def test_from_fs_to_wfn_errors():
errors = [
'cpe:2.3:a:hp:insight_diagnostics:7.4.*.1570:*:*:*:*:*:*',
]
with pytest.raises(CpeParseException):
for s in errors:
CPE.from_string(s)
def test_from_fs_to_wfn_errors():
errors = [
'cpe:2.3:a:hp:insight_diagnostics:7.4.*.1570:*:*:*:*:*:*',
]
with pytest.raises(CpeParseException):
for s in errors:
CPE.from_string(s)
def test_from_uri_to_wfn_error():
errors = [
'cpe:/a:foo%5cbar:big%24money_2010%07:::~~special~ipod_touch~80gb~',
'cpe:/a:foo:bar:12.%02.1234',
]
for s in errors:
with pytest.raises(CpeParseException):
CPE.from_string(s).to_uri_string()
def test_from_uri_to_wfn_error():
errors = [
'cpe:/a:foo%5cbar:big%24money_2010%07:::~~special~ipod_touch~80gb~',
'cpe:/a:foo:bar:12.%02.1234',
]
for s in errors:
with pytest.raises(CpeParseException):
CPE.from_string(s).to_uri_string()
def test_from_uri():
cpe = CPE.from_string('cpe:/a:microsoft:internet_explorer')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other:EN-us'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.get_value_middle('language') == 'EN-us'
cpe = CPE.from_string(
'cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.is_value_any('language') == True
def test_from_fs():
cpe = CPE.from_string('cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*')
# 'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.0.6001'
assert cpe.get_value_middle('update') == 'beta'
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*')
# 'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.'
assert cpe.value_ends_with_any('version') == True
assert cpe.get_value_middle('update') == 'sp'
assert cpe.get_singles_after_value('update') == 1
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:-:*:*:online:win2003:x64:*')
# 'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,edition=ANY,sw_edition="online",target_sw="win2003",target_hw="x64",other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'insight_diagnostics'
assert cpe.get_value_middle('version') == '7.4.0.1570'
assert cpe.is_value_na('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'online'
assert cpe.get_value_middle('target_sw') == 'win2003'
assert cpe.get_value_middle('target_hw') == 'x64'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('cpe:2.3:a:foo\\bar:big\$money:2010:*:*:*:special:ipod_touch:80gb:*')
# 'wfn:[part="a",vendor="foo\\bar",product="big\$money",version="2010",update=ANY,edition=ANY,sw_edition="special",target_sw="ipod_touch",target_hw="80gb",other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money'
assert cpe.get_value_middle('version') == '2010'
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
def test_from_wfn_to_wfn():
tests = [
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=NA]',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=NA,language=ANY]',
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",sw_edition="online",target_sw="windows_2003",target_hw="x64"]',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",update=NA,target_sw="linux"]',
'wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch"]',
]
for s in tests:
assert CPE.from_string(s).equal_to(CPE(s)) == True
def test_from_uri():
cpe = CPE.from_string('cpe:/a:microsoft:internet_explorer')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other:EN-us')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.get_value_middle('language') == 'EN-us'
cpe = CPE.from_string('cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_manager_2010'
assert cpe.get_value_middle('version') == '2010'
assert cpe.get_value_middle('update') == 'u5'
assert cpe.get_value_middle('edition') == 'legacy_edition'
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.get_value_middle('other') == 'other'
assert cpe.is_value_any('language') == True
def test_value_contains_wildcard_false():
val = CPE.Value()
val.from_wfn('"foo"')
assert val.contains_wildcard() == False
val.from_wfn('"foo\?"')
assert val.contains_wildcard() == False
val.from_wfn('"\*bar"')
assert val.contains_wildcard() == False
def collect(self):
if 'wmic' not in self.host.facts:
self.host.facts['wmic'] = {}
if 'pnp_entity' in self.host.facts['wmic']:
return
self.host.facts['wmic']['pnp_entity'] = []
entity = None
return_code, out_lines, err_lines = self.host.exec_command('wmic path Win32_PnPEntity get /format:list')
for line in out_lines:
line = line.strip()
# skip blank lines
if re.match(r'^\s*$', line):
if entity is None:
# preceding blank lines, just skip
continue
else:
if len(entity) > 0:
# reset the entity
self.host.facts['wmic']['pnp_entity'].append(entity)
entity = {}
continue
else:
continue
else:
if entity is None:
entity = {}
m = re.match(r'^([^=]+)=(.*)$', line)
if m:
if m.group(1) in self.VALUE_MAP:
name = self.VALUE_MAP[m.group(1)]
entity[name] = m.group(2)
for entity in self.host.facts['wmic']['pnp_entity']:
cpe = CPE(part='h')
if entity['manufacturer'] is None or len(entity['manufacturer']) == 0:
continue
cpe.set_value('vendor', entity['manufacturer'])
cpe.set_value('product', entity['name'])
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
def test_from_wfn_to_wfn():
tests = [
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=NA]',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=NA,language=ANY]',
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",sw_edition="online",target_sw="windows_2003",target_hw="x64"]',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",update=NA,target_sw="linux"]',
'wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch"]',
]
for s in tests:
assert CPE.from_string(s).equal_to(CPE(s)) == True
def collect(self):
self.host.facts['cpe'] = {'os': [], 'application': [], 'hardware': []}
# hardware
from scap.collector.linux.LshwCollector import LshwCollector
LshwCollector(self.host, {}).collect()
from scap.collector.linux.LspciCollector import LspciCollector
LspciCollector(self.host, {}).collect()
from scap.collector.linux.LscpuCollector import LscpuCollector
LscpuCollector(self.host, {}).collect()
# TODO hwinfo
# TODO lsusb
# TODO lsscsi
# TODO hdparm
# os
from scap.collector.linux.LsbReleaseCollector import LsbReleaseCollector
LsbReleaseCollector(self.host, {}).collect()
from scap.collector.UNameCollector import UNameCollector
UNameCollector(self.host, {}).collect()
# application
for cpe in self.host.facts['cpe']['os']:
if CPE(part='o', vendor='ubuntu').matches(cpe) \
or CPE(part='o', vendor='debian').matches(cpe) \
