def enhance(scan):
host,port=Configuration.getCVESearch()
for system in scan['systems']:
cpe=system['cpes'] if 'cpes' in system else None
if cpe:
cpes=[]
for c in cpe:
try:
c = c.lower()
try:
print("Querying %s"%(api%(host,port,c)))
data = (urlopen(api%(host,port,c)).read()).decode('utf8')
except:
data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8')
cpes.append({'cpe':c, 'cves':json.loads(str(data))})
except:
pass
system['cpes']=cpes
#TODO get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
try:
c=service['cpe'].lower()
try:
data = (urlopen(api%(host,port,c)).read()).decode('utf8')
except:
data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8')
service['cves']=json.loads(str(data))
except:
pass
#TODO get dpe info for service
scan['enhanced']={"time": int(datetime.now().strftime('%s'))}
return scan
def cve(cveid):
host,port=Configuration.getCVESearch()
data = (urlopen('http://%s:%s/api/cve/%s'%(host,port,cveid)).read()).decode('utf8')
cvejson=json.loads(str(data))
if cvejson is {}:
return page_not_found(404)
return render_template('cve.html', cve=cvejson)
def cve(cveid):
host, port = Configuration.getCVESearch()
data = (urlopen('http://%s:%s/api/cve/%s' %
(host, port, cveid)).read()).decode('utf8')
cvejson = json.loads(str(data))
if cvejson is {}:
return page_not_found(404)
return render_template('cve.html', cve=cvejson)
def enhance(scan):
host, port = Configuration.getCVESearch()
for system in scan['systems']:
cpe = system['cpes'] if 'cpes' in system else None
if cpe:
cpes = []
for c in cpe:
try:
c = c.lower()
try:
print("Querying %s" % (api % (host, port, c)))
data = (urlopen(api %
(host, port, c)).read()).decode('utf8')
except:
data = (urlopen(
api %
(host, port, urllib.parse.quote_plus(c))).read()
).decode('utf8')
cpes.append({'cpe': c, 'cves': json.loads(str(data))})
except:
pass
system['cpes'] = cpes
#TODO get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
try:
c = service['cpe'].lower()
try:
data = (urlopen(api %
(host, port, c)).read()).decode('utf8')
except:
data = (urlopen(
api %
(host, port, urllib.parse.quote_plus(c))).read()
).decode('utf8')
service['cves'] = json.loads(str(data))
except:
pass
#TODO get dpe info for service
scan['enhanced'] = {"time": int(datetime.now().strftime('%s'))}
return scan
def enhance(systems):
host,port=Configuration.getCVESearch()
for system in systems:
cpe=system['cpes'] if 'cpes' in system else None
if cpe:
cpes=[]
for c in cpe:
c=urllib.parse.quote_plus(c).lower()
data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
vulns=json.loads(str(data))
cpes.append({'cpe':c, 'cves':vulns})
system['cpes']=cpes
#get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
c=urllib.parse.quote_plus(service['cpe']).lower()
data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
service['cves']=json.loads(str(data))
#get dpe info for service
return systems
def enhance(scan,remove):
host,port=Configuration.getCVESearch()
encode=True
copied={}
for system in scan['systems']:
cpe=system['cpes'] if 'cpes' in system else None
if cpe:
cpes=[]
for c in cpe:
data,encode,copied=send_request(host,port,c,encode,remove,copied)
cpes.append({'cpe':c, 'cves':json.loads(str(data))})
system['cpes']=cpes
#TODO get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
c=service["cpe"]
data,encode,copied=send_request(host,port,c,encode,remove,copied)
service['cves']=json.loads(str(data))
#TODO get dpe info for service
scan['enhanced']={"time": int(datetime.now().strftime('%s'))}
return scan
def enhance(systems):
host, port = Configuration.getCVESearch()
for system in systems:
cpe = system['cpes'] if 'cpes' in system else None
if cpe:
cpes = []
for c in cpe:
c = urllib.parse.quote_plus(c).lower()
data = (urlopen('http://%s:%s/api/cvefor/%s' %
(host, port, c)).read()).decode('utf8')
vulns = json.loads(str(data))
cpes.append({'cpe': c, 'cves': vulns})
system['cpes'] = cpes
#get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
c = urllib.parse.quote_plus(service['cpe']).lower()
data = (urlopen('http://%s:%s/api/cvefor/%s' %
(host, port, c)).read()).decode('utf8')
