예제 #1
0
    def append_cve_by_cpe(self, parsed_report_dict):
        DB.init()
        for host, host_dict in parsed_report_dict.items():

            for cpe in host_dict.get('cpe_list'):

                for cve_from_db, summary in DB.get_cve_by_cpe(cpe.get('cpe')):
                    is_in_list = False
                    for cve in host_dict.get('cve_list'):
                        if cve_from_db == cve.get('cve'):
                            is_in_list = True
                            break
                    if not is_in_list:
                        parsed_report_dict[host]['cve_list'].append({
                            'cve':
                            cve_from_db,
                            'cve_description':
                            summary,
                            'service_name':
                            None,
                            'port':
                            cpe.get('port'),
                            'protocol':
                            None,
                            'cpe':
                            cpe.get('cpe'),
                            'possible_cpe':
                            None,
                            'source_type':
                            'db'
                        })
        return parsed_report_dict
예제 #2
0
    def find_cpe_for_cve(self, parsed_report_dict):
        for host, host_dict in parsed_report_dict.items():

            for cve in host_dict.get('cve_list'):
                DB.init()
                possible_cpes = DB.get_cpe_by_cve(cve.get('cve'))

                for cpe in host_dict.get('cpe_list'):
                    if cve.get('port') != cpe.get('port'):
                        cve['possible_cpe'] = possible_cpes
                        continue

                    try:
                        cpeid = possible_cpes.index(cpe.get('cpe'))
                        cve['cpe'] = cpe.get('cpe')
                        cve['possible_cpe'] = None
                    except:
                        cve['cpe'] = None
                        cve['possible_cpe'] = possible_cpes
        return parsed_report_dict