or CPE(part='o', vendor='linuxmint').matches(cpe):
from scap.collector.linux.DpkgCollector import DpkgCollector
DpkgCollector(self.host, {}).collect()
# TODO Red Hat, CentOS: yum, rpm
# TODO Fedora: dnf
# TODO OpenSUSE: zypper
# TODO Arch: pacman
for cpe_part in self.host.facts['cpe']:
for cpe in self.host.facts['cpe'][cpe_part]:
logger.debug(cpe.to_uri_string())
def collect(self):
# TODO convert to a provider collector
try:
cpe = CPE(part='h')
return_code, out_lines, err_lines = self.host.exec_command('lspci -vmm')
for line in out_lines:
m = re.match(r'^[^:]+:\s+(.+)$', line)
if m:
name = m.group(1)
value = m.group(2)
if name == 'Vendor':
cpe.set_value('vendor', value)
elif name == 'Device':
cpe.set_value('product', value)
elif name == 'Rev':
cpe.set_value('version', value)
else:
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
cpe = CPE(part='h')
except:
pass
def test_from_uri_to_uri():
tests = [
'cpe:/a:microsoft:internet_explorer:8.0.6001:beta',
'cpe:/a:microsoft:internet_explorer:8.%2a:sp%3f',
'cpe:/a:microsoft:internet_explorer:8.%02:sp%01',
'cpe:/a:hp:insight_diagnostics:7.4.0.1570::~~online~win2003~x64~',
'cpe:/a:hp:openview_network_manager:7.51:-:~~~linux~~',
'cpe:/a:foo%7ebar:big%7emoney_2010',
'cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other',
'cpe:/a:foo%5cbar:big%24money_manager_2010:2010:u5:~legacy_edition~special~ipod_touch~80gb~other:EN-us',
]
for s in tests:
assert CPE(s).to_uri_string() == s
def test_from_fs_to_wfn():
tests = {
'cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*':
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
'cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*':
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
'cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:-:*:*:online:win2003:x64:*':
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,edition=ANY,sw_edition="online",target_sw="win2003",target_hw="x64",other=ANY,language=ANY]',
r'cpe:2.3:a:foo\\bar:big\$money:2010:*:*:*:special:ipod_touch:80gb:*':
r'wfn:[part="a",vendor="foo\\bar",product="big\$money",version="2010",update=ANY,edition=ANY,sw_edition="special",target_sw="ipod_touch",target_hw="80gb",other=ANY,language=ANY]',
}
for s in tests.keys():
cpe = CPE.from_string(s)
assert cpe.to_wfn_string() == tests[s]
def test_value_contains_wildcard_true():
val = CPE.Value()
val.from_wfn('"?foo"')
assert val.contains_wildcard() == True
val.from_wfn('"??foo"')
assert val.contains_wildcard() == True
val.from_wfn('"*bar"')
assert val.contains_wildcard() == True
val.from_wfn('"foo?"')
assert val.contains_wildcard() == True
val.from_wfn('"foo??"')
assert val.contains_wildcard() == True
val.from_wfn('"bar*"')
assert val.contains_wildcard() == True
def test_from_fs_to_wfn():
tests = {
'cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*':
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
'cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*':
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
'cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:-:*:*:online:win2003:x64:*':
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,edition=ANY,sw_edition="online",target_sw="win2003",target_hw="x64",other=ANY,language=ANY]',
r'cpe:2.3:a:foo\\bar:big\$money:2010:*:*:*:special:ipod_touch:80gb:*':
r'wfn:[part="a",vendor="foo\\bar",product="big\$money",version="2010",update=ANY,edition=ANY,sw_edition="special",target_sw="ipod_touch",target_hw="80gb",other=ANY,language=ANY]',
}
for s in tests.keys():
cpe = CPE.from_string(s)
assert cpe.to_wfn_string() == tests[s]
def collect(self):
# TODO convert to a provider collector
try:
cpe = CPE(part='h')
return_code, out_lines, err_lines = self.host.exec_command('lscpu')
for line in out_lines:
m = re.match(r'^[^:]+:\s+(.+)$', line)
if m:
name = m.group(1)
value = m.group(2)
if name == 'Vendor ID':
cpe.set_value('vendor', value)
elif name == 'Model name':
cpe.set_value('product', value)
elif name == 'CPU family':
cpe.set_value('version', value)
elif name == 'Model':
cpe.set_value('update', value)
else:
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
cpe = CPE(part='h')
except:
pass
def test_from_wfn_to_uri():
tests = {
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY]':
'cpe:/a:microsoft:internet_explorer:8.0.6001:beta',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?"]':
'cpe:/a:microsoft:internet_explorer:8.%02:sp%01',
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,sw_edition="online",target_sw="win2003",target_hw="x64"]':
'cpe:/a:hp:insight_diagnostics:7.4.0.1570:-:~~online~win2003~x64~',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",target_sw="linux"]':
'cpe:/a:hp:openview_network_manager:7.51::~~~linux~~',
'wfn:[part="a",vendor="foo\\bar",product="big\$money_manager_2010",sw_edition="special",target_sw="ipod_touch",target_hw="80gb"]':
'cpe:/a:foo%5cbar:big%24money_manager_2010:::~~special~ipod_touch~80gb~',
}
for s in tests.keys():
assert CPE.from_string(s).to_uri_string() == tests[s]
def test_from_wfn_to_uri():
tests = {
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY]':
'cpe:/a:microsoft:internet_explorer:8.0.6001:beta',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?"]':
'cpe:/a:microsoft:internet_explorer:8.%02:sp%01',
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,sw_edition="online",target_sw="win2003",target_hw="x64"]':
'cpe:/a:hp:insight_diagnostics:7.4.0.1570:-:~~online~win2003~x64~',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",target_sw="linux"]':
'cpe:/a:hp:openview_network_manager:7.51::~~~linux~~',
'wfn:[part="a",vendor="foo\\bar",product="big\$money_manager_2010",sw_edition="special",target_sw="ipod_touch",target_hw="80gb"]':
'cpe:/a:foo%5cbar:big%24money_manager_2010:::~~special~ipod_touch~80gb~',
}
for s in tests.keys():
assert CPE.from_string(s).to_uri_string() == tests[s]
def test_from_wfn_to_fs():
tests = {
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY]':
'cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY]':
'cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.\*",update="sp?"]':
'cpe:2.3:a:microsoft:internet_explorer:8.\*:sp?:*:*:*:*:*:*',
'wfn:[part="a",vendor="hp",product="insight",version="7\.4\.0\.1570",update=NA,sw_edition="online",target_sw="win2003",target_hw="x64"]':
'cpe:2.3:a:hp:insight:7.4.0.1570:-:*:*:online:win2003:x64:*',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",target_sw="linux"]':
