def _enhance(self, scan): cvesp = cves.last(rankinglookup=False, namelookup=False, vfeedlookup=True, capeclookup=False) for system in scan['systems']: cpe = system['cpes'] if 'cpes' in system else None if cpe: cpes = [] for c in cpe: c = c.lower() cpes.append({ 'cpe': c, 'cves': [ cvesp.getcve(x['id']) for x in db.cvesForCPE(toStringFormattedCPE(c)) ] }) system['cpes'] = cpes for service in system['services']: if 'cpe' in service: service['cves'] = db.cvesForCPE(service['cpe']) scan['enhanced'] = {"time": int(datetime.now().strftime('%s'))} return scan
def search(vendor=None, product=None): search = vendor + ":" + product cve = db.cvesForCPE(search) return render_template('search.html', vendor=vendor, product=product, cve=cve)
def apiCVEFor(cpe): cpe=urllib.parse.unquote_plus(cpe) cpe=toStringFormattedCPE(cpe) r = [] cvesp = cves.last(rankinglookup=False, namelookup=False, vfeedlookup=True, capeclookup=False) for x in db.cvesForCPE(cpe): r.append(cvesp.getcve(x['id'])) return json.dumps(r)
def cvesForCPE(cpe): cpe = tk.toStringFormattedCPE(cpe) data = [] if cpe: cvesp = cves.last(rankinglookup=False, namelookup=False, via4lookup=True, capeclookup=False) for x in db.cvesForCPE(cpe): data.append(cvesp.getcve(x['id'])) return cves
def cvesForCPE(cpe): cpe = tk.toStringFormattedCPE(cpe) data = [] if cpe: cvesp = cves.last(rankinglookup=False, namelookup=False, via4lookup=True, capeclookup=False) for x in db.cvesForCPE(cpe): data.append(cvesp.getcve(x['id'])) return data
def search_product(prod): for item in db.cvesForCPE(prod, lax=relaxSearch, vulnProdSearch=vulnerableProductSearch): if not last_ndays: print_job(item) else: date_n_days_ago = datetime.now() - timedelta(days=last_ndays) if item['Published'] > date_n_days_ago: print_job(item)
def _enhance(self, scan): cvesp = cves.last(rankinglookup=False, namelookup=False, via4lookup=True, capeclookup=False) for system in scan['systems']: cpe=system['cpes'] if 'cpes' in system else None if cpe: cpes=[] for c in cpe: c=c.lower() cpes.append({'cpe':c, 'cves':[cvesp.getcve(x['id']) for x in db.cvesForCPE(toStringFormattedCPE(c))]}) system['cpes']=cpes for service in system['services']: if 'cpe' in service: service['cves']=db.cvesForCPE(service['cpe']) scan['enhanced']={"time": int(datetime.now().strftime('%s'))} return scan
def apiCVEFor(cpe): cpe=urllib.parse.unquote_plus(cpe) cpe=toStringFormattedCPE(cpe) r = [] cvesp = cves.last(rankinglookup=False, namelookup=False, vfeedlookup=True, capeclookup=False) for x in dbLayer.cvesForCPE(cpe): r.append(cvesp.getcve(x['id'])) return json.dumps(r)
def apiCVEFor(cpe): cpe=urllib.parse.unquote_plus(cpe) cpe=toStringFormattedCPE(cpe) if not cpe: cpe='None' r = [] cvesp = cves.last(rankinglookup=False, namelookup=False, reflookup=True, capeclookup=False) for x in dbLayer.cvesForCPE(cpe): r.append(cvesp.getcve(x['id'])) return json.dumps(r, default=json_util.default)
def search_product(prod): ret = db.cvesForCPE(prod, lax=relaxSearch, vulnProdSearch=vulnerableProductSearch) for item in ret['results']: if not last_ndays: print_job(item) else: date_n_days_ago = datetime.now() - timedelta(days=last_ndays) if item['Published'] > date_n_days_ago: print_job(item)
def cvesForCPE(cpe): cpe = tk.toStringFormattedCPE(cpe) data = [] if cpe: cvesp = cves.last(rankinglookup=False, namelookup=False, via4lookup=True, capeclookup=False) r = db.cvesForCPE(cpe) for x in r["results"]: data.append(cvesp.getcve(x["id"])) return data
# Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch, lax=relaxSearch): if not last_ndays: if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
def is_number(s): try: ret = float(s) return ret except ValueError: return False if pyReq: with open(pyReq, 'r') as f: for req in requirements.parse(f): lib = req.name specs = req.specs # get vulnerable versions vulns = {} for item in db.cvesForCPE(lib): if 'vulnerable_configuration' in item: for entry in item['vulnerable_configuration']: vulns[vuln_config(entry)] = ["CVE: " + item['id'], "DATE: " + str(item['Published']), "CVSS: " + str(item['cvss']), item['summary']] #check if any of those is allowed according to specs found = False for vuln in vulns.keys(): sp = vuln.split(':') ind = -1 num = sp[ind] #if the last token is not a number or float then it must be e.g., 'alpha' while the #version number or float must be the second to last, and so on while not is_number(num) and abs(ind) > len(sp): ind -= 1 num = sp[ind]
def apisearch(vendor=None, product=None): if vendor is None or product is None: return jsonify({}) search = vendor + ":" + product return json.dumps(db.cvesForCPE(search), default=json_util.default)
def api_search(self, vendor=None, product=None): if not (vendor and product): return {} search = vendor + ":" + product # Not using query.cvesForCPE, because that one gives too much info #return json.dumps(db.cvesForCPE(search), default=json_util.default) return db.cvesForCPE(search)
def searchcve(cpe=None): if cpe is None: return False cve = dbLayer.cvesForCPE(cpe) return cve
# Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch, lax=relaxSearch, vulnProdSearch=vulnerableProductSearch): if not last_ndays: if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
sys.exit(0) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch): if not last_ndays: if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
