def get_cve(cveid):
print 'Zhanam ' + cveid + ' ...'
cve = CVESearch()
print cve.search(cveid)
def extract_cve_details(keyword):
try:
cve = CVESearch()
cve_list = []
data = cve.search(keyword)['data']
for cve_item in data:
if re.search(r'\b' + keyword.lower() + r'\b', cve_item['summary'].lower()):
print "matched " + keyword + " in " + str(cve_item['id'])
else:
#print "Not Matched"
continue
cvss = [cve_item[xx] for xx in cve_item if xx == "cvss"]
impact = [cve_item[xx] for xx in cve_item if xx == "impact"]
access = [cve_item[xx] for xx in cve_item if xx == "access"]
vuln_conf = [cve_item[xx] for xx in cve_item if xx == "vulnerable_configuration"]
last_modified = [cve_item[xx] for xx in cve_item if xx == "Modified"]
cwe_id = [cve_item[xx].encode("UTF8") for xx in cve_item if xx == "cwe"]
if len(cwe_id) == 0:
continue
cwe_id = cwe_id[0].replace("CWE-", '')
res = [row for row in cwe_list if row['CWE-ID'] == cwe_id]
if res:
res = res[0]
print res
cwe = CWE(cwe_id, res['Name'], (res['Likelihood of Exploit'] if res['Likelihood of Exploit'] else None))
else:
cwe = None
#cve_obj = CVE(cve_item['id'],cvss, impact, access, cwe, vuln_conf, last_modified,cve_item['summary'])
cve_obj = CVE(cve_item['id'], cve_item['cvss'], cve_item['impact'], cve_item['access'], cwe, cve_item['vulnerable_configuration'], cve_item['Modified'], cve_item['summary'])
cve_list.append(cve_obj)
return cve_list
except Timeout:
logger.exception('Timeout while connecting to %s' % url)
return []
except requests.exceptions.RequestException as e:
print e
cve = CVESearch()
ec2 = securityAdminsession.client('ec2')
regions = ec2.describe_regions()
for region in regions["Regions"]:
source = securityAdminsession.client('rds',
region_name=region["RegionName"])
instances = source.describe_db_instances()
db_instanceCount = np.array(instances.get('DBInstances')).size
for dbInstance in instances.get('DBInstances'):
engine_version = dbInstance.get('EngineVersion')
engine = dbInstance.get('Engine')
dbName = dbInstance.get('MasterUsername')
availability_Zone = dbInstance.get('AvailabilityZone')
if (engine == "mysql"):
dbvendor = cve.search('oracle/mysql')
key = "cpe:2.3:a:oracle:mysql:" + engine_version
if (engine == "postgres"):
dbvendor = cve.search('postgresql/postgresql')
key = "cpe:2.3:a:postgresql:postgresql:" + engine_version
print("CVE for: " + key)
output_dict = [
x for x in dbvendor if x['vulnerable_configuration'].count(key) > 0
]
print("Account ID: ", dbInstance.get('DBInstanceArn').split(':')[4])
print("Database Name: ", dbName)
print("Engine Name: ", engine)
print("Engine version: ", engine_version)
print("Region: ", region["RegionName"])
print("Availability Zone: ", availability_Zone)
print "No timestamp file found for notification time, making lastrun file"
epoch_time = int(time.time())
epochfile = open('lastrun', 'w+')
epochfile.write(str(epoch_time))
epochfile.close()
print "This time is now the check time for new notifications"
sys.exit()
for vendprod in vendor_productfile:
if vendprod[0] == '#':
pass
else:
#lets do some checking!