'cpe:2.3:a:hp:openview_network_manager:7.51:*:*:*:*:linux:*:*',
r'wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch",target_hw="80gb"]':
r'cpe:2.3:a:foo\\bar:big\$money_2010:*:*:*:*:special:ipod_touch:80gb:*',
}
for s in tests.keys():
assert CPE.from_string(s).to_fs_string() == tests[s]
def test_from_wfn_to_fs():
tests = {
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY]':
'cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY]':
'cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*',
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.\*",update="sp?"]':
'cpe:2.3:a:microsoft:internet_explorer:8.\*:sp?:*:*:*:*:*:*',
'wfn:[part="a",vendor="hp",product="insight",version="7\.4\.0\.1570",update=NA,sw_edition="online",target_sw="win2003",target_hw="x64"]':
'cpe:2.3:a:hp:insight:7.4.0.1570:-:*:*:online:win2003:x64:*',
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",target_sw="linux"]':
'cpe:2.3:a:hp:openview_network_manager:7.51:*:*:*:*:linux:*:*',
r'wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch",target_hw="80gb"]':
r'cpe:2.3:a:foo\\bar:big\$money_2010:*:*:*:*:special:ipod_touch:80gb:*',
}
for s in tests.keys():
assert CPE.from_string(s).to_fs_string() == tests[s]
def collect(self):
if 'wmic' not in self.host.facts:
self.host.facts['wmic'] = {}
if 'pnp_entity' in self.host.facts['wmic']:
return
self.host.facts['wmic']['pnp_entity'] = []
entity = None
return_code, out_lines, err_lines = self.host.exec_command(
'wmic path Win32_PnPEntity get /format:list')
for line in out_lines:
line = line.strip()
# skip blank lines
if re.match(r'^\s*$', line):
if entity is None:
# preceding blank lines, just skip
continue
else:
if len(entity) > 0:
# reset the entity
self.host.facts['wmic']['pnp_entity'].append(entity)
entity = {}
continue
else:
continue
else:
if entity is None:
entity = {}
m = re.match(r'^([^=]+)=(.*)$', line)
if m:
if m.group(1) in self.VALUE_MAP:
name = self.VALUE_MAP[m.group(1)]
entity[name] = m.group(2)
for entity in self.host.facts['wmic']['pnp_entity']:
cpe = CPE(part='h')
if entity['manufacturer'] is None or len(
entity['manufacturer']) == 0:
continue
cpe.set_value('vendor', entity['manufacturer'])
cpe.set_value('product', entity['name'])
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
def collect(self):
return_code, out_lines, err_lines = self.host.exec_command('dpkg --list')
for line in out_lines:
m = re.match(r'^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(.+)$', line)
if not m:
continue
state, name, version, arch, desc = m.group(1,2,3,4,5)
if ':' in name:
name, arch2 = name.split(':')
if '-' in version:
version, dist_version = version.split('-', 1)
# knock out some low hanging fruit to skip
if True in [name.startswith(x) for x in [
'python-',
'python3-',
'printer-driver-',
'xserver-xorg-',
'fonts-',
]]:
continue
if name.startswith('lib') and True not in [name.startswith(x) for x in [
'libreoffice',
'librecad',
]]:
continue
if True in [name.endswith(x) for x in [
'-java',
'-perl',
'-common',
'-dev',
'-cil',
]]:
continue
cpe = CPE(part='a', product=name, version=version)
if cpe not in self.host.facts['cpe']['application']:
self.host.facts['cpe']['application'].append(cpe)
def test_from_fs():
cpe = CPE.from_string(
'cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*')
# 'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.0.6001'
assert cpe.get_value_middle('update') == 'beta'
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'cpe:2.3:a:microsoft:internet_explorer:8.*:sp?:*:*:*:*:*:*')
# 'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY,sw_edition=ANY,target_sw=ANY,target_hw=ANY,other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.'
assert cpe.value_ends_with_any('version') == True
assert cpe.get_value_middle('update') == 'sp'
assert cpe.get_singles_after_value('update') == 1
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:-:*:*:online:win2003:x64:*'
)
# 'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=NA,edition=ANY,sw_edition="online",target_sw="win2003",target_hw="x64",other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'insight_diagnostics'
assert cpe.get_value_middle('version') == '7.4.0.1570'
assert cpe.is_value_na('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'online'
assert cpe.get_value_middle('target_sw') == 'win2003'
assert cpe.get_value_middle('target_hw') == 'x64'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'cpe:2.3:a:foo\\bar:big\$money:2010:*:*:*:special:ipod_touch:80gb:*')
# 'wfn:[part="a",vendor="foo\\bar",product="big\$money",version="2010",update=ANY,edition=ANY,sw_edition="special",target_sw="ipod_touch",target_hw="80gb",other=ANY,language=ANY]',
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money'
assert cpe.get_value_middle('version') == '2010'
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.get_value_middle('target_hw') == '80gb'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
def collect(self):
if 'registry' not in self.host.facts:
self.host.facts['registry'] = {}
if 'uninstall' in self.host.facts['registry']:
return
self.host.facts['registry']['uninstall'] = []
entry = None
last_name = None
return_code, out_lines, err_lines = self.host.exec_command(
'reg query HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall /s',
encoding='cp437')
for line in out_lines:
# skip blank lines
if re.match(r'^\s*$', line):
continue
# header line
if line.startswith('HKEY_LOCAL_MACHINE'):
if entry is not None:
self.host.facts['registry']['uninstall'].append(entry)
entry = {'location': line}
continue
m = re.match(r'^\s*(\S+)\s+(\S+)\s*$', line)
if m:
name = m.group(1)
last_name = name
if name in self.VALUE_MAP:
name = self.VALUE_MAP[name]
entry[name] = ''
elif name.startswith('Memento'):
pass
else:
logger.debug('Unknown uninstall registry subkey: ' + name)
m = re.match(r'^\s*(\S+)\s+(\S+)\s+(.+)\s*$', line)
if m:
name = m.group(1)
last_name = name
type_ = m.group(2)
value = m.group(3)
if name in self.VALUE_MAP:
name = self.VALUE_MAP[name]
entry[name] = value
elif name.startswith('Memento'):
pass
else:
logger.debug('Unknown uninstall registry subkey: ' + name)
else:
#logger.debug('Line with unknown format: ' + line)
entry[name] += line
for entry in self.host.facts['registry']['uninstall']:
#logger.debug(str(entry))
cpe = CPE(part='a')
if 'publisher' not in entry:
logger.debug('Uninstall entry with no publisher: ' +
entry['location'])
continue
