def _userAlowed(self, user):
if user.is_authenticated():
group = db.p_readSetting(self.collectionName, "group")
if not group:
db.p_writeSetting(self.collectionName, "group", [])
group = []
if user.get_id() in group:
return True
return False
def _userAlowed(self, user):
if user.is_authenticated():
group = db.p_readSetting(self.collectionName, "group")
if not group:
db.p_writeSetting(self.collectionName, "group", [])
group = []
if user.get_id() in group:
return True
return False
def __init__(self):
self.name = "Notes"
self.requiresAuth = True
self.collectionName = "notes"
self.noteText='''
<textarea id="noteID_%s" cols="50">%s</textarea>
%s
<a onclick="$.getJSON('/plugin/%s/_cve_action/save',{cve: '%s', id: '%s', text: $('#noteID_%s').val()},function(data){parseStatus(data);window.location='/cve/%s'});">
<span class="glyphicon glyphicon-save" aria-hidden="true"></span></a>'''
self.noteRemove='''
<a onclick="$.getJSON('/plugin/%s/_cve_action/delete',{cve: '%s', id: '%s'},function(data){parseStatus(data);window.location='/cve/%s'})">
<span class="glyphicon glyphicon-remove" aria-hidden="true"></span></a>'''
# Ensure the database settings exist
nid = db.p_readSetting(self.collectionName, "last_note")
if not nid: db.p_writeSetting(self.collectionName, "last_note", 0)
def onDatabaseUpdate(self):
lastUpdate = db.p_readSetting(self.collectionName, "last_update")
now = datetime.utcnow().replace(tzinfo = pytz.utc)
if lastUpdate:
last = dateutil.parser.parse(lastUpdate)
delta = now - last
since = "%sm"%math.ceil(delta.total_seconds()/60)
else:
since = ""
if self.url and self.key:
try:
# Misp interface
misp = PyMISP(self.url, self.key, True, 'json')
except:
return "[-] Failed to connect to MISP. Wrong URL?"
try:
# Fetch data
misp_last = misp.download_last(since)
# Check data
if 'message' in misp_last.keys():
if misp_last['message'].lower().startswith('no matches'): return "[+] MISP collection updated (0 updates)"
elif misp_last['message'].startswith('Authentication failed.'): return "[-] MISP Authentication failed"
if not 'response' in misp_last: print(misp_last); return "[-] Error occured while fetching MISP data"
# Nothing wrong so far, so let's continue
bulk =[]
for entry in progressbar(misp_last['response']):
# Get info
attrs=entry['Event']['Attribute']
CVEs= [x['value'] for x in attrs if x['type'] == 'vulnerability']
if len(CVEs) == 0: continue
threats= [x['value'] for x in attrs if x['category'] == 'Attribution' and x['type'] == 'threat-actor']
tags = [x['value'] for x in attrs if x['category'] == 'Other' and x['type'] == 'text']
tags.extend([x['value'] for x in attrs if x['category'] == 'External analysis' and x['type'] == 'text'])
# Add info to each CVE
for cve in CVEs:
item={'id':cve}
if len(threats) !=0: item['threats'] = threats
if len(tags) !=0: item['tags'] = tags
if len(item.keys())>1: bulk.append(item) # Avoid empty collections
db.p_bulkUpdate(self.collectionName, "id", bulk)
#update database info after successful program-run
db.p_writeSetting(self.collectionName, "last_update", now.strftime("%a, %d %h %Y %H:%M:%S %Z"))
return "[+] MISP collection updated (%s updates)"%len(bulk)
except Exception as e: print(e);print(e);return "[-] Something went wrong..."
else: return "[-] MISP credentials not specified"
def onCVEAction(self, cve, action, **args):
if args["current_user"].is_authenticated():
if action == "save":
data = db.p_queryOne(self.collectionName, {'cve': cve})
user = args["current_user"].get_id()
# Ensure the entry exists
if not data: db.p_addEntry(self.collectionName, {"cve": cve, "notes": []})
# Get note if exists:
self._deleteIfExists(cve, user, int(args["fields"]["id"][0]))
# Add note
nid = db.p_readSetting(self.collectionName, "last_note") + 1
db.p_addToList(self.collectionName, {'cve': cve}, "notes", {'id': nid, 'user': user, 'notes': args["fields"]["text"][0]})
# Update last note id
db.p_writeSetting(self.collectionName, "last_note", nid)
return True
elif action == "delete":
user = args["current_user"].get_id()
self._deleteIfExists(cve, user, int(args["fields"]["id"][0]))
return True
def _getSetting(self, setting, default):
s = db.p_readSetting(self.collection, setting)
if s is None:
db.p_writeSetting(self.collection, setting, default)
s = default
return s
if __name__ == '__main__':
import argparse
argParser = argparse.ArgumentParser(description='Management interface for adding and deleting users from collaboration groups')
argParser.add_argument('-a', type=str, action='append', help='Append user')
argParser.add_argument('-d', type=str, action='append', help='Delete user')
argParser.add_argument('-c', type=str, help='Collection to manipulate')
argParser.add_argument('--drop', action="store_true", help='Drop the collection specified')
args = argParser.parse_args()
if args.a or args.d:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
# Get list of users
users = db.p_readSetting(collection, "group")
if not users: users = []
if type(users) is not list: users = [users]
a = args.a if args.a else []
d = args.d if args.d else []
for user in a:
if user not in users:
users.append(user)
for user in d:
if user in users:
users.remove(user)
db.p_writeSetting(collection, "group", users)
elif args.drop:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
'Management interface for adding and deleting users from collaboration groups'
)
argParser.add_argument('-a', type=str, action='append', help='Append user')
argParser.add_argument('-d', type=str, action='append', help='Delete user')
argParser.add_argument('-c', type=str, help='Collection to manipulate')
argParser.add_argument('--drop',
action="store_true",
help='Drop the collection specified')
args = argParser.parse_args()
if args.a or args.d:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
# Get list of users
users = db.p_readSetting(collection, "group")
if not users: users = []
if type(users) is not list: users = [users]
a = args.a if args.a else []
d = args.d if args.d else []
for user in a:
if user not in users:
users.append(user)
for user in d:
if user in users:
users.remove(user)
db.p_writeSetting(collection, "group", users)
elif args.drop:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
