class TestPyCVESearch(unittest.TestCase):
def setUp(self):
self.cve = CVESearch()
def test_browse(self):
self.cve.browse('microsoft')
def test_search(self):
self.cve.search('microsoft/office')
def test_id(self):
self.cve.id('CVE-2014-0160')
def test_last(self):
self.cve.last()
def test_last_50(self):
self.cve.last(50)
def test_dbinfo(self):
self.cve.dbinfo()
def test_cpe22(self):
self.cve.cpe22('cpe:2.3:a:microsoft:office:2011:-:mac')
def test_cpe23(self):
self.cve.cpe23('cpe/a:microsoft:office:2011:-:mac')
def test_cvefor(self):
self.cve.cvefor('cpe:/a:microsoft:office:2011::mac')
def cve(all, vendor, product, push):
"""
Search CVEs and CPEs from cve-search enabled DB, import them.
Search in CVE (Common Vulnerabilities and Exposures) and
CPE (Common Platform Enumeration)and import them to RVD.
Makes use of the following:
- https://github.com/cve-search/PyCVESearch
- (indirectly) https://github.com/cve-search/cve-search
"""
# cve = CVESearch()
cyan("Searching for CVEs and CPEs with cve-search ...")
from pycvesearch import CVESearch
if all:
if vendor:
cve = CVESearch()
vendor_flaws = cve.browse(vendor)
products = vendor_flaws['product']
for product in products:
results = cve.search(vendor + "/" + product)
# Start producing flaws in here
for result in results['results']:
# pprint.pprint(result)
document = default_document() # get the default document
# Add relevant elements to the document
document['title'] = result['summary'][:65]
document['type'] = "vulnerability"
document['description'] = result['summary']
document['cve'] = result['id']
document['cwe'] = result['cwe']
document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
result['cvss-vector'])
document['severity']['cvss-score'] = result['cvss']
document['links'] = result['references']
document['flaw']['reported-by'] = result['assigner']
document['flaw']['date-reported'] = arrow.get(
result['Published']).format('YYYY-MM-DD')
# Create a flaw out of the document
flaw = Flaw(document)
# new_flaw = edit_function(0, subsequent=False, flaw=flaw)
new_flaw = flaw
if new_flaw:
print(new_flaw)
else:
continue
if push:
pusher = Base(
) # instantiate the class to push changes
labels = ['vulnerability']
vendor_label = "vendor: " + str(vendor)
labels.append(vendor_label)
# new_keywords = ast.literal_eval(new_flaw.keywords)
# for l in new_keywords:
# labels.append(l)
issue = pusher.new_ticket(new_flaw, labels)
# Update id
new_flaw.id = issue.number
# Update issue and links
if isinstance(new_flaw.links, list):
links = new_flaw.links
else:
links = []
if new_flaw.links.strip() != "":
links.append(new_flaw.links.strip())
links.append(issue.html_url)
new_flaw.links = links
new_flaw.issue = issue.html_url
if flaw.title[:4] != "RVD#": # already has the syntax
new_title = "RVD#" + str(
issue.number) + ": " + flaw.title
flaw.title = new_title
pusher.update_ticket(issue, new_flaw)
else:
red("Error, vendor is required with --all")
sys.exit(1)
return
if vendor and product:
cve = CVESearch()
cyan("Searching for vendor/product: ", end="")
print(vendor + "/" + product)
results = cve.search(vendor + "/" + product)
# Start producing flaws in here
for result in results['results']:
# pprint.pprint(result)
document = default_document() # get the default document
# Add relevant elements to the document
document['title'] = result['summary'][:65]
document['description'] = result['summary']
document['cve'] = result['id']
document['cwe'] = result['cwe']
document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
result['cvss-vector'])
document['severity']['cvss-score'] = result['cvss']
document['links'] = result['references']
document['flaw']['reported-by'] = result['assigner']
document['flaw']['date-reported'] = arrow.get(
result['Published']).format('YYYY-MM-DD')
# Create a flaw out of the document
flaw = Flaw(document)
new_flaw = edit_function(0,
subsequent=False,
label=None,
flaw=flaw)
if new_flaw:
print(new_flaw)
else:
continue
if push:
pusher = Base() # instantiate the class to push changes
labels = ['vulnerability']
new_keywords = ast.literal_eval(new_flaw.keywords)
for l in new_keywords:
labels.append(l)
issue = pusher.new_ticket(new_flaw, labels)
# Update id
new_flaw.id = issue.number
# Update issue and links
if isinstance(new_flaw.links, list):
links = new_flaw.links
else:
links = []
if new_flaw.links.strip() != "":
links.append(new_flaw.links.strip())
links.append(issue.html_url)
new_flaw.links = links
new_flaw.issue = issue.html_url
if flaw.title[:4] != "RVD#": # already has the syntax
new_title = "RVD#" + str(issue.number) + ": " + flaw.title
flaw.title = new_title
pusher.update_ticket(issue, new_flaw)
elif vendor:
cve = CVESearch()
cyan("Browsing for vendor: ", end="")
print(vendor)
pprint.pprint(cve.browse(vendor))
elif product:
red("Error, vendor is required")
sys.exit(1)
else:
red("Error, vendor or vendor and product required")
sys.exit(1)