Python DatabaseLayer.getRules Exemples

Exemple #1

Fichier : index.py Projet : jefflaporte/cve-search

def filter_logic(f, limit, skip):
    query = []
    # retrieving lists
    if f['blacklistSelect'] == "on":
        regexes = db.getRules('blacklist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                  {'vulnerable_configuration': {'$exists': False}},
                                  {'vulnerable_configuration': []}
                                  ]})
    if f['whitelistSelect'] == "hide":
        regexes = db.getRules('whitelist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                  {'vulnerable_configuration': {'$exists': False}},
                                  {'vulnerable_configuration': []}
                                  ]})
    if f['unlistedSelect'] == "hide":
        wlregexes = compile(db.getRules('whitelist'))
        blregexes = compile(db.getRules('blacklist'))
        query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
                              {'vulnerable_configuration': {'$in': blregexes}}]})
    if f['rejectedSelect'] == "hide":
        exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
        query.append({'summary': re.compile(exp)})

    # plugin filters
    query.extend(plugManager.doFilter(f, **pluginArgs()))

    # cvss logic
    if f['cvssSelect'] == "above":    query.append({'cvss': {'$gt': float(f['cvss'])}})
    elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])})
    elif f['cvssSelect'] == "below":  query.append({'cvss': {'$lt': float(f['cvss'])}})

    # date logic
    if f['timeSelect'] != "all":
        if f['startDate']:
            startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True)
        if f['endDate']:
            endDate   = parse_datetime(f['endDate'],   ignoretz=True, dayfirst=True)

        if f['timeSelect'] == "from":
            query.append({f['timeTypeSelect']: {'$gt': startDate}})
        if f['timeSelect'] == "until":
            query.append({f['timeTypeSelect']: {'$lt': endDate}})
        if f['timeSelect'] == "between":
            query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}})
        if f['timeSelect'] == "outside":
            query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]})
    cve=db.getCVEs(limit=limit, skip=skip, query=query)
    # marking relevant records
    if f['whitelistSelect'] == "on":   cve = whitelist_mark(cve)
    if f['blacklistSelect'] == "mark": cve = blacklist_mark(cve)
    plugManager.mark(cve, **pluginArgs())
    cve = list(cve)
    return cve

Exemple #2

Fichier : Reporting.py Projet : ekmixon/Plugins-1

  def filter_logic(self, f, limit, skip, plugManager, **args):
    query = []
    # retrieving lists
    if f['blacklistSelect'] == "on":
      regexes = db.getRules('blacklist')
      if len(regexes) != 0:
        exp = "^(?!" + "|".join(regexes) + ")"
        query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                              {'vulnerable_configuration': {'$exists': False}},
                              {'vulnerable_configuration': []}
                              ]})
    if f['whitelistSelect'] == "hide":
      regexes = db.getRules('whitelist')
      if len(regexes) != 0:
        exp = "^(?!" + "|".join(regexes) + ")"
        query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                              {'vulnerable_configuration': {'$exists': False}},
                              {'vulnerable_configuration': []}
                              ]})
    if f['unlistedSelect'] == "hide":
      wlregexes = compile(db.getRules('whitelist'))
      blregexes = compile(db.getRules('blacklist'))
      query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
                            {'vulnerable_configuration': {'$in': blregexes}}]})
    if f['rejectedSelect'] == "hide":
      exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
      query.append({'summary': re.compile(exp)})

    # plugin filters
    query.extend(plugManager.doFilter(f, **args))

    # cvss logic
    if f['cvssSelect'] == "above":    query.append({'cvss': {'$gt': float(f['cvss'])}})
    elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])})
    elif f['cvssSelect'] == "below":  query.append({'cvss': {'$lt': float(f['cvss'])}})

