def enum_exploits(self): """ list information from different sources related to exploits and PoCs """ # init local list signatures = [] # count self.cur.execute( "SELECT count(id) FROM exploits_db WHERE (source = '{tn}') and cve_id=? order by id".format(tn=self.source), self.query) self.count = self.cur.fetchone() self.cur.execute( "SELECT * FROM exploits_db WHERE (source = '{tn}') and cve_id=? order by id".format(tn=self.source), self.query) data = self.cur.fetchall() for i in range(0, self.count[0]): # setting exploit information sig_id = data[i][1] title = data[i][2] file = data[i][3] url = data[i][4] # formatting the response response = {"id": sig_id, "parameters": {"title": title, "file": file, "url": url}} signatures.append(response) return utility.check_list_data(signatures)
def enum_bulletins(self): """ list information from different sources related to advisories and bulletins""" signatures = [] # count self.cur.execute( "SELECT count(id) FROM advisory_db WHERE (source = '{tn}') and cve_id=? order by id" .format(tn=self.source), self.query) self.count = self.cur.fetchone() self.cur.execute( "SELECT * FROM advisory_db WHERE (source = '{tn}') and cve_id=?". format(tn=self.source), self.query) data = self.cur.fetchall() # only sources with valid data for i in range(0, self.count[0]): # setting advisories information type = data[i][0] sig_id = data[i][2] url = data[i][3] # formatting the response response = { "id": sig_id, "parameters": { "class": type, "url": url } } signatures.append(response) return utility.check_list_data(signatures)
def enum_rules(self): """ list information from different sources related to IPS and IDS""" signatures = [] # count self.cur.execute( "SELECT count(id) FROM detection_db WHERE (source = '{tn}') and cve_id=?" .format(tn=self.source), self.query) self.count = self.cur.fetchone() self.cur.execute( "SELECT * FROM detection_db WHERE (source = '{tn}') and cve_id=?". format(tn=self.source), self.query) data = self.cur.fetchall() for i in range(0, self.count[0]): # setting rules information sig_id = data[i][1] family = data[i][2] title = data[i][3] url = data[i][4] # formatting the response response = { "id": sig_id, "parameters": { "class": family, "title": title, "url": url } } signatures.append(response) return utility.check_list_data(signatures)
def enum_wasc(self): """ return WASC identifiers from WASC database""" # init local list wasc_list = [] self.cur.execute("SELECT count(wasc_id) FROM wasc_db WHERE cwe_id='%s' " % self.cwe_id) count = self.cur.fetchone() self.cur.execute("SELECT wasc_id,title,link FROM wasc_db WHERE cwe_id='%s' " % self.cwe_id) data = self.cur.fetchall() for i in range(0, count[0]): # setting wasc data wasc_id = data[i][0] title = data[i][1] url = data[i][2] # formatting the response response = {"id": wasc_id, "parameters": {"title": title, "url": url}} wasc_list.append(response) return utility.check_list_data(wasc_list)
def enum_category(self): """ return categories identifiers such Top 25 and OWASP Top etc ..""" # init local list category_list = [] self.cur.execute("SELECT cwe_id,title,link,relations FROM cwe_db where class = 'category' and relations like ?", ('%' + self.cwe_id + '%',)) for data in self.cur.fetchall(): # setting category data category_id = data[0] title = data[1] url = data[2] relations = data[3].split(',') # listing only categories for the exact CWE id if self.cwe_id in relations: # formatting the response response = {"id": category_id, "parameters": {"title": title, "url": url}} category_list.append(response) return utility.check_list_data(category_list)
def enum_capec(self): """ return extra CAPEC data from CAPEC database """ # init local list capec_list = [] # Splitting identifiers capecs = self.capec.split(",") if (len(capecs[0])) != 0: for capec_id in capecs: self.cur.execute("SELECT title,link,attack_id FROM capec_db WHERE capec_id='%s' " % capec_id) data = self.cur.fetchall() # setting capec data title = data[0][0] url = data[0][1] attack_id = data[0][2] # formatting the response response = {"id": capec_id, "parameters": {"title": title, "attack_id": attack_id, "url": url}} capec_list.append(response) return utility.check_list_data(capec_list)