def onCVEAction(self, cve, action, **args):
if action in ["json", "pdf", "webview"]:
data = args["fields"]['scan'][0]
store = bool(args["fields"]['store'][0])
tags = args["fields"]['tags'][0].split(",")
notes = args["fields"]['notes'][0]
data = self.handle_scan(data, action, tags, notes, store)
return {'status': 'plugin_action_complete', 'data': data}
elif action in ["save_settings"]:
try:
data = {"reaper.enable": toBool(args["fields"]["reaper_enable"][0]),
"reaper.folder": args["fields"]["reaper_folder"][0],
"reaper.store": toBool(args["fields"]["reaper_store"][0]),
"output.enable": toBool(args["fields"]["output_enable"][0]),
"output.type": args["fields"]["output_type"][0],
"output.folder": args["fields"]["output_folder"][0] }
if data["output.type"] not in ["json", "pdf", "webview"]: return False
if not data["reaper.folder"]: data["reaper.folder"] = "./cve-scan"
if not data["output.folder"]: data["output.folder"] = "./cve-scan-output"
for key, val in data.items():
db.p_writeSetting(self.collection, key, val)
self._set_reaper_status()
except Exception as e:
print(e)
return False
return True
return False
def _userAlowed(self, user):
if user.is_authenticated():
group = db.p_readSetting(self.collectionName, "group")
if not group:
db.p_writeSetting(self.collectionName, "group", [])
group = []
if user.get_id() in group:
return True
return False
def _userAlowed(self, user):
if user.is_authenticated():
group = db.p_readSetting(self.collectionName, "group")
if not group:
db.p_writeSetting(self.collectionName, "group", [])
group = []
if user.get_id() in group:
return True
return False
def onCVEAction(self, cve, action, **args):
if action in ["json", "pdf", "webview"]:
try:
data = args["fields"]['scan'][0]
store = bool(args["fields"]['store'][0])
tags = args["fields"]['tags'][0].split(",")
notes = args["fields"]['notes'][0]
nmap = self._parseNMap(data)
if store: self._store_in_db(nmap, tags=tags, notes=notes)
enhanced = self._enhance(nmap)
if action == "json":
returndata = json.dumps(enhanced,
indent=2,
default=json_util.default)
elif action == "pdf":
returndata = str(
base64.b64encode(self._generatePDF(enhanced)), "utf-8")
elif action == "webview":
app = Flask(__name__,
template_folder=os.path.join(
callLocation, "templates"))
with app.test_request_context("/"):
returndata = render_template(self.html, scan=enhanced)
return {'status': 'plugin_action_complete', 'data': returndata}
except Exception as e:
traceback.print_exc()
elif action in ["save_settings"]:
try:
print(args["fields"])
data = {
"reaper.enable": bool(args["fields"]["reaper_enable"][0]),
"reaper.folder": args["fields"]["reaper_folder"][0],
"reaper.store": bool(args["fields"]["reaper_store"][0]),
"output.enable": bool(args["fields"]["output_enable"][0]),
"output.type": args["fields"]["output_type"][0],
"output.folder": args["fields"]["output_folder"][0]
}
if data["output.type"] not in ["json", "pdf", "webview"]:
return False
if not data["reaper.folder"]:
data["reaper.folder"] = "./cve-scan"
if not data["output.folder"]:
data["output.folder"] = "./cve-scan-output"
for key, val in data.items():
db.p_writeSetting(self.collection, key, val)
except Exception as e:
print(e)
return False
return True
return False
def __init__(self):
self.name = "Notes"
self.requiresAuth = True
self.collectionName = "notes"
self.noteText='''
<textarea id="noteID_%s" cols="50">%s</textarea>
%s
<a onclick="$.getJSON('/plugin/%s/_cve_action/save',{cve: '%s', id: '%s', text: $('#noteID_%s').val()},function(data){parseStatus(data);window.location='/cve/%s'});">
<span class="glyphicon glyphicon-save" aria-hidden="true"></span></a>'''
self.noteRemove='''
<a onclick="$.getJSON('/plugin/%s/_cve_action/delete',{cve: '%s', id: '%s'},function(data){parseStatus(data);window.location='/cve/%s'})">
<span class="glyphicon glyphicon-remove" aria-hidden="true"></span></a>'''
# Ensure the database settings exist
nid = db.p_readSetting(self.collectionName, "last_note")
if not nid: db.p_writeSetting(self.collectionName, "last_note", 0)
def onDatabaseUpdate(self):
lastUpdate = db.p_readSetting(self.collectionName, "last_update")
now = datetime.utcnow().replace(tzinfo = pytz.utc)
if lastUpdate:
last = dateutil.parser.parse(lastUpdate)
delta = now - last
since = "%sm"%math.ceil(delta.total_seconds()/60)
else:
since = ""
if self.url and self.key:
try:
# Misp interface
misp = PyMISP(self.url, self.key, True, 'json')
except:
return "[-] Failed to connect to MISP. Wrong URL?"
