def enhance(scan): host,port=Configuration.getCVESearch() for system in scan['systems']: cpe=system['cpes'] if 'cpes' in system else None if cpe: cpes=[] for c in cpe: try: c = c.lower() try: print("Querying %s"%(api%(host,port,c))) data = (urlopen(api%(host,port,c)).read()).decode('utf8') except: data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8') cpes.append({'cpe':c, 'cves':json.loads(str(data))}) except: pass system['cpes']=cpes #TODO get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: try: c=service['cpe'].lower() try: data = (urlopen(api%(host,port,c)).read()).decode('utf8') except: data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8') service['cves']=json.loads(str(data)) except: pass #TODO get dpe info for service scan['enhanced']={"time": int(datetime.now().strftime('%s'))} return scan
def cve(cveid): host,port=Configuration.getCVESearch() data = (urlopen('http://%s:%s/api/cve/%s'%(host,port,cveid)).read()).decode('utf8') cvejson=json.loads(str(data)) if cvejson is {}: return page_not_found(404) return render_template('cve.html', cve=cvejson)
def cve(cveid): host, port = Configuration.getCVESearch() data = (urlopen('http://%s:%s/api/cve/%s' % (host, port, cveid)).read()).decode('utf8') cvejson = json.loads(str(data)) if cvejson is {}: return page_not_found(404) return render_template('cve.html', cve=cvejson)
def enhance(scan): host, port = Configuration.getCVESearch() for system in scan['systems']: cpe = system['cpes'] if 'cpes' in system else None if cpe: cpes = [] for c in cpe: try: c = c.lower() try: print("Querying %s" % (api % (host, port, c))) data = (urlopen(api % (host, port, c)).read()).decode('utf8') except: data = (urlopen( api % (host, port, urllib.parse.quote_plus(c))).read() ).decode('utf8') cpes.append({'cpe': c, 'cves': json.loads(str(data))}) except: pass system['cpes'] = cpes #TODO get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: try: c = service['cpe'].lower() try: data = (urlopen(api % (host, port, c)).read()).decode('utf8') except: data = (urlopen( api % (host, port, urllib.parse.quote_plus(c))).read() ).decode('utf8') service['cves'] = json.loads(str(data)) except: pass #TODO get dpe info for service scan['enhanced'] = {"time": int(datetime.now().strftime('%s'))} return scan
def enhance(systems): host,port=Configuration.getCVESearch() for system in systems: cpe=system['cpes'] if 'cpes' in system else None if cpe: cpes=[] for c in cpe: c=urllib.parse.quote_plus(c).lower() data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8') vulns=json.loads(str(data)) cpes.append({'cpe':c, 'cves':vulns}) system['cpes']=cpes #get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: c=urllib.parse.quote_plus(service['cpe']).lower() data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8') service['cves']=json.loads(str(data)) #get dpe info for service return systems
def enhance(scan,remove): host,port=Configuration.getCVESearch() encode=True copied={} for system in scan['systems']: cpe=system['cpes'] if 'cpes' in system else None if cpe: cpes=[] for c in cpe: data,encode,copied=send_request(host,port,c,encode,remove,copied) cpes.append({'cpe':c, 'cves':json.loads(str(data))}) system['cpes']=cpes #TODO get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: c=service["cpe"] data,encode,copied=send_request(host,port,c,encode,remove,copied) service['cves']=json.loads(str(data)) #TODO get dpe info for service scan['enhanced']={"time": int(datetime.now().strftime('%s'))} return scan
def enhance(systems): host, port = Configuration.getCVESearch() for system in systems: cpe = system['cpes'] if 'cpes' in system else None if cpe: cpes = [] for c in cpe: c = urllib.parse.quote_plus(c).lower() data = (urlopen('http://%s:%s/api/cvefor/%s' % (host, port, c)).read()).decode('utf8') vulns = json.loads(str(data)) cpes.append({'cpe': c, 'cves': vulns}) system['cpes'] = cpes #get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: c = urllib.parse.quote_plus(service['cpe']).lower() data = (urlopen('http://%s:%s/api/cvefor/%s' % (host, port, c)).read()).decode('utf8') service['cves'] = json.loads(str(data)) #get dpe info for service return systems
