def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.is_known = obj.get_is_known() return_obj.is_publicly_acknowledged = obj.get_is_publicly_acknowledged( ) return_obj.title = obj.get_Title() return_obj.description = StructuredText.from_obj(obj.get_Description()) return_obj.short_description = StructuredText.from_obj( obj.get_Short_Description()) return_obj.cve_id = obj.get_CVE_ID() return_obj.osvdb_id = obj.get_OSVDB_ID() return_obj.source = obj.get_Source() return_obj.cvss_score = CVSSVector.from_obj(obj.get_CVSS_Score()) return_obj.discovered_datetime = DateTimeWithPrecision.from_obj( obj.get_Discovered_DateTime()) return_obj.published_datetime = DateTimeWithPrecision.from_obj( obj.get_Published_DateTime()) return_obj.affected_software = AffectedSoftware.from_obj( obj.get_Affected_Software()) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.is_known = utils.xml_bool(obj.is_known) return_obj.is_publicly_acknowledged = utils.xml_bool( obj.is_publicly_acknowledged) return_obj.title = obj.Title return_obj.description = StructuredText.from_obj(obj.Description) return_obj.short_description = StructuredText.from_obj( obj.Short_Description) return_obj.cve_id = obj.CVE_ID return_obj.osvdb_id = obj.OSVDB_ID return_obj.source = obj.Source return_obj.cvss_score = CVSSVector.from_obj(obj.CVSS_Score) return_obj.discovered_datetime = DateTimeWithPrecision.from_obj( obj.Discovered_DateTime) return_obj.published_datetime = DateTimeWithPrecision.from_obj( obj.Published_DateTime) return_obj.affected_software = AffectedSoftware.from_obj( obj.Affected_Software) if obj.References: return_obj.references = obj.References.Reference return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.is_known = dict_repr.get('is_known') return_obj.is_publicly_acknowledged = dict_repr.get( 'is_publicly_acknowledged') return_obj.title = dict_repr.get('title') return_obj.description = StructuredText.from_dict( dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict( dict_repr.get('short_description')) return_obj.cve_id = dict_repr.get('cve_id') return_obj.osvdb_id = dict_repr.get('osvdb_id') return_obj.source = dict_repr.get('source') return_obj.cvss_score = CVSSVector.from_dict( dict_repr.get('cvss_score')) return_obj.discovered_datetime = DateTimeWithPrecision.from_dict( dict_repr.get('discovered_datetime')) return_obj.published_datetime = DateTimeWithPrecision.from_dict( dict_repr.get('published_datetime')) return_obj.affected_software = AffectedSoftware.from_dict( dict_repr.get('affected_software')) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.start = DateTimeWithPrecision.from_obj(obj.Start) return_obj.end = DateTimeWithPrecision.from_obj(obj.End) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if not return_obj: return_obj = cls() return_obj.start = DateTimeWithPrecision.from_dict(d.get('start')) return_obj.end = DateTimeWithPrecision.from_dict(d.get('end')) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.start = DateTimeWithPrecision.from_obj(obj.get_Start()) return_obj.end = DateTimeWithPrecision.from_obj(obj.get_End()) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if return_obj is None: return_obj = cls() return_obj.start_time = DateTimeWithPrecision.from_obj(obj.Start_Time) return_obj.end_time = DateTimeWithPrecision.from_obj(obj.End_Time) return return_obj
def from_dict(cls, d, return_obj=None): if not d: return None if return_obj is None: return_obj = cls() return_obj.start_time = DateTimeWithPrecision.from_dict(d.get('start_time')) return_obj.end_time = DateTimeWithPrecision.from_dict(d.get('end_time')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.first_malicious_action = DateTimeWithPrecision.from_dict( dict_repr.get('first_malicious_action')) return_obj.initial_compromise = DateTimeWithPrecision.from_dict( dict_repr.get('initial_compromise')) return_obj.first_data_exfiltration = DateTimeWithPrecision.from_dict( dict_repr.get('first_data_exfiltration')) return_obj.incident_discovery = DateTimeWithPrecision.from_dict( dict_repr.get('incident_discovery')) return_obj.incident_opened = DateTimeWithPrecision.from_dict( dict_repr.get('incident_opened')) return_obj.containment_achieved = DateTimeWithPrecision.from_dict( dict_repr.get('containment_achieved')) return_obj.restoration_achieved = DateTimeWithPrecision.from_dict( dict_repr.get('restoration_achieved')) return_obj.incident_reported = DateTimeWithPrecision.from_dict( dict_repr.get('incident_reported')) return_obj.incident_closed = DateTimeWithPrecision.from_dict( dict_repr.get('incident_closed')) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.first_malicious_action = DateTimeWithPrecision.from_obj( obj.First_Malicious_Action) return_obj.initial_compromise = DateTimeWithPrecision.from_obj( obj.Initial_Compromise) return_obj.first_data_exfiltration = DateTimeWithPrecision.from_obj( obj.First_Data_Exfiltration) return_obj.incident_discovery = DateTimeWithPrecision.from_obj( obj.Incident_Discovery) return_obj.incident_opened = DateTimeWithPrecision.from_obj( obj.Incident_Opened) return_obj.containment_achieved = DateTimeWithPrecision.from_obj( obj.Containment_Achieved) return_obj.restoration_achieved = DateTimeWithPrecision.from_obj( obj.Restoration_Achieved) return_obj.incident_reported = DateTimeWithPrecision.from_obj( obj.Incident_Reported) return_obj.incident_closed = DateTimeWithPrecision.from_obj( obj.Incident_Closed) return return_obj
def end(self, value): if not value: self._end = None elif isinstance(value, DateTimeWithPrecision): self._end = value else: self._end = DateTimeWithPrecision(value)
def start(self, value): if not value: self._start = None elif isinstance(value, DateTimeWithPrecision): self._start = value else: self._start = DateTimeWithPrecision(value)
def containment_achieved(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._containment_achieved = value else: self._containment_achieved = DateTimeWithPrecision(value=value) else: self._containment_achieved = None
def restoration_achieved(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._restoration_achieved = value else: self._restoration_achieved = DateTimeWithPrecision(value=value) else: self._restoration_achieved = None
def discovered_datetime(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._discovered_datetime = value else: self._discovered_datetime = DateTimeWithPrecision(value=value) else: self._discovered_datetime = None
def initial_compromise(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._initial_compromise = value else: self._initial_compromise = DateTimeWithPrecision(value=value) else: self._initial_compromise = None
def incident_discovery(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._incident_discovery = value else: self._incident_discovery = DateTimeWithPrecision(value=value) else: self._incident_discovery = None
def incident_opened(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._incident_opened = value else: self._incident_opened = DateTimeWithPrecision(value=value) else: self._incident_opened = None
def first_malicious_action(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._first_malicious_action = value else: self._first_malicious_action = DateTimeWithPrecision( value=value) else: self._first_malicious_action = None
def first_data_exfiltration(self, value): if value: if isinstance(value, DateTimeWithPrecision): self._first_data_exfiltration = value else: self._first_data_exfiltration = DateTimeWithPrecision( value=value) else: self._first_data_exfiltration = None
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.is_known = dict_repr.get('is_known') return_obj.is_publicly_acknowledged = dict_repr.get('is_publicly_acknowledged') return_obj.title = dict_repr.get('title') return_obj.description = StructuredText.from_dict(dict_repr.get('description')) return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description')) return_obj.cve_id = dict_repr.get('cve_id') return_obj.osvdb_id = dict_repr.get('osvdb_id') return_obj.source = dict_repr.get('source') return_obj.cvss_score = CVSSVector.from_dict(dict_repr.get('cvss_score')) return_obj.discovered_datetime = DateTimeWithPrecision.from_dict(dict_repr.get('discovered_datetime')) return_obj.published_datetime = DateTimeWithPrecision.from_dict(dict_repr.get('published_datetime')) return_obj.affected_software = AffectedSoftware.from_dict(dict_repr.get('affected_software')) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.is_known = obj.get_is_known() return_obj.is_publicly_acknowledged = obj.get_is_publicly_acknowledged() return_obj.title = obj.get_Title() return_obj.description = StructuredText.from_obj(obj.get_Description()) return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description()) return_obj.cve_id = obj.get_CVE_ID() return_obj.osvdb_id = obj.get_OSVDB_ID() return_obj.source = obj.get_Source() return_obj.cvss_score = CVSSVector.from_obj(obj.get_CVSS_Score()) return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(obj.get_Discovered_DateTime()) return_obj.published_datetime = DateTimeWithPrecision.from_obj(obj.get_Published_DateTime()) return_obj.affected_software = AffectedSoftware.from_obj(obj.get_Affected_Software()) return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.first_malicious_action = DateTimeWithPrecision.from_obj(obj.First_Malicious_Action) return_obj.initial_compromise = DateTimeWithPrecision.from_obj(obj.Initial_Compromise) return_obj.first_data_exfiltration = DateTimeWithPrecision.from_obj(obj.First_Data_Exfiltration) return_obj.incident_discovery = DateTimeWithPrecision.from_obj(obj.Incident_Discovery) return_obj.incident_opened = DateTimeWithPrecision.from_obj(obj.Incident_Opened) return_obj.containment_achieved = DateTimeWithPrecision.from_obj(obj.Containment_Achieved) return_obj.restoration_achieved = DateTimeWithPrecision.from_obj(obj.Restoration_Achieved) return_obj.incident_reported = DateTimeWithPrecision.from_obj(obj.Incident_Reported) return_obj.incident_closed = DateTimeWithPrecision.from_obj(obj.Incident_Closed) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() return_obj.first_malicious_action = DateTimeWithPrecision.from_dict(dict_repr.get('first_malicious_action')) return_obj.initial_compromise = DateTimeWithPrecision.from_dict(dict_repr.get('initial_compromise')) return_obj.first_data_exfiltration = DateTimeWithPrecision.from_dict(dict_repr.get('first_data_exfiltration')) return_obj.incident_discovery = DateTimeWithPrecision.from_dict(dict_repr.get('incident_discovery')) return_obj.incident_opened = DateTimeWithPrecision.from_dict(dict_repr.get('incident_opened')) return_obj.containment_achieved = DateTimeWithPrecision.from_dict(dict_repr.get('containment_achieved')) return_obj.restoration_achieved = DateTimeWithPrecision.from_dict(dict_repr.get('restoration_achieved')) return_obj.incident_reported = DateTimeWithPrecision.from_dict(dict_repr.get('incident_reported')) return_obj.incident_closed = DateTimeWithPrecision.from_dict(dict_repr.get('incident_closed')) return return_obj
def from_dict(cls, dict_repr, return_obj=None): if not dict_repr: return None if not return_obj: return_obj = cls() get = dict_repr.get return_obj.is_known = utils.xml_bool(get("is_known")) return_obj.is_publicly_acknowledged = utils.xml_bool(get("is_publicly_acknowledged")) return_obj.title = get("title") return_obj.descriptions = StructuredTextList.from_dict(get("description")) return_obj.short_descriptions = StructuredTextList.from_dict(get("short_description")) return_obj.cve_id = get("cve_id") return_obj.osvdb_id = get("osvdb_id") return_obj.source = get("source") return_obj.cvss_score = CVSSVector.from_dict(get("cvss_score")) return_obj.discovered_datetime = DateTimeWithPrecision.from_dict(get("discovered_datetime")) return_obj.published_datetime = DateTimeWithPrecision.from_dict(get("published_datetime")) return_obj.affected_software = AffectedSoftware.from_dict(get("affected_software")) return_obj.references = get("references") return return_obj
def from_obj(cls, obj, return_obj=None): if not obj: return None if not return_obj: return_obj = cls() return_obj.is_known = utils.xml_bool(obj.is_known) return_obj.is_publicly_acknowledged = utils.xml_bool(obj.is_publicly_acknowledged) return_obj.title = obj.Title return_obj.descriptions = StructuredTextList.from_obj(obj.Description) return_obj.short_descriptions = StructuredTextList.from_obj(obj.Short_Description) return_obj.cve_id = obj.CVE_ID return_obj.osvdb_id = obj.OSVDB_ID return_obj.source = obj.Source return_obj.cvss_score = CVSSVector.from_obj(obj.CVSS_Score) return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(obj.Discovered_DateTime) return_obj.published_datetime = DateTimeWithPrecision.from_obj(obj.Published_DateTime) return_obj.affected_software = AffectedSoftware.from_obj(obj.Affected_Software) if obj.References: return_obj.references = obj.References.Reference return return_obj
def test_shortcut_dict_representation(self): """If precision is the default value, to_dict should return a string""" date_str = "2013-11-17T01:03:05" d = DateTimeWithPrecision() d.precision = "second" d.value = date_str self.assertEqual(str, type(d.to_dict())) self.assertEqual(datetime.datetime, type(d.value)) self.assertEqual(date_str, d.to_dict()) d2 = round_trip(d, output=True) self.assertEqual(d.to_dict(), d2.to_dict())