cpe.set_value('vendor', entry['publisher'])
if 'display_name' not in entry:
logger.debug('Uninstall entry with no display_name: ' +
entry['location'])
continue
cpe.set_value('product', entry['display_name'])
if 'display_version' in entry:
cpe.set_value('version', entry['display_version'])
if cpe not in self.host.facts['cpe']['application']:
self.host.facts['cpe']['application'].append(cpe)
def collect(self):
self.host.facts['cpe'] = {'os':[], 'application':[], 'hardware':[]}
from ..UNameCollector import UNameCollector
UNameCollector(self.host, {}).collect()
if self.host.facts['uname']['kernel_name'] == 'Linux':
cpe = CPE()
cpe.set_value('part', 'o')
cpe.set_value('vendor', 'linux')
cpe.set_value('product', 'linux_kernel')
m = re.fullmatch(r'([0-9.]+)-(\S+)', self.host.facts['uname']['kernel_release'])
if m:
cpe.set_value('version', m.group(1))
cpe.set_value('update', m.group(2))
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
elif self.host.facts['uname']['kernel_name'] == 'Windows NT':
cpe = CPE()
cpe.set_value('part', 'o')
cpe.set_value('vendor', 'microsoft')
cpe.set_value('product', 'windows')
cpe.set_value('version', 'nt')
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
# try:
from .SysDmiCollector import SysDmiCollector
SysDmiCollector(self.host, {}).collect()
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['bios_vendor'],
product='BIOS',
version=self.host.facts['devices']['dmi']['bios_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['board_vendor'],
product=self.host.facts['devices']['dmi']['board_name'],
version=self.host.facts['devices']['dmi']['board_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['chassis_vendor'],
product=self.host.facts['devices']['dmi']['chassis_type'],
version=self.host.facts['devices']['dmi']['chassis_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['sys_vendor'],
product=self.host.facts['devices']['dmi']['product_name'],
version=self.host.facts['devices']['dmi']['product_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
from .ProcCpuidCollector import ProcCpuidCollector
ProcCpuidCollector(self.host, {}).collect()
for cpu in self.host.facts['devices']['processors']:
try:
cpe = CPE(
part='h',
vendor=cpu['vendor_id'],
product=cpu['model name'],
version=cpu['stepping'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
# except:
# from scap.collector.linux.LshwCollector import LshwCollector
# LshwCollector(self.host, {}).collect()
#
# from scap.collector.linux.LspciCollector import LspciCollector
# LspciCollector(self.host, {}).collect()
#
# from scap.collector.linux.LscpuCollector import LscpuCollector
# LscpuCollector(self.host, {}).collect()
# pass
# os
from scap.collector.linux.LsbReleaseCollector import LsbReleaseCollector
LsbReleaseCollector(self.host, {}).collect()
from scap.collector.UNameCollector import UNameCollector
UNameCollector(self.host, {}).collect()
# application
for cpe in self.host.facts['cpe']['os']:
if CPE(part='o', vendor='ubuntu').matches(cpe) \
or CPE(part='o', vendor='debian').matches(cpe) \
or CPE(part='o', vendor='linuxmint').matches(cpe):
from scap.collector.linux.DpkgCollector import DpkgCollector
DpkgCollector(self.host, {}).collect()
# TODO Red Hat, CentOS: yum, rpm
# TODO Fedora: dnf
# TODO OpenSUSE: zypper
# TODO Arch: pacman
for cpe_part in self.host.facts['cpe']:
for cpe in self.host.facts['cpe'][cpe_part]:
logger.debug(cpe.to_uri_string())
def collect(self):
if 'cpe' not in self.host.facts:
self.host.facts['cpe'] = {'os':[], 'application':[], 'hardware':[]}
try:
return_code, out_lines, err_lines = self.host.exec_command('lsb_release -a')
except:
return
cpe = CPE(part='o')
for line in out_lines:
m = re.match(r'^([^:]+):\s+(.+)$', line)
if m:
name = m.group(1)
value = m.group(2)
if name == 'Distributor ID':
if re.match(r'^RedHat', value):
cpe.set_value('vendor', 'redhat')
elif re.match(r'Debian', value):
cpe.set_value('vendor', 'debian')
elif re.match(r'LinuxMint', value):
cpe.set_value('vendor', 'linuxmint')
cpe.set_value('product', 'linux_mint')
elif re.match(r'Arch', value):
cpe.set_value('vendor', 'archlinux')
cpe.set_value('product', 'archlinux')
elif re.match(r'openSUSE project', value):
cpe.set_value('vendor', 'opensuse_project')
cpe.set_value('product', 'opensuse_project')
elif re.match(r'Ubuntu', value):
cpe.set_value('vendor', 'ubuntu')
cpe.set_value('product', 'ubuntu')
elif re.match(r'CentOS', value):
cpe.set_value('vendor', 'centos')
cpe.set_value('product', 'centos')
elif name == 'Description':
vendor = cpe.get_value('vendor')
if vendor == 'redhat':
if re.match(r'^Enterprise Linux', value):
cpe.set_value('product', 'enterprise_linux')
elif name == 'Release':
cpe.set_value('version', value)
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
def test_from_uri_to_wfn():
assert CPE('cpe:/a:microsoft:internet_explorer:8.0.6001:beta').equal_to(
CPE('wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=ANY,language=ANY]'
)) == True
assert CPE('cpe:/a:microsoft:internet_explorer:8.%2a:sp%3f').equal_to(
CPE('wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.\*",update="sp\?",edition=ANY,language=ANY]'
)) == True
assert CPE('cpe:/a:microsoft:internet_explorer:8.%02:sp%01').equal_to(
CPE('wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=ANY,language=ANY]'
)) == True
assert CPE(
'cpe:/a:hp:insight_diagnostics:7.4.0.1570::~~online~win2003~x64~'
).equal_to(
CPE('wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",update=ANY,edition=ANY,sw_edition="online",target_sw="win2003",target_hw="x64",other=ANY,language=ANY]'
)) == True
assert CPE(
'cpe:/a:hp:openview_network_manager:7.51:-:~~~linux~~'
).equal_to(
CPE('wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",update=NA,edition=ANY,sw_edition=ANY,target_sw="linux",target_hw=ANY,other=ANY,language=ANY]'
)) == True
assert CPE('cpe:/a:foo~bar:big%7emoney_2010').equal_to(
CPE('wfn:[part="a",vendor="foo\~bar",product="big\~money_2010",version=ANY,update=ANY,edition=ANY,language=ANY]'
)) == True
def test_from_wfn():
cpe = CPE.from_string('wfn:[part="a",vendor="microsoft",product="internet_explorer"]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=NA]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.0.6001'
assert cpe.get_value_middle('update') == 'beta'
assert cpe.is_value_na('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=NA,language=ANY]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.'
