def getcve(self, cveid=None):
if cveid is not None:
e = db.getCVE(cveid, collection=self.collection)
if e is None:
return None
if "cwe" in e and self.capeclookup:
if e['cwe'].lower() != 'unknown':
e['capec'] = self.getcapec(cweid=(e['cwe'].split('-')[1]))
if "vulnerable_configuration" in e:
vulconf = []
ranking = []
for conf in e['vulnerable_configuration']:
vulconf.append({'id': conf, 'title': self.getcpe(cpeid=conf)})
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
e['vulnerable_configuration'] = vulconf
if self.rankinglookup and len(ranking) > 0:
e['ranking'] = ranking
if self.via4lookup:
f = self.getVIA4(cveid)
if isinstance(f, dict):
e = dict(itertools.chain(e.items(), f.items()))
if self.subscorelookup:
exploitCVSS=exploitabilityScore(e)
impactCVSS =impactScore(e)
e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
else:
e = None
return e
def getcve(self, cveid=None):
if cveid is not None:
e = db.getCVE(cveid, collection=self.collection)
if e is None:
return None
if "cwe" in e and self.capeclookup:
if e['cwe'].lower() != 'unknown':
e['capec'] = self.getcapec(cweid=(e['cwe'].split('-')[1]))
if "vulnerable_configuration" in e:
vulconf = []
ranking = []
for conf in e['vulnerable_configuration']:
vulconf.append({'id': conf, 'title': self.getcpe(cpeid=conf)})
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
e['vulnerable_configuration'] = vulconf
if self.rankinglookup and len(ranking) > 0:
e['ranking'] = ranking
if self.reflookup:
f = self.getRefs(cveid=cveid)
if not isinstance(f, str):
g = dict(itertools.chain(e.items(), f.items()))
e = g
if self.subscorelookup:
exploitCVSS=exploitabilityScore(e)
impactCVSS =impactScore(e)
e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
else:
e = None
return e
def cveItemsProcess(type, url, args):
if args.v:
print("%s... downloading: %s" % (type, url))
file = Configuration.getFile(url)
try:
(f, r) = file
except:
sys.exit(
"Cannot open url %s. Bad URL or not connected to the internet?" %
_url)
# get your parser on !!
parser = make_parser()
ch = CVEHandler()
parser.setContentHandler(ch)
parser.parse(f)
if args.u:
i = db.getInfo("cves")
if args.u:
last_modified = parse_datetime(r.headers['last-modified'],
ignoretz=True)
if i is not None:
if last_modified == i['last-modified']:
print("Not modified")
sys.exit(0)
db.setColUpdate("cves", last_modified)
if args.v:
u_counter = 0
n_counter = 0
for item in progressbar(ch.cves):
if 'cvss' not in item:
item['cvss'] = None
else:
item['cvss'] = float(item['cvss'])
if 'cwe' not in item:
item['cwe'] = defaultvalue['cwe']
# check if already exists
x = db.getCVE(item['id'])
# if so, update the entry.
if x:
if args.v: u_counter += 1
db.updateCVE(item)
else:
if args.v: n_counter += 1
db.insertCVE(item)
if args.v:
print("New: %s Updated: %s" % (n_counter, u_counter))
print("")
def getSearchResults(self, text):
result = {'data':[]}
results = []
# Get all data
for plugin in self.plugins.values():
data = plugin.search(text)
# Validate format
if type(data) == list and all([(type(x) == dict and 'n' in x and 'd' in x) for x in data]):
results.extend(data)
for collection in results:
for item in collection['d']:
# Check if already in result data
if not any(item['id']==entry['id'] for entry in result['data']):
entry=db.getCVE(item['id'])
entry['reason']=collection['n']
result['data'].append(entry)
return result
def getSearchResults(self, text):
result = {'data': []}
results = []
# Get all data
for plugin in self.plugins.values():
data = plugin.search(text)
# Validate format
if type(data) == list and all(
[(type(x) == dict and 'n' in x and 'd' in x) for x in data]):
results.extend(data)
# Sort through data
for collection in results:
for item in collection['d']:
# Check if already in result data
if not any(item == entry['id'] for entry in result['data']):
entry = db.getCVE(item)
entry['reason'] = collection['n']
result['data'].append(entry)
return result
def onCVEAction(self, cve, action, **args):
if action == "sendMail":
server=smtplib.SMTP('%s:%s'%(self.serverCreds))
server.starttls()
server.login(self.senderCreds[0], self.senderCreds[1])
subject = self.subject
template = self.template
cveInfo = db.getCVE(cve)
cvss = cveInfo.get("cvss")
if not cvss: cvss= "N/A"
if type(cvss) == float: cvss=str(cvss)
template = template.replace("<<CVE>>", cveInfo.get("id"))
template = template.replace("<<CVSS>>", cvss)
template = template.replace("<<Subject>>", cveInfo.get("summary"))
template = template.replace("<<Sources>>", "\n".join(cveInfo.get("references")))
cwe = "CWE:\n * " + cveInfo.get("cwe") if cveInfo.get("cwe") else ""
template = template.replace("<<CWE>>", cwe)
body="Subject: %s\n\n%s"%(subject, template)
server.sendmail(self.senderCreds[0], self.techTeam, body)
server.quit()
return True
def onCVEAction(self, cve, action, **args):
if action == "sendMail":
server = smtplib.SMTP('%s:%s' % (self.serverCreds))
server.starttls()
server.login(self.senderCreds[0], self.senderCreds[1])
subject = self.subject
template = self.template
cveInfo = db.getCVE(cve)
cvss = cveInfo.get("cvss")
if not cvss: cvss = "N/A"
if type(cvss) == float: cvss = str(cvss)
template = template.replace("<<CVE>>", cveInfo.get("id"))
template = template.replace("<<CVSS>>", cvss)
template = template.replace("<<Subject>>", cveInfo.get("summary"))
template = template.replace("<<Sources>>",
"\n".join(cveInfo.get("references")))
cwe = "CWE:\n * " + cveInfo.get("cwe") if cveInfo.get(
"cwe") else ""
template = template.replace("<<CWE>>", cwe)
body = "Subject: %s\n\n%s" % (subject, template)
server.sendmail(self.senderCreds[0], self.techTeam, body)
server.quit()
return True
sys.exit(
"Cannot open url %s. Bad URL or not connected to the internet?"
