def getCursor(self):
if self.cursor_connection_status == False or self.cursor_connection_status is False:
if CoreLoadConfig.ConfigHandler.CheckLogBrowser(self.LogBrowser):
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Database Connection error")
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Database Connection error",self.LogBrowser)
raise CoreException.DatabaseConnectionError("Database Connection Error")
return False
return self.db_connection.cursor()
def ConnectDB(self,host=None,port=None,default=True):
self.default_connection = default
if self.default_connection:
self.useDefaultConnection()
self.db_cursor = self.getCursor()
else:
if host == None or host is None and port == None or port is None:
raise CoreException.DatabaseConnectionArgumentError("Host and Port must be specified if the default connection is set to False")
else:
self.ChangeHost(host)
self.ChangePort(port)
self.db_cursor = self.getCursor()
def checkFile(self, selected_file):
"""
Validate the given file. Check for any possible errors.
@Args: None
@Default: None
@return:
"""
path_holder = pathlib.Path(selected_file)
if path_holder.exists():
if path_holder.is_file():
if path_holder.stat(
).st_size == 0 or path_holder.stat().st_size is None:
raise CoreException.FileEmptyError(
"File should not be empty!")
return False
if path_holder.is_symlink():
raise CoreException.FileNotSupportedError(
"Symbolic link not supported")
return False
# File Clean if they pass the required identity of file.
return True
def saveCVE(self,cve_data=None):
"""
@Description: Uploads the current cve documentation and some sort of required data to
identify potential vulnerabilities.
@Args: cve_data dictionary.
@Return: cve_upload_status
"""
connection_status = self.getDBConnectionStatus()
self.cve_data = cve_data
if connection_status == False or connection_status is False:
raise CoreException.DatabaseConnectionError("Not Connected to the database")
self.cve_upload_status = False
return False
# Assign to temporary dictionary.
# When using formatting string. like str.format_map(dictionary)
# the inserted values or formatted value should be prefix and suffix with a \' single character set.
# Because when it was formatted into a string and executed in a SQL statement the following values will
# be read as a word not a string character.
# There is more than one try, except clause below the code here.
# To program some sort of data integrity. and capture any possible and any unhandled exception.
# To avoid incorrectly upload data in the database.
# and it is okay not to delete the current temporary data. Because the query uses a named placeholders.
# so it will not raise an overloaded parameter error.
# And in python3 dictionary.format(**dictionary_data) will raise an error. To use it correctly use dictionary.format_map()
try:
CoreLoadConfig.ConfigHandler.saveFileToDir("cve",attack_data=self.cve_data)
self.cve_data['Documentation'] = "\"" + CoreLoadConfig.ConfigHandler.getCVEDocumentDir() + os.path.basename(self.cve_data['Documentation']).split("\"")[0] + "\""
self.db_cursor.execute(self.insert_cve_query.format_map(self.cve_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to cve table: Cause --> %s" % ProgramError)
self.cve_upload_status = False
self.RollbackChanges()
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to cve table: Cause --> %s" % ProgramError,self.LogBrowser)
self.cve_upload_status = False
self.RollbackChanges()
return False
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to cve table: Cause --> %s" % Ie)
self.cve_upload_status = False
self.RollbackChanges()
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to cve table: Cause --> %s" % Ie,self.LogBrowser)
self.cve_upload_status = False
self.RollbackChanges()
return False
try:
self.db_cursor.execute(self.last_insert)
self.db_cursor.execute(self.insert_cve_platform_query.format_map(self.cve_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to platform table: Cause --> %s" % ProgramError)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to platform table: Cause --> %s" % ProgramError,self.LogBrowser)
self.cve_upload_status = False
self.RollbackChanges()
return False
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to platform table: Cause --> %s" % Ie)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to platform table: Cause --> %s" % Ie,self.LogBrowser)
self.cve_upload_status = False
self.RollbackChanges()
return False
except:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to platform table")
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to platform table",self.LogBrowser)
self.RollbackChanges()
return False
self.CommitChanges()
self.cve_data = { } #clear the cve data incase of another insertion.
