예제 #1
0
def get_cve_enrichment_new(cve_id):
    cve = CVESearch(CVESSEARCH_API_URL)
    result = cve.id(cve_id)
    cve_enriched = dict()
    cve_enriched['id'] = cve_id
    cve_enriched['cvss'] = result['cvss']
    cve_enriched['summary'] = result['summary']
    return cve_enriched
예제 #2
0
def searcher():
    try:
        cve = CVESearch()
        targetvuln = str(open('banners.txt', 'r'))
        morevuln = str(cve.search(targetvuln))
        newfile = open("cvelist.txt", "w")
        newfile.write(morevuln)
        targetvuln.close()
        newfile.close()
    except:
        return
예제 #3
0
 def get_from_pycvesearch(self,
                          cache: bool = True,
                          read_cache: bool = True) -> any:
     if os.path.exists(self.get_file_name()) and read_cache:
         with open(self.get_file_name(), "r") as cvefile:
             try:
                 content = json.load(cvefile)
             except Exception:
                 content = self.get_from_pycvesearch(cache=cache,
                                                     read_cache=False)
     else:
         print("-", end="")
         tmp = None
         failed_cound = 0
         while tmp == None:
             try:
                 tmp = CVESearch().id(self.id)
             except Exception:
                 print("Trouble fetching ", self.id, failed_cound)
                 import time
                 failed_cound += 1
                 time.sleep(failed_cound)
         content = tmp
         if cache:
             self.cache_cve(content)
     return content
예제 #4
0
def search_vulnerability(package_name, package_version):
    cve = CVESearch()
    ret = 0

    print("search vulnerabilities for package: " + package_name + " version: " + package_version)
    resp = cve.search(package_name)

    for entry in resp["data"]:
        vulnerable_product_list = entry["vulnerable_product"]
        vulnerable_configuration_list = entry["vulnerable_configuration"]
        vulnerabilities = set(vulnerable_product_list + vulnerable_configuration_list)

        for product in vulnerabilities:
            product_info = product.split(':')
            product_name = product_info[4]
            product_version = product_info[5]

            if package_name == product_name and package_version == product_version:
                print("found vulnerability: " + entry["summary"])
                ret = 1

    return ret
예제 #5
0
def setup():
    global CPEs, CVE
    CVE = CVESearch()

    cpes_file = 'official-cpe-dictionary_v2.3.xml.gz'
    file_url = 'https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz'
    
    print('Downloading CPE dictionary from NIST ...')
    r = requests.get(file_url)
    open(cpes_file,'wb').write(r.content)
    
    infile = gzip.open(cpes_file)
    content = infile.read()
    print('Parsing XML ...')
    dom = parseString(content)
    print('Getting CPEs ...')
    CPEs = dom.getElementsByTagName('cpe-item')
    print('Ready to scan urls')
예제 #6
0
# before continuing.(use [~docs]!)


# minimum and maximum screenshots we
# want Shodan to send.
MIN_SCREENS = 1
MAX_SCREENS = 1

# manual version numbers
vernum= "0.20"
branch = "current"


# library declarations
client = discord.Client()
cve = CVESearch()

# Shodan token goes here
shodan = Shodan('')


# discord bot token goes here
TOKEN = ''


# giving some notification that the discord bot is ready.
@client.event
async def on_ready():
    print("Discord Bot: Ready!")

예제 #7
0
 def setUp(self):
     self.cve = CVESearch()
예제 #8
0
class TestPyCVESearch(unittest.TestCase):
    def setUp(self):
        self.cve = CVESearch()

    def test_browse(self):
        self.cve.browse('microsoft')

    def test_search(self):
        self.cve.search('microsoft/office')

    def test_id(self):
        self.cve.id('CVE-2014-0160')

    def test_last(self):
        self.cve.last()

    def test_last_50(self):
        self.cve.last(50)

    def test_dbinfo(self):
        self.cve.dbinfo()

    def test_cpe22(self):
        self.cve.cpe22('cpe:2.3:a:microsoft:office:2011:-:mac')

    def test_cpe23(self):
        self.cve.cpe23('cpe/a:microsoft:office:2011:-:mac')

    def test_cvefor(self):
        self.cve.cvefor('cpe:/a:microsoft:office:2011::mac')
예제 #9
0
def parseXML(xml_filename=""):
    xml_re = re.compile("\.xml")
    comma_re = re.compile(",")
    db_filename = xml_re.sub('.db', xml_filename)

    conn = sqlite3.connect(db_filename)
    cursor = conn.cursor()
    create_query = "CREATE TABLE IF NOT EXISTS cve_details (title, published, cve_desc, cvss DOUBLE);"
    cursor.execute(create_query)
    create_query = "CREATE TABLE IF NOT EXISTS reference (ref_url, ref_desc, cve_id);"
    cursor.execute(create_query)
    create_query = "CREATE TABLE IF NOT EXISTS affected_systems (vendor, product, ver, cve_id);"
    cursor.execute(create_query)
    truncate_query = "DELETE FROM cve_details;"
    cursor.execute(truncate_query)
    truncate_query = "DELETE FROM reference;"
    cursor.execute(truncate_query)
    truncate_query = "DELETE FROM affected_systems;"
    cursor.execute(truncate_query)
    conn.commit()
    conn.close()

