def main():
def sig_handler(sig, frame):
print("Terminating...")
tornado.ioloop.IOLoop.current().stop()
tornado.options.parse_command_line()
signal.signal(signal.SIGINT, sig_handler)
signal.signal(signal.SIGTERM, sig_handler)
db = Configuration.getMongoConnection()
redisdb = Configuration.getRedisVendorConnection()
port = Configuration.getFlaskPort()
app = tornado.web.Application([
(r"/", MainHandler),
(r"/api/stats", StatsHandler),
(r"/api/search/([^/]+)", SearchHandler)
], db=db, redisdb=redisdb)
app.listen(port)
print("Listening on :%s" % port)
tornado.ioloop.IOLoop.current().start()
def __init__(self, cpes=None):
try:
self.__db = Configuration.getRedisVendorConnection()
except Exception:
sys.exit(1)
if cpes is None:
self.cpes = getCPEs()
else:
self.cpes = cpes
self.set_debug_logging = False
self.logger = logging.getLogger("CPERedisBrowser")
def __init__(self):
# TODO: make auth handler and plugin manager singletons
Advanced_API.__init__(self)
Minimal.__init__(self)
self.minimal = False
self.auth_handler = AuthenticationHandler()
self.plugManager = PluginManager()
self.login_manager = LoginManager()
self.plugManager.loadPlugins()
self.login_manager.init_app(self.app)
self.login_manager.user_loader(self.load_user)
self.redisdb = Configuration.getRedisVendorConnection()
self.defaultFilters.update({'blacklistSelect': 'on', 'whitelistSelect': 'on',
'unlistedSelect': 'show',})
self.args.update({'minimal': False})
self.pluginArgs = {"current_user": current_user, "plugin_manager": self.plugManager}
routes = [{'r': '/cve/<cveid>', 'm': ['GET'], 'f': self.cve},
{'r': '/_get_plugins', 'm': ['GET'], 'f': self._get_plugins},
{'r': '/plugin/_get_cve_actions', 'm': ['GET'], 'f': self._get_cve_actions},
{'r': '/plugin/<plugin>', 'm': ['GET'], 'f': self.openPlugin},
{'r': '/plugin/<plugin>/subpage/<page>', 'm': ['GET'], 'f': self.openPluginSubpage},
{'r': '/plugin/<plugin>/_cve_action/<action>', 'm': ['GET'], 'f': self._jsonCVEAction},
{'r': '/login', 'm': ['POST'], 'f': self.login_check},
{'r': '/logout', 'm': ['POST'], 'f': self.logout},
{'r': '/admin', 'm': ['GET'], 'f': self.admin},
{'r': '/admin/', 'm': ['GET'], 'f': self.admin},
{'r': '/admin/change_pass', 'm': ['GET'], 'f': self.change_pass},
{'r': '/admin/request_token', 'm': ['GET'], 'f': self.request_token},
{'r': '/admin/updatedb', 'm': ['GET'], 'f': self.updatedb},
{'r': '/admin/whitelist/import', 'm': ['POST'], 'f': self.listImport},
{'r': '/admin/blacklist/import', 'm': ['POST'], 'f': self.listImport},
{'r': '/admin/whitelist/export', 'm': ['GET'], 'f': self.listExport},
{'r': '/admin/blacklist/export', 'm': ['GET'], 'f': self.listExport},
{'r': '/admin/whitelist/drop', 'm': ['POST'], 'f': self.listDrop},
{'r': '/admin/blacklist/drop', 'm': ['POST'], 'f': self.listDrop},
{'r': '/admin/whitelist', 'm': ['GET'], 'f': self.listView},
{'r': '/admin/blacklist', 'm': ['GET'], 'f': self.listView},
{'r': '/admin/addToList', 'm': ['GET'], 'f': self.listAdd},
{'r': '/admin/removeFromList', 'm': ['GET'], 'f': self.listRemove},
{'r': '/admin/editInList', 'm': ['GET'], 'f': self.listEdit},
{'r': '/admin/listmanagement', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/<vendor>', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/<vendor>/<product>', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/add', 'm': ['GET'], 'f': self.listManagementAdd},
{'r': '/login', 'm': ['POST'], 'f': self.login_check},
{'r': '/ViewCveSlack', 'm': ['POST'], 'f': self.slack_cve},
{'r': '/ViewCveSlack', 'm': ['GET'], 'f': self.slack_cve}]
for route in routes: self.addRoute(route)
def __init__(self):
# TODO: make auth handler and plugin manager singletons
Advanced_API.__init__(self)
Minimal.__init__(self)
self.minimal = False
self.auth_handler = AuthenticationHandler()
self.plugManager = PluginManager()
self.login_manager = LoginManager()
self.plugManager.loadPlugins()
self.login_manager.init_app(self.app)
self.login_manager.user_loader(self.load_user)
