def search_shellcodes_version(software_name, num_version):
"""
Perform a search based on exploits' description for an input search that contains a number of version.
This function is called by 'search_vulnerabilities_version' method.
:param software_name: the name of the software that the user is searching for.
:param num_version: the specific number of version the user is searching for.
:return: a queryset with search result found in 'searcher_exploit' DB table.
"""
session = start_session()
queryset = session.query(Shellcode).filter(and_(Shellcode.description.contains(software_name)))
query_result_set = queryset2list(queryset)
session.close()
# limit the time spent for searching useless results.
if queryset.count() > N_MAX_RESULTS_NUMB_VERSION:
# return Exploit.objects.none()
return void_result_set()
final_result_set = []
for shellcode in query_result_set:
# if exploit not contains '<'
if not str(shellcode.description).__contains__('<'):
final_result_set = filter_shellcodes_without_comparator(shellcode, num_version, software_name, final_result_set)
# if exploit contains '<'
else:
final_result_set = filter_shellcodes_with_comparator(shellcode, num_version, software_name, final_result_set)
return final_result_set
def get_suggestions_list():
"""
Get all suggestions in the database
:return: a list containing all suggestions
"""
session = start_session()
queryset = session.query(Suggestion)
suggestions_list = queryset2list(queryset)
session.close()
return suggestions_list
def search_vulnerabilities_advanced(searched_text, db_table, operator_filter, type_filter, platform_filter, author_filter,
port_filter, date_from_filter, date_to_filter):
"""
Perform a search based on filter selected by the user for an input search.
:param searched_text: the search input.
:param db_table: the DB table in which we want to perform the search.
:param operator_filter: OR operator matches all search results that contain at least one search keyword,
AND operator matches only search results that contain all the search keywords.
:param type_filter: the filter on the vulnerabilities' type.
:param platform_filter: the filter on the vulnerabilities' platform.
:param author_filter: the filter on the vulnerabilities' author.
:param port_filter: the filter on the exploits' port.
:param date_from_filter: the filter on the vulnerabilities' date (from).
:param date_to_filter: the filter on the vulnerabilities' date (to).
:return: a queryset containing all the search results.
"""
session = start_session()
words_list = str(searched_text).upper().split()
if operator_filter == 'AND' and searched_text != '':
vulnerabilities_list = search_vulnerabilities_for_description_advanced(searched_text, db_table)
elif operator_filter == 'OR':
if db_table == 'searcher_exploit':
queryset = session.query(Exploit).filter(or_(Exploit.description.contains(word) for word in words_list))
else:
queryset = session.query(Shellcode).filter(or_(Shellcode.description.contains(word) for word in words_list))
vulnerabilities_list = queryset2list(queryset)
else:
if db_table == 'searcher_exploit':
queryset = session.query(Exploit)
else:
queryset = session.query(Shellcode)
vulnerabilities_list = queryset2list(queryset)
if type_filter != 'all':
vulnerabilities_list = filter_vulnerabilities_for_type(vulnerabilities_list, type_filter)
if platform_filter != 'all':
vulnerabilities_list = filter_vulnerabilities_for_platform(vulnerabilities_list, platform_filter)
if author_filter != '':
vulnerabilities_list = filter_vulnerabilities_for_author(vulnerabilities_list, author_filter)
try:
date_from = datetime.datetime.strptime(date_from_filter, '%Y-%m-%d')
date_to = datetime.datetime.strptime(date_to_filter, '%Y-%m-%d')
vulnerabilities_list = filter_vulnerabilities_for_date_range(vulnerabilities_list, date_from, date_to)
except ValueError:
pass
if port_filter != '' and db_table == 'searcher_exploit':
vulnerabilities_list = filter_exploits_for_port(vulnerabilities_list, port_filter)
elif port_filter != '' and db_table == 'searcher_shellcode':
vulnerabilities_list = []
queryset_std = search_vulnerabilities_for_text_input_advanced(searched_text, db_table, type_filter, platform_filter,
author_filter, port_filter, date_from_filter,
date_to_filter)
results_list = join_lists(vulnerabilities_list, queryset_std)
session.close()
return results_list
def remove_suggestion(searched):
session = start_session()
suggestion_item = session.query(Suggestion).get(searched)
if suggestion_item is not None:
session.query(Suggestion).filter(
Suggestion.searched == searched).delete()
session.commit()
session.close()
delete_suggestion_from_csv(searched)
return True
else:
return False
def substitute_with_suggestions(searched_text):
"""
Substitute automatically an user's input with an appropriate suggestion.
:param searched_text: the user's input.
:return: the new input to use for the search.
"""
session = start_session()
suggestions = session.query(Suggestion)
session.close()
for suggested_word in suggestions:
if searched_text.lower().__contains__(suggested_word.searched.lower())\
and suggested_word.autoreplacement == 'true' \
and not str(searched_text).lower().__contains__(suggested_word.suggestion.lower()):
searched_text = str(searched_text.lower()).replace(
suggested_word.searched.lower(),
suggested_word.suggestion.lower())
return searched_text
def search_vulnerabilities_for_file(word_list, db_table):
"""
Search vulnerabilities for file.