    try:
        root_node = parse(xml_filename)
        cve_dict = {}
        cve = CVESearch()
        epoch = datetime(1970, 1, 1)
        benchtime = (datetime.now() - relativedelta.relativedelta(months=3))
        benchtimestamp = int((benchtime - epoch).total_seconds())
        vulnerabilities = root_node.getElementsByTagName("Vulnerability")
        for vulnerability in vulnerabilities:
            title = vulnerability.getElementsByTagName(
                "Title")[0].firstChild.nodeValue
            notes = vulnerability.getElementsByTagName("Notes")
            for note in notes:
                stored_notes = note.getElementsByTagName("Note")
                desc = ""
                published = 0
                for stored_note in stored_notes:
                    type = stored_note.getAttribute("Type")
                    if type == "Description":
                        desc = stored_note.firstChild.nodeValue
                    if type == "Other":
                        note_title = stored_note.getAttribute("Title")
                        if note_title == "Published":
                            published_time = stored_note.firstChild.nodeValue
                            published = int((
                                datetime.strptime(published_time, "%Y-%m-%d") -
                                epoch).total_seconds())
            if published >= benchtimestamp:
                ref_list = []
                try:
                    references = vulnerability.getElementsByTagName(
                        "References")
                    stored_references = references[0].getElementsByTagName(
                        "Reference")
                    for reference in stored_references:
                        url = reference.getElementsByTagName(
                            "URL")[0].firstChild.nodeValue
                        ref_desc = reference.getElementsByTagName(
                            "Description")[0].firstChild.nodeValue
                        ref_list.append({"url": url, "desc": ref_desc})
                except Exception as e:
                    print(e.with_traceback, end='\r', flush=True)
                conn = sqlite3.connect(db_filename)
                cursor = conn.cursor()
                insert_query = "INSERT INTO cve_details VALUES (?, ?, ?, ?);"
                insert_values = (title, published, desc, 0.0)
                cursor.execute(insert_query, insert_values)
                stored_id = cursor.lastrowid
                insert_query = "INSERT INTO reference VALUES (?, ?, ?);"
                for reference in ref_list:
                    insert_values = (reference["url"], reference["desc"],
                                     stored_id)
                    cursor.execute(insert_query, insert_values)
                    conn.commit()
                conn.close()
                try:
                    result = cve.id(title)
                    affected_systems = result["vulnerable_configuration"]
                    conn = sqlite3.connect(db_filename)
                    cursor = conn.cursor()
                    insert_query = "INSERT INTO affected_systems VALUES (?, ?, ?, ?);"
                    for affected_system in affected_systems:
                        cpe = affected_system["id"]
                        cpe_values = cpe.split(":")
                        vendor = cpe_values[3]
                        product = cpe_values[4]
                        try:
                            version = cpe_values[5]
                        except:
                            version = ""
                        insert_values = (vendor, product, version, stored_id)
                        cursor.execute(insert_query, insert_values)
                        conn.commit()
                    cvss = float(result["cvss"])
                    update_query = "UPDATE cve_details SET cvss=:cvss WHERE rowid = :rowid;"
                    update_values = {"cvss": cvss, "rowid": stored_id}
                    cursor.execute(update_query, update_values)
                    conn.commit()
                    conn.close()
                except Exception as e:
                    print(e, end='\r', flush=True)
                    result = {}
                print("[*] Parsing data for {}".format(title),
                      end='\r',
                      flush=True)

        output_filename = xml_re.sub(".csv", xml_filename)
        csv_data = "Sr. No, Title, Description, Published, Severity, Affected System, References\n"
        srno = 1
        confs = readConf()

        conn = sqlite3.connect(db_filename)
        cursor_product = conn.cursor()

        for desc in confs.keys():
            product = confs[desc]["product"]
            vendor = confs[desc]["vendor"]
            version = confs[desc]["version"]
            sql_query = "SELECT * FROM affected_systems WHERE product=:product AND vendor=:vendor;"
            values = {"product": product, "vendor": vendor}
            results = cursor_product.execute(sql_query, values)