assert cpe.value_ends_with_any('version') == True
assert cpe.get_value_middle('update') == 'sp'
assert cpe.get_singles_after_value('update') == 1
assert cpe.is_value_na('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",sw_edition="online",target_sw="windows_2003",target_hw="x64"]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'insight_diagnostics'
assert cpe.get_value_middle('version') == '7.4.0.1570'
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'online'
assert cpe.get_value_middle('target_sw') == 'windows_2003'
assert cpe.get_value_middle('target_hw') == 'x64'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",update=NA,target_sw="linux"]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'openview_network_manager'
assert cpe.get_value_middle('version') == '7.51'
assert cpe.is_value_na('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.get_value_middle('target_sw') == 'linux'
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string('wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch"]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_2010'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
def test_value_matches_false():
assert CPE.Value(fs='?foo').matches(CPE.Value(fs='fo')) == False
assert CPE.Value(fs='?foo').matches(CPE.Value(fs='12foo')) == False
assert CPE.Value(fs='?foo').matches(CPE.Value(fs='\?\?foo')) == False
assert CPE.Value(fs='?foo').matches(CPE.Value(fs='foo1')) == False
# double ?
assert CPE.Value(fs='??foo').matches(CPE.Value(fs='fo')) == False
assert CPE.Value(fs='??foo').matches(CPE.Value(fs='123foo')) == False
assert CPE.Value(fs='??foo').matches(CPE.Value(fs='foo12')) == False
assert CPE.Value(fs='*bar').matches(CPE.Value(fs='ba')) == False
assert CPE.Value(fs='*bar').matches(CPE.Value(fs='blah\?ba')) == False
assert CPE.Value(fs='foo?').matches(CPE.Value(fs='fo')) == False
assert CPE.Value(fs='foo?').matches(CPE.Value(fs='foo12')) == False
assert CPE.Value(fs='foo?').matches(CPE.Value(fs='foo\?\?')) == False
# double ?
assert CPE.Value(fs='foo??').matches(CPE.Value(fs='fo')) == False
assert CPE.Value(fs='foo??').matches(CPE.Value(fs='foo123')) == False
assert CPE.Value(fs='foo??').matches(CPE.Value(fs='\?foo')) == False
assert CPE.Value(fs='foo??').matches(CPE.Value(fs='foo\?\?\?')) == False
def test_value_matches_true():
assert CPE.Value(fs='?foo').matches(CPE.Value(fs='foo')) == True # 0 match
assert CPE.Value(fs='?foo').matches(
CPE.Value(fs='1foo')) == True # full match
assert CPE.Value(fs='?foo').matches(
CPE.Value(fs='\?foo')) == True # quoted match
# double ?
assert CPE.Value(fs='??foo').matches(
CPE.Value(fs='foo')) == True # 0 match
assert CPE.Value(fs='??foo').matches(
CPE.Value(fs='1foo')) == True # 0 full match
assert CPE.Value(fs='??foo').matches(
CPE.Value(fs='12foo')) == True # full match
assert CPE.Value(fs='??foo').matches(
CPE.Value(fs='\?foo')) == True # 0 full match
assert CPE.Value(fs='??foo').matches(
CPE.Value(fs='\?\?foo')) == True # full match
assert CPE.Value(fs='*bar').matches(CPE.Value(fs='bar')) == True # 0 match
assert CPE.Value(fs='*bar').matches(
CPE.Value(fs='blahbar')) == True # full match
assert CPE.Value(fs='*bar').matches(
CPE.Value(fs='blah\?bar')) == True # full match + quoted
assert CPE.Value(fs='foo?').matches(CPE.Value(fs='foo')) == True # 0 match
assert CPE.Value(fs='foo?').matches(
CPE.Value(fs='foo1')) == True # full match
assert CPE.Value(fs='foo?').matches(
CPE.Value(fs='foo\?')) == True # quoted match
# double ?
assert CPE.Value(fs='foo??').matches(
CPE.Value(fs='foo')) == True # 0 match
assert CPE.Value(fs='foo??').matches(
CPE.Value(fs='foo1')) == True # 0 full match
assert CPE.Value(fs='foo??').matches(
CPE.Value(fs='foo12')) == True # full match
assert CPE.Value(fs='foo??').matches(
CPE.Value(fs='foo\?')) == True # 0 full match
assert CPE.Value(fs='foo??').matches(
CPE.Value(fs='foo\?\?')) == True # full match
def test_from_wfn():
cpe = CPE.from_string(
'wfn:[part="a",vendor="microsoft",product="internet_explorer"]')
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.0\.6001",update="beta",edition=NA]'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.0.6001'
assert cpe.get_value_middle('update') == 'beta'
assert cpe.is_value_na('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'wfn:[part="a",vendor="microsoft",product="internet_explorer",version="8\.*",update="sp?",edition=NA,language=ANY]'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'microsoft'
assert cpe.get_value_middle('product') == 'internet_explorer'
assert cpe.get_value_middle('version') == '8.'