    # date logic
    if f['timeSelect'] != "all":
      if f['startDate']:
        startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True)
      if f['endDate']:
        endDate   = parse_datetime(f['endDate'],   ignoretz=True, dayfirst=True)
      
      if f['timeSelect'] == "from":
        query.append({f['timeTypeSelect']: {'$gt': startDate}})
      if f['timeSelect'] == "until":
        query.append({f['timeTypeSelect']: {'$lt': endDate}})
      if f['timeSelect'] == "between":
        query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}})
      if f['timeSelect'] == "outside":
        query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]})
    cve=db.getCVEs(limit=limit, skip=skip, query=query)
    # marking relevant records
    if f['whitelistSelect'] == "on":   cve = self.whitelist_mark(cve)
    if f['blacklistSelect'] == "mark": cve = self.blacklist_mark(cve)
    plugManager.mark(cve, **args)
    cve = list(cve)
    return cve

Exemple #3

 def generate_full_query(self, f):
     query = self.generate_minimal_query(f)
     if current_user.is_authenticated():
         if f['blacklistSelect'] == "on":
             regexes = db.getRules('blacklist')
             if len(regexes) != 0:
                 exp = "^(?!" + "|".join(regexes) + ")"
                 query.append({
                     '$or': [{
                         'vulnerable_configuration': re.compile(exp)
                     }, {
                         'vulnerable_configuration': {
                             '$exists': False
                         }
                     }, {
                         'vulnerable_configuration': []
                     }]
                 })
         if f['whitelistSelect'] == "hide":
             regexes = db.getRules('whitelist')
             if len(regexes) != 0:
                 exp = "^(?!" + "|".join(regexes) + ")"
                 query.append({
                     '$or': [{
                         'vulnerable_configuration': re.compile(exp)
                     }, {
                         'vulnerable_configuration': {
                             '$exists': False
                         }
                     }, {
                         'vulnerable_configuration': []
                     }]
                 })
         if f['unlistedSelect'] == "hide":
             wlregexes = tk.compile(db.getRules('whitelist'))
             blregexes = tk.compile(db.getRules('blacklist'))
             query.append({
                 '$or': [{
                     'vulnerable_configuration': {
                         '$in': wlregexes
                     }
                 }, {
                     'vulnerable_configuration': {
                         '$in': blregexes
                     }
                 }]
             })
     return query

Exemple #4

    def markCPEs(self, cve):
        blacklist = tk.compile(db.getRules('blacklist'))
        whitelist = tk.compile(db.getRules('whitelist'))

        for conf in cve['vulnerable_configuration']:
            conf['list'] = 'none'
            conf['match'] = 'none'
            for w in whitelist:
                if w.match(conf['id']):
                    conf['list'] = 'white'
                    conf['match'] = w
            for b in blacklist:
                if b.match(conf['id']):
                    conf['list'] = 'black'
                    conf['match'] = b
        return cve

Exemple #5

Fichier : index.py Projet : crudbug/cve-search

def markCPEs(cve):
    blacklist = compile(dbLayer.getRules('blacklist'))
    whitelist = compile(dbLayer.getRules('whitelist'))

    for conf in cve['vulnerable_configuration']:
        conf['list'] = 'none'
        conf['match'] = 'none'
        for w in whitelist:
            if w.match(conf['id']):
                conf['list'] = 'white'
                conf['match'] = w
        for b in blacklist:
            if b.match(conf['id']):
                conf['list'] = 'black'
                conf['match'] = b
    return cve

Exemple #6

Fichier : index.py Projet : santosomar/cve-search

def markCPEs(cve):
    blacklist = compile(db.getRules("blacklist"))
    whitelist = compile(db.getRules("whitelist"))

    for conf in cve["vulnerable_configuration"]:
        conf["list"] = "none"
        conf["match"] = "none"
        for w in whitelist:
            if w.match(conf["id"]):
                conf["list"] = "white"
                conf["match"] = w
        for b in blacklist:
            if b.match(conf["id"]):
                conf["list"] = "black"
                conf["match"] = b
    return cve

Exemple #7

Fichier : index.py Projet : adulau/cve-search

 def list_mark(self, listed, cveList):
   if listed not in ['white', 'black']: return list(cves)
   items = tk.compile(db.getRules(listed+'list'))
   # check the cpes (full or partially) in the black/whitelist
   for i, cve in enumerate(list(cveList)): # the list() is to ensure we don't have a pymongo cursor object
     for c in cve['vulnerable_configuration']:
       if any(regex.match(c) for regex in items):
         cveList[i][listed+'listed'] = 'yes'
   return cveList