            cursor_cve = conn.cursor()
            cursor_ref = conn.cursor()
            for row in results:
                (as_vendor, as_product, as_version, cve_id) = row
                sql_query = "SELECT * FROM cve_details WHERE rowid=:rowid ORDER BY cvss DESC;"
                values = {"rowid": cve_id}
                cve_results = cursor_cve.execute(sql_query, values)
                for cve_details in cve_results:
                    title = cve_details[0]
                    published = datetime.utcfromtimestamp(
                        cve_details[1]).strftime('%Y-%m-%d')
                    cve_desc = unicodedata.normalize(
                        'NFKD',
                        cve_details[2]).encode('ascii',
                                               'ignore').decode('ascii')
                    cve_desc = comma_re.sub(";", cve_desc)
                    cvss = cve_details[3]
                    references = ""
                    sql_query = "SELECT * FROM reference WHERE cve_id=:rowid;"
                    refs = cursor_ref.execute(sql_query, values)
                    for ref in refs:
                        references += "{} ({});".format(ref[1], ref[0])
                    csv_data += "{}, {}, \"{}\", {}, {}, {}, {}\n".format(
                        srno, title, cve_desc, published, cvss, desc,
                        references)
                    srno += 1

        conn.close()

        csv_file = open(output_filename, "w")
        csv_file.write(csv_data)
        csv_file.close()
        print("[*] Output written to {}".format(output_filename))
    except Exception as e:
        print("[-] Unable to parse XML file. {}".format(e))
예제 #10
0
#!/usr/bin/env python
# -*- coding: utf-8 -*-

import sys
import json
from pycvesearch import CVESearch

if len(sys.argv) < 4:
    print('Syntax \'python ./CVESearch.py [vendor] [product] [version]\'')
    exit(1)

cve = CVESearch()
vendor = sys.argv[1]
product = sys.argv[2]
version = sys.argv[3]

search_string = 'cpe:/a:{0}:{1}:{2}'.format(vendor, product, version)
print(search_string)

results = cve.cvefor(search_string)
print(results)

for cve in results:
    print(cve['id'])
    print(cve['cvss'])
예제 #11
0
def cve(all, vendor, product, push):
    """
    Search CVEs and CPEs from cve-search enabled DB, import them.

    Search in CVE (Common Vulnerabilities and Exposures) and
    CPE (Common Platform Enumeration)and import them to RVD.

    Makes use of the following:
    - https://github.com/cve-search/PyCVESearch
    - (indirectly) https://github.com/cve-search/cve-search
    """
    # cve = CVESearch()
    cyan("Searching for CVEs and CPEs with cve-search ...")
    from pycvesearch import CVESearch
    if all:
        if vendor:
            cve = CVESearch()
            vendor_flaws = cve.browse(vendor)
            products = vendor_flaws['product']
            for product in products:
                results = cve.search(vendor + "/" + product)
                # Start producing flaws in here
                for result in results['results']:
                    # pprint.pprint(result)
                    document = default_document()  # get the default document
                    # Add relevant elements to the document
                    document['title'] = result['summary'][:65]
                    document['type'] = "vulnerability"
                    document['description'] = result['summary']
                    document['cve'] = result['id']
                    document['cwe'] = result['cwe']
                    document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
                        result['cvss-vector'])
                    document['severity']['cvss-score'] = result['cvss']
                    document['links'] = result['references']
                    document['flaw']['reported-by'] = result['assigner']
                    document['flaw']['date-reported'] = arrow.get(
                        result['Published']).format('YYYY-MM-DD')

                    # Create a flaw out of the document
                    flaw = Flaw(document)
                    # new_flaw = edit_function(0, subsequent=False, flaw=flaw)
                    new_flaw = flaw

                    if new_flaw:
                        print(new_flaw)
                    else:
                        continue

                    if push:
                        pusher = Base(
                        )  # instantiate the class to push changes
                        labels = ['vulnerability']
                        vendor_label = "vendor: " + str(vendor)
                        labels.append(vendor_label)
                        # new_keywords = ast.literal_eval(new_flaw.keywords)
                        # for l in new_keywords:
                        #     labels.append(l)

                        issue = pusher.new_ticket(new_flaw, labels)
                        # Update id
                        new_flaw.id = issue.number

                        # Update issue and links
                        if isinstance(new_flaw.links, list):
                            links = new_flaw.links
                        else:
                            links = []
                            if new_flaw.links.strip() != "":
                                links.append(new_flaw.links.strip())
                        links.append(issue.html_url)
                        new_flaw.links = links
                        new_flaw.issue = issue.html_url
                        if flaw.title[:4] != "RVD#":  # already has the syntax
                            new_title = "RVD#" + str(
                                issue.number) + ": " + flaw.title
                            flaw.title = new_title
                        pusher.update_ticket(issue, new_flaw)

        else:
            red("Error, vendor is required with --all")
            sys.exit(1)
        return

    if vendor and product:
        cve = CVESearch()
        cyan("Searching for vendor/product: ", end="")
        print(vendor + "/" + product)
        results = cve.search(vendor + "/" + product)
        # Start producing flaws in here
        for result in results['results']:
            # pprint.pprint(result)
            document = default_document()  # get the default document
            # Add relevant elements to the document
            document['title'] = result['summary'][:65]
            document['description'] = result['summary']
            document['cve'] = result['id']
            document['cwe'] = result['cwe']
            document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
                result['cvss-vector'])
            document['severity']['cvss-score'] = result['cvss']
            document['links'] = result['references']
            document['flaw']['reported-by'] = result['assigner']
            document['flaw']['date-reported'] = arrow.get(
                result['Published']).format('YYYY-MM-DD')