assert cpe.value_ends_with_any('version') == True
assert cpe.get_value_middle('update') == 'sp'
assert cpe.get_singles_after_value('update') == 1
assert cpe.is_value_na('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.is_value_any('target_sw') == True
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'wfn:[part="a",vendor="hp",product="insight_diagnostics",version="7\.4\.0\.1570",sw_edition="online",target_sw="windows_2003",target_hw="x64"]'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'insight_diagnostics'
assert cpe.get_value_middle('version') == '7.4.0.1570'
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'online'
assert cpe.get_value_middle('target_sw') == 'windows_2003'
assert cpe.get_value_middle('target_hw') == 'x64'
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'wfn:[part="a",vendor="hp",product="openview_network_manager",version="7\.51",update=NA,target_sw="linux"]'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'hp'
assert cpe.get_value_middle('product') == 'openview_network_manager'
assert cpe.get_value_middle('version') == '7.51'
assert cpe.is_value_na('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.is_value_any('sw_edition') == True
assert cpe.get_value_middle('target_sw') == 'linux'
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
cpe = CPE.from_string(
'wfn:[part="a",vendor="foo\\bar",product="big\$money_2010",sw_edition="special",target_sw="ipod_touch"]'
)
assert cpe.get_value_middle('part') == 'a'
assert cpe.get_value_middle('vendor') == 'foo\\bar'
assert cpe.get_value_middle('product') == 'big$money_2010'
assert cpe.is_value_any('version') == True
assert cpe.is_value_any('update') == True
assert cpe.is_value_any('edition') == True
assert cpe.get_value_middle('sw_edition') == 'special'
assert cpe.get_value_middle('target_sw') == 'ipod_touch'
assert cpe.is_value_any('target_hw') == True
assert cpe.is_value_any('other') == True
assert cpe.is_value_any('language') == True
def collect(self):
return_code, out_lines, err_lines = self.host.exec_command(
'systeminfo')
systeminfo = out_lines
#self.host.facts['_systeminfo_lines'] = systeminfo
if 'systeminfo' in self.host.facts:
return
self.host.facts['systeminfo'] = {}
multiline = None
cur_network_card = None
ip_addresses = False
for line in systeminfo:
if re.match(r'^\s*$', line) is not None:
continue
if multiline is not None:
if multiline == 'Processor(s)':
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['processor'].append(
m.group(1))
continue
multiline = None
elif multiline == 'Page File Location(s)':
m = re.match(r'^\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['page_file'].append(
m.group(1))
continue
multiline = None
elif multiline == 'Hotfix(s)':
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['hotfix'].append(
m.group(1))
continue
multiline = None
elif multiline == 'Network Card(s)':
if ip_addresses:
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['network_card'][
cur_network_card]['IP address(es)'].append(
m.group(1))
continue
else:
ip_addresses = False
if cur_network_card is not None:
m = re.match(r'^\s+(IP address\(es\))\s*$', line)
if m:
self.host.facts['systeminfo']['network_card'][
cur_network_card][m.group(1)] = []
ip_addresses = True
continue
m = re.match(r'^\s+(.+):\s+(.+)$', line)
if m:
self.host.facts['systeminfo']['network_card'][
cur_network_card][m.group(1)] = m.group(2)
continue
else:
cur_network_card = None
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['network_card'][m.group(
1)] = {}
cur_network_card = m.group(1)
continue
else:
multiline = None
else:
raise RuntimeError('Unknown multiline mode: ' + multiline)
m = re.match(r'^([^:]+):\s+(.*)$', line)
if m is None:
raise RuntimeError('Unexpected line: ' + line)
if line.startswith('Processor(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['processor'] = []
elif line.startswith('Page File Location(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['page_file'] = []
self.host.facts['systeminfo']['page_file'].append(m.group(2))
elif line.startswith('Hotfix(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['hotfix'] = []
elif line.startswith('Network Card(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['network_card'] = {}
elif line.startswith('Virtual Memory:'):
m = re.match(r'^Virtual Memory: ([^:]+):\s+(.*)$', line)
if 'virtual_memory' not in self.host.facts['systeminfo']:
self.host.facts['systeminfo']['virtual_memory'] = {}
if m.group(1) == 'Max Size':
self.host.facts['systeminfo']['virtual_memory'][
'max_size'] = m.group(2)
elif m.group(1) == 'Available':
self.host.facts['systeminfo']['virtual_memory'][
'available'] = m.group(2)
elif m.group(1) == 'In Use':
self.host.facts['systeminfo']['virtual_memory'][
'in_use'] = m.group(2)
else:
logger.warn('Unknown Virtual Memory section: ' +
m.group(1))
elif line.startswith('Hyper-V Requirements:'):
#TODO multiline?
self.host.facts['systeminfo']['hyperv'] = m.group(2)
elif m.group(1) in SystemInfoCollector.SECTION_MAP:
self.host.facts['systeminfo'][SystemInfoCollector.SECTION_MAP[
m.group(1)]] = m.group(2)
if m.group(1) == 'OS Name':
if m.group(2) in SystemInfoCollector.OS_NAME_MAP:
cpe = CPE.from_string(
SystemInfoCollector.OS_NAME_MAP[m.group(2)])
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
else:
logger.warn('Unable to determine CPE from OS name: ' +
m.group(2))
else:
logger.warn('Unknown section: ' + m.group(1))
def collect(self):
if 'cpe' not in self.host.facts:
self.host.facts['cpe'] = {
'os': [],
'application': [],
'hardware': []
}
try:
return_code, out_lines, err_lines = self.host.exec_command(
'lsb_release -a')
except:
return
cpe = CPE(part='o')
for line in out_lines:
m = re.match(r'^([^:]+):\s+(.+)$', line)
if m:
name = m.group(1)
value = m.group(2)
if name == 'Distributor ID':
if re.match(r'^RedHat', value):
cpe.set_value('vendor', 'redhat')
elif re.match(r'Debian', value):
cpe.set_value('vendor', 'debian')
elif re.match(r'LinuxMint', value):
cpe.set_value('vendor', 'linuxmint')
cpe.set_value('product', 'linux_mint')
elif re.match(r'Arch', value):
cpe.set_value('vendor', 'archlinux')
cpe.set_value('product', 'archlinux')
elif re.match(r'openSUSE project', value):
cpe.set_value('vendor', 'opensuse_project')
cpe.set_value('product', 'opensuse_project')
elif re.match(r'Ubuntu', value):
cpe.set_value('vendor', 'ubuntu')
cpe.set_value('product', 'ubuntu')
elif re.match(r'CentOS', value):
cpe.set_value('vendor', 'centos')
cpe.set_value('product', 'centos')
elif name == 'Description':
vendor = cpe.get_value('vendor')
if vendor == 'redhat':
if re.match(r'^Enterprise Linux', value):
cpe.set_value('product', 'enterprise_linux')
elif name == 'Release':
cpe.set_value('version', value)
