def _userAlowed(self, user): if user.is_authenticated(): group = db.p_readSetting(self.collectionName, "group") if not group: db.p_writeSetting(self.collectionName, "group", []) group = [] if user.get_id() in group: return True return False
def __init__(self): self.name = "Notes" self.requiresAuth = True self.collectionName = "notes" self.noteText=''' <textarea id="noteID_%s" cols="50">%s</textarea> %s <a onclick="$.getJSON('/plugin/%s/_cve_action/save',{cve: '%s', id: '%s', text: $('#noteID_%s').val()},function(data){parseStatus(data);window.location='/cve/%s'});"> <span class="glyphicon glyphicon-save" aria-hidden="true"></span></a>''' self.noteRemove=''' <a onclick="$.getJSON('/plugin/%s/_cve_action/delete',{cve: '%s', id: '%s'},function(data){parseStatus(data);window.location='/cve/%s'})"> <span class="glyphicon glyphicon-remove" aria-hidden="true"></span></a>''' # Ensure the database settings exist nid = db.p_readSetting(self.collectionName, "last_note") if not nid: db.p_writeSetting(self.collectionName, "last_note", 0)
def onDatabaseUpdate(self): lastUpdate = db.p_readSetting(self.collectionName, "last_update") now = datetime.utcnow().replace(tzinfo = pytz.utc) if lastUpdate: last = dateutil.parser.parse(lastUpdate) delta = now - last since = "%sm"%math.ceil(delta.total_seconds()/60) else: since = "" if self.url and self.key: try: # Misp interface misp = PyMISP(self.url, self.key, True, 'json') except: return "[-] Failed to connect to MISP. Wrong URL?" try: # Fetch data misp_last = misp.download_last(since) # Check data if 'message' in misp_last.keys(): if misp_last['message'].lower().startswith('no matches'): return "[+] MISP collection updated (0 updates)" elif misp_last['message'].startswith('Authentication failed.'): return "[-] MISP Authentication failed" if not 'response' in misp_last: print(misp_last); return "[-] Error occured while fetching MISP data" # Nothing wrong so far, so let's continue bulk =[] for entry in progressbar(misp_last['response']): # Get info attrs=entry['Event']['Attribute'] CVEs= [x['value'] for x in attrs if x['type'] == 'vulnerability'] if len(CVEs) == 0: continue threats= [x['value'] for x in attrs if x['category'] == 'Attribution' and x['type'] == 'threat-actor'] tags = [x['value'] for x in attrs if x['category'] == 'Other' and x['type'] == 'text'] tags.extend([x['value'] for x in attrs if x['category'] == 'External analysis' and x['type'] == 'text']) # Add info to each CVE for cve in CVEs: item={'id':cve} if len(threats) !=0: item['threats'] = threats if len(tags) !=0: item['tags'] = tags if len(item.keys())>1: bulk.append(item) # Avoid empty collections db.p_bulkUpdate(self.collectionName, "id", bulk) #update database info after successful program-run db.p_writeSetting(self.collectionName, "last_update", now.strftime("%a, %d %h %Y %H:%M:%S %Z")) return "[+] MISP collection updated (%s updates)"%len(bulk) except Exception as e: print(e);print(e);return "[-] Something went wrong..." else: return "[-] MISP credentials not specified"
def onCVEAction(self, cve, action, **args): if args["current_user"].is_authenticated(): if action == "save": data = db.p_queryOne(self.collectionName, {'cve': cve}) user = args["current_user"].get_id() # Ensure the entry exists if not data: db.p_addEntry(self.collectionName, {"cve": cve, "notes": []}) # Get note if exists: self._deleteIfExists(cve, user, int(args["fields"]["id"][0])) # Add note nid = db.p_readSetting(self.collectionName, "last_note") + 1 db.p_addToList(self.collectionName, {'cve': cve}, "notes", {'id': nid, 'user': user, 'notes': args["fields"]["text"][0]}) # Update last note id db.p_writeSetting(self.collectionName, "last_note", nid) return True elif action == "delete": user = args["current_user"].get_id() self._deleteIfExists(cve, user, int(args["fields"]["id"][0])) return True
def _getSetting(self, setting, default): s = db.p_readSetting(self.collection, setting) if s is None: db.p_writeSetting(self.collection, setting, default) s = default return s
if __name__ == '__main__': import argparse argParser = argparse.ArgumentParser(description='Management interface for adding and deleting users from collaboration groups') argParser.add_argument('-a', type=str, action='append', help='Append user') argParser.add_argument('-d', type=str, action='append', help='Delete user') argParser.add_argument('-c', type=str, help='Collection to manipulate') argParser.add_argument('--drop', action="store_true", help='Drop the collection specified') args = argParser.parse_args() if args.a or args.d: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) # Get list of users users = db.p_readSetting(collection, "group") if not users: users = [] if type(users) is not list: users = [users] a = args.a if args.a else [] d = args.d if args.d else [] for user in a: if user not in users: users.append(user) for user in d: if user in users: users.remove(user) db.p_writeSetting(collection, "group", users) elif args.drop: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c)
'Management interface for adding and deleting users from collaboration groups' ) argParser.add_argument('-a', type=str, action='append', help='Append user') argParser.add_argument('-d', type=str, action='append', help='Delete user') argParser.add_argument('-c', type=str, help='Collection to manipulate') argParser.add_argument('--drop', action="store_true", help='Drop the collection specified') args = argParser.parse_args() if args.a or args.d: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) # Get list of users users = db.p_readSetting(collection, "group") if not users: users = [] if type(users) is not list: users = [users] a = args.a if args.a else [] d = args.d if args.d else [] for user in a: if user not in users: users.append(user) for user in d: if user in users: users.remove(user) db.p_writeSetting(collection, "group", users) elif args.drop: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c)