def onCVEAction(self, cve, action, **args): if action in ["json", "pdf", "webview"]: data = args["fields"]['scan'][0] store = bool(args["fields"]['store'][0]) tags = args["fields"]['tags'][0].split(",") notes = args["fields"]['notes'][0] data = self.handle_scan(data, action, tags, notes, store) return {'status': 'plugin_action_complete', 'data': data} elif action in ["save_settings"]: try: data = {"reaper.enable": toBool(args["fields"]["reaper_enable"][0]), "reaper.folder": args["fields"]["reaper_folder"][0], "reaper.store": toBool(args["fields"]["reaper_store"][0]), "output.enable": toBool(args["fields"]["output_enable"][0]), "output.type": args["fields"]["output_type"][0], "output.folder": args["fields"]["output_folder"][0] } if data["output.type"] not in ["json", "pdf", "webview"]: return False if not data["reaper.folder"]: data["reaper.folder"] = "./cve-scan" if not data["output.folder"]: data["output.folder"] = "./cve-scan-output" for key, val in data.items(): db.p_writeSetting(self.collection, key, val) self._set_reaper_status() except Exception as e: print(e) return False return True return False
def _userAlowed(self, user): if user.is_authenticated(): group = db.p_readSetting(self.collectionName, "group") if not group: db.p_writeSetting(self.collectionName, "group", []) group = [] if user.get_id() in group: return True return False
def onCVEAction(self, cve, action, **args): if action in ["json", "pdf", "webview"]: try: data = args["fields"]['scan'][0] store = bool(args["fields"]['store'][0]) tags = args["fields"]['tags'][0].split(",") notes = args["fields"]['notes'][0] nmap = self._parseNMap(data) if store: self._store_in_db(nmap, tags=tags, notes=notes) enhanced = self._enhance(nmap) if action == "json": returndata = json.dumps(enhanced, indent=2, default=json_util.default) elif action == "pdf": returndata = str( base64.b64encode(self._generatePDF(enhanced)), "utf-8") elif action == "webview": app = Flask(__name__, template_folder=os.path.join( callLocation, "templates")) with app.test_request_context("/"): returndata = render_template(self.html, scan=enhanced) return {'status': 'plugin_action_complete', 'data': returndata} except Exception as e: traceback.print_exc() elif action in ["save_settings"]: try: print(args["fields"]) data = { "reaper.enable": bool(args["fields"]["reaper_enable"][0]), "reaper.folder": args["fields"]["reaper_folder"][0], "reaper.store": bool(args["fields"]["reaper_store"][0]), "output.enable": bool(args["fields"]["output_enable"][0]), "output.type": args["fields"]["output_type"][0], "output.folder": args["fields"]["output_folder"][0] } if data["output.type"] not in ["json", "pdf", "webview"]: return False if not data["reaper.folder"]: data["reaper.folder"] = "./cve-scan" if not data["output.folder"]: data["output.folder"] = "./cve-scan-output" for key, val in data.items(): db.p_writeSetting(self.collection, key, val) except Exception as e: print(e) return False return True return False
def __init__(self): self.name = "Notes" self.requiresAuth = True self.collectionName = "notes" self.noteText=''' <textarea id="noteID_%s" cols="50">%s</textarea> %s <a onclick="$.getJSON('/plugin/%s/_cve_action/save',{cve: '%s', id: '%s', text: $('#noteID_%s').val()},function(data){parseStatus(data);window.location='/cve/%s'});"> <span class="glyphicon glyphicon-save" aria-hidden="true"></span></a>''' self.noteRemove=''' <a onclick="$.getJSON('/plugin/%s/_cve_action/delete',{cve: '%s', id: '%s'},function(data){parseStatus(data);window.location='/cve/%s'})"> <span class="glyphicon glyphicon-remove" aria-hidden="true"></span></a>''' # Ensure the database settings exist nid = db.p_readSetting(self.collectionName, "last_note") if not nid: db.p_writeSetting(self.collectionName, "last_note", 0)