def search_func(args, output=sys.__stdout__): "Implement main cve-search function." # set output pipe # output is set back to sys.__stdout__ at the end of # the function sys.stdout = output # init control variables csvOutput = 0 htmlOutput = 0 jsonOutput = 0 xmlOutput = 0 last_ndays = 0 nlimit = 0 # init various variables :-) vSearch = "" vOutput = "" vFreeSearch = "" summary_text = "" vSearch = args["p"] cveSearch = [x.upper() for x in args["c"]] if args["c"] else None vOutput = args["o"] vFreeSearch = args["f"] sLatest = args["l"] namelookup = args["n"] rankinglookup = args["r"] capeclookup = args["a"] last_ndays = args["t"] summary_text = args["s"] nlimit = args["i"] cves = CVEs.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r"\(", "%28", vSearch) vSearch = re.sub(r"\)", "%29", vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 r = Element("cve-search") elif vOutput == "json": jsonOutput = 1 elif vOutput == "cveid": cveidOutput = 1 else: cveidOutput = False # Print first line of html output if htmlOutput and args["p"] is not None: print("<html><body><h1>CVE search " + args["p"] + " </h1>") elif htmlOutput and args["c"] is not None: print("<html><body><h1>CVE-ID " + str(args["c"]) + " </h1>") # search default is ascending mode sorttype = 1 if sLatest: sorttype = -1 if cveSearch: results = db.getCVEs(cves=cveSearch) for index, item in enumerate(results): if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: results = db.getFreeText(vFreeSearch) for index, item in enumerate(results): if jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves, indent=2) if index != len(results) - 1: print(",", end="") else: printCVE_human(item, namelookup, rankinglookup, cves) except: sys.exit("Free text search not enabled on the database!") sys.stdout = sys.__stdout__ return 1 # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: results = db.cvesForCPE(vSearch) for index, item in enumerate(results): if not last_ndays: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) else: date_n_days_ago = datetime.now() - timedelta(days=last_ndays) if item["Published"] > date_n_days_ago: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Search text in summary if summary_text: import lib.CVEs as cves l = cves.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=nlimit): item = l.getcve(cveid=cveid) if "cvss" in item: if type(item["cvss"]) == str: item["cvss"] = float(item["cvss"]) date_fields = ["cvss-time", "Modified", "Published"] for field in date_fields: if field in item: item[field] = str(item[field]) if summary_text.upper() in item["summary"].upper(): if not last_ndays: if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) else: date_n_days_ago = datetime.now() - timedelta( days=last_ndays) # print(item['Published']) # print(type (item['Published'])) # print("Last n day " +str(last_ndays)) try: if (datetime.strptime(item["Published"], "%Y-%m-%d %H:%M:%S.%f") > date_n_days_ago): if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) except: pass if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 if xmlOutput: # default encoding is UTF-8. Should this be detected on the terminal? s = tostring(r).decode("utf-8") print(s) sys.stdout = sys.__stdout__ return 1 else: sys.stdout = sys.__stdout__ return 0 sys.stdout = sys.__stdout__ return 1
print("</body></html>") sys.exit(0) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch): if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
def apisearch(vendor=None, product=None): if vendor is None or product is None: return (jsonify({})) search = vendor + ":" + product return (json.dumps(dbLayer.cvesForCPE(search)))
def api_search(self, vendor=None, product=None): if vendor is None or product is None: return jsonify({}) search = vendor + ":" + product # Not using query.cvesForCPE, because that one gives too much info #return json.dumps(db.cvesForCPE(search), default=json_util.default) return db.cvesForCPE(search)
# Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch, lax=relaxSearch, vulnProdSearch=vulnerableProductSearch): if not last_ndays: if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else:
def is_number(s): try: ret = float(s) return ret except ValueError: return False if pyReq: with open(pyReq, 'r') as f: for req in requirements.parse(f): lib = req.name specs = req.specs # get vulnerable versions vulns = {} for item in db.cvesForCPE(lib): if 'vulnerable_configuration' in item: for entry in item['vulnerable_configuration']: vulns[vuln_config(entry)] = [ "CVE: " + item['id'], "DATE: " + str(item['Published']), "CVSS: " + str(item['cvss']), item['summary'] ] #check if any of those is allowed according to specs found = False for vuln in vulns.keys(): sp = vuln.split(':') ind = -1 num = sp[ind] #if the last token is not a number or float then it must be e.g., 'alpha' while the #version number or float must be the second to last, and so on
def apisearch(vendor=None, product=None): if vendor is None or product is None: return jsonify({}) search = vendor + ":" + product return json.dumps(dbLayer.cvesForCPE(search), default=json_util.default)
def search(self, vendor=None, product=None): search = vendor + ":" + product cve = db.cvesForCPE(search) return render_template('search.html', vendor=vendor, product=product, cve=cve, minimal=self.minimal)
def search(vendor=None, product=None): search = vendor + ":" + product cve = dbLayer.cvesForCPE(search) return render_template('search.html', vendor=vendor, product=product, cve=cve)