try:
# Fetch data
misp_last = misp.download_last(since)
# Check data
if 'message' in misp_last.keys():
if misp_last['message'].lower().startswith('no matches'): return "[+] MISP collection updated (0 updates)"
elif misp_last['message'].startswith('Authentication failed.'): return "[-] MISP Authentication failed"
if not 'response' in misp_last: print(misp_last); return "[-] Error occured while fetching MISP data"
# Nothing wrong so far, so let's continue
bulk =[]
for entry in progressbar(misp_last['response']):
# Get info
attrs=entry['Event']['Attribute']
CVEs= [x['value'] for x in attrs if x['type'] == 'vulnerability']
if len(CVEs) == 0: continue
threats= [x['value'] for x in attrs if x['category'] == 'Attribution' and x['type'] == 'threat-actor']
tags = [x['value'] for x in attrs if x['category'] == 'Other' and x['type'] == 'text']
tags.extend([x['value'] for x in attrs if x['category'] == 'External analysis' and x['type'] == 'text'])
# Add info to each CVE
for cve in CVEs:
item={'id':cve}
if len(threats) !=0: item['threats'] = threats
if len(tags) !=0: item['tags'] = tags
if len(item.keys())>1: bulk.append(item) # Avoid empty collections
db.p_bulkUpdate(self.collectionName, "id", bulk)
#update database info after successful program-run
db.p_writeSetting(self.collectionName, "last_update", now.strftime("%a, %d %h %Y %H:%M:%S %Z"))
return "[+] MISP collection updated (%s updates)"%len(bulk)
except Exception as e: print(e);print(e);return "[-] Something went wrong..."
else: return "[-] MISP credentials not specified"
def onCVEAction(self, cve, action, **args):
if args["current_user"].is_authenticated():
if action == "save":
data = db.p_queryOne(self.collectionName, {'cve': cve})
user = args["current_user"].get_id()
# Ensure the entry exists
if not data: db.p_addEntry(self.collectionName, {"cve": cve, "notes": []})
# Get note if exists:
self._deleteIfExists(cve, user, int(args["fields"]["id"][0]))
# Add note
nid = db.p_readSetting(self.collectionName, "last_note") + 1
db.p_addToList(self.collectionName, {'cve': cve}, "notes", {'id': nid, 'user': user, 'notes': args["fields"]["text"][0]})
# Update last note id
db.p_writeSetting(self.collectionName, "last_note", nid)
return True
elif action == "delete":
user = args["current_user"].get_id()
self._deleteIfExists(cve, user, int(args["fields"]["id"][0]))
return True
def _getSetting(self, setting, default):
s = db.p_readSetting(self.collection, setting)
if s is None:
db.p_writeSetting(self.collection, setting, default)
s = default
return s
argParser.add_argument('-c', type=str, help='Collection to manipulate')
argParser.add_argument('--drop', action="store_true", help='Drop the collection specified')
args = argParser.parse_args()
if args.a or args.d:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
# Get list of users
users = db.p_readSetting(collection, "group")
if not users: users = []
if type(users) is not list: users = [users]
a = args.a if args.a else []
d = args.d if args.d else []
for user in a:
if user not in users:
users.append(user)
for user in d:
if user in users:
users.remove(user)
db.p_writeSetting(collection, "group", users)
elif args.drop:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
print("You are manipulating %s"%collection)
confirm = input("Do you want to drop the user list? [y/N]")
if confirm.lower() in ["y", "yes"]: db.p_deleteSettings(collection)
confirm = input("Do you want to drop the data? [y/N]")
if confirm.lower() in ["y", "yes"]: db.p_drop(collection)
action="store_true",
help='Drop the collection specified')
args = argParser.parse_args()
if args.a or args.d:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
# Get list of users
users = db.p_readSetting(collection, "group")
if not users: users = []
if type(users) is not list: users = [users]
a = args.a if args.a else []
d = args.d if args.d else []
for user in a:
if user not in users:
users.append(user)
for user in d:
if user in users:
users.remove(user)
db.p_writeSetting(collection, "group", users)
elif args.drop:
# Get collection to manipulate
wd = Collaboration()
collection = wd._createCollection(args.c)
print("You are manipulating %s" % collection)
confirm = input("Do you want to drop the user list? [y/N]")
if confirm.lower() in ["y", "yes"]: db.p_deleteSettings(collection)
confirm = input("Do you want to drop the data? [y/N]")
if confirm.lower() in ["y", "yes"]: db.p_drop(collection)
