def get_cve(cveid): print 'Zhanam ' + cveid + ' ...' cve = CVESearch() print cve.search(cveid)
def extract_cve_details(keyword): try: cve = CVESearch() cve_list = [] data = cve.search(keyword)['data'] for cve_item in data: if re.search(r'\b' + keyword.lower() + r'\b', cve_item['summary'].lower()): print "matched " + keyword + " in " + str(cve_item['id']) else: #print "Not Matched" continue cvss = [cve_item[xx] for xx in cve_item if xx == "cvss"] impact = [cve_item[xx] for xx in cve_item if xx == "impact"] access = [cve_item[xx] for xx in cve_item if xx == "access"] vuln_conf = [cve_item[xx] for xx in cve_item if xx == "vulnerable_configuration"] last_modified = [cve_item[xx] for xx in cve_item if xx == "Modified"] cwe_id = [cve_item[xx].encode("UTF8") for xx in cve_item if xx == "cwe"] if len(cwe_id) == 0: continue cwe_id = cwe_id[0].replace("CWE-", '') res = [row for row in cwe_list if row['CWE-ID'] == cwe_id] if res: res = res[0] print res cwe = CWE(cwe_id, res['Name'], (res['Likelihood of Exploit'] if res['Likelihood of Exploit'] else None)) else: cwe = None #cve_obj = CVE(cve_item['id'],cvss, impact, access, cwe, vuln_conf, last_modified,cve_item['summary']) cve_obj = CVE(cve_item['id'], cve_item['cvss'], cve_item['impact'], cve_item['access'], cwe, cve_item['vulnerable_configuration'], cve_item['Modified'], cve_item['summary']) cve_list.append(cve_obj) return cve_list except Timeout: logger.exception('Timeout while connecting to %s' % url) return [] except requests.exceptions.RequestException as e: print e
cve = CVESearch() ec2 = securityAdminsession.client('ec2') regions = ec2.describe_regions() for region in regions["Regions"]: source = securityAdminsession.client('rds', region_name=region["RegionName"]) instances = source.describe_db_instances() db_instanceCount = np.array(instances.get('DBInstances')).size for dbInstance in instances.get('DBInstances'): engine_version = dbInstance.get('EngineVersion') engine = dbInstance.get('Engine') dbName = dbInstance.get('MasterUsername') availability_Zone = dbInstance.get('AvailabilityZone') if (engine == "mysql"): dbvendor = cve.search('oracle/mysql') key = "cpe:2.3:a:oracle:mysql:" + engine_version if (engine == "postgres"): dbvendor = cve.search('postgresql/postgresql') key = "cpe:2.3:a:postgresql:postgresql:" + engine_version print("CVE for: " + key) output_dict = [ x for x in dbvendor if x['vulnerable_configuration'].count(key) > 0 ] print("Account ID: ", dbInstance.get('DBInstanceArn').split(':')[4]) print("Database Name: ", dbName) print("Engine Name: ", engine) print("Engine version: ", engine_version) print("Region: ", region["RegionName"]) print("Availability Zone: ", availability_Zone)
print "No timestamp file found for notification time, making lastrun file" epoch_time = int(time.time()) epochfile = open('lastrun', 'w+') epochfile.write(str(epoch_time)) epochfile.close() print "This time is now the check time for new notifications" sys.exit() for vendprod in vendor_productfile: if vendprod[0] == '#': pass else: #lets do some checking! print("Checking for: " + vendprod) cve = CVESearch() resultset = cve.search(vendprod.strip()) parsed_json = json.loads(resultset) for result in parsed_json: #print result cve_id = result['id'] cve_cvss = result['cvss'] cve_summary = result['summary'] try: cve_lastmodified = result['last-modified'] except: cve_lastmodified = result['Modified'] cve_refs = result['references'] cve_refstrings = "" for item in cve_refs: cve_refstrings += str(item) + "\n" cve_vulnconf = result['vulnerable_configuration']