service['cves'] = json.loads(str(data))
#get dpe info for service
return systems
def enhance(systems, exploitsOnly=False, filters=[]):
host,port=Configuration.getCVESearch()
# deal with filters
for system in systems:
cpe=system['cpes'] if 'cpes' in system else None
if cpe:
cpes=[]
for c in cpe:
cEnc=c.lower()
data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,cEnc)).read()).decode('utf8')
vulns=json.loads(str(data))
# filters
if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']]
if len(filters['impact'])!=0:
for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE']
# exploits only
if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)]
# done
cpes.append({'cpe':c, 'cves':vulns})
system['cpes']=cpes
#TODO get possible dpe info and store in dpe
for service in system['services']:
if 'cpe' in service:
c=service['cpe'].lower()
data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
vulns=json.loads(str(data))
# filters
if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']]
if len(filters['impact'])!=0:
for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE']
# exploits only
if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)]
# done
service['cves']=vulns
#TODO get dpe info for service
return systems
from lib.Config import Configuration
from bin.converter import parseNMap
from bin.analyzer import enhance
from bin.visualizer import filtersFromArgs, displayTypeFromArgs, visualize
description='''Read Nmap scans of services or systems and use the
cve-search core to get information about these cpes.'''
parser = argparse.ArgumentParser(description=description)
parser.add_argument('-t', action='store_true', help='Use terminal GUI')
parser.add_argument('-fE', action='store_true', help='Filter: Exploit scripts/frameworks available')
parser.add_argument('-fN', action='store_true', help='Filter: Exploitable via network')
parser.add_argument('-fL', action='store_true', help='Filter: Exploitable locally')
parser.add_argument('-fAN',action='store_true', help='Filter: Exploitable via adjecent network')
parser.add_argument('-fC', action='store_true', help='Filter: Impacts Confidentiality')
parser.add_argument('-fI', action='store_true', help='Filter: Impacts Integrity')
parser.add_argument('-fA', action='store_true', help='Filter: Impacts Availability')
parser.add_argument('file',metavar='xml', type=str, help='NMap XML file' )
args = parser.parse_args()
if __name__ == '__main__':
syslist=parseNMap(file=args.file)
try:
syslist=enhance(syslist)
except:
sys.exit("Could not connect to the CVE-Search API on %s:%s"%(Configuration.getCVESearch()))
filters=filtersFromArgs(args)
display=displayTypeFromArgs(args)
visualize(syslist, args.fE, filters, display)
parser.add_argument('-j',
metavar='json',
type=str,
help='Read Json file in Nmap2CVE format')
parser.add_argument('-x',
metavar='xml',
type=str,
help='Read NMap XML file')
parser.add_argument('out', metavar='output', type=str, help='Output file')
args = parser.parse_args()
# input
if not args.x and not args.j: sys.exit("No input selected!")
if args.x:
syslist = parseNMap(file=args.x)
elif args.j:
try:
syslist = json.loads(open(args.j).read())
except:
sys.exit("Invalid JSon format!")
#output
#CVE-Scan magic
try:
syslist = enhance(syslist)
writeJson(args.out, syslist)
except Exception as e:
print(e)
sys.exit("Could not connect to the CVE-Search API on %s:%s" %
(Configuration.getCVESearch()))
# This software is licensed under the Original BSD License
# Imports
import dateutil.parser
import json
import os
import re
import urllib.request
from datetime import datetime
from dateutil import tz
from lib.Config import Configuration
api = 'http%s://%s:%s/api/cvefor/%s'
host,port=Configuration.getCVESearch()
ssl = "s" if Configuration.getCVESearchSSL() else ""
# string to dict
def make_dict(s):
# break into list of keys and values
chunks = re.split('\s*(\w+\:)\s*',s)
res={}
# work backwards in value, key pairs
args=[reversed(chunks)]*2
for value,key in zip(*args):
key=key.rstrip(':')
if value:
#add to current result-dict
res[key]=value
else:
