def start(self,port=None,systems=None): connect = Configuration.getMongoConnection() self.db = connect['cves'] self.systems=systems app = Flask(__name__, static_folder='static', static_url_path='/static') app.config['MONGO_DBNAME'] = Configuration.getMongoDB() # functions def getEnhance(): for system in self.systems: cpe=system['cpe'] if cpe: system['cves']=list(self.db.find({'vulnerable_configuration': system['cpe']})) #get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: service['cves']=list(self.db.find({'vulnerable_configuration':service['cpe']})) #get dpe info for service return systems # routes @app.route('/') def index(): systems=getEnhance() return render_template('index.html', systems=systems) @app.route('/cve/<cveid>') def cve(cveid): cvesp = cves.last(rankinglookup = True, namelookup = True, vfeedlookup = True) cve = cvesp.getcve(cveid=cveid) if cve is None: return page_not_found(404) cve = markCPEs(cve) return render_template('cve.html', cve=cve) # filters @app.template_filter('product') def product(banner): if banner: p=re.search('(product:).([^\s]+)', banner) return p.group(2) else: return "unknown" # debug filter @app.template_filter('type') def isType(var): return type(var) #start webserver app.run(host='127.0.0.1', port=5000, debug=True)
import signal from User import User from Config import Configuration import cves from db_whitelist import * from db_blacklist import * # parse command line arguments argparser = argparse.ArgumentParser(description='populate/update the whitelist used in webviews') argparser.add_argument('-v', action='store_true', help='verbose output') args = argparser.parse_args() # variables app = Flask(__name__, static_folder='static', static_url_path='/static') app.config['MONGO_DBNAME'] = Configuration.getMongoDB() app.config['SECRET_KEY'] = str(random.getrandbits(256)) pageLength = Configuration.getPageLength() # login manager login_manager = LoginManager() login_manager.init_app(app) # db connectors mongo = PyMongo(app) db = Configuration.getMongoConnection() redisdb = Configuration.getRedisVendorConnection() # functions def matchFilePath(path): pattern = re.compile('^([a-zA-Z/ 0-9._-])+$') if pattern.match(path):
def nbelement(db = Configuration.getMongoDB(), collection = None): if collection is None: collection = "cves" c = Configuration.getMongoConnection() return c[collection].count()