Exemple #8

Fichier : index.py Projet : natan04/cve-search

 def list_mark(self, listed, cveList):
   if listed not in ['white', 'black']: return list(cves)
   items = tk.compile(db.getRules(listed+'list'))
   # check the cpes (full or partially) in the black/whitelist
   for i, cve in enumerate(list(cveList)): # the list() is to ensure we don't have a pymongo cursor object
     for c in cve['vulnerable_configuration']:
       if any(regex.match(c) for regex in items):
         cveList[i][listed+'listed'] = 'yes'
   return cveList

Exemple #9

Fichier : index.py Projet : crudbug/cve-search

def blacklist_mark(cve):
    blacklistitems = compile(dbLayer.getRules('blacklist'))
    # ensures we're working with a list object, in case we get a pymongo.cursor object
    cve = list(cve)
    # check the cpes (full or partially) in the blacklist
    for cveid in cve:
        cpes = cveid['vulnerable_configuration']
        for c in cpes:
            if any(regex.match(c) for regex in blacklistitems):
                cve[cve.index(cveid)]['blacklisted'] = 'yes'
    return cve

Exemple #10

Fichier : index.py Projet : slox3r/cve-search

def blacklist_mark(cve):
    blacklistitems = compile(db.getRules('blacklist'))
    # ensures we're working with a list object, in case we get a pymongo.cursor object
    cve = list(cve)
    # check the cpes (full or partially) in the blacklist
    for cveid in cve:
        cpes = cveid['vulnerable_configuration']
        for c in cpes:
            if any(regex.match(c) for regex in blacklistitems):
                cve[cve.index(cveid)]['blacklisted'] = 'yes'
    return cve

Exemple #11

Fichier : index.py Projet : santosomar/cve-search

def whitelist_mark(cve):
    whitelistitems = compile(db.getRules("whitelist"))
    # ensures we're working with a list object, in case we get a pymongo.cursor object
    cve = list(cve)
    # check the cpes (full or partially) in the whitelist
    for cveid in cve:
        cpes = cveid["vulnerable_configuration"]
        for c in cpes:
            if any(regex.match(c) for regex in whitelistitems):
                cve[cve.index(cveid)]["whitelisted"] = "yes"
    return cve

Exemple #12

Fichier : index.py Projet : adulau/cve-search

 def generate_full_query(self, f):
   query = self.generate_minimal_query(f)
   if current_user.is_authenticated():
       if f['blacklistSelect'] == "on":
           regexes = db.getRules('blacklist')
           if len(regexes) != 0:
               exp = "^(?!" + "|".join(regexes) + ")"
               query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                     {'vulnerable_configuration': {'$exists': False}},
                                     {'vulnerable_configuration': []} ]})
       if f['whitelistSelect'] == "hide":
           regexes = db.getRules('whitelist')
           if len(regexes) != 0:
               exp = "^(?!" + "|".join(regexes) + ")"
               query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                     {'vulnerable_configuration': {'$exists': False}},
                                     {'vulnerable_configuration': []} ]})
       if f['unlistedSelect'] == "hide":
           wlregexes = tk.compile(db.getRules('whitelist'))
           blregexes = tk.compile(db.getRules('blacklist'))
           query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
                                 {'vulnerable_configuration': {'$in': blregexes}}]})
   return query

Exemple #13

Fichier : index.py Projet : crudbug/cve-search

def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate,
                 timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, limit, skip):
    query = []
    # retrieving lists
    if blacklist == "on":
        regexes = dbLayer.getRules('blacklist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                  {'vulnerable_configuration': {'$exists': False}},
                                  {'vulnerable_configuration': []}
                                  ]})
    if whitelist == "hide":
        regexes = dbLayer.getRules('whitelist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
                                  {'vulnerable_configuration': {'$exists': False}},
                                  {'vulnerable_configuration': []}
                                  ]})
    if unlisted == "hide":
        wlregexes = compile(dbLayer.getRules('whitelist'))
        blregexes = compile(dbLayer.getRules('blacklist'))
        query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
                              {'vulnerable_configuration': {'$in': blregexes}}]})
    if rejectedSelect == "hide":
        exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
        query.append({'summary': re.compile(exp)})

    if current_user.is_authenticated():
      if hideSeen == "hide":
        query.append({'id': {"$nin":dbLayer.seenCVEs(current_user.get_id())}})