self.redisdb = Configuration.getRedisVendorConnection()
self.defaultFilters.update({'blacklistSelect': 'on', 'whitelistSelect': 'on',
'unlistedSelect': 'show',})
self.args.update({'minimal': False})
self.pluginArgs = {"current_user": current_user, "plugin_manager": self.plugManager}
routes = [{'r': '/cve/<cveid>', 'm': ['GET'], 'f': self.cve},
{'r': '/_get_plugins', 'm': ['GET'], 'f': self._get_plugins},
{'r': '/plugin/_get_cve_actions', 'm': ['GET'], 'f': self._get_cve_actions},
{'r': '/plugin/<plugin>', 'm': ['GET'], 'f': self.openPlugin},
{'r': '/plugin/<plugin>/subpage/<page>', 'm': ['GET'], 'f': self.openPluginSubpage},
{'r': '/plugin/<plugin>/_cve_action/<action>', 'm': ['GET'], 'f': self._jsonCVEAction},
{'r': '/login', 'm': ['POST'], 'f': self.login_check},
{'r': '/logout', 'm': ['POST'], 'f': self.logout},
{'r': '/admin', 'm': ['GET'], 'f': self.admin},
{'r': '/admin/', 'm': ['GET'], 'f': self.admin},
{'r': '/admin/change_pass', 'm': ['GET'], 'f': self.change_pass},
{'r': '/admin/request_token', 'm': ['GET'], 'f': self.request_token},
{'r': '/admin/updatedb', 'm': ['GET'], 'f': self.updatedb},
{'r': '/admin/whitelist/import', 'm': ['POST'], 'f': self.listImport},
{'r': '/admin/blacklist/import', 'm': ['POST'], 'f': self.listImport},
{'r': '/admin/whitelist/export', 'm': ['GET'], 'f': self.listExport},
{'r': '/admin/blacklist/export', 'm': ['GET'], 'f': self.listExport},
{'r': '/admin/whitelist/drop', 'm': ['POST'], 'f': self.listDrop},
{'r': '/admin/blacklist/drop', 'm': ['POST'], 'f': self.listDrop},
{'r': '/admin/whitelist', 'm': ['GET'], 'f': self.listView},
{'r': '/admin/blacklist', 'm': ['GET'], 'f': self.listView},
{'r': '/admin/addToList', 'm': ['GET'], 'f': self.listAdd},
{'r': '/admin/removeFromList', 'm': ['GET'], 'f': self.listRemove},
{'r': '/admin/editInList', 'm': ['GET'], 'f': self.listEdit},
{'r': '/admin/listmanagement', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/<vendor>', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/<vendor>/<product>', 'm': ['GET'], 'f': self.listManagement},
{'r': '/admin/listmanagement/add', 'm': ['GET'], 'f': self.listManagementAdd},
{'r': '/login', 'm': ['POST'], 'f': self.login_check}]
for route in routes: self.addRoute(route)
def __init__(self):
Advanced_API.__init__(self)
Minimal.__init__(self)
self.minimal = False
self.auth_handler = AuthenticationHandler()
self.plugManager = PluginManager()
self.login_manager = LoginManager()
self.plugManager.loadPlugins()
self.login_manager.init_app(self.app)
self.login_manager.user_loader(self.load_user)
self.redisdb = Configuration.getRedisVendorConnection()
self.args.update({'minimal': False})
self.pluginArgs = {
"current_user": current_user,
"plugin_manager": self.plugManager
}
# parse command line arguments
argparser = argparse.ArgumentParser(description='Start CVE-Search web component')
argparser.add_argument('-v', action='store_true', help='verbose output')
args = argparser.parse_args()
# variables
app = Flask(__name__, static_folder='static', static_url_path='/static')
app.config['MONGO_DBNAME'] = Configuration.getMongoDB()
app.config['SECRET_KEY'] = str(random.getrandbits(256))
pageLength = Configuration.getPageLength()
# login manager
login_manager = LoginManager()
login_manager.init_app(app)
# db connectors
redisdb = Configuration.getRedisVendorConnection()
# functions
def getBrowseList(vendor):
result = {}
if (vendor is None) or type(vendor) == list:
v1 = redisdb.smembers("t:/o")
v2 = redisdb.smembers("t:/a")
v3 = redisdb.smembers("t:/h")
vendor = sorted(list(set(list(v1) + list(v2) + list(v3))))
cpe = None
else:
cpenum = redisdb.scard("v:" + vendor)
if cpenum < 1:
return page_not_found(404)
p = redisdb.smembers("v:" + vendor)
import lib.DatabaseLayer as dbLayer
# parse command line arguments
argparser = argparse.ArgumentParser(
description='Start CVE-Search web component')
argparser.add_argument('-v', action='store_true', help='verbose output')
args = argparser.parse_args()
