def get_ness_report(self): cve_detail_list = self.cve_list_rp for cve in cve_detail_list: #topvas nvt_topvas_list = Sql.select_nvts_topvas_by_cve(cve) topvas_exist = 'no' topvas_file = '' if len(nvt_topvas_list) != 0: topvas_exist = 'yes' topvas_file = '' count = 0 for file in nvt_topvas_list: count = count + 1 if count == 1: topvas_file = file[0] else: topvas_file = topvas_file + ',' + file[0] #nessus nvt_ness_list = Sql.select_nvts_ness_by_cve(cve) nessus_file = '' nessus_exist = 'no' if len(nvt_ness_list) != 0: nessus_exist = 'yes' nessus_file = '' count = 0 for file in nvt_ness_list: count = count + 1 if count == 1: nessus_file = file[0] else: nessus_file = nessus_file + ',' + file[0] Sql.insert_ness_report(cve, topvas_file, topvas_exist, nessus_file, nessus_exist)
def data_nvts_en(self): Sql.insert_nvts_en() Sql.ctl_index_nvts_en() #统计nvts_en数据量 nvt_num_info = Sql.select_count_nvts_en_by_cn_ok('no') for info_n in nvt_num_info: count_nvts_numbers = info_n[0] return count_nvts_numbers
def translate_family(self, google_translate): #翻译family results_family = Sql.select_family_from_blog_blogspost() for family_info in results_family: family = family_info[0] print('##family:' + family) try: family_cn = google_translate.translate_cn(family) except: print('#->fanyi family error:family=%s' % (family)) continue Sql.update_blog_blogspost_by_family(family_cn, family)
def data_init(self, flag): #####创建表 blog_blogspost 并插入数据 #只有入参为True,则需要重新构建 blog_blogspost 里面的数据 print('flag=' + str(flag)) if flag == True: print('first') #插入数据 Sql.insert_blog_blogspost() #同步表nvts与blog_blogspost的数据 #self.sync_data() #更新tag self.update_tag()
def cve_report(self): #cve topvas cve_detail_list = Sql.select_cve_detail_list() for cve_info in cve_detail_list: product_id = cve_info[0] product_name = cve_info[1] year = cve_info[2] vul_type = cve_info[3] cve = cve_info[4] topvas_file_tmp = '' #topvas nvt_topvas_list = Sql.select_nvts_topvas_by_cve(cve) topvas_exist = 'no' topvas_file = '' if len(nvt_topvas_list) != 0: topvas_exist = 'yes' topvas_file = '' count = 0 for file in nvt_topvas_list: count = count + 1 if count == 1: topvas_file = file[0] else: topvas_file = topvas_file + ',' + file[0] #nessus nvt_ness_list = Sql.select_nvts_ness_by_cve(cve) nessus_file = '' nessus_exist = 'no' if len(nvt_ness_list) != 0: nessus_exist = 'yes' nessus_file = '' count = 0 for file in nvt_ness_list: count = count + 1 if count == 1: nessus_file = file[0] else: nessus_file = nessus_file + ',' + file[0] #生成报告 Sql.insert_cve_report(product_id, product_name, year, vul_type, cve, topvas_file, topvas_exist, nessus_file, nessus_exist)
def get_tag_info(self, sync_data): all_nvts = Sql.select_tag_from_nvts() for info_nvts in all_nvts: tag_data = info_nvts[0] if tag_data != 'NOTAG': dict_data = sync_data.data_to_dict(tag_data, '=', '|') for key in dict_data: if key not in self.Tag_all_name_en: self.Tag_all_name_en.append(key) for tag in self.Tag_all_name_en: print('#nvts tag:' + tag)
def get_cve_report_files(self): file_list = [] product_name_list = Sql.select_tb_cve_report_by_product_name() for product_name_info in product_name_list: product_name = product_name_info[0] print('###product_name=' + product_name) result_file = Sql.select_tb_cve_report(product_name) file_count = 0 ness_file = '' for item in result_file: #file_tmp_list = item[0] #print(file_tmp_list) file_tmp_list = item[0].split(',') for file in file_tmp_list: if file not in file_list: #print('ness file:' + file) file_count = file_count + 1 ness_file = ness_file + ' ' + file #file_list.append(file) print('file_count=' + str(file_count)) print('ness_file=' + ness_file) Sql.insert_ness_report_dist(product_name, file_count, ness_file)