    # cvss logic
    if cvssSelect != "all":
        if cvssSelect == "above":
            query.append({'cvss': {'$gt': float(cvss)}})
        if cvssSelect == "equals":
            query.append({'cvss': float(cvss)})
        if cvssSelect == "below":
            query.append({'cvss': {'$lt': float(cvss)}})
    # date logic
    if timeSelect != "all":
        startDate = convertDateToDBFormat(startDate)
        endDate = convertDateToDBFormat(endDate)
        if timeSelect == "from":
            query.append({timeTypeSelect: {'$gt': startDate}})
        if timeSelect == "until":
            query.append({timeTypeSelect: {'$lt': endDate}})
        if timeSelect == "between":
            query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
        if timeSelect == "outside":
            query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]})
    cve=dbLayer.getCVEs(limit=limit, skip=skip, query=query)
    # marking relevant records
    if whitelist == "on":
        cve = whitelist_mark(cve)
    if blacklist == "mark":
        cve = blacklist_mark(cve)
    seen_mark(cve)
    bookmarked_mark(cve)
    cve = list(cve)
    return cve

Exemple #14

Fichier : index.py Projet : softwaresecured/cve-search

def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate,
                 endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect,
                 hideSeen, limit, skip):
    query = []
    # retrieving lists
    if blacklist == "on":
        regexes = db.getRules('blacklist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({
                '$or': [{
                    'vulnerable_configuration': re.compile(exp)
                }, {
                    'vulnerable_configuration': {
                        '$exists': False
                    }
                }, {
                    'vulnerable_configuration': []
                }]
            })
    if whitelist == "hide":
        regexes = db.getRules('whitelist')
        if len(regexes) != 0:
            exp = "^(?!" + "|".join(regexes) + ")"
            query.append({
                '$or': [{
                    'vulnerable_configuration': re.compile(exp)
                }, {
                    'vulnerable_configuration': {
                        '$exists': False
                    }
                }, {
                    'vulnerable_configuration': []
                }]
            })
    if unlisted == "hide":
        wlregexes = compile(db.getRules('whitelist'))
        blregexes = compile(db.getRules('blacklist'))
        query.append({
            '$or': [{
                'vulnerable_configuration': {
                    '$in': wlregexes
                }
            }, {
                'vulnerable_configuration': {
                    '$in': blregexes
                }
            }]
        })
    if rejectedSelect == "hide":
        exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
        query.append({'summary': re.compile(exp)})

    if current_user.is_authenticated():
        if hideSeen == "hide":
            query.append({'id': {"$nin": db.seenCVEs(current_user.get_id())}})

    # cvss logic
    if cvssSelect != "all":
        if cvssSelect == "above":
            query.append({'cvss': {'$gt': float(cvss)}})
        if cvssSelect == "equals":
            query.append({'cvss': float(cvss)})
        if cvssSelect == "below":
            query.append({'cvss': {'$lt': float(cvss)}})
    # date logic
    if timeSelect != "all":
        startDate = convertDateToDBFormat(startDate)
        endDate = convertDateToDBFormat(endDate)
        if timeSelect == "from":
            query.append({timeTypeSelect: {'$gt': startDate}})
        if timeSelect == "until":
            query.append({timeTypeSelect: {'$lt': endDate}})
        if timeSelect == "between":
            query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
        if timeSelect == "outside":
            query.append({
                '$or': [{
                    timeTypeSelect: {
                        '$lt': startDate
                    }
                }, {
                    timeTypeSelect: {
                        '$gt': endDate
                    }
                }]
            })
    cve = db.getCVEs(limit=limit, skip=skip, query=query)
    # marking relevant records
    if whitelist == "on":
        cve = whitelist_mark(cve)
    if blacklist == "mark":
        cve = blacklist_mark(cve)
    seen_mark(cve)
    bookmarked_mark(cve)
    cve = list(cve)
    return cve