParser.add_argument('-l', action='store_true', default=False, help='dump all terms encountered in CVE description')
argParser.add_argument('-g', action='store_true', default=False, help='graph of most frequent terms with each matching CVE (JSON output)')
argParser.add_argument('-s', action='store_true', default=False, help='enable stemming on graph JSON output (default is False)')
argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration')
argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration')
args = argParser.parse_args()
if not args.q and not args.l and not args.g and not args.m:
argParser.print_help()
exit(1)
if args.f or args.t:
import cves
cves = cves.last(rankinglookup=args.r, namelookup=args.n)
from whoosh.query import *
if args.q:
with ix.searcher() as searcher:
query = QueryParser("content", ix.schema).parse(" ".join(args.q))
results = searcher.search(query, limit=None)
for x in results:
if not args.f:
print (x['path'])
else:
print(json.dumps(cves.getcve(x['path']), sort_keys=True, default=json_util.default))
if args.t and not args.f:
print (" -- "+x['title'])
elif args.m:
xr = ix.searcher().reader()
def last():
cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True)
cve = cvesp.get(limit=50)
return render_template('index.html', cve=cve, r=0)
help='Disable lookup CPE name (default is True)')
argParser.add_argument(
'-r',
action='store_true',
help=
'Enable CVE ranking (default is False) and only print entries with ranking'
)
args = argParser.parse_args()
if args.l:
last = args.l
else:
last = 10
ref = "http://adulau.github.com/cve-search/"
cves = cves.last(rankinglookup=args.r, namelookup=args.n)
if not (args.f == "html"):
from feedformatter import Feed
feed = Feed()
feed.feed['title'] = "cve-search Last " + str(
last) + " CVE entries generated on " + str(datetime.datetime.now())
feed.feed['link'] = "http://adulau.github.com/cve-search/"
feed.feed[
'author'] = "Generated with cve-search available at http://adulau.github.com/cve-search/"
feed.feed['description'] = ""
else:
print("<html><head>")
print(
"<style>.cve table { border-collapse: collapse; text-align: left; width: 100%; } .cve {font: normal 12px/150% Geneva, Arial, Helvetica, sans-serif; background: #fff; overflow: hidden; border: 1px solid #006699; -webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px; }.cve table td, .cve table th { padding: 3px 10px; }.cve table tbody td { color: #00496B; border-left: 1px solid #E1EEF4;font-size: 12px;font-weight: normal; }.cve table tbody .alt td { background: #E1EEF4; color: #00496B; }.cve table tbody td:first-child { border-left: none; }.cve table tbody tr:last-child td { border-bottom: none; }.cve table tfoot td div { border-top: 1px solid #006699;background: #E1EEF4;} .cve table tfoot td { padding: 0; font-size: 12px } .cve table tfoot td div{ padding: 0px; }</style>"
def main():
# Imports
import os
import sys
_runPath = os.path.dirname(os.path.realpath(__file__))
sys.path.append(os.path.join(_runPath, "./lib/"))
import re
import argparse
import csv
from urllib.parse import urlparse
import json
from bson import json_util
import cves
from Config import Configuration
# connect to DB
db = Configuration.getMongoConnection()
collection = db.cves
# init control variables
csvOutput = 0
htmlOutput = 0
jsonOutput = 0
xmlOutput = 0
# init various variables :-)
vSearch = ""
vOutput = ""
vFreeSearch = ""
# parse command-line arguments
argParser = argparse.ArgumentParser(description='Search for vulnerabilities in the National Vulnerability DB. Data from http://nvd.nist.org.')
argParser.add_argument('-p', type=str, help='S = search product, e.g. o:microsoft:windows_7 or o:cisco:ios:12.1')
argParser.add_argument('-f', type=str, help='F = free text search in vulnerability summary')
argParser.add_argument('-c', action='append', help='search one or more CVE-ID')
argParser.add_argument('-o', type=str, help='O = output format [csv|html|json|xml|cveid]')
argParser.add_argument('-l', action='store_true', help='sort in descending mode')
argParser.add_argument('-n', action='store_true', help='lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration')
argParser.add_argument('-r', action='store_true', help='lookup ranking of vulnerable configuration')
argParser.add_argument('-v', type=str, help='vendor name to lookup in reference URLs')
args = argParser.parse_args()
vSearch = args.p
cveSearch = args.c
vOutput = args.o
vFreeSearch = args.f
sLatest = args.l
namelookup = args.n
rankinglookup = args.r
cves = cves.last(rankinglookup = rankinglookup, namelookup = namelookup)