# variables
app = Flask(__name__, static_folder='static', static_url_path='/static')
app.config['MONGO_DBNAME'] = Configuration.getMongoDB()
app.config['SECRET_KEY'] = str(random.getrandbits(256))
pageLength = Configuration.getPageLength()
# db connectors
redisdb = Configuration.getRedisVendorConnection()
# functions
def getBrowseList(vendor):
result = {}
if (vendor is None) or type(vendor) == list:
v1 = redisdb.smembers("t:/o")
v2 = redisdb.smembers("t:/a")
v3 = redisdb.smembers("t:/h")
vendor = sorted(list(set(list(v1) + list(v2) + list(v3))))
cpe = None
else:
cpenum = redisdb.scard("v:" + vendor)
if cpenum < 1:
return page_not_found(404)
def __init__(self):
# TODO: make auth handler and plugin manager singletons
Advanced_API.__init__(self)
Minimal.__init__(self)
self.minimal = False
self.auth_handler = AuthenticationHandler()
self.plugManager = PluginManager()
self.login_manager = LoginManager()
self.plugManager.loadPlugins()
self.login_manager.init_app(self.app)
self.login_manager.user_loader(self.load_user)
self.redisdb = Configuration.getRedisVendorConnection()
self.defaultFilters.update({
"blacklistSelect": "on",
"whitelistSelect": "on",
"unlistedSelect": "show",
})
self.args.update({"minimal": False})
self.pluginArgs = {
"current_user": current_user,
"plugin_manager": self.plugManager,
}
routes = [
{
"r": "/cve/<cveid>",
"m": ["GET"],
"f": self.cve
},
{
"r": "/_get_plugins",
"m": ["GET"],
"f": self._get_plugins
},
{
"r": "/plugin/_get_cve_actions",
"m": ["GET"],
"f": self._get_cve_actions
},
{
"r": "/plugin/<plugin>",
"m": ["GET"],
"f": self.openPlugin
},
{
"r": "/plugin/<plugin>/subpage/<page>",
"m": ["GET"],
"f": self.openPluginSubpage,
},
{
"r": "/plugin/<plugin>/_cve_action/<action>",
"m": ["GET"],
"f": self._jsonCVEAction,
},
{
"r": "/login",
"m": ["POST"],
"f": self.login_check
},
{
"r": "/logout",
"m": ["GET"],
"f": self.logout
},
{
"r": "/admin",
"m": ["GET"],
"f": self.admin
},
{
"r": "/admin/",
"m": ["GET"],
"f": self.admin
},
{
"r": "/admin/change_pass",
"m": ["GET"],
"f": self.change_pass
},
{
"r": "/admin/request_token",
"m": ["GET"],
"f": self.request_token
},
{
"r": "/admin/updatedb",
"m": ["GET"],
"f": self.updatedb
},
{
"r": "/admin/whitelist/import",
"m": ["POST"],
"f": self.listImport
},
{
"r": "/admin/blacklist/import",
"m": ["POST"],
"f": self.listImport
},
{
"r": "/admin/whitelist/export",
"m": ["GET"],
"f": self.listExport
},
{
"r": "/admin/blacklist/export",
"m": ["GET"],
"f": self.listExport
},
{
"r": "/admin/whitelist/drop",
"m": ["POST"],
"f": self.listDrop
},
{
"r": "/admin/blacklist/drop",
"m": ["POST"],
"f": self.listDrop
},
{
"r": "/admin/whitelist",
"m": ["GET"],
"f": self.listView
},
{
"r": "/admin/blacklist",
"m": ["GET"],
"f": self.listView
},
{
"r": "/admin/addToList",
"m": ["GET"],
"f": self.listAdd
},
{
"r": "/admin/removeFromList",
"m": ["GET"],
"f": self.listRemove
},
{
"r": "/admin/editInList",
"m": ["GET"],
"f": self.listEdit
},
{
"r": "/admin/listmanagement",
"m": ["GET"],
"f": self.listManagement
},
{
"r": "/admin/listmanagement/<vendor>",
"m": ["GET"],
"f": self.listManagement,
},
{
"r": "/admin/listmanagement/<vendor>/<product>",
"m": ["GET"],
"f": self.listManagement,
},
{
"r": "/admin/listmanagement/add",
"m": ["GET"],
"f": self.listManagementAdd,
},
{
"r": "/login",
"m": ["POST"],
"f": self.login_check
},
]
for route in routes:
self.addRoute(route)
def __init__(self):
self.vendor = conf.getRedisVendorConnection()
from lib.ProgressBar import progressbar
from lib import CVEs
import lib.DatabaseLayer as dba
from lib.Toolkit import pad
from datetime import date, datetime, timedelta
from ncert_db2 import search4Mail as ndb
# Variables
db=conf.getMongoConnection()
colCVE= db['cves']
colCPE= db['cpe']
try:
r = conf.getRedisVendorConnection()
except:
sys.exit(1)
# Functions
def sanitize(x):
if type(x)==pymongo.cursor.Cursor:
x=list(x)
if type(x)==list:
for y in x: sanitize(y)
if x and "_id" in x: x.pop("_id")
return x