printCVE_id(item) else: printCVE_human(item) if htmlOutput: print("</body></html>") sys.exit(0) # Search text in summary if summary_text: import lib.CVEs as cves l = cves.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=nlimit): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) date_fields = ['cvss-time', 'Modified', 'Published'] for field in date_fields: if field in item: item[field] = str(item[field]) if summary_text.upper() in item['summary'].upper(): if not last_ndays: if vOutput: printCVE_id(item) else: print( json.dumps(item,
printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item) if htmlOutput: print("</body></html>") sys.exit(0) # Search text in summary if summary_text: import lib.CVEs as cves l = cves.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=nlimit): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) date_fields = ['cvss-time', 'Modified', 'Published'] for field in date_fields: if field in item: item[field] = str(item[field]) if summary_text.upper() in item['summary'].upper(): if not last_ndays: if vOutput: printCVE_id(item) else: print(json.dumps(item, sort_keys=True, default=json_util.default)) else:
action='store_true', help='Include vfeed map') argParser.add_argument('-c', default=False, action='store_true', help='Include CAPEC information') argParser.add_argument('-l', default=False, type=int, help='Limit output to n elements (default: unlimited)') args = argParser.parse_args() rankinglookup = args.r vfeedlookup = args.v capeclookup = args.c l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=args.l): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) date_fields = ['cvss-time', 'Modified', 'Published'] for field in date_fields: if field in item: item[field] = str(item[field]) print(json.dumps(item, sort_keys=True, default=json_util.default))
runPath = os.path.dirname(os.path.realpath(__file__)) sys.path.append(os.path.join(runPath, "..")) import argparse import json from bson import json_util import lib.CVEs as cves import lib.DatabaseLayer as db from lib.Config import Configuration argParser = argparse.ArgumentParser(description='Dump database in JSON format') argParser.add_argument('-r', default=False, action='store_true', help='Include ranking value') argParser.add_argument('-v', default=False, action='store_true', help='Include vfeed map') argParser.add_argument('-c', default=False, action='store_true', help='Include CAPEC information') argParser.add_argument('-l', default=False, type=int, help='Limit output to n elements (default: unlimited)') args = argParser.parse_args() rankinglookup = args.r vfeedlookup = args.v capeclookup = args.c l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=args.l): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) print (json.dumps(item, sort_keys=True, default=json_util.default))
def search_func(args, output=sys.__stdout__): "Implement main cve-search function." # set output pipe # output is set back to sys.__stdout__ at the end of # the function sys.stdout = output # init control variables csvOutput = 0 htmlOutput = 0 jsonOutput = 0 xmlOutput = 0 last_ndays = 0 nlimit = 0 # init various variables :-) vSearch = "" vOutput = "" vFreeSearch = "" summary_text = "" vSearch = args["p"] cveSearch = [x.upper() for x in args["c"]] if args["c"] else None vOutput = args["o"] vFreeSearch = args["f"] sLatest = args["l"] namelookup = args["n"] rankinglookup = args["r"] capeclookup = args["a"] last_ndays = args["t"] summary_text = args["s"] nlimit = args["i"] cves = CVEs.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r"\(", "%28", vSearch) vSearch = re.sub(r"\)", "%29", vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 r = Element("cve-search") elif vOutput == "json": jsonOutput = 1 elif vOutput == "cveid": cveidOutput = 1 else: cveidOutput = False # Print first line of html output if htmlOutput and args["p"] is not None: print("<html><body><h1>CVE search " + args["p"] + " </h1>") elif htmlOutput and args["c"] is not None: print("<html><body><h1>CVE-ID " + str(args["c"]) + " </h1>") # search default is ascending mode sorttype = 1 if sLatest: sorttype = -1 if cveSearch: results = db.getCVEs(cves=cveSearch) for index, item in enumerate(results): if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: results = db.getFreeText(vFreeSearch) for index, item in enumerate(results): if jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves, indent=2) if index != len(results) - 1: print(",", end="") else: printCVE_human(item, namelookup, rankinglookup, cves) except: sys.exit("Free text search not enabled on the database!") sys.stdout = sys.__stdout__ return 1 # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: results = db.cvesForCPE(vSearch) for index, item in enumerate(results): if not last_ndays: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) else: date_n_days_ago = datetime.now() - timedelta(days=last_ndays) if item["Published"] > date_n_days_ago: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Search text in summary if summary_text: import lib.CVEs as cves l = cves.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=nlimit): item = l.getcve(cveid=cveid) if "cvss" in item: if type(item["cvss"]) == str: item["cvss"] = float(item["cvss"]) date_fields = ["cvss-time", "Modified", "Published"] for field in date_fields: if field in item: item[field] = str(item[field]) if summary_text.upper() in item["summary"].upper(): if not last_ndays: if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) else: date_n_days_ago = datetime.now() - timedelta( days=last_ndays) # print(item['Published']) # print(type (item['Published'])) # print("Last n day " +str(last_ndays)) try: if (datetime.strptime(item["Published"], "%Y-%m-%d %H:%M:%S.%f") > date_n_days_ago): if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) except: pass if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 if xmlOutput: # default encoding is UTF-8. Should this be detected on the terminal? s = tostring(r).decode("utf-8") print(s) sys.stdout = sys.__stdout__ return 1 else: sys.stdout = sys.__stdout__ return 0 sys.stdout = sys.__stdout__ return 1
def dumpallcveid(entry=None): return db.getCVEID if not entry else db.getCVEIDs(int(entry))