コード例 #1
0
ファイル: query.py プロジェクト: standash/cve-search 
def print_cve_counts_by_month_to_excel(product, keyword, cvss_lower_bound, access_complexity):
    csv_out = csv.writer(sys.stdout, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
    csv_out.writerow(["YEAR-MONTH", "CVES"])
    results = query.product_search(product_pattern=product, keyword_pattern=keyword, cvss_lower_bound=cvss_lower_bound, access_complexity=access_complexity)
    year = '1997'
    month = '01'
    dates = []
    for item in results:
        date = dateutil.parser.parse(item['Published'])
        dates.append(date)
    dates.sort()
    counter = 1
    if len(dates) > 0:
        date = dates.pop(0)
        year = date.year
        month = date.month
        for date in dates:
            if year == date.year and month == date.month:
                counter += 1
            else:
                csv_out.writerow([str(year)+'-'+str(month), counter])
                counter = 1
                year = date.year
                month = date.month
        csv_out.writerow([str(year)+'-'+str(month), counter])
コード例 #2
0
ファイル: query.py プロジェクト: standash/cve-search 
def dump_fixes(product, regex):
    results = query.product_search(product_pattern=product)
    csv_out = csv.writer(sys.stdout, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
    csv_out.writerow(["CVE", "LINK"])
    for record in results:
        cve_id = record["id"]
        pattern = re.compile(".*" + regex + ".*", re.IGNORECASE) 
        for reference in record["references"]:
            if pattern.match(reference):
                csv_out.writerow([record["id"], reference])
コード例 #3
0
ファイル: query.py プロジェクト: standash/cve-search 
def print_fix_links(product, regex):
    results = query.product_search(product_pattern=product)
    for record in results:
        cve_id = record["id"]
        references = ""
        pattern = re.compile(".*" + regex + ".*", re.IGNORECASE) 
        print("----------------\n%s" % cve_id)
        for reference in record["references"]:
            if pattern.match(reference):
                references += reference + "\n"
        print("----------------\n%s----------------\n" % references)
コード例 #4
0
ファイル: query.py プロジェクト: standash/cve-search 
def print_cve_counts_by_year_to_excel(product, keyword, cvss_lower_bound):
    csv_out = csv.writer(sys.stdout, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
    csv_out.writerow(["YEAR", "CVES"])
    results = query.product_search(product_pattern=product, keyword_pattern=keyword, cvss_lower_bound=cvss_lower_bound)
    year = '1997'
    dates = []
    for item in results:
        date = dateutil.parser.parse(item['Published'])
        dates.append(date)
    dates.sort()
    counter = 1
    if len(dates) > 0:
        year = dates.pop(0).year
        for date in dates:
            if year == date.year:
                counter += 1
            else:
                csv_out.writerow([year, counter])
                counter = 1
                year = date.year
        csv_out.writerow([year, counter])
コード例 #5
0
ファイル: query.py プロジェクト: standash/cve-search 
def affected_versions_distribution(seed_cpe, results, cvss_lower_bound):
    versions = {}
    pattern = re.compile(r".*%s.*" % seed_cpe)
    for r in results:
        for cpe in r["vulnerable_configuration"]:
            if pattern.match(cpe):
                versions[cpe] = 0

    results = query.product_search(product_pattern=seed_cpe, cvss_lower_bound=cvss_lower_bound)
    for r in results:
        for cpe in r["vulnerable_configuration"]:
            for v in versions:
                if v == cpe:
                    versions[cpe] = versions[cpe] + 1

    csv_out = csv.writer(sys.stdout, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
    csv_out.writerow(["VERSION", "AFFECTED_BY"])
    od = collections.OrderedDict(sorted(versions.items()))
    for k,v in od.items():
        versions_list = k
        csv_out.writerow([k,v])
コード例 #6
0
ファイル: search.py プロジェクト: standash/cve-search 
         try:
             date = args.y
             datetime.strptime(date, '%Y')
             date = date_parser.parse(date+'-01-01').isoformat()
         except ValueError:
             print('ERROR: wrong year format')
             sys.exit(0)
     if args.t:
         (total, hits) = query.count_keywords(product_pattern=args.p, cvss_lower_bound=cvss_lower_bound, start_year=date)
         print("TOTAL: %i" % total)
         print ("-------------------------------------------------\n")
         for (category, count) in hits.items():
             print("%s ==> %i" % (category, count))
         print ("-------------------------------------------------\n")
     elif args.k:
         results = query.product_search(product_pattern=args.p, keyword_pattern=args.k, 
                                        cvss_lower_bound=cvss_lower_bound, sort_type=sort_type, start_year=date)
         printer.print_txt(results)
     else:
         results = query.product_search(product_pattern=args.p, cvss_lower_bound=cvss_lower_bound, sort_type=sort_type, start_year=date)
         if args.o == "csv":
             printer.print_csv(results, args.v)
         if args.o == "html":
             printer.print_html(results, args.p)
         elif args.o == "xml":
             printer.print_xml(results)
         elif args.o == "json": 
             printer.print_json(results)
         else:
             printer.print_txt(results)
 elif args.f:
     results = query.free_search(pattern, sort_type)
コード例 #7
0
ファイル: query.py プロジェクト: standash/cve-search 
    start_year = args.b if args.b else 1997
    end_year = args.e if args.e else 2050
    start_year = date_parser.parse(str(start_year) + '-01-01').isoformat()
    end_year = date_parser.parse(str(end_year+1) + '-01-01').isoformat()

    cves = CVEs.last(rankinglookup='', namelookup='', capeclookup='')
    printer = CVEFilePrinter(cves=cves, rankinglookup='', namelookup='', capeclookup='')

    if args.p:
        if args.d:
            # print_distinct_cves_to_excel(product, keyword, cvss_lower_bound)
            dump_fixes(product, keyword)
        elif args.y:
            print_cve_counts_by_year_to_excel(product, keyword, cvss_lower_bound)
        elif args.m:
            access_complexity = args.c if args.c != None else ".*"
            print_cve_counts_by_month_to_excel(product, keyword, cvss_lower_bound, access_complexity)
        elif args.t:
            (total, hits) = query.count_keywords(product_pattern=args.p, cvss_lower_bound=cvss_lower_bound, start_year=start_year, end_year=end_year)
            print_summary(total, hits)
        elif args.l:
            print_fix_links(product=product, regex=keyword)
        else:
            results = query.product_search(product_pattern=product, keyword_pattern=keyword, cvss_lower_bound=cvss_lower_bound, start_year=start_year, end_year=end_year)
            if args.v:
                affected_versions_distribution(product, results, cvss_lower_bound)
            else:
                printer.print_txt(results)