:param word_list: the list of words searched by the user.
:param db_table: the database table in which perform the search.
:return: the list containing the results of the performed search.
"""
session = start_session()
if db_table == 'searcher_exploit':
queryset = session.query(Exploit).filter(and_(Exploit.file.contains(word) for word in word_list))
else:
queryset = session.query(Shellcode).filter(
and_(Shellcode.file.contains(word) for word in word_list))
session.close()
return queryset2list(queryset)
def new_suggestion(searched, suggestion, autoreplacement):
session = start_session()
searched = str(searched).lower()
suggestion = str(suggestion).lower()
queryset = session.query(Suggestion).filter(
Suggestion.searched == searched)
results_list = queryset2list(queryset)
if len(results_list) == 0:
new_suggestion = Suggestion(searched, suggestion, autoreplacement)
session.add(new_suggestion)
add_suggestion_to_custom_csv(searched, suggestion, autoreplacement)
else:
edited_suggestion = session.query(Suggestion).get(searched)
edited_suggestion.suggestion = suggestion
edited_suggestion.autoreplacement = autoreplacement
edited_suggestion_in_csv(searched, suggestion, autoreplacement)
session.commit()
session.close()
def search_vulnerabilities_for_text_input(searched_text, db_table):
"""
Perform a search in description based on characters contained by this attribute.
This queryset can be joined with the search results based on the number of version.
:param searched_text: the search input.
:param db_table: the DB table in which we want to perform the search.
:return: a queryset containing the search results found with a search based on the characters contained by
the attribute 'description'
"""
word_list = str(searched_text).split()
word_list_num = []
for word in word_list:
if word.isnumeric():
word_list.remove(word)
word_list_num.append(' ' + word)
word_list_num.append('/' + word)
if word.__contains__('.'):
word_list.remove(word)
word_list_num.append(' ' + word)
word_list_num.append('/' + word)
try:
session = start_session()
if db_table == 'searcher_exploit':
queryset = session.query(Exploit).filter(
and_(Exploit.description.contains(word) for word in word_list))
else:
queryset = session.query(Shellcode).filter(
and_(
Shellcode.description.contains(word)
for word in word_list))
session.close()
query_result_set = queryset2list(queryset)
except TypeError:
query_result_set = void_result_set()
final_result_set = []
try:
for instance in query_result_set:
for word in word_list_num:
if str(instance.description).__contains__(word) and not list(
final_result_set).__contains__(instance):
final_result_set.append(instance)
except TypeError:
pass
return final_result_set
def propose_suggestions(searched_text):
"""
Suggest to the user a related search that he can do.
:param searched_text: the user's input.
:return: the suggested search.
"""
suggested_searched_text = ''
session = start_session()
queryset = session.query(Suggestion)
suggestions = queryset2list(queryset)
session.close()
for suggested_word in suggestions:
if searched_text.lower().__contains__(suggested_word.searched.lower()) \
and suggested_word.autoreplacement == 'false' \
and not str(searched_text).lower().__contains__(suggested_word.suggestion.lower()):
suggested_searched_text = str(searched_text.lower()).replace(
suggested_word.searched.lower(),
suggested_word.suggestion.lower())
return suggested_searched_text
def search_vulnerabilities_numerical(searched_text, db_table):
"""
Perform a search based on vulnerabilities' description, file, id, and port (only if it is an exploit) for an only
numerical search input.
:param searched_text: the search input.
:param db_table: the DB table in which we want to perform the search.
:return: a queryset with search results.
"""
session = start_session()
if db_table == 'searcher_exploit':
queryset = session.query(Exploit).filter(or_(Exploit.description.contains(searched_text),
Exploit.id == int(searched_text),
Exploit.file.contains(searched_text),
Exploit.port == int(searched_text)
))
else:
queryset = session.query(Shellcode).filter(or_(Shellcode.description.contains(searched_text),
Shellcode.id == int(searched_text),
Shellcode.file.contains(searched_text)
))
session.close()
return queryset2list(queryset)
def get_vulnerability_filters():
"""
Get the list of all vulnerability filters
:return: a list containing all vulnerability types and a list containing all platforms
"""
session = start_session()
queryset = session.query(Exploit)
exploits_list = queryset2list(queryset)
types_list = []
platform_list = []
for exploit in exploits_list:
types_list.append(exploit.type)
platform_list.append(exploit.platform)
queryset = session.query(Shellcode)
shellcodes_list = queryset2list(queryset)
for shellcode in shellcodes_list:
types_list.append(shellcode.type)
platform_list.append(shellcode.platform)
types_list = sorted(remove_duplicates_by_list(types_list))
platform_list = sorted(remove_duplicates_by_list(platform_list))
session.close()
return types_list, platform_list
def get_shellcode_by_id(shellcode_id):
session = start_session()
shellcode = session.query(Shellcode).get(shellcode_id)
session.close()
return shellcode
def get_exploit_by_id(exploit_id):
session = start_session()
exploit = session.query(Exploit).get(exploit_id)
session.close()
return exploit