% (Configuration.getFeedURL("cve") + getfile))
i = db.getInfo("cves")
last_modified = parse_datetime(r.headers['last-modified'],
ignoretz=True)
if i is not None:
if last_modified == i['last-modified'] and not args.f:
print("Not modified")
sys.exit(0)
db.setColUpdate("cves", last_modified)
cvej = json.loads(f.read())
for cveitem in cvej['CVE_Items']:
item = process_cve_item(item=cveitem)
# check if the CVE already exists.
x = db.getCVE(item['id'])
# if so, update the entry.
if x:
if args.v:
print('Update: {}'.format(item['id']))
print(item)
db.updateCVE(item)
else:
if args.v:
print('Insert: {}'.format(item['id']))
db.insertCVE(item)
# get the 'recent' file
getfile = file_prefix + file_rec + file_suffix
try:
(f, r) = Configuration.getFile(
Configuration.getFeedURL('cve') + getfile)
sys.exit("Cannot open url %s. Bad URL or not connected to the internet?"%(Configuration.getCVEDict() + getfile))
i = db.getInfo("cve")
if i is not None:
if r.headers['last-modified'] == i['last-modified']:
print("Not modified")
sys.exit(0)
db.setColUpdate("cve", r.headers['last-modified'])
# get your parser on !!
parser = make_parser()
ch = CVEHandler()
parser.setContentHandler(ch)
parser.parse(f)
for item in ch.cves:
# check if the CVE already exists.
x = db.getCVE(item['id'])
# if so, update the entry.
if x:
if 'cvss' not in item:
item['cvss'] = None
if 'cwe' not in item:
item['cwe'] = defaultvalue['cwe']
db.updateCVE(item)
else:
db.insertCVE(item)
# get the 'recent' file
getfile = file_prefix + file_rec + file_suffix
try:
(f, r) = Configuration.getFile(Configuration.getCVEDict() + getfile, compressed = True)
except:
sys.exit("Cannot open url %s. Bad URL or not connected to the internet?"%(Configuration.getCVEDict() + getfile))
def getcve(cveid=None):
if cveid is None:
return False
return db.getCVE(cveid)
sys.exit("Cannot open url %s. Bad URL or not connected to the internet?"%(Configuration.getCVEDict() + getfile))
i = dbLayer.getInfo("cve")
if i is not None:
if f.headers['last-modified'] == i['last-modified']:
print("Not modified")
sys.exit(0)
dbLayer.setColUpdate("cve", f.headers['last-modified'])
# get your parser on !!
parser = make_parser()
ch = CVEHandler()
parser.setContentHandler(ch)
parser.parse(f)
for item in ch.cves:
# check if the CVE already exists.
x = dbLayer.getCVE(item['id'])
# if so, update the entry.
if x:
if 'cvss' not in item:
item['cvss'] = defaultvalue['cvss']
if 'cwe' not in item:
item['cwe'] = defaultvalue['cwe']
dbLayer.updateCVE(item)
else:
dbLayer.insertCVE(item)
# get the 'recent' file
getfile = file_prefix + file_rec + file_suffix
try:
f = Configuration.getFile(Configuration.getCVEDict() + getfile)
except:
sys.exit("Cannot open url %s. Bad URL or not connected to the internet?"%(Configuration.getCVEDict() + getfile))
i = db.getInfo("cve")
last_modified = parse_datetime(r.headers["last-modified"], ignoretz=True)
if i is not None:
if last_modified == i["last-modified"]:
print("Not modified")
sys.exit(0)
db.setColUpdate("cve", last_modified)
# get your parser on !!
parser = make_parser()
ch = CVEHandler()
parser.setContentHandler(ch)
parser.parse(f)
for item in ch.cves:
# check if the CVE already exists.
x = db.getCVE(item["id"])
# if so, update the entry.
if x:
if "cvss" not in item:
item["cvss"] = None
if "cwe" not in item:
item["cwe"] = defaultvalue["cwe"]
db.updateCVE(item)
else:
db.insertCVE(item)
# get the 'recent' file
getfile = file_prefix + file_rec + file_suffix
try:
(f, r) = Configuration.getFile(Configuration.getCVEDict() + getfile, compressed=True)
except:
sys.exit(