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
def collect(self):
if 'lshw' in self.host.facts:
return
# TODO convert to a provider collector
try:
path = [{}]
indents = [0]
return_code, out_lines, err_lines = self.host.exec_command(
'lshw', sudo=True)
for line in out_lines:
m = re.match(r'^([ ]+)\*-(\S+)', line)
if m:
if 'vendor' in path[-1] and 'product' in path[
-1] and path[-1]['vendor'] != '000000000000':
cpe = CPE(part='h',
vendor=path[-1]['vendor'],
product=path[-1]['product'])
if 'version' in path[-1]:
cpe.set_value('version', path[-1]['version'])
# we don't add duplicates
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
indent = len(m.group(1))
hw_class = m.group(2)
cur_indent = indents[-1]
if indent > cur_indent:
# child; push onto the path
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
elif indent == cur_indent:
# sibling; pop then push
path.pop()
indents.pop()
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
else:
# indent < cur_indent
# parent; ascend till the indent is equal
parent_indent = indents[-1]
while parent_indent >= indent:
path.pop()
indents.pop()
parent_indent = indents[-1]
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
continue
m = re.match(r'^\s+([^:]+): (.*)\s*$', line)
if m:
if m.group(1) == 'configuration':
path[-1][m.group(1)] = {}
# the below mess is because the values don't escape spaces
# so guessing is required
keys = []
in_key = True
(k, v) = ('', '')
for c in m.group(2):
if in_key:
if c == '=':
in_key = False
elif c == ' ':
# not a key, append to prev value
path[-1][m.group(1)][keys[-1]] += ' ' + k
k = ''
else:
k += c
else:
if c == ' ':
in_key = True
path[-1][m.group(1)][k] = v
keys.append(k)
(k, v) = ('', '')
else:
v += c
path[-1][m.group(1)][k] = v
elif m.group(1) == 'capabilities':
path[-1][m.group(1)] = m.group(2).split(' ')
else:
path[-1][m.group(1)] = m.group(2)
except:
pass
def collect(self):
if 'registry' not in self.host.facts:
self.host.facts['registry'] = {}
if 'uninstall' in self.host.facts['registry']:
return
self.host.facts['registry']['uninstall'] = []
entry = None
last_name = None
return_code, out_lines, err_lines = self.host.exec_command('reg query HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall /s', encoding='cp437')
for line in out_lines:
# skip blank lines
if re.match(r'^\s*$', line):
continue
# header line
if line.startswith('HKEY_LOCAL_MACHINE'):
if entry is not None:
self.host.facts['registry']['uninstall'].append(entry)
entry = {'location': line}
continue
m = re.match(r'^\s*(\S+)\s+(\S+)\s*$', line)
if m:
name = m.group(1)
last_name = name
if name in self.VALUE_MAP:
name = self.VALUE_MAP[name]
entry[name] = ''
elif name.startswith('Memento'):
pass
else:
logger.debug('Unknown uninstall registry subkey: ' + name)
m = re.match(r'^\s*(\S+)\s+(\S+)\s+(.+)\s*$', line)
if m:
name = m.group(1)
last_name = name
type_ = m.group(2)
value = m.group(3)
if name in self.VALUE_MAP:
name = self.VALUE_MAP[name]
entry[name] = value
elif name.startswith('Memento'):
pass
else:
logger.debug('Unknown uninstall registry subkey: ' + name)
else:
#logger.debug('Line with unknown format: ' + line)
entry[name] += line
for entry in self.host.facts['registry']['uninstall']:
#logger.debug(str(entry))
cpe = CPE(part='a')
if 'publisher' not in entry:
logger.debug('Uninstall entry with no publisher: ' + entry['location'])
continue
cpe.set_value('vendor', entry['publisher'])
if 'display_name' not in entry:
logger.debug('Uninstall entry with no display_name: ' + entry['location'])
continue
cpe.set_value('product', entry['display_name'])
if 'display_version' in entry:
cpe.set_value('version', entry['display_version'])
if cpe not in self.host.facts['cpe']['application']:
self.host.facts['cpe']['application'].append(cpe)
def collect(self):
return_code, out_lines, err_lines = self.host.exec_command('systeminfo')
systeminfo = out_lines
#self.host.facts['_systeminfo_lines'] = systeminfo
if 'systeminfo' in self.host.facts:
return
self.host.facts['systeminfo'] = {}
multiline = None
cur_network_card = None
ip_addresses = False
for line in systeminfo:
if re.match(r'^\s*$', line) is not None:
continue
if multiline is not None:
if multiline == 'Processor(s)':
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['processor'].append(m.group(1))
continue
multiline = None
elif multiline == 'Page File Location(s)':
m = re.match(r'^\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['page_file'].append(m.group(1))
continue
multiline = None
elif multiline == 'Hotfix(s)':
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['hotfix'].append(m.group(1))
continue
multiline = None
elif multiline == 'Network Card(s)':
if ip_addresses:
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['network_card'][cur_network_card]['IP address(es)'].append(m.group(1))
continue
else:
ip_addresses = False
if cur_network_card is not None:
m = re.match(r'^\s+(IP address\(es\))\s*$', line)
if m:
self.host.facts['systeminfo']['network_card'][cur_network_card][m.group(1)] = []
ip_addresses = True
continue
m = re.match(r'^\s+(.+):\s+(.+)$', line)
if m:
self.host.facts['systeminfo']['network_card'][cur_network_card][m.group(1)] = m.group(2)
continue
else:
cur_network_card = None
m = re.match(r'^\s+\[[0-9]+\]:\s+(.*)$', line)
if m:
self.host.facts['systeminfo']['network_card'][m.group(1)] = {}
cur_network_card = m.group(1)
continue
else:
multiline = None
else:
raise RuntimeError('Unknown multiline mode: ' + multiline)
m = re.match(r'^([^:]+):\s+(.*)$', line)
if m is None:
raise RuntimeError('Unexpected line: ' + line)
if line.startswith('Processor(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['processor'] = []
elif line.startswith('Page File Location(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['page_file'] = []
self.host.facts['systeminfo']['page_file'].append(m.group(2))
elif line.startswith('Hotfix(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['hotfix'] = []
elif line.startswith('Network Card(s):'):
multiline = m.group(1)
self.host.facts['systeminfo']['network_card'] = {}
elif line.startswith('Virtual Memory:'):
m = re.match(r'^Virtual Memory: ([^:]+):\s+(.*)$', line)
if 'virtual_memory' not in self.host.facts['systeminfo']:
self.host.facts['systeminfo']['virtual_memory'] = {}
if m.group(1) == 'Max Size':
self.host.facts['systeminfo']['virtual_memory']['max_size'] = m.group(2)
elif m.group(1) == 'Available':
self.host.facts['systeminfo']['virtual_memory']['available'] = m.group(2)
elif m.group(1) == 'In Use':
self.host.facts['systeminfo']['virtual_memory']['in_use'] = m.group(2)
else:
logger.warn('Unknown Virtual Memory section: ' + m.group(1))
elif line.startswith('Hyper-V Requirements:'):
#TODO multiline?