self.cve_upload_status = True
def saveMalware(self,malware_data=None):
connection_status = self.getDBConnectionStatus()
self.malware_data = malware_data
if connection_status == False or connection_status is False:
raise CoreException.DatabaseConnectionError("Not Connected to the database")
self.malware_upload_status = False
return False
# Assign to temporary dictionary.
# When using formatting string. like str.format_map(dictionary)
# the inserted values or formatted value should be prefix and suffix with a \' single character set.
# Because when it was formatted into a string and executed in a SQL statement the following values will
# be read as a word not a string character.
temp_data = { }
temp_data['UPLOAD_TYPE_ID'] = self.malware_data['UPLOAD_TYPE_ID']
temp_data['Title'] = self.malware_data['Title']
temp_data['Description'] = self.malware_data['Description']
temp_data['Ratings'] = self.malware_data['Ratings']
temp_data['Type'] = self.malware_data['Type']
temp_data['Malware_Author'] = self.malware_data['Malware_Author']
# There is more than one try, except clause below the code here.
# To program some sort of data integrity. and capture any possible and any unhandled exception.
# To avoid incorrectly upload data in the database.
# and it is okay not to delete the current temporary data. Because the query uses a named placeholders.
# so it will not raise an overloaded parameter error.
# And in python3 dictionary.format(**dictionary_data) will raise an error. To use it correctly use dictionary.format_map()
try:
self.db_cursor.execute(self.insert_malware_query.format_map(self.malware_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to malware table: Cause --> %s" % ProgramError)
self.malware_upload_status = False
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to malware table: Cause --> %s" % ProgramError,self.LogBrowser)
self.malware_upload_status = False
return False
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to malware table: Cause --> %s" % Ie)
self.malware_upload_status = False
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to malware table: Cause --> %s" % Ie,self.LogBrowser)
self.malware_upload_status = False
return False
# except:
# if self.LogBrowser is None or self.LogBrowser == None:
# CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to malware table")
# else:
# CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to malware table",self.LogBrowser)
self.current_malware_id = int(self.getLastInsertID())
temp_data['ID'] = self.current_malware_id
temp_data['Name'] = self.malware_data['Name']
temp_data['Version'] = self.malware_data['Version']
temp_data['Arch'] = self.malware_data['Arch']
try:
self.db_cursor.execute(self.last_insert)
self.db_cursor.execute(self.insert_platform_query.format_map(self.malware_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to platform table: Cause --> %s" % ProgramError)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to platform table: Cause --> %s" % ProgramError,self.LogBrowser)
return False
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to platform table: Cause --> %s" % Ie)
self.malware_upload_status = False
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to platform table: Cause --> %s" % Ie,self.LogBrowser)
self.malware_upload_status = False
return False
except:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to platform table")
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to platform table",self.LogBrowser)
return False
try:
CoreLoadConfig.ConfigHandler.saveFileToDir(identity="malware", attack_data=self.malware_data)
self.malware_data['module_name'] = "\"" + CoreLoadConfig.ConfigHandler.getMalwareDir() + os.path.basename(self.malware_data['module_name']).split("\"")[0] + "\""
self.malware_data['option_name'] = "\"" + CoreLoadConfig.ConfigHandler.getModuleConfig() + os.path.basename(self.malware_data['option_name']).split("\"")[0] + "\""
except CoreException.ParameterError as ParamError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Parameter on saving to specified directory: Cause --> %s" % ParamError)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Parameter on saving to specified directory: Cause --> %s" % ParamError,self.LogBrowser)
self.RollbackChanges()
temp_data['module_name'] = self.malware_data['module_name']
try:
self.db_cursor.execute(self.insert_module_query.format_map(self.malware_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to module table: Cause --> %s" % ProgramError)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to module table: Cause --> %s" % ProgramError,self.LogBrowser)
return False
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to module table: Cause --> %s" % Ie)
self.malware_upload_status = False
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to module table: Cause --> %s" % Ie,self.LogBrowser)
self.malware_upload_status = False
return False
except:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to module table")
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to module table",self.LogBrowser)
return False
temp_data['option_name'] = self.malware_data['option_name']
try:
self.db_cursor.execute(self.insert_option_query.format_map(self.malware_data))
self.CommitChanges()
except mysql.connector.errors.ProgrammingError as ProgramError:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to option table: Cause --> %s" % ProgramError)
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Programming Error on inserting to option table: Cause --> %s" % ProgramError,self.LogBrowser)
except mysql.connector.errors.InterfaceError as Ie:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to option table: Cause --> %s" % Ie)
self.malware_upload_status = False
return False
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Interface Error on inserting to option table: Cause --> %s" % Ie,self.LogBrowser)
self.malware_upload_status = False
return False
except:
if self.LogBrowser is None or self.LogBrowser == None:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to option table")
else:
CoreLoadConfig.ConfigHandler.ErrorWriteLogger("Unhandled Exception on inserting to option table",self.LogBrowser)
self.CommitChanges()
self.malware_data = { } #empty the malware data incase of another insertion.
self.malware_upload_status = True