            # Create a flaw out of the document
            flaw = Flaw(document)
            new_flaw = edit_function(0,
                                     subsequent=False,
                                     label=None,
                                     flaw=flaw)

            if new_flaw:
                print(new_flaw)
            else:
                continue

            if push:
                pusher = Base()  # instantiate the class to push changes
                labels = ['vulnerability']
                new_keywords = ast.literal_eval(new_flaw.keywords)
                for l in new_keywords:
                    labels.append(l)

                issue = pusher.new_ticket(new_flaw, labels)
                # Update id
                new_flaw.id = issue.number

                # Update issue and links
                if isinstance(new_flaw.links, list):
                    links = new_flaw.links
                else:
                    links = []
                    if new_flaw.links.strip() != "":
                        links.append(new_flaw.links.strip())
                links.append(issue.html_url)
                new_flaw.links = links
                new_flaw.issue = issue.html_url
                if flaw.title[:4] != "RVD#":  # already has the syntax
                    new_title = "RVD#" + str(issue.number) + ": " + flaw.title
                    flaw.title = new_title
                pusher.update_ticket(issue, new_flaw)

    elif vendor:
        cve = CVESearch()
        cyan("Browsing for vendor: ", end="")
        print(vendor)
        pprint.pprint(cve.browse(vendor))
    elif product:
        red("Error, vendor is required")
        sys.exit(1)
    else:
        red("Error, vendor or vendor and product required")
        sys.exit(1)
예제 #12
0
#! /usr/bin/env python
# -*- coding: utf-8 -

import asyncio
import logging
from datetime import datetime
from pycvesearch import CVESearch

from bootstrap import db
from web.models import CVE, get_or_create

logger = logging.getLogger(__name__)

sem = asyncio.Semaphore(20)

cve_search = CVESearch()


async def get_cve(*args, **kwargs):
    try:
        data = cve_search.search('{}/{}'.format(args[0], args[1]))
        logger.info('CVE for {} retrieved'.format(args[2]))
        return data
    except Exception as e:
        raise e


async def insert_database(project):
    with (await sem):
        logger.info('Retrieving CVE for {}'.format(project.name))
        cves = await get_cve(project.cve_vendor, project.cve_product,
예제 #13
0
 def get_CVE():
     CVESearch.search()
예제 #14
0
def main():
    cve = CVESearch()  # Beginning the PyCVESearch api search
    latex_script_string = ""
    latex_ip_table_string = ""
    latex_devices_table_string = ""
    latex_cve_table = ""
    cve_severity_average = 0
    cve_severity_average_counter = 0
    cve_severity_low_total = 0
    cve_severity_medium_total = 0
    cve_severity_high_total = 0
    cve_severity_critical_total = 0
    latex_technical_specifics = ""
    latex_technical_specifics_vulnerable_configs_column_count = 1
    time_now = datetime.datetime.now()
    formatted_time = time_now.strftime(
        "%Y-%m-%d %H:%M")  # Get the time and date for filenames

    scan_question = input(
        time_now.strftime("%H:%M") + " Do you have an IP to scan ? (Y/N): "
    )  # If user wishes to run a simple NMAP scan , if not they can use an existing results file
    if scan_question == "Y" or scan_question == "y":
        scan_ip = input(
            time_now.strftime("%H:%M") +
            " Enter IP Address to be scanned: ")  # Enter IP address for scan
        nmap_process = subprocess.Popen([
            'nmap', '-v', '-sV', '--script', 'nmap-vulners', '-oX',
            formatted_time + '.xml', scan_ip
        ])  # Run the NMAP scan
        nmap_output = nmap_process.communicate()
        results_file = formatted_time + '.xml'  # Grabs result file created from NMAP scan
    else:
        file_extension_check_loop = True
        while file_extension_check_loop:  # loop to make sure an existing file is used
            results_file = input(
                time_now.strftime("%H:%M") +
                " Enter NMAP output .xml file name: "
            )  # Input .xml file name with or without .xml file extension
            file_extension_check = results_file[
                -4:]  # Checks if .xml file extension was added
            if file_extension_check != ".xml":  # Adds .xml to end of input if not
                results_file = results_file + ".xml"
            try:
                file_exist_check = open(results_file,
                                        "r")  # Checking if file exists
                file_extension_check_loop = False
            except FileNotFoundError:
                print(
                    time_now.strftime("%H:%M") +
                    " ERROR: File not found please input an existing NMAP .xml output file"
                )  # File doesnt exist, loops back
    latex_title_input = input(
        time_now.strftime("%H:%M") + " Please enter organisation title: ")
    try:  # Testing the file is readable
        untangle_object = untangle.parse(
            results_file)  # Object file created from .xml results
    except SAXParseException:
        print(time_now.strftime("%H:%M") + " ERROR: File unreadable")
        exit()
    untangle_object_scan_start_time = untangle_object.nmaprun["startstr"]
    untangle_object_scan_finish_time = untangle_object.nmaprun.runstats.finished[
        "timestr"]
    untangle_object_hosts = untangle_object.nmaprun.host
    for untangle_object_host in untangle_object_hosts:  # Looping through the hosts in NMAP output
        untangle_object_host_address_ip = ""
        untangle_object_combined_ports = ""
        untangle_object_combined_devices = ""
        latex_technical_specifics_combined = ""
        cve_severity_low = 0
        cve_severity_medium = 0
        cve_severity_high = 0
        cve_severity_critical = 0
        cve_severity_total = 0
        for untangle_object_host_addresstype in untangle_object_host.address:
            if untangle_object_host_addresstype[
                    "addrtype"] == "ipv4":  # Parses out only the ipv4 address, stops crashes with mac address
                untangle_object_host_address_ip = untangle_object_host_addresstype[
                    "addr"]
                print(
                    time_now.strftime("%H:%M") +
                    " PARSING: IP Address: {}".format(
                        untangle_object_host_address_ip))

        try:  # Testing untangle_object_host_addresstypeif the NMAP  has performed OS detection or not
            untangle_object_vendors = set()
            untangle_object_osmatch_iterator = untangle_object_host.os.osmatch
            for untangle_object_osmatch in untangle_object_osmatch_iterator:  # Looping through fingerprinted OS for each host
                untangle_object_device = untangle_object_osmatch["name"]
                print(
                    time_now.strftime("%H:%M") +
                    "    Device: {}".format(untangle_object_device))
                untangle_object_osclass_iterator = untangle_object_osmatch.osclass
                for untangle_object_osclass in untangle_object_osclass_iterator:
                    untangle_object_vendor = untangle_object_osclass["vendor"]
                    if untangle_object_vendor is not None:
                        untangle_object_vendors.add(untangle_object_vendor)
            print(
                time_now.strftime("%H:%M") +
                " PARSING: OS Vendors: {}".format(untangle_object_vendors))
            for vendor in untangle_object_vendors:
                untangle_object_combined_devices = untangle_object_combined_devices + vendor + " "
        except AttributeError as e:
            print(
                time_now.strftime("%H:%M") +
                " ERROR: No OS fingerprinting detected")
            untangle_object_combined_devices = untangle_object_combined_devices + "No OS identified" + " "
        latex_cve_table = latex_cve_table + "\subsection{Critical and high CVE details of host: " + untangle_object_host_address_ip + "}"  # Begins string of CVE table for current port
        untangle_object_ports = untangle_object_host.ports.port
        for untangle_object_port in untangle_object_ports:  # Looping through all open ports discovered for each host
            untangle_object_combined_scriptoutput = ""
            untangle_object_combined_cve = ""
            print(
                time_now.strftime("%H:%M") +
                " PARSING: Port: {}".format(untangle_object_port["portid"]))
            try:
                untangle_object_scripts = untangle_object_port.script
                for untangle_object_script in untangle_object_scripts:  # Looping through each script on the current port
                    untangle_object_cve_regex = re.findall(
                        r"(CVE-\d*-\d*)\t*(\d*.\d)\t*(https:\/\/vulners.com\/cve\/CVE-\d*-\d*)",
                        untangle_object_script["output"],
                        flags=re.MULTILINE
                    )  # Using Regex to search for the CVE, its severity and URL from the nmap-vulners script
                    if untangle_object_script[
                            "id"] == "vulners":  # CVE information will only be pulled out for scripts that were run by nmap-vulners
                        for untangle_object_cve in untangle_object_cve_regex:
                            latex_technical_specifics_summary = ""
                            latex_technical_specifics_vulnerable_configs = ""
                            latex_technical_specifics_references = ""
                            latex_technical_specifics_cve_cwe_cvss_table = ""
                            cve_severity_average = cve_severity_average + float(
                                untangle_object_cve[1]
                            )  # Calculations for average severity score from each CVE
                            cve_severity_average_counter = cve_severity_average_counter + 1
                            cve_search_api = cve.id(
                                untangle_object_cve[0]
                            )  # Using PyCVESearch to search the API for current CVE
                            if "id" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M") +
                                    " API SEARCH: CVE ID: " +
                                    cve_search_api["id"])
                                latex_technical_specifics_cve_cwe_cvss_table = "\\begin{center}\scalebox{1.5}{\\begin{tabular}{lr}\hline\multicolumn{2}{c}{" + cve_search_api[
                                    "id"] + " Information} \\\\"
                            else:
                                print(
                                    time_now.strftime("%H:%M") +
                                    " ERROR: No CVE ID available")
                            if "summary" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Summary: " +
                                    cve_search_api["summary"])
                                latex_technical_specifics_summary = latex_technical_specifics_summary + "\paragraph{Summary} \mbox{} \\\\" + "\n" + "\\detokenize{" + cve_search_api[
                                    "summary"] + "}"
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_summary
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: Summary: No information available"
                                )
                                latex_technical_specifics_summary = latex_technical_specifics_summary + "\paragraph{Summary} \mbox{} \\\\" + "\n" + "Information unavailable" + "}"
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_summary
                            if "cvss" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: CVSS Score: " +
                                    str(cve_search_api["cvss"]))
                                latex_technical_specifics_cve_cwe_cvss_table = latex_technical_specifics_cve_cwe_cvss_table + "\hline CVSS Score & " + str(
                                    cve_search_api["cvss"]) + "\\\\CWE & "