# replace special characters in vSearch with encoded version.
# Basically cuz I'm to lazy to handle conversion on DB creation ...
if vSearch:
vSearch = re.sub(r'\(','%28', vSearch)
vSearch = re.sub(r'\)','%29', vSearch)
# define which output to generate.
if vOutput == "csv":
csvOutput = 1
elif vOutput == "html":
htmlOutput = 1
elif vOutput == "xml":
xmlOutput = 1
from xml.etree.ElementTree import Element, SubElement, tostring
from xml.sax.saxutils import escape as SaxEscape
r = Element('cve-search')
elif vOutput == "json":
jsonOutput = 1
elif vOutput == "cveid":
cveidOutput = 1
else:
cveidOutput = False
# Print first line of html output
if htmlOutput and args.p is not None:
print("<html><body><h1>CVE search "+ args.p +" </h1>")
elif htmlOutput and args.c is not None:
print("<html><body><h1>CVE-ID "+ str(args.c) +" </h1>")
# search default is ascending mode
sorttype=1
if sLatest:sorttype=-1
def printCVE(item):
if not namelookup and not rankinglookup:
print(json.dumps(item, sort_keys=True, default=json_util.default))
else:
if "vulnerable_configuration" in item:
vulconf = []
ranking = []
for conf in item['vulnerable_configuration']:
if namelookup:
vulconf.append(cves.getcpe(cpeid=conf))
if rankinglookup:
rank = cves.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
if namelookup:
item['vulnerable_configuration'] = vulconf
if rankinglookup:
item['ranking'] = ranking
print(json.dumps(item, sort_keys=True, default=json_util.default))
if cveSearch:
for cveid in cveSearch:
for item in collection.find({'id': cveid}).sort("Modified",sorttype):
printCVE(item)
# Basic freetext search (in vulnerability summary).
# Full-text indexing is more efficient to search across all CVEs.
if vFreeSearch:
for item in collection.find({'summary': {'$regex' : re.compile(vFreeSearch, re.IGNORECASE)}}).sort("Modified",sorttype):
print(item)
# Search Product (best to use CPE notation, e.g. cisco:ios:12.2
if vSearch:
for item in collection.find({"vulnerable_configuration": {'$regex' : vSearch}}).sort("Modified",sorttype):
if csvOutput:
# We assume that the vendor name is usually in the hostame of the
# URL to avoid any match on the resource part
refs=[]
for entry in item['references']:
if args.v is not None:
url = urlparse(entry)
hostname = url.netloc
if re.search(args.v, hostname):
refs.append(entry)
if not refs:
refs = "[no vendor link found]"
if namelookup:
nl = " ".join(item['vulnerable_configuration'])
csvoutput = csv.writer(sys.stdout, delimiter='|', quotechar='|', quoting=csv.QUOTE_MINIMAL)
if not namelookup:
csvoutput.writerow([item['id'],item['Published'],item['cvss'],item['summary'],refs])
else:
csvoutput.writerow([item['id'],item['Published'],item['cvss'],item['summary'],refs,nl])
elif htmlOutput:
print("<h2>"+item['id']+"<br></h2>CVSS score: "+item['cvss']+"<br>"+"<b>"+item['Published']+"<b><br>"+item['summary']+"<br>")
print("References:<br>")
for entry in item['references']:
print(entry+"<br>")
print("<hr><hr>")
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE(item)
elif xmlOutput:
c = SubElement(r,'id')
c.text = item['id']
c = SubElement(r,'Published')
c.text = item['Published']
c = SubElement(r,'cvss')
c.text = item['cvss']
c = SubElement(r,'summary')
c.text = SaxEscape(item['summary'])
for e in item['references']:
c = SubElement(r,'references')
c.text = SaxEscape(e)
for e in item['vulnerable_configuration']:
c = SubElement(r,'vulnerable_configuration')
c.text = SaxEscape(e)
elif cveidOutput:
print(item['id'])
else:
print("CVE\t: " + item['id'])
print("DATE\t: " + item['Published'])
print("CVSS\t: " + str(item['cvss']))
print(item['summary'])
print("\nReferences:")
print("-----------")
for entry in item['references']:
print(entry)
print("\nVulnerable Configs:")
print("-------------------")
for entry in item['vulnerable_configuration']:
if not namelookup:
print(entry)
else:
print(cves.getcpe(cpeid=entry))
print("\n\n")
if htmlOutput:
print("</body></html>")
if xmlOutput:
# default encoding is UTF-8. Should this be detected on the terminal?
s = tostring(r).decode("utf-8")
print(s)
