def main(): cveObj = CVESearch() counter = 0 try: os.makedirs("jsonFiles") except FileExistsError: pass # already exists os.chdir("jsonFiles") print("By Henry Weckermann") print(f"Downloading {len(cveIdList.cves)} files to Folder: /jsonFiles") print("Please be patient as the program needs to wait every 20 entries to avoid an ip ban") for cve in cveIdList.cves: jsonData = cveObj.id(cve) filename = cve with open(cve + ".json", "w") as file: #file.write(jsonData) json.dump(jsonData, file) counter = counter + 1 if counter%THRESHOLD == 0: showProgress(counter) time.sleep(SLEEPTIME)
def get_cve(cveid): print 'Zhanam ' + cveid + ' ...' cve = CVESearch() print cve.search(cveid)
def __init__(self): self.cve = CVESearch() self.store_name = 'cvestore.db' self.cached_cve_ids = [] self.message_queue = CustQueue() self.mastodonClass = MastodonClass() self.mastodonClass.initalize() self.readCVEListFromFile()
def cvebuild(var): """Search for a CVE ID and return a STIX formatted response.""" cve = CVESearch() data = json.loads(cve.id(var)) if data: try: from stix.utils import set_id_namespace namespace = {NS: NS_PREFIX} set_id_namespace(namespace) except ImportError: from mixbox.idgen import set_id_namespace from mixbox.namespaces import Namespace namespace = Namespace(NS, NS_PREFIX, "") set_id_namespace(namespace) pkg = STIXPackage() pkg.stix_header = STIXHeader() pkg = STIXPackage() pkg.stix_header = STIXHeader() pkg.stix_header.handling = _marking() # Define the exploit target expt = ExploitTarget() expt.title = data['id'] expt.description = data['summary'] expt.information_source = InformationSource(identity=Identity( name="National Vulnerability Database")) # Add the vulnerability object to the package object expt.add_vulnerability(_vulnbuild(data)) # Add the COA object to the ET object for coa in COAS: expt.potential_coas.append( CourseOfAction(idref=coa['id'], timestamp=expt.timestamp)) # Do some TTP stuff with CAPEC objects if TTPON is True: try: for i in data['capec']: pkg.add_ttp(_buildttp(i, expt)) except KeyError: pass expt.add_weakness(_weakbuild(data)) # Add the exploit target to the package object pkg.add_exploit_target(expt) xml = pkg.to_xml() title = pkg.id_.split(':', 1)[-1] # If the function is not imported then output the xml to a file. if __name__ == '__main__': _postconstruct(xml, title) return xml else: sys.exit("[-] Error retrieving details for " + var)
def cvebuild(var): """Search for a CVE ID and return a STIX formatted response.""" cve = CVESearch() data = json.loads(cve.id(var)) if data: try: from stix.utils import set_id_namespace namespace = {NS: NS_PREFIX} set_id_namespace(namespace) except ImportError: from stix.utils import idgen from mixbox.namespaces import Namespace namespace = Namespace(NS, NS_PREFIX, "") idgen.set_id_namespace(namespace) pkg = STIXPackage() pkg.stix_header = STIXHeader() pkg = STIXPackage() pkg.stix_header = STIXHeader() pkg.stix_header.handling = marking() # Define the exploit target expt = ExploitTarget() expt.title = data['id'] expt.description = data['summary'] # Add the vulnerability object to the package object expt.add_vulnerability(vulnbuild(data)) # Do some TTP stuff with CAPEC objects try: for i in data['capec']: ttp = TTP() ttp.title = "CAPEC-" + str(i['id']) ttp.description = i['summary'] ttp.exploit_targets.append(ExploitTarget(idref=expt.id_)) pkg.add_ttp(ttp) except KeyError: pass # Do some weakness stuff if data['cwe'] != 'Unknown': weak = Weakness() weak.cwe_id = data['cwe'] expt.add_weakness(weak) # Add the exploit target to the package object pkg.add_exploit_target(expt) xml = pkg.to_xml() # If the function is not imported then output the xml to a file. if __name__ == '__main__': title = pkg.id_.split(':', 1)[-1] with open(title + ".xml", "w") as text_file: text_file.write(xml) return xml