def main(self): progress = 0 sr_nvts_list = Sql.select_nvts() for nvts_info in sr_nvts_list: id = nvts_info[0] uuid = nvts_info[1] oid = nvts_info[2] version = nvts_info[3] name = nvts_info[4] comment = nvts_info[5] copyright = nvts_info[6] cve = nvts_info[7] bid = nvts_info[8] xref = nvts_info[9] tag = nvts_info[10] category = nvts_info[11] family = nvts_info[12] cvss_base = nvts_info[13] creation_time = nvts_info[14] modification_time = nvts_info[15] solution_type = nvts_info[16] qod = nvts_info[17] qod_type = nvts_info[18] family_cn = '' #根据oid查找对应的中文信息 nvts_cn_list = MySql.select_nvts_cn_tmp(oid) for nvts_cn_info in nvts_cn_list: name = nvts_cn_info[0] tag = nvts_cn_info[1] family_cn = nvts_cn_info[2] progress = progress + 1 if progress % 100 == 0: print('progress:%d' % (progress)) MySql.insert_nvts_cn(id, uuid, oid, version, name, comment, copyright, cve, bid, xref, tag, category, family, cvss_base, creation_time, modification_time, solution_type, qod, qod_type, family_cn)
def data_process(self, all_nvts, google_translate): for info_nvts in all_nvts: self.count_progress = self.count_progress + 1 nvts_id = info_nvts[0] nvts_oid = info_nvts[1] nvts_name = info_nvts[2] nvts_summary = info_nvts[3] nvts_affected = info_nvts[4] nvts_solution = info_nvts[5] nvts_insight = info_nvts[6] nvts_vuldetect = info_nvts[7] nvts_impact = info_nvts[8] nvts_synopsis = info_nvts[9] nvts_description = info_nvts[10] nvts_exploitability_ease = info_nvts[11] nvts_risk_factor = info_nvts[12] nvts_metasploit_name = info_nvts[13] nvts_d2_elliot_name = info_nvts[14] #1.name nvts_name_cn = '' if '' != nvts_name: try: nvts_name_cn = google_translate.translate_cn( nvts_name).replace('\'', '\'\'').replace('\\n', '\n') nvts_name = nvts_name.replace('\'', '\'\'') except: print('#->fanyi Name error:oid=' + nvts_oid + ', name=' + nvts_name) continue #2.summary nvts_summary_cn = '' if '' != nvts_summary: try: nvts_summary_cn = google_translate.translate_cn( nvts_summary).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi summary error:oid=' + nvts_oid + ', summary=' + nvts_summary) continue #3.affected nvts_affected_cn = '' if '' != nvts_affected: try: nvts_affected_cn = google_translate.translate_cn( nvts_affected).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi affected error:oid=' + nvts_oid + ', affected=' + nvts_affected) continue #4.solution nvts_solution_cn = '' if '' != nvts_solution: try: nvts_solution_cn = google_translate.translate_cn( nvts_solution).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi solution error:oid=' + nvts_oid + ', solution=' + nvts_solution) continue #5.insight nvts_insight_cn = '' if '' != nvts_insight: try: #text.decode("utf-8"). nvts_insight_cn = google_translate.translate_cn( nvts_insight).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi insight error:oid=' + nvts_oid + ', insight=' + nvts_insight) continue #6.vuldetect nvts_vuldetect_cn = '' if '' != nvts_vuldetect: try: nvts_vuldetect_cn = google_translate.translate_cn( nvts_vuldetect).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi vuldetect error:oid=' + nvts_oid + ', vuldetect=' + nvts_vuldetect) continue #7.impact nvts_impact_cn = '' if '' != nvts_impact: try: nvts_impact_cn = google_translate.translate_cn( nvts_impact).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi impact error:oid=' + nvts_oid + ', impact=' + nvts_impact) continue #8.synopsis nvts_synopsis_cn = '' if '' != nvts_synopsis: try: nvts_synopsis_cn = google_translate.translate_cn( nvts_synopsis).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi synopsis error:oid=' + nvts_oid + ', synopsis=' + nvts_synopsis) continue #9.description nvts_description_cn = '' if '' != nvts_description: try: nvts_description_cn = google_translate.translate_cn( nvts_description).replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi description error:oid=' + nvts_oid + ', description=' + nvts_description) continue #10.exploitability_ease nvts_exploitability_ease_cn = '' if '' != nvts_exploitability_ease: try: nvts_exploitability_ease_cn = google_translate.translate_cn( nvts_exploitability_ease).replace('\'', '\'\'').replace( '\\n', '\n') except: print('#->fanyi