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: CVSS Score: No information available"
                                )
                            if "cwe" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: CWE: " +
                                    cve_search_api["cwe"])
                                latex_technical_specifics_cve_cwe_cvss_table = latex_technical_specifics_cve_cwe_cvss_table + cve_search_api[
                                    "cwe"] + "\\\\\hline"
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: CWE: No information available"
                                )
                            if "impact" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Confidentiality impact: " +
                                    cve_search_api["impact"]["confidentiality"]
                                )
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Integrity impact: " +
                                    cve_search_api["impact"]["integrity"])
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Availability impact: " +
                                    cve_search_api["impact"]["availability"])
                                latex_technical_specifics_cve_cwe_cvss_table = latex_technical_specifics_cve_cwe_cvss_table + " Vulnerability impact \\\\\hline Confidentiality & " + cve_search_api[
                                    "impact"][
                                        "confidentiality"] + "\\\\Integrity & " + cve_search_api[
                                            "impact"][
                                                "integrity"] + "\\\\Availability & " + cve_search_api[
                                                    "impact"][
                                                        "availability"] + "\\\\\hline"
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: Impact: No information available"
                                )
                            if "access" in cve_search_api:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Acess authentication: " +
                                    cve_search_api["access"]["authentication"])
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Access complexity: " +
                                    cve_search_api["access"]["complexity"])
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH: Access vector: " +
                                    cve_search_api["access"]["vector"])
                                latex_technical_specifics_cve_cwe_cvss_table = latex_technical_specifics_cve_cwe_cvss_table + "  Access methodology information \\\\\hline Vector & " + cve_search_api[
                                    "access"]["vector"] + "\\\\Complexity & " + cve_search_api[
                                        "access"][
                                            "complexity"] + "\\\\Authentication & \detokenize{" + cve_search_api[
                                                "access"][
                                                    "authentication"] + "}\\\\\hline"
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: Access: No information available"
                                )
                            latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_cve_cwe_cvss_table + "\end{tabular}}\end{center}"
                            if "vulnerable_configuration" in cve_search_api:
                                latex_technical_specifics_vulnerable_configs = latex_technical_specifics_vulnerable_configs + "\\begin{tiny}\\begin{spacing}{1.0} \n \paragraph{Vulnerable configs} \mbox{} \\\\" + "\n"
                                for vulnerable_config in cve_search_api[
                                        "vulnerable_configuration"]:
                                    latex_technical_specifics_vulnerable_configs = latex_technical_specifics_vulnerable_configs + "\\detokenize{" + vulnerable_config[
                                        "title"] + "}" + " \hfill "
                                    if latex_technical_specifics_vulnerable_configs_column_count % 3 == 0:  # This creates 3 columns of the vulnerable configurations to save room
                                        latex_technical_specifics_vulnerable_configs = latex_technical_specifics_vulnerable_configs + r'''\par\noindent'''
                                    latex_technical_specifics_vulnerable_configs_column_count = latex_technical_specifics_vulnerable_configs_column_count + 1
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_vulnerable_configs + r'''\\\\''' + "\\end{spacing}" + "\\end{tiny}"
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR: Vulnerable configurations: No information available"
                                )
                                latex_technical_specifics_vulnerable_configs = latex_technical_specifics_vulnerable_configs + "\paragraph{Vulnerable configs} \mbox{} \\\\" + "No information available"
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_vulnerable_configs
                            if "references" in cve_search_api:
                                latex_technical_specifics_references = latex_technical_specifics_references + "\paragraph{References} \mbox{} \\\\"
                                for reference in cve_search_api["references"]:
                                    latex_technical_specifics_references = latex_technical_specifics_references + "\href{" + reference + "}{\\detokenize{" + reference + "}} \\\\"
                                latex_technical_specifics_references_nopercent = re.sub(
                                    r"%", "\%",