def onDatabaseUpdate(self): lastUpdate = db.p_readSetting(self.collectionName, "last_update") now = datetime.utcnow().replace(tzinfo = pytz.utc) if lastUpdate: last = dateutil.parser.parse(lastUpdate) delta = now - last since = "%sm"%math.ceil(delta.total_seconds()/60) else: since = "" if self.url and self.key: try: # Misp interface misp = PyMISP(self.url, self.key, True, 'json') except: return "[-] Failed to connect to MISP. Wrong URL?" try: # Fetch data misp_last = misp.download_last(since) # Check data if 'message' in misp_last.keys(): if misp_last['message'].lower().startswith('no matches'): return "[+] MISP collection updated (0 updates)" elif misp_last['message'].startswith('Authentication failed.'): return "[-] MISP Authentication failed" if not 'response' in misp_last: print(misp_last); return "[-] Error occured while fetching MISP data" # Nothing wrong so far, so let's continue bulk =[] for entry in progressbar(misp_last['response']): # Get info attrs=entry['Event']['Attribute'] CVEs= [x['value'] for x in attrs if x['type'] == 'vulnerability'] if len(CVEs) == 0: continue threats= [x['value'] for x in attrs if x['category'] == 'Attribution' and x['type'] == 'threat-actor'] tags = [x['value'] for x in attrs if x['category'] == 'Other' and x['type'] == 'text'] tags.extend([x['value'] for x in attrs if x['category'] == 'External analysis' and x['type'] == 'text']) # Add info to each CVE for cve in CVEs: item={'id':cve} if len(threats) !=0: item['threats'] = threats if len(tags) !=0: item['tags'] = tags if len(item.keys())>1: bulk.append(item) # Avoid empty collections db.p_bulkUpdate(self.collectionName, "id", bulk) #update database info after successful program-run db.p_writeSetting(self.collectionName, "last_update", now.strftime("%a, %d %h %Y %H:%M:%S %Z")) return "[+] MISP collection updated (%s updates)"%len(bulk) except Exception as e: print(e);print(e);return "[-] Something went wrong..." else: return "[-] MISP credentials not specified"
def onCVEAction(self, cve, action, **args): if args["current_user"].is_authenticated(): if action == "save": data = db.p_queryOne(self.collectionName, {'cve': cve}) user = args["current_user"].get_id() # Ensure the entry exists if not data: db.p_addEntry(self.collectionName, {"cve": cve, "notes": []}) # Get note if exists: self._deleteIfExists(cve, user, int(args["fields"]["id"][0])) # Add note nid = db.p_readSetting(self.collectionName, "last_note") + 1 db.p_addToList(self.collectionName, {'cve': cve}, "notes", {'id': nid, 'user': user, 'notes': args["fields"]["text"][0]}) # Update last note id db.p_writeSetting(self.collectionName, "last_note", nid) return True elif action == "delete": user = args["current_user"].get_id() self._deleteIfExists(cve, user, int(args["fields"]["id"][0])) return True
def _getSetting(self, setting, default): s = db.p_readSetting(self.collection, setting) if s is None: db.p_writeSetting(self.collection, setting, default) s = default return s
argParser.add_argument('-c', type=str, help='Collection to manipulate') argParser.add_argument('--drop', action="store_true", help='Drop the collection specified') args = argParser.parse_args() if args.a or args.d: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) # Get list of users users = db.p_readSetting(collection, "group") if not users: users = [] if type(users) is not list: users = [users] a = args.a if args.a else [] d = args.d if args.d else [] for user in a: if user not in users: users.append(user) for user in d: if user in users: users.remove(user) db.p_writeSetting(collection, "group", users) elif args.drop: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) print("You are manipulating %s"%collection) confirm = input("Do you want to drop the user list? [y/N]") if confirm.lower() in ["y", "yes"]: db.p_deleteSettings(collection) confirm = input("Do you want to drop the data? [y/N]") if confirm.lower() in ["y", "yes"]: db.p_drop(collection)
action="store_true", help='Drop the collection specified') args = argParser.parse_args() if args.a or args.d: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) # Get list of users users = db.p_readSetting(collection, "group") if not users: users = [] if type(users) is not list: users = [users] a = args.a if args.a else [] d = args.d if args.d else [] for user in a: if user not in users: users.append(user) for user in d: if user in users: users.remove(user) db.p_writeSetting(collection, "group", users) elif args.drop: # Get collection to manipulate wd = Collaboration() collection = wd._createCollection(args.c) print("You are manipulating %s" % collection) confirm = input("Do you want to drop the user list? [y/N]") if confirm.lower() in ["y", "yes"]: db.p_deleteSettings(collection) confirm = input("Do you want to drop the data? [y/N]") if confirm.lower() in ["y", "yes"]: db.p_drop(collection)