self.host.facts['systeminfo']['hyperv'] = m.group(2)
elif m.group(1) in SystemInfoCollector.SECTION_MAP:
self.host.facts['systeminfo'][SystemInfoCollector.SECTION_MAP[m.group(1)]] = m.group(2)
if m.group(1) == 'OS Name':
if m.group(2) in SystemInfoCollector.OS_NAME_MAP:
cpe = CPE.from_string(SystemInfoCollector.OS_NAME_MAP[m.group(2)])
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
else:
logger.warn('Unable to determine CPE from OS name: ' + m.group(2))
else:
logger.warn('Unknown section: ' + m.group(1))
def collect(self):
if 'uname' in self.host.facts:
return
return_code, out_lines, err_lines = self.host.exec_command('uname -a')
self.host.facts['uname'] = out_lines[0]
if self.host.facts['uname'].startswith('Linux'):
cpe = CPE()
cpe.set_value('part', 'o')
cpe.set_value('vendor', 'linux')
cpe.set_value('product', 'linux_kernel')
m = re.match(r'^Linux \S+ ([0-9.]+)-(\S+)',
self.host.facts['uname'])
if m:
cpe.set_value('version', m.group(1))
cpe.set_value('update', m.group(2))
if 'cpe' not in self.host.facts:
self.host.facts['cpe'] = {
'os': [],
'application': [],
'hardware': []
}
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
def collect(self):
self.host.facts['cpe'] = {'os': [], 'application': [], 'hardware': []}
from ..UNameCollector import UNameCollector
UNameCollector(self.host, {}).collect()
if self.host.facts['uname']['kernel_name'] == 'Linux':
cpe = CPE()
cpe.set_value('part', 'o')
cpe.set_value('vendor', 'linux')
cpe.set_value('product', 'linux_kernel')
m = re.fullmatch(r'([0-9.]+)-(\S+)',
self.host.facts['uname']['kernel_release'])
if m:
cpe.set_value('version', m.group(1))
cpe.set_value('update', m.group(2))
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
elif self.host.facts['uname']['kernel_name'] == 'Windows NT':
cpe = CPE()
cpe.set_value('part', 'o')
cpe.set_value('vendor', 'microsoft')
cpe.set_value('product', 'windows')
cpe.set_value('version', 'nt')
if cpe not in self.host.facts['cpe']['os']:
self.host.facts['cpe']['os'].append(cpe)
# try:
from .SysDmiCollector import SysDmiCollector
SysDmiCollector(self.host, {}).collect()
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['bios_vendor'],
product='BIOS',
version=self.host.facts['devices']['dmi']['bios_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['board_vendor'],
product=self.host.facts['devices']['dmi']['board_name'],
version=self.host.facts['devices']['dmi']['board_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['chassis_vendor'],
product=self.host.facts['devices']['dmi']['chassis_type'],
version=self.host.facts['devices']['dmi']['chassis_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
try:
cpe = CPE(
part='h',
vendor=self.host.facts['devices']['dmi']['sys_vendor'],
product=self.host.facts['devices']['dmi']['product_name'],
version=self.host.facts['devices']['dmi']['product_version'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
from .ProcCpuidCollector import ProcCpuidCollector
ProcCpuidCollector(self.host, {}).collect()
for cpu in self.host.facts['devices']['processors']:
try:
cpe = CPE(
part='h',
vendor=cpu['vendor_id'],
product=cpu['model name'],
version=cpu['stepping'],
)
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
except KeyError:
pass
# except:
# from scap.collector.linux.LshwCollector import LshwCollector
# LshwCollector(self.host, {}).collect()
#
# from scap.collector.linux.LspciCollector import LspciCollector
# LspciCollector(self.host, {}).collect()
#
# from scap.collector.linux.LscpuCollector import LscpuCollector
# LscpuCollector(self.host, {}).collect()
# pass
# os
from scap.collector.linux.LsbReleaseCollector import LsbReleaseCollector
LsbReleaseCollector(self.host, {}).collect()
from scap.collector.UNameCollector import UNameCollector
UNameCollector(self.host, {}).collect()
# application
for cpe in self.host.facts['cpe']['os']:
if CPE(part='o', vendor='ubuntu').matches(cpe) \
or CPE(part='o', vendor='debian').matches(cpe) \
or CPE(part='o', vendor='linuxmint').matches(cpe):
from scap.collector.linux.DpkgCollector import DpkgCollector
DpkgCollector(self.host, {}).collect()
# TODO Red Hat, CentOS: yum, rpm
# TODO Fedora: dnf
# TODO OpenSUSE: zypper
# TODO Arch: pacman
for cpe_part in self.host.facts['cpe']:
for cpe in self.host.facts['cpe'][cpe_part]:
logger.debug(cpe.to_uri_string())
def collect(self):
if 'lshw' in self.host.facts:
return
# TODO convert to a provider collector
try:
path = [{}]
indents = [0]
return_code, out_lines, err_lines = self.host.exec_command('sudo -S lshw')
for line in out_lines:
m = re.match(r'^([ ]+)\*-(\S+)', line)
if m:
if 'vendor' in path[-1] and 'product' in path[-1] and path[-1]['vendor'] != '000000000000':
cpe = CPE(part='h', vendor=path[-1]['vendor'], product=path[-1]['product'])
if 'version' in path[-1]:
cpe.set_value('version', path[-1]['version'])
# we don't add duplicates
if cpe not in self.host.facts['cpe']['hardware']:
self.host.facts['cpe']['hardware'].append(cpe)
indent = len(m.group(1))
hw_class = m.group(2)
cur_indent = indents[-1]
if indent > cur_indent:
# child; push onto the path
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
elif indent == cur_indent:
# sibling; pop then push
path.pop()
indents.pop()
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
else:
# indent < cur_indent
# parent; ascend till the indent is equal
parent_indent = indents[-1]
while parent_indent >= indent:
path.pop()
indents.pop()
parent_indent = indents[-1]
path[-1][hw_class] = {}
path.append(path[-1][hw_class])
indents.append(indent)
continue
m = re.match(r'^\s+([^:]+): (.*)\s*$', line)
if m:
if m.group(1) == 'configuration':
path[-1][m.group(1)] = {}
# the below mess is because the values don't escape spaces
# so guessing is required
keys = []
in_key = True
(k,v) = ('','')
for c in m.group(2):
if in_key:
if c == '=':
in_key = False
elif c == ' ':
# not a key, append to prev value
path[-1][m.group(1)][keys[-1]] += ' ' + k
k = ''
else:
k += c
else:
if c == ' ':
in_key = True
path[-1][m.group(1)][k] = v
keys.append(k)
(k,v) = ('','')
else:
v += c
path[-1][m.group(1)][k] = v
elif m.group(1) == 'capabilities':
path[-1][m.group(1)] = m.group(2).split(' ')
else:
path[-1][m.group(1)] = m.group(2)
except:
pass