                                    latex_technical_specifics_references)
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_references_nopercent + r'''\\\\'''
                            else:
                                print(
                                    time_now.strftime("%H:%M ") +
                                    cve_search_api["id"] +
                                    " API SEARCH ERROR:  References: No information available"
                                )
                                latex_technical_specifics_references = latex_technical_specifics_references + "\paragraph{References} \mbox{} \\\\" + "No information available"
                                latex_technical_specifics_combined = latex_technical_specifics_combined + latex_technical_specifics_references
                            latex_technical_specifics_combined = latex_technical_specifics_combined + "\\newpage"  # Completes the report page for current CVE
                            cve_severity = float(untangle_object_cve[1])
                            if cve_severity <= 3:  # Determines the colour of severity cell in CVE table
                                cve_severity_low = cve_severity_low + 1
                                cve_severity_total = cve_severity_total + 1
                                cve_severity_low_total = cve_severity_low_total + 1
                            else:
                                if cve_severity > 3 and cve_severity <= 6:
                                    cve_severity_medium = cve_severity_medium + 1
                                    cve_severity_total = cve_severity_total + 1
                                    cve_severity_medium_total = cve_severity_medium_total + 1
                                else:
                                    if cve_severity > 6 and cve_severity < 9:
                                        cve_severity_total = cve_severity_total + 1
                                        cve_severity_high = cve_severity_high + 1
                                        cve_severity_high_total = cve_severity_high_total + 1
                                    else:
                                        if cve_severity >= 9:
                                            cve_severity_total = cve_severity_total + 1
                                            cve_severity_critical = cve_severity_critical + 1
                                            cve_severity_critical_total = cve_severity_critical_total + 1
                        latex_cve_table = latex_cve_table + re.sub(
                            r"(REGEXCVETABLEREGEX)",
                            untangle_object_combined_cve,
                            latex_template_cve_table,
                            count=0,
                            flags=0
                        )  # Creating the table string from table template
                        latex_cve_table = re.sub(
                            r"(REGEXPORTHERE)",
                            untangle_object_port["portid"],
                            latex_cve_table,
                            count=0,
                            flags=0)
                    untangle_object_combined_scriptoutput = untangle_object_combined_scriptoutput + " NMAP Script run: " + untangle_object_script[
                        "id"] + " NMAP Script Result: " + untangle_object_script[
                            "output"]  # Creating a string of the raw scripts information of every script run
            except AttributeError as e:
                print(
                    time_now.strftime("%H:%M") + " ERROR: No scripts detected")
            untangle_object_combined_ports = untangle_object_combined_ports + untangle_object_port[
                "portid"] + " "  # Creating a combined string of each host and its discovered ports
            latex_script_string = latex_script_string + untangle_object_combined_scriptoutput + "\n"  # Creating a LaTeX string from template file and combined script string
        latex_technical_specifics = latex_technical_specifics + "\\newpage\subsection{Vulnerability details of host: " + untangle_object_host_address_ip + "}"  # Begins string of CVE table for current port
        latex_technical_specifics_perhost_severity_string = "Critical\cellcolor{red}&\cellcolor{red} " + str(
            cve_severity_critical
        ) + r'\\\\' + "High\cellcolor{orange}&\cellcolor{orange}" + str(
            cve_severity_high
        ) + r'''\\\\''' + "Medium\cellcolor{yellow}&\cellcolor{yellow}" + str(
            cve_severity_medium
        ) + r'''\\\\''' + "Low \cellcolor{green}&\cellcolor{green}" + str(
            cve_severity_low) + r'''\\\\\hline Total& ''' + str(
                cve_severity_total)
        latex_technical_specifics_perhost_severity = re.sub(
            r"(REGEXPERHOSTSEVERITYREGEX)",
            latex_technical_specifics_perhost_severity_string,
            latex_template_technical_specifics_perhost_severity,
            count=0,
            flags=0)
        latex_technical_specifics = latex_technical_specifics + latex_technical_specifics_perhost_severity + latex_technical_specifics_combined
        latex_cve_table = latex_cve_table + r'''\newpage'''
        latex_devices_table_string = latex_devices_table_string + untangle_object_host_address_ip + "&" + untangle_object_combined_devices + r'''\\\\'''  # Creating a LaTeX table string from template file and combined devices string