def enhance(systems, exploitsOnly=False, filters=[]): host,port=Configuration.getCVESearch() # deal with filters for system in systems: cpe=system['cpes'] if 'cpes' in system else None if cpe: cpes=[] for c in cpe: cEnc=c.lower() data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,cEnc)).read()).decode('utf8') vulns=json.loads(str(data)) # filters if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']] if len(filters['impact'])!=0: for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE'] # exploits only if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)] # done cpes.append({'cpe':c, 'cves':vulns}) system['cpes']=cpes #TODO get possible dpe info and store in dpe for service in system['services']: if 'cpe' in service: c=service['cpe'].lower() data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8') vulns=json.loads(str(data)) # filters if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']] if len(filters['impact'])!=0: for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE'] # exploits only if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)] # done service['cves']=vulns #TODO get dpe info for service return systems
from lib.Config import Configuration from bin.converter import parseNMap from bin.analyzer import enhance from bin.visualizer import filtersFromArgs, displayTypeFromArgs, visualize description='''Read Nmap scans of services or systems and use the cve-search core to get information about these cpes.''' parser = argparse.ArgumentParser(description=description) parser.add_argument('-t', action='store_true', help='Use terminal GUI') parser.add_argument('-fE', action='store_true', help='Filter: Exploit scripts/frameworks available') parser.add_argument('-fN', action='store_true', help='Filter: Exploitable via network') parser.add_argument('-fL', action='store_true', help='Filter: Exploitable locally') parser.add_argument('-fAN',action='store_true', help='Filter: Exploitable via adjecent network') parser.add_argument('-fC', action='store_true', help='Filter: Impacts Confidentiality') parser.add_argument('-fI', action='store_true', help='Filter: Impacts Integrity') parser.add_argument('-fA', action='store_true', help='Filter: Impacts Availability') parser.add_argument('file',metavar='xml', type=str, help='NMap XML file' ) args = parser.parse_args() if __name__ == '__main__': syslist=parseNMap(file=args.file) try: syslist=enhance(syslist) except: sys.exit("Could not connect to the CVE-Search API on %s:%s"%(Configuration.getCVESearch())) filters=filtersFromArgs(args) display=displayTypeFromArgs(args) visualize(syslist, args.fE, filters, display)
parser.add_argument('-j', metavar='json', type=str, help='Read Json file in Nmap2CVE format') parser.add_argument('-x', metavar='xml', type=str, help='Read NMap XML file') parser.add_argument('out', metavar='output', type=str, help='Output file') args = parser.parse_args() # input if not args.x and not args.j: sys.exit("No input selected!") if args.x: syslist = parseNMap(file=args.x) elif args.j: try: syslist = json.loads(open(args.j).read()) except: sys.exit("Invalid JSon format!") #output #CVE-Scan magic try: syslist = enhance(syslist) writeJson(args.out, syslist) except Exception as e: print(e) sys.exit("Could not connect to the CVE-Search API on %s:%s" % (Configuration.getCVESearch()))
# This software is licensed under the Original BSD License # Imports import dateutil.parser import json import os import re import urllib.request from datetime import datetime from dateutil import tz from lib.Config import Configuration api = 'http%s://%s:%s/api/cvefor/%s' host,port=Configuration.getCVESearch() ssl = "s" if Configuration.getCVESearchSSL() else "" # string to dict def make_dict(s): # break into list of keys and values chunks = re.split('\s*(\w+\:)\s*',s) res={} # work backwards in value, key pairs args=[reversed(chunks)]*2 for value,key in zip(*args): key=key.rstrip(':') if value: #add to current result-dict res[key]=value else: