Esempio n. 1
0
 def get(self, request):
     """
     Metoda zwracajace dostawców dla których wykryto podatności Common Vulnerabilities and Exposures (CVE)
     na podstawie zapytania GET HTTP użytkownika. Wymaga uzupełnionych danych la serwisów trzecich.
     :tags: CVE
     :param request: obiekt dla widoku Django z informacjami od użytkownika
     :return: dane w postaci json zawierajace ingormacje o dostawcach dla których istnieją podntości CVE
     """
     try:
         credentials = Credential().cve_search
         connector = CVEConnector(credentials)
         vendors = connector.get_vendors_list()
         return Response(vendors)
     except CredentialsNotFoundError:
         host_address = Common(request).host_address
         settings_url = host_address + reverse('settings')
         return Response(
             {
                 "error": "Unable to get vendor list.",
                 "details": f"Please check settings on {settings_url}"
             },
             status=status.HTTP_400_BAD_REQUEST)
     except BaseException as ex:
         return Response(
             {
                 "error": "Unable to get vendor list.",
                 "details": str(ex)
             },
             status=status.HTTP_400_BAD_REQUEST)
Esempio n. 2
0
    def get_censys_data(self):
        try:
            credentials = Credential().censys
            connector = CensysConnector(credentials)
        except CredentialsNotFoundError:
            settings_url = self.host_address + reverse('settings')
            return {
                "censys": {
                    "error":
                    "Unable to get data from service http://censys.io/. "
                    "Please create account on https://censys.io/ and add valid credentials "
                    f"for SARENKA app on {settings_url}"
                }
            }
        try:
            response = connector.search_by_ip(self.host).to_json  #
            response.update({"banners": self.get_banner(response["ports"])})
            return response
        except Exception as ex:
            print(ex)
            print(type(ex))

            # censys nie udostępnia do importu klasy exceptionu CensysNotFoundException o.Ó
            return {
                "censys": {
                    "error":
                    f"Censys doesn't know anything about this {self.host} host"
                }
            }
Esempio n. 3
0
 def response(ip_address):
     """Zwraca dane w formie jsona dla widoku Django"""
     try:
         credentials = Credential().censys
         connector = CensysConnector(credentials)
         response = connector.search_by_ip(ip_address)
         return response.to_json  # TODO zmienić na serializatory
     except CredentialsNotFoundError:
         raise CensysHostSearchError(
             "Invalid settings for service https://censys.io/")
Esempio n. 4
0
 def setUp(self):
     self.shodan_credentials = Credential(self.credentials_file_path).shodan
Esempio n. 5
0
        response = Connector.connect(self.vendor)
        return response['vendor']

    def get_vendor_products(self, vendor: str):
        url = f'{self.vendor}{vendor}/'
        response = requests.get(url)
        return response

    def get_product(self, vendor: str, product: str):
        url = f'{self.vendor}{vendor}/{product}'
        response = requests.get(url)
        return response

    def get_db_info(self: str):
        response = requests.get(self.db_info)
        return response


if __name__ == "__main__":
    # \sarenka\backend>python connectors\cve_search\connector.py
    credentials = Credential().cve_search
    connector = Connector(credentials)
    response = connector.search_by_cve_code("CVE-2010-3333")
    for p in response.products:
        print(p)
    # print(connector.get_last_30_cves())
    # print(connector.get_vendors_list())
    # print(connector.get_vendor_products("microsoft"))
    # print(connector.get_product("microsoft","office"))
    # print(connector.get_db_info())
Esempio n. 6
0
 def setUp(self):
     self.censys_credentials = Credential().censys
Esempio n. 7
0
 def setUp(self):
     self.shodan_credentials = Credential(self.credentials_file_path).shodan
     self.connector = Connector(self.shodan_credentials)                
     host_data = {"ip_str": "my_test_ip"}
     host = HostWrapper(host_data, "my_software_name")
Esempio n. 8
0
    def search_by_website(self, domain):
        return self.website.view(domain)

    def search_favicon_murmur3(self,
                               ip):  #TODO spiąc z głównym jsonem odpowiedzi
        """ Wartośc niekryptogrficznego hasha dla faviconki strony"""
        favicon_hash = None
        try:
            response = requests.get('https://cybersecurity.wtf/favicon.ico')
            favicon = codecs.encode(response.content, "base64")
            favicon_hash = mmh3.hash(favicon)
        except BaseException as ex:
            # nie każda strona webowa ma favikonki
            pass

        return {"favicon_hash": favicon_hash}


if __name__ == "__main__":
    censys_credentials = Credential().censys
    connector = Connector(censys_credentials)
    response = connector.search_by_ip("8.8.8.8")  #
    # response = connector.search_by_ip("212.77.98.9") # dziala
    # response = connector.search_by_ip("50.56.73.47") # dziala
    Common.save_dict_to_file("8_8_8_8.json", response.to_json)

    # print(response)
    # Common.save_dict_to_file("C:\\Users\\dp\\Desktop\\sarenka\\backend\\connectors\\censys\\censys_ip.json", response)
    # print(connector.search_by_fingerprint("48177e03b47bdcb3b6ab28a92f8005b95302418cd5b9ede77a97eb918e4a2da2"))
    # print(connector.search_by_fingerprint("48177e03b47bdcb3b6ab28a92f8005b95302418cd5b9ede77a97eb918e4a2da2"))
 def setUp(self):
     self.connector = connector.Connector(
         Credential(self.credentials_file_path).cve_search)
     self.existing_cve_code = "CVE-2019-1010298"
     self.not_existing_cve_code = "CVE-2012-0000000"