def __init__(self): self.cve = CVESearch() self.store_name = 'cvestoredetails.db' self.cached_cve_ids = [] self.message_queue = CustQueue() self.mastodonClass = MastodonClass() self.mastodonClass.initalize() self.readCVEListFromFile() self.url = "http://www.cvedetails.com/json-feed.php?numrows=30&vendor_id=0&product_id=0&version_id=0&hasexp=0&opec=0&opov=0&opcsrf=0&opfileinc=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opginf=0&opdos=0&orderby=3&cvssscoremin=6"
def get_cves(self): from packaging import version from ares import CVESearch # use product and version to search via api # get cve ids from response # query local db for cve_id # # return base_url = 'https://cve.circl.lu/api/cvefor/' cpe_string = 'cpe:2.3:o:' + str( self.vendor) + ':' + self.product + ':' + self.version cve = CVESearch() # result = cve.search(str(self.vendor) + '/' + self.product) result = cve.cvefor(base_url + cpe_string) return result
def search(company,product): try: cve = CVESearch() #res = cve.search(keyword) #vendor = cve.browse(company) #print type(res) #if vendor and isinstance(vendor,dict): print "Searching {0}\n".format(company.encode('ascii', 'ignore')) cve_list = extract_cve_details(company) print "Searching {0}\n".format(product.encode('ascii', 'ignore')) cve_list.extend(extract_cve_details(product)) return cve_list #else: # return [] except requests.exceptions.RequestException as e: print e
def lastcve(): """Grab the last 30 CVEs.""" cve = CVESearch() data = json.loads(cve.last()) print("[+] Attempting to retrieve the latest 30 CVEs") if data: try: for vulns in data['results']: with open('history.txt', 'ab+') as history_file: if vulns['id'] in history_file.read(): print("[-] Package already generated: " + vulns['id']) else: history_file.seek(0, 2) cvebuild(vulns['id']) history_file.write(vulns['id'] + "\n") except ImportError: pass
def get_cves(self): from vulnerabilities.models import NISTCVE from packaging import version v = None # use product and version to search via api # get cve ids from response # query local db for cve_id # # return base_url = 'https://cve.circl.lu/api/cvefor/' cpe_string = 'cpe:2.3:a:' + str( self.vendor) + ':' + self.product + ':' + self.version cve = CVESearch() # result = cve.search(str(self.vendor) + '/' + self.product) result = cve.cvefor(base_url + cpe_string) # https://cve.circl.lu/api/cvefor/cpe:2.3:a:apache:http_server:2.4.37 return result
def extract_cve_details(keyword): try: cve = CVESearch() cve_list = [] data = cve.search(keyword)['data'] for cve_item in data: if re.search(r'\b' + keyword.lower() + r'\b', cve_item['summary'].lower()): print "matched " + keyword + " in " + str(cve_item['id']) else: #print "Not Matched" continue cvss = [cve_item[xx] for xx in cve_item if xx == "cvss"] impact = [cve_item[xx] for xx in cve_item if xx == "impact"] access = [cve_item[xx] for xx in cve_item if xx == "access"] vuln_conf = [cve_item[xx] for xx in cve_item if xx == "vulnerable_configuration"] last_modified = [cve_item[xx] for xx in cve_item if xx == "Modified"] cwe_id = [cve_item[xx].encode("UTF8") for xx in cve_item if xx == "cwe"] if len(cwe_id) == 0: continue cwe_id = cwe_id[0].replace("CWE-", '') res = [row for row in cwe_list if row['CWE-ID'] == cwe_id] if res: res = res[0] print res cwe = CWE(cwe_id, res['Name'], (res['Likelihood of Exploit'] if res['Likelihood of Exploit'] else None)) else: cwe = None #cve_obj = CVE(cve_item['id'],cvss, impact, access, cwe, vuln_conf, last_modified,cve_item['summary']) cve_obj = CVE(cve_item['id'], cve_item['cvss'], cve_item['impact'], cve_item['access'], cwe, cve_item['vulnerable_configuration'], cve_item['Modified'], cve_item['summary']) cve_list.append(cve_obj) return cve_list except Timeout: logger.exception('Timeout while connecting to %s' % url) return [] except requests.exceptions.RequestException as e: print e
