def search_shellcodes_version(software_name, num_version): """ Perform a search based on exploits' description for an input search that contains a number of version. This function is called by 'search_vulnerabilities_version' method. :param software_name: the name of the software that the user is searching for. :param num_version: the specific number of version the user is searching for. :return: a queryset with search result found in 'searcher_exploit' DB table. """ session = start_session() queryset = session.query(Shellcode).filter(and_(Shellcode.description.contains(software_name))) query_result_set = queryset2list(queryset) session.close() # limit the time spent for searching useless results. if queryset.count() > N_MAX_RESULTS_NUMB_VERSION: # return Exploit.objects.none() return void_result_set() final_result_set = [] for shellcode in query_result_set: # if exploit not contains '<' if not str(shellcode.description).__contains__('<'): final_result_set = filter_shellcodes_without_comparator(shellcode, num_version, software_name, final_result_set) # if exploit contains '<' else: final_result_set = filter_shellcodes_with_comparator(shellcode, num_version, software_name, final_result_set) return final_result_set
def search_vulnerabilities_for_text_input(searched_text, db_table): """ Perform a search in description based on characters contained by this attribute. This queryset can be joined with the search results based on the number of version. :param searched_text: the search input. :param db_table: the DB table in which we want to perform the search. :return: a queryset containing the search results found with a search based on the characters contained by the attribute 'description' """ word_list = str(searched_text).split() word_list_num = [] for word in word_list: if word.isnumeric(): word_list.remove(word) word_list_num.append(' ' + word) word_list_num.append('/' + word) if word.__contains__('.'): word_list.remove(word) word_list_num.append(' ' + word) word_list_num.append('/' + word) try: session = start_session() if db_table == 'searcher_exploit': queryset = session.query(Exploit).filter( and_(Exploit.description.contains(word) for word in word_list)) else: queryset = session.query(Shellcode).filter( and_( Shellcode.description.contains(word) for word in word_list)) session.close() query_result_set = queryset2list(queryset) except TypeError: query_result_set = void_result_set() final_result_set = [] try: for instance in query_result_set: for word in word_list_num: if str(instance.description).__contains__(word) and not list( final_result_set).__contains__(instance): final_result_set.append(instance) except TypeError: pass return final_result_set