if file.endswith(".c") or file.endswith(".h"): with in_place.InPlace(file_path+"\\"+file) as my_file: for line in my_file: line = line.replace(pattern1, subst) line = line.replace(pattern2,subst) my_file.write(line) ''' cve = CVESearch() jasper_cve_id = [] git_link = "" git_issue_link = "" is_link_found = False is_issue_link_found = False data = cve.search("jasper")['data'] for item in data: jasper_cve_id.append(item['id']) print('Please write the cve that you wish to inspect') cve_id_input = 'CVE-2016-8882' for link in cve.id(cve_id_input)['references']: if link.startswith('https://github.com/mdadams/jasper/commit'): git_link = link is_link_found = True elif link.startswith('https://github.com/mdadams/jasper/issues'): git_issue_link = link is_issue_link_found = True
def get(self, product_id): cve = CVESearch() return cve.search("microsoft/{}".format(product_id))
class TestCVEAPI(unittest.TestCase): def setUp(self): self.cve = CVESearch() def tearDown(self): self.cve.session.close() def test_init(self): self.assertTrue(isinstance(self.cve, CVESearch)) def test_session_headers(self): user_agent = 'ares - python wrapper around cve.circl.lu (github.com/barnumbirr/ares)' self.assertEqual(self.cve.session.headers["Content-Type"], "application/json") self.assertEqual(self.cve.session.headers["User-agent"], user_agent) @unittest.skip("Test too aggressive for provider.") def test_empty_browse(self): response = self.cve.browse() self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertIsNone(response["product"]) self.assertIsInstance(response["vendor"], list) self.assertTrue(len(response["vendor"]) > 1000) def test_browse(self): response = self.cve.browse(param="python-requests") self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertEqual(response["vendor"], "python-requests") def test_capec(self): response = self.cve.capec(param="13") self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertEqual(response["name"], "Subverting Environment Variable Values") @unittest.skip("Endpoint disabled on cve.circl.lu") def test_cpe22(self): response = self.cve.cpe22( 'cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:-:x64:-' ) self.assertIsNotNone(response) self.assertIsInstance(response, str) self.assertEqual( response, "cpe:/o:microsoft:windows_vista:6.0:sp1:~~home_premium~~x64~") @unittest.skip("Endpoint disabled on cve.circl.lu") def test_cpe23(self): response = self.cve.cpe23( 'cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~-') self.assertIsNotNone(response) self.assertIsInstance(response, str) self.assertEqual( response, "cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:-:x64" ) @unittest.skip("Endpoint disabled on cve.circl.lu") def test_cvefor(self): response = self.cve.cvefor( 'cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~-') self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertEqual(response["id"], "CVE-2005-0100") @unittest.skip("Test too aggressive for provider.") def test_cwe(self): response = self.cve.cwe() self.assertIsNotNone(response) self.assertIsInstance(response, dict) def test_db_info(self): response = self.cve.dbinfo() self.assertIsNotNone(response) self.assertIsInstance(response, dict) def test_id(self): response = self.cve.id(param="CVE-2015-2296") self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertEqual(response["Published"], "2015-03-18T16:59:00") def test_bad_id(self): response = self.cve.id(param="CVE-not-real") self.assertIsNone(response) def test_last(self): response = self.cve.last() self.assertIsNotNone(response) self.assertIsInstance(response, list) self.assertEqual(len(response), 30) @unittest.skip("Endpoint disabled on cve.circl.lu") def test_link(self): response = self.cve.link(param="refmap.ms/CVE-2016-3309") self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertEqual(response["cves"]["cwe"], "CWE-264") @unittest.skip("Endpoint disabled on cve.circl.lu") def test_search_vendor(self): response = self.cve.search(param="python-requests") self.assertIsNotNone(response) self.assertIsInstance(response, dict) self.assertIsInstance(response["data"], list)