import os import re import csv import click import json from ares import CVESearch from collections import defaultdict PRIORITY_PATTERNS = { 'low': re.compile('Priority:'), 'medium': re.compile('Priority: [mh]'), 'high': re.compile('Priority: [h]'), } CVE = CVESearch() CVE_DETAILS_TEMPLATE = """ CVE: {id} Package: {package} CVSS: {cvss} Published: {published} Modified: {modified} Summary: {summary} References: {references} """ CVE_NO_DETAILS_TEMPLATE = """ CVE: {id} Package: {package} No further details available. """ @click.command()
table = PrettyTable(header_style='upper', field_names=[ "Database Name", "Engine Name", "Engine version", "Region", 'Availability Zone', "CVE ID", "Score", "Impact" ]) impactTable = PrettyTable(header_style='upper', field_names=[ "Database Name", "Engine Name", "Engine version", "Region", 'Availability Zone', "CVE ID", "Score", "Impact" ]) securityAdminsession = boto3.Session(profile_name='securityAdmin', region_name='us-west-2') cve = CVESearch() ec2 = securityAdminsession.client('ec2') regions = ec2.describe_regions() for region in regions["Regions"]: source = securityAdminsession.client('rds', region_name=region["RegionName"]) instances = source.describe_db_instances() db_instanceCount = np.array(instances.get('DBInstances')).size for dbInstance in instances.get('DBInstances'): engine_version = dbInstance.get('EngineVersion') engine = dbInstance.get('Engine') dbName = dbInstance.get('MasterUsername') availability_Zone = dbInstance.get('AvailabilityZone') if (engine == "mysql"): dbvendor = cve.search('oracle/mysql')
def scanExploit(exploit, id): cveData = '' #empty json data vulnData = {} #the url we want to check url = EXPLOITURL + id #Request the page with the selected headers page = requests.get(url, headers=HEADER) time.sleep(0.1) tree = html.fromstring(page.content) #What to look for on the page, that says if it has app or not #Look in html anchor for href with /apps/ in it #Example: <a href="/apps/786c8d62bf18c6c88d2d82a9443cd1e1-httpd-2.0.44.tar.gz"> hasapp = tree.xpath( "//a[re:match(@href, '/apps/')]", namespaces={"re": "http://exslt.org/regular-expressions"}) #Checks if the exploit is verified, using the checkmark class isverified = tree.xpath("//i[contains(@class, 'mdi-check')]") if hasapp and isverified: vulnData['application_name'] = exploit[2] vulnData['exploitdb_id'] = id vulnData['type'] = exploit[5] vulnData['platform'] = exploit[6] vulnData['published_date'] = exploit[3] vulnData['added_date'] = datetime.datetime.fromtimestamp( time.time()).strftime('%Y-%m-%d') #if the page has an app, scan all the anchors #anchors are normally where hrefs are located #Since both the app and the cve is found in href this is what we need links = tree.xpath('//a') for link in links: #Store the app url #here it is also possible to download the url directly and store elsewhere if '/apps/' in link.attrib['href']: vulnData[ 'file_path'] = 'https://www.exploit-db.com' + link.attrib[ 'href'].strip() if 'CVE' in link.attrib['href']: #CVE is link and text content is the CVE id #Example: 2014-6271 vulnData['cve'] = 'CVE-' + link.text_content().strip() #using https://github.com/barnumbirr/ares #to get cve data #load in CVESearch object cve_search = CVESearch() cveData = cve_search.id(vulnData['cve']) #Sometimes the CVE has no data, so check for that if cveData: if 'summary' in cveData: vulnData['cve_summary'] = cveData.get('summary') if 'cvss' in cveData: vulnData['cvss'] = cveData.get('cvss') if 'cwe' in cveData: vulnData['cwe'] = cveData.get('cwe') if 'impact' in cveData: vulnData['impact'] = cveData.get('impact') if 'msbulletin' in cveData: vulnData['msbulletin'] = cveData.get('msbulletin') if 'vulnerable_configuration_cpe_2_2' in cveData: vulnData['vulnerable_configuration'] = cveData.get( 'vulnerable_configuration_cpe_2_2') if cveData: if collection.insert_one(vulnData).acknowledged == True: return True else: return False else: return False
def get(self, product_id): cve = CVESearch() return cve.search("microsoft/{}".format(product_id))
def get(self, cve_id): cve = CVESearch() return cve.id("{}".format(cve_id))
def setUp(self): self.cve = CVESearch()
def get(self): cve = CVESearch() return cve.browse('microsoft')