def convert_time_item_to_datetime(incident_time_item): day_item = incident_time_item.get("day") month_item = incident_time_item.get("month") time_item = incident_time_item.get("time") year_item = incident_time_item.get("year") if not time_item: time_item = "00:00:00" precision = "day" if not day_item: day_item = 1 precision = "month" if not month_item: month_item = 1 precision = "year" if not year_item: error("Required 'year' item is missing in 'incident' item, skipping item") return None dateTime = DateTimeWithPrecision() dateTime.precision = precision value = convert_items_to_datetime(year_item, month_item, day_item, time_item) if not value: return None dateTime.value = value return dateTime
def discovered_datetime(self, value): """ Sets the time this vulnerability was discovered, represented as class:`DateTimeWithPrecision` Default Value: ``None`` Returns: None """ if value: if isinstance(value, DateTimeWithPrecision): self._discovered_datetime = value else: self._discovered_datetime = DateTimeWithPrecision(value=value) else: self._discovered_datetime = None
def test_construction(self): d = DateTimeWithPrecision() d.precision = "hour" d.value = datetime.datetime(2014, 2, 4, 8, 21, 33) self.assertEqual(self._full_dict, d.to_dict())
def convert_value_unit_to_datetime(item, incident_date_time, fieldname): unit_item = item.get("unit") if unit_item == "Unknown": warn("'%s' item contains 'Unknown'", fieldname) return None value_item = item.get("value") # if no values, assume an half-way point to the next largest unit, except for years - 2 chosen somewhat arbitrarily if not value_item: imprecise = True if unit_item == "Seconds": value_item = 30 warn("'%s' item contains only 'Seconds' as unit information - assuming value is 30 seconds", fieldname) elif unit_item == "Minutes": value_item = 30 warn("'%s' item contains only 'Minutes' as unit information - assuming value is 30 minutes", fieldname) elif unit_item == "Hours": value_item = 12 warn("'%s' item contains only 'Hours' as unit information - assuming value is 12 hours", fieldname) elif unit_item == "Days": value_item = 3 warn("'%s' item contains only 'Days' as unit information - assuming value is 3 days", fieldname) elif unit_item == "Weeks": value_item = 2 warn("'%s' item contains only 'Weeks' as unit information - assuming value is 2 weeks", fieldname) elif unit_item == "Months": value_item = 6 warn("'%s' item contains only 'Months' as unit information - assuming value is 6 months", fieldname) elif unit_item == "Years": value_item = 2 warn("'%s' item contains only 'Years' as unit information - assuming value is 2 years", fieldname) elif unit_item == "Never": warn("'%s' item contains 'Never' as unit information - returning 0", fieldname) return 0 elif unit_item == "NA": warn("'%s' item contains 'NA' as unit information - returning 0", fieldname) return 0 else: imprecise = False if unit_item == "Seconds": if imprecise: precision = "minute" else: precision = "second" delta = timedelta(0, value_item) elif unit_item == "Minutes": if imprecise: precision = "hour" else: precision = "minute" delta = timedelta(0, 0, 0, 0, value_item) elif unit_item == "Hours": if imprecise: precision = "day" else: precision = "hour" delta = timedelta(0, 0, 0, 0, 0, value_item) elif unit_item == "Days": precision = "day" delta = timedelta(value_item) elif unit_item == "Weeks": precision = "month" delta = timedelta(0, 0, 0, 0, 0, 0, value_item) elif unit_item == "Months": if imprecise: precision = "year" else: precision = "month" delta = timedelta(0, 0, 0, 0, 0, 0, value_item * 4) elif unit_item == "Years": precision = "year" delta = timedelta(value_item * 365) elif unit_item == "Never": warn("'%s' item contains 'Never' as unit information, but also a value, skipping", fieldname) return None elif unit_item == "NA": warn("'%s' item contains 'NA' as unit information, but also a value, skipping", fieldname) return None dateTime = DateTimeWithPrecision() dateTime.precision = precision if fieldname == "compromise": dateTime.value = incident_date_time.value - delta else: dateTime.value = incident_date_time.value + delta return dateTime
def end_time(self, value): if isinstance(value, DateTimeWithPrecision): self._end_time = value else: self._end_time = DateTimeWithPrecision(value)