        latex_ip_table_string = latex_ip_table_string + untangle_object_host_address_ip + " & " + untangle_object_combined_ports + "&" + untangle_object_combined_devices + r'''\\\\'''  # Creating a LaTeX table string from template file and combined ports string
    latex_ip_table_string = latex_ip_table_string + "\hline Scan start time & " + untangle_object_scan_start_time + r'\\\\' + "Scan end time & " + untangle_object_scan_finish_time + r'\\\\'
    cve_severity_average = cve_severity_average / cve_severity_average_counter  # Finishing calculation of severity average
    latex_title = re.sub(
        r"(REGEXTITLEHEREREGEX)",
        latex_title_input,
        latex_template_title,
        count=0,
        flags=0
    )  # Using Regex to replace the placeholder title in title LaTeX template
    latex_executive_summary = re.sub(
        r"(REGEXTITLEHEREREGEX)",
        latex_title_input,
        latex_template_executive_summary,
        count=0,
        flags=0
    )  # Using Regex to replace the placeholder title in executive summary LaTeX template
    if cve_severity_average == 0:  # Determines what executive summary is chosen, determined by the average severity score
        latex_executive_summary = re.sub(
            r"(REGEXRISKSTATEMENTREGEX)",
            latex_template_executive_summary_risk_none,
            latex_executive_summary,
            count=0,
            flags=0)
    else:
        if cve_severity_average > 0 and cve_severity_average <= 3:
            latex_executive_summary = re.sub(
                r"(REGEXRISKSTATEMENTREGEX)",
                latex_template_executive_summary_risk_low,
                latex_executive_summary,
                count=0,
                flags=0)
        else:
            if cve_severity_average > 3 and cve_severity_average <= 6:
                latex_executive_summary = re.sub(
                    r"(REGEXRISKSTATEMENTREGEX)",
                    latex_template_executive_summary_risk_medium,
                    latex_executive_summary,
                    count=0,
                    flags=0)
            else:
                if cve_severity_average > 6:
                    latex_executive_summary = re.sub(
                        r"(REGEXRISKSTATEMENTREGEX)",
                        latex_template_executive_summary_risk_high,
                        latex_executive_summary,
                        count=0,
                        flags=0)
    latex_overall_severity_results_string = "Critical\cellcolor{red}&\cellcolor{red} " + str(
        cve_severity_critical_total
    ) + r'\\\\' + "High\cellcolor{orange}&\cellcolor{orange}" + str(
        cve_severity_high_total
    ) + r'''\\\\''' + "Medium\cellcolor{yellow}&\cellcolor{yellow}" + str(
        cve_severity_medium_total
    ) + r'''\\\\''' + "Low \cellcolor{green}&\cellcolor{green}" + str(
        cve_severity_low_total) + r'''\\\\\hline Total& ''' + str(
            cve_severity_average_counter)
    latex_overall_severity_results = re.sub(
        r"(REGEXSEVERITYOVERALLHEREREGEX)",
        latex_overall_severity_results_string,
        latex_template_technical_specifics_overall_severity_results,
        count=0,
        flags=0)
    latex_results_table = re.sub(
        r"(REGEXIPPORTTABLEHEREREGEX)",
        latex_ip_table_string,
        latex_template_results_table,
        count=0,
        flags=0
    )  # Using Regex to replace the placeholder table in results table LaTeX template with the host and ports
    latex_raw_results = re.sub(
        r"(REGEXSCRIPTSTUFFREGEX)",
        latex_script_string,
        latex_template_raw_results,
        count=0,
        flags=0
    )  # Using Regex to replace the raw scripts placeholder in LateX template
    file_latex = open(latex_title_input + 'GeneratedReport.tex',
                      "w+")  # Creating the LaTeX .tex file
    latex_template = latex_template_packages + latex_title + latex_executive_summary + latex_template_technical_specifics + latex_results_table + latex_overall_severity_results + latex_technical_specifics + latex_raw_results  # Combining the LaTeX template strings to create the entire template
    file_latex.write(
        latex_template)  # Writing the LaTeX template to the .tex file
    file_latex.close()
    pdflatex_process = subprocess.Popen(
        ['pdflatex', latex_title_input + 'GeneratedReport.tex']
    )  # Generate PDF report from LaTex .tex file (LaTeX only produces contents file on second report generation)
    pdflatex_process.communicate()
    pdflatex_process = subprocess.Popen(
        ['pdflatex', latex_title_input + 'GeneratedReport.tex']
    )  # Run a second time as pdfLatex produces contents .toc file after starting pdf generation
    pdflatex_process.communicate()
예제 #15
0
import json
import requests
import datetime
from pycvesearch import CVESearch

base_url = "https://api.msrc.microsoft.com/"
api_key = "15ec9ebc4fe9469784f10724bf752f82"
cve = CVESearch()

vuln_list = cve.search("microsoft/windows_server_2008")
win_2008 = set()
for element in vuln_list:
    win_2008.add(element["id"])

win_2008_map = []
for cve_id in list(win_2008):
    url = "{}Updates('{}')?api-version={}".format(base_url,\
            cve_id, str(datetime.datetime.now().year))
    headers = {'api-key': api_key}
    response = requests.get(url, headers=headers)
    if response.status_code == 200:
        data = json.loads(response.content)
        id = data["value"][0]["ID"]
        win_2008_map.append({"cve_id":cve_id, "cvrf_id":id})
        print(cve_id + " : " + id)
    else:
        print(cve_id " + not found")

with open("data/versions/windows_server_2008", "w") as outfile:
    outfile.write(json.dumps(win_2008_map, indent = 4,\
                    sort_keys = True))