def getCriticalCVE(): conn = get_db_connection() db_result = conn.execute('SELECT * FROM CVE_DATA', ).fetchall() critical_cve_id = [] cve_list_CRITICAL = [] count = 0 for result in db_result: current_cve = [] for data in result: current_cve.append(data) current_cve.pop(0) if current_cve[3] != "N/A": current_cve[3] = current_cve[3].split(" ")[0] if 9.0 < float(current_cve[3]) <= 10: critical_cve_id.append(current_cve[0]) count += 1 for cve in critical_cve_id: infos = getRegisteredCveInfos(cve, full=False) it = [] it.append(infos['cve_id']) it.append(infos['cve_description']) it.append(infos['cve_date']) it.append(infos['cve_score']) it.append(infos['cve_status']) it.append(infos['cve_cpe']) it.append(infos['cve_sources']) it.append(infos['cve_mgmt_status']) cve_list_CRITICAL.append(it) if count == 0: result = False return render_template('details-cve-critical.html', result=result) else: return render_template('details-cve-critical.html', cve_list_CRITICAL=cve_list_CRITICAL)
def cveUpdates(): conn = get_db_connection() script_path = os.path.abspath(__file__) dir_path = script_path.replace("secmon_web.py", "") logfile = dir_path + "logs.txt" count = 0 cves = [] if os.path.isfile(logfile) == True: for line in reversed(list(open(logfile, encoding='utf8'))): if "cve_updater" in line and 'type="update"' in line: it = [] cve_id = re.findall('CVE-\d{4}-\d{4,7}', line)[0] it.append(cve_id) it.append( line.split('"')[23].replace('message="', "").replace('"', " ")) cves.append(it) count += 1 if count >= 20: break if cves == []: return render_template('cve-updates.html', cves=cves, no_updates="No CVE updates found recently.") else: return render_template('cve-updates.html', cves=cves)
def cveAlerts(): conn = get_db_connection() script_path = os.path.abspath(__file__) dir_path = script_path.replace("secmon_web.py", "") logfile = dir_path + "logs.txt" count = 0 cves = [] if os.path.isfile(logfile) == True: for line in reversed(list(open(logfile, encoding='utf8'))): if """source_script="cve_poller" """ in line and """type="new" """ in line: it = [] cve_id = re.findall('CVE-\d{4}-\d{4,7}', line)[0] infos = getRegisteredCveInfos(cve_id, full=False) if infos != None: it.append(infos['cve_id']) it.append(infos['cve_description']) it.append(infos['cve_date']) it.append(infos['cve_score']) it.append(infos['cve_status']) it.append(infos['cve_cpe']) it.append(infos['cve_sources']) it.append(infos['cve_mgmt_status']) else: it.append(cve_id) it.append( "This CVE is no longer in the database. This may be due to a deletion of the product that concerns it." ) cves.append(it) count += 1 if count >= 10: break if cves == []: return render_template('cve-alerts.html', cves=cves, no_alerts="No alert for the moment.") else: return render_template('cve-alerts.html', cves=cves)
def rssNews(): conn = get_db_connection() script_path = os.path.abspath(__file__) dir_path = script_path.replace("secmon_web.py", "") logfile = dir_path + "logs.txt" count = 0 if os.path.isfile(logfile) == True: news = [] for line in reversed(list(open(logfile, encoding='utf8'))): if "rss_poller" in line: log_rss_url = line.split('"')[11].replace('news_url="', "").replace('"', "") data = conn.execute( "SELECT RSS_URL, title, rss_f, summary FROM RSS_DATA WHERE RSS_URL = (?);", (log_rss_url, )).fetchone() rss_data = [] if data != None: for r_data in data: rss_data.append(r_data) rss_data[3] = str(removeHTMLtags(rss_data[3])) current_entry = [ str(rss_data[0]), str(rss_data[1]), line.split('"')[5].replace('news_url="', "").replace('"', ""), str(rss_data[3]) ] news.append(current_entry) count += 1 if count >= 10: break if news == []: return render_template('rss-news.html', news=news, no_news="No news for the moment.") else: return render_template('rss-news.html', news=news)
__version__ = "2.0" __maintainer__ = "Aubin Custodio" __email__ = "*****@*****.**" from secmon_lib import writeNewExploitFoundLog, getUnexploitableCveIdList, getGithubAPISettings, getRegisteredCveInfos, get_db_connection, getUnregisteredCveInfos, getFormatedProductList, getCveByProduct, writeNewHighRiskProductLog, writeCveTypeLog from datetime import datetime import os, requests import cve_searchsploit as CS script_path = os.path.abspath(__file__) dir_path = script_path.replace("cve_updater.py", "") log_file = dir_path + "logs.txt" print("------------ CVE Module - Update ------------") timestamp = datetime.now().strftime("%d/%m/%Y %H:%M:%S") print("Starting at : " + timestamp) print("---------------------------------------------") CS.update_db() con = get_db_connection() cur = con.cursor() cve_list = getUnexploitableCveIdList() for cve in cve_list: exploitdb_exploits = CS.edbid_from_cve(cve) if len(exploitdb_exploits) > 0: cur.execute( "UPDATE CVE_DATA SET EXPLOIT_FIND = (?) WHERE CVE_ID = (?)", ("True", cve)) con.commit() print("Exploit found for " + cve + " from Exploit-DB") writeNewExploitFoundLog( "cve_updater", "exploit-db", cve, f"New(s) exploit found for {cve} from Exploit-DB !") print("\nSearch Github Exploit for registered CVE...") cve_list = getUnexploitableCveIdList()