class TestPyCVESearch(unittest.TestCase):
def setUp(self):
self.cve = CVESearch()
def test_browse(self):
self.cve.browse('microsoft')
def test_search(self):
self.cve.search('microsoft/office')
def test_id(self):
self.cve.id('CVE-2014-0160')
def test_last(self):
self.cve.last()
def test_last_50(self):
self.cve.last(50)
def test_dbinfo(self):
self.cve.dbinfo()
def test_cpe22(self):
self.cve.cpe22('cpe:2.3:a:microsoft:office:2011:-:mac')
def test_cpe23(self):
self.cve.cpe23('cpe/a:microsoft:office:2011:-:mac')
def test_cvefor(self):
self.cve.cvefor('cpe:/a:microsoft:office:2011::mac')
def searcher():
try:
cve = CVESearch()
targetvuln = str(open('banners.txt', 'r'))
morevuln = str(cve.search(targetvuln))
newfile = open("cvelist.txt", "w")
newfile.write(morevuln)
targetvuln.close()
newfile.close()
except:
return
def search_vulnerability(package_name, package_version):
cve = CVESearch()
ret = 0
print("search vulnerabilities for package: " + package_name + " version: " + package_version)
resp = cve.search(package_name)
for entry in resp["data"]:
vulnerable_product_list = entry["vulnerable_product"]
vulnerable_configuration_list = entry["vulnerable_configuration"]
vulnerabilities = set(vulnerable_product_list + vulnerable_configuration_list)
for product in vulnerabilities:
product_info = product.split(':')
product_name = product_info[4]
product_version = product_info[5]
if package_name == product_name and package_version == product_version:
print("found vulnerability: " + entry["summary"])
ret = 1
return ret
def cve(all, vendor, product, push):
"""
Search CVEs and CPEs from cve-search enabled DB, import them.
Search in CVE (Common Vulnerabilities and Exposures) and
CPE (Common Platform Enumeration)and import them to RVD.
Makes use of the following:
- https://github.com/cve-search/PyCVESearch
- (indirectly) https://github.com/cve-search/cve-search
"""
# cve = CVESearch()
cyan("Searching for CVEs and CPEs with cve-search ...")
from pycvesearch import CVESearch
if all:
if vendor:
cve = CVESearch()
vendor_flaws = cve.browse(vendor)
products = vendor_flaws['product']
for product in products:
results = cve.search(vendor + "/" + product)
# Start producing flaws in here
for result in results['results']:
# pprint.pprint(result)
document = default_document() # get the default document
# Add relevant elements to the document
document['title'] = result['summary'][:65]
document['type'] = "vulnerability"
document['description'] = result['summary']
document['cve'] = result['id']
document['cwe'] = result['cwe']
document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
result['cvss-vector'])
document['severity']['cvss-score'] = result['cvss']
document['links'] = result['references']
document['flaw']['reported-by'] = result['assigner']
document['flaw']['date-reported'] = arrow.get(
result['Published']).format('YYYY-MM-DD')
# Create a flaw out of the document
flaw = Flaw(document)
# new_flaw = edit_function(0, subsequent=False, flaw=flaw)
new_flaw = flaw
if new_flaw:
print(new_flaw)
else:
continue
if push:
pusher = Base(
) # instantiate the class to push changes
labels = ['vulnerability']
vendor_label = "vendor: " + str(vendor)
labels.append(vendor_label)
# new_keywords = ast.literal_eval(new_flaw.keywords)
# for l in new_keywords:
# labels.append(l)
issue = pusher.new_ticket(new_flaw, labels)
# Update id
new_flaw.id = issue.number
# Update issue and links
if isinstance(new_flaw.links, list):
links = new_flaw.links
else:
links = []
if new_flaw.links.strip() != "":
links.append(new_flaw.links.strip())
links.append(issue.html_url)
new_flaw.links = links
new_flaw.issue = issue.html_url
if flaw.title[:4] != "RVD#": # already has the syntax
new_title = "RVD#" + str(
issue.number) + ": " + flaw.title
flaw.title = new_title
pusher.update_ticket(issue, new_flaw)
else:
red("Error, vendor is required with --all")
sys.exit(1)
return
if vendor and product:
cve = CVESearch()
cyan("Searching for vendor/product: ", end="")
print(vendor + "/" + product)
results = cve.search(vendor + "/" + product)
# Start producing flaws in here
for result in results['results']:
# pprint.pprint(result)
document = default_document() # get the default document
# Add relevant elements to the document
document['title'] = result['summary'][:65]
document['description'] = result['summary']
document['cve'] = result['id']
document['cwe'] = result['cwe']
document['severity']['cvss-vector'] = "CVSS:3.0/" + str(
result['cvss-vector'])
document['severity']['cvss-score'] = result['cvss']
document['links'] = result['references']
document['flaw']['reported-by'] = result['assigner']
document['flaw']['date-reported'] = arrow.get(
result['Published']).format('YYYY-MM-DD')
# Create a flaw out of the document
flaw = Flaw(document)
new_flaw = edit_function(0,
subsequent=False,
label=None,
flaw=flaw)
if new_flaw:
print(new_flaw)
else:
continue
if push:
pusher = Base() # instantiate the class to push changes
labels = ['vulnerability']
new_keywords = ast.literal_eval(new_flaw.keywords)
for l in new_keywords:
labels.append(l)
issue = pusher.new_ticket(new_flaw, labels)
# Update id
new_flaw.id = issue.number
# Update issue and links
if isinstance(new_flaw.links, list):
links = new_flaw.links
else:
links = []
if new_flaw.links.strip() != "":
links.append(new_flaw.links.strip())
links.append(issue.html_url)
new_flaw.links = links
new_flaw.issue = issue.html_url
if flaw.title[:4] != "RVD#": # already has the syntax
new_title = "RVD#" + str(issue.number) + ": " + flaw.title
flaw.title = new_title
pusher.update_ticket(issue, new_flaw)
elif vendor:
cve = CVESearch()
cyan("Browsing for vendor: ", end="")
print(vendor)
pprint.pprint(cve.browse(vendor))
elif product:
red("Error, vendor is required")
sys.exit(1)
else:
red("Error, vendor or vendor and product required")
sys.exit(1)
def get_CVE():
CVESearch.search()
import json
import requests
import datetime
from pycvesearch import CVESearch
base_url = "https://api.msrc.microsoft.com/"
api_key = "15ec9ebc4fe9469784f10724bf752f82"
cve = CVESearch()
vuln_list = cve.search("microsoft/windows_server_2008")
win_2008 = set()
for element in vuln_list:
win_2008.add(element["id"])
win_2008_map = []
for cve_id in list(win_2008):
url = "{}Updates('{}')?api-version={}".format(base_url,\
cve_id, str(datetime.datetime.now().year))
headers = {'api-key': api_key}
response = requests.get(url, headers=headers)
if response.status_code == 200:
data = json.loads(response.content)
id = data["value"][0]["ID"]
win_2008_map.append({"cve_id":cve_id, "cvrf_id":id})
print(cve_id + " : " + id)
else:
print(cve_id " + not found")
with open("data/versions/windows_server_2008", "w") as outfile:
outfile.write(json.dumps(win_2008_map, indent = 4,\
sort_keys = True))