exploitability_ease error:oid=' + nvts_oid + ', exploitability_ease=' + nvts_exploitability_ease) continue #11.risk_factor nvts_risk_factor_cn = '' if '' != nvts_risk_factor: try: nvts_risk_factor_cn = google_translate.translate_cn( nvts_risk_factor, 'en').replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi risk_factor error:oid=' + nvts_oid + ', risk_factor=' + nvts_risk_factor) continue #12.metasploit_name nvts_metasploit_name_cn = '' if '' != nvts_metasploit_name: try: nvts_metasploit_name_cn = google_translate.translate_cn( nvts_metasploit_name, 'en').replace('\'', '\'\'').replace('\\n', '\n') except: print('#->fanyi metasploit_name error:oid=' + nvts_oid + ', metasploit_name=' + nvts_metasploit_name) continue #13.d2_elliot_name nvts_d2_elliot_name_cn = '' if '' != nvts_d2_elliot_name: try: nvts_d2_elliot_name_cn = google_translate.translate_cn( nvts_d2_elliot_name).replace('\'', '\'\'').replace( '\\n', '\n') except: print('#->fanyi d2_elliot_name error:oid=' + nvts_oid + ', d2_elliot_name=' + nvts_d2_elliot_name) continue print("##->progress=" + str(self.count_progress)) Sql.update_blog_blogspost_cn( nvts_name_cn, nvts_summary_cn, nvts_affected_cn, nvts_solution_cn, nvts_insight_cn, nvts_vuldetect_cn, nvts_impact_cn, nvts_synopsis_cn, nvts_description_cn, nvts_exploitability_ease_cn, nvts_risk_factor_cn, nvts_metasploit_name_cn, nvts_d2_elliot_name_cn, nvts_oid, nvts_name)
def nomal_data_proc(self, threadName, min, max, google_translate): results = Sql.select_nvts_en_limit(min, max) self.data_process(results, google_translate)
def __init__(self): #Sql.drop_tb_cve_report() Sql.ctl_tb_cve_report() Sql.cls_tb_cve_report() Sql.ctl_index_nvts_ness() Sql.ctl_tb_ness_report() Sql.cls_tb_ness_report() Sql.ctl_tb_ness_report_dist() Sql.cls_tb_ness_report_dist()
def __init__(self): Sql.drop_blog_blogspost() #创建表blog_blogspost Sql.ctl_tb_blog_blogspost() #清空表blog_blogspost数据 Sql.clr_blog_blogspost() #创建索引 Sql.ctl_index_blog_blogspost() #创建表nvts_en 用于保存带翻译的英文数据 Sql.drop_tb_nvts_en() Sql.ctl_tb_nvts_en()
def update_tag(self): #更新tag数据 count_set = 0 result_tag = Sql.select_blog_blogspost_by_cn_ok('no') for info in result_tag: oid = info[0] name = info[1].replace('\'', '\'\'') tag_data = info[2] summary = '' affected = '' solution = '' insight = '' vuldetect = '' impact = '' synopsis = '' description = '' exploitability_ease = '' risk_factor = '' metasploit_name = '' d2_elliot_name = '' if tag_data != 'NOTAG': key_list = [] dict_data = self.data_to_dict(tag_data, '=', '|') for key in dict_data: key_list.append(key) if 'summary' in key_list: summary = dict_data['summary'].replace('\'', '\'\'') if 'affected' in key_list: affected = dict_data['affected'].replace('\'', '\'\'') if 'solution' in key_list: solution = dict_data['solution'].replace('\'', '\'\'') if 'insight' in key_list: insight = dict_data['insight'].replace('\'', '\'\'') if 'vuldetect' in key_list: vuldetect = dict_data['vuldetect'].replace('\'', '\'\'') if 'impact' in key_list: impact = dict_data['impact'].replace('\'', '\'\'') if 'synopsis' in key_list: synopsis = dict_data['synopsis'].replace('\'', '\'\'') if 'description' in key_list: description = dict_data['description'].replace( '\'', '\'\'') if 'exploitability_ease' in key_list: exploitability_ease = dict_data[ 'exploitability_ease'].replace('\'', '\'\'') if 'risk_factor' in key_list: risk_factor = dict_data['risk_factor'].replace( '\'', '\'\'') if 'metasploit_name' in key_list: metasploit_name = dict_data['metasploit_name'].replace( '\'', '\'\'') if 'd2_elliot_name' in key_list: d2_elliot_name = dict_data['d2_elliot_name'].replace( '\'', '\'\'') count_set = count_set + 1 print('##Update Progress##' + str(count_set)) Sql.update_blog_blogspost(summary, affected, solution, insight, vuldetect, impact, synopsis, description, exploitability_ease, risk_factor, metasploit_name, d2_elliot_name, oid, name)
def sync_data(self): Sql.sync_blog_blogspost_and_nvts()