print("Checking for: " + vendprod)
cve = CVESearch()
resultset = cve.search(vendprod.strip())
parsed_json = json.loads(resultset)
for result in parsed_json:
#print result
cve_id = result['id']
cve_cvss = result['cvss']
cve_summary = result['summary']
try:
cve_lastmodified = result['last-modified']
except:
cve_lastmodified = result['Modified']
cve_refs = result['references']
cve_refstrings = ""
for item in cve_refs:
cve_refstrings += str(item) + "\n"
cve_vulnconf = result['vulnerable_configuration']
if file.endswith(".c") or file.endswith(".h"):
with in_place.InPlace(file_path+"\\"+file) as my_file:
for line in my_file:
line = line.replace(pattern1, subst)
line = line.replace(pattern2,subst)
my_file.write(line)
'''
cve = CVESearch()
jasper_cve_id = []
git_link = ""
git_issue_link = ""
is_link_found = False
is_issue_link_found = False
data = cve.search("jasper")['data']
for item in data:
jasper_cve_id.append(item['id'])
print('Please write the cve that you wish to inspect')
cve_id_input = 'CVE-2016-8882'
for link in cve.id(cve_id_input)['references']:
if link.startswith('https://github.com/mdadams/jasper/commit'):
git_link = link
is_link_found = True
elif link.startswith('https://github.com/mdadams/jasper/issues'):
git_issue_link = link
is_issue_link_found = True
def get(self, product_id):
cve = CVESearch()
return cve.search("microsoft/{}".format(product_id))
class TestCVEAPI(unittest.TestCase):
def setUp(self):
self.cve = CVESearch()
def tearDown(self):
self.cve.session.close()
def test_init(self):
self.assertTrue(isinstance(self.cve, CVESearch))
def test_session_headers(self):
user_agent = 'ares - python wrapper around cve.circl.lu (github.com/barnumbirr/ares)'
self.assertEqual(self.cve.session.headers["Content-Type"],
"application/json")
self.assertEqual(self.cve.session.headers["User-agent"], user_agent)
@unittest.skip("Test too aggressive for provider.")
def test_empty_browse(self):
response = self.cve.browse()
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertIsNone(response["product"])
self.assertIsInstance(response["vendor"], list)
self.assertTrue(len(response["vendor"]) > 1000)
def test_browse(self):
response = self.cve.browse(param="python-requests")
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertEqual(response["vendor"], "python-requests")
def test_capec(self):
response = self.cve.capec(param="13")
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertEqual(response["name"],
"Subverting Environment Variable Values")
@unittest.skip("Endpoint disabled on cve.circl.lu")
def test_cpe22(self):
response = self.cve.cpe22(
'cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:-:x64:-'
)
self.assertIsNotNone(response)
self.assertIsInstance(response, str)
self.assertEqual(
response,
"cpe:/o:microsoft:windows_vista:6.0:sp1:~~home_premium~~x64~")
@unittest.skip("Endpoint disabled on cve.circl.lu")
def test_cpe23(self):
response = self.cve.cpe23(
'cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~-')
self.assertIsNotNone(response)
self.assertIsInstance(response, str)
self.assertEqual(
response,
"cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:-:x64"
)
@unittest.skip("Endpoint disabled on cve.circl.lu")
def test_cvefor(self):
response = self.cve.cvefor(
'cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~-')
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertEqual(response["id"], "CVE-2005-0100")
@unittest.skip("Test too aggressive for provider.")
def test_cwe(self):
response = self.cve.cwe()
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
def test_db_info(self):
response = self.cve.dbinfo()
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
def test_id(self):
response = self.cve.id(param="CVE-2015-2296")
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertEqual(response["Published"], "2015-03-18T16:59:00")
def test_bad_id(self):
response = self.cve.id(param="CVE-not-real")
self.assertIsNone(response)
def test_last(self):
response = self.cve.last()
self.assertIsNotNone(response)
self.assertIsInstance(response, list)
self.assertEqual(len(response), 30)
@unittest.skip("Endpoint disabled on cve.circl.lu")
def test_link(self):
response = self.cve.link(param="refmap.ms/CVE-2016-3309")
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertEqual(response["cves"]["cwe"], "CWE-264")
@unittest.skip("Endpoint disabled on cve.circl.lu")
def test_search_vendor(self):
response = self.cve.search(param="python-requests")
self.assertIsNotNone(response)
self.assertIsInstance(response, dict)
self.assertIsInstance(response["data"], list)
