示例#1
0
def enhance(scan):
  host,port=Configuration.getCVESearch()
  for system in scan['systems']:
    cpe=system['cpes'] if 'cpes' in system else None
    if cpe:
      cpes=[]
      for c in cpe:
        try:
          c = c.lower()
          try:
            print("Querying %s"%(api%(host,port,c)))
            data = (urlopen(api%(host,port,c)).read()).decode('utf8')
          except:
            data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8')
          cpes.append({'cpe':c, 'cves':json.loads(str(data))})
        except:
          pass
      system['cpes']=cpes
      #TODO get possible dpe info and store in dpe
    for service in system['services']:
      if 'cpe' in service:
        try:
          c=service['cpe'].lower()
          try:
            data = (urlopen(api%(host,port,c)).read()).decode('utf8')
          except:
            data = (urlopen(api%(host,port,urllib.parse.quote_plus(c))).read()).decode('utf8')
          service['cves']=json.loads(str(data))
        except:
          pass
      #TODO get dpe info for service
  scan['enhanced']={"time": int(datetime.now().strftime('%s'))}
  return scan
示例#2
0
 def cve(cveid):
   host,port=Configuration.getCVESearch()
   data = (urlopen('http://%s:%s/api/cve/%s'%(host,port,cveid)).read()).decode('utf8')
   cvejson=json.loads(str(data))
   if cvejson is {}:
     return page_not_found(404)
   return render_template('cve.html', cve=cvejson)
示例#3
0
 def cve(cveid):
     host, port = Configuration.getCVESearch()
     data = (urlopen('http://%s:%s/api/cve/%s' %
                     (host, port, cveid)).read()).decode('utf8')
     cvejson = json.loads(str(data))
     if cvejson is {}:
         return page_not_found(404)
     return render_template('cve.html', cve=cvejson)
示例#4
0
def enhance(scan):
    host, port = Configuration.getCVESearch()
    for system in scan['systems']:
        cpe = system['cpes'] if 'cpes' in system else None
        if cpe:
            cpes = []
            for c in cpe:
                try:
                    c = c.lower()
                    try:
                        print("Querying %s" % (api % (host, port, c)))
                        data = (urlopen(api %
                                        (host, port, c)).read()).decode('utf8')
                    except:
                        data = (urlopen(
                            api %
                            (host, port, urllib.parse.quote_plus(c))).read()
                                ).decode('utf8')
                    cpes.append({'cpe': c, 'cves': json.loads(str(data))})
                except:
                    pass
            system['cpes'] = cpes
            #TODO get possible dpe info and store in dpe
        for service in system['services']:
            if 'cpe' in service:
                try:
                    c = service['cpe'].lower()
                    try:
                        data = (urlopen(api %
                                        (host, port, c)).read()).decode('utf8')
                    except:
                        data = (urlopen(
                            api %
                            (host, port, urllib.parse.quote_plus(c))).read()
                                ).decode('utf8')
                    service['cves'] = json.loads(str(data))
                except:
                    pass
            #TODO get dpe info for service
    scan['enhanced'] = {"time": int(datetime.now().strftime('%s'))}
    return scan
示例#5
0
def enhance(systems):
  host,port=Configuration.getCVESearch()
  for system in systems:
    cpe=system['cpes'] if 'cpes' in system else None
    if cpe:
      cpes=[]
      for c in cpe:
        c=urllib.parse.quote_plus(c).lower()
        data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
        vulns=json.loads(str(data))
        cpes.append({'cpe':c, 'cves':vulns})
      system['cpes']=cpes
      #get possible dpe info and store in dpe
    for service in system['services']:
      if 'cpe' in service:
        c=urllib.parse.quote_plus(service['cpe']).lower()
        data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
        service['cves']=json.loads(str(data))

      #get dpe info for service
  return systems
示例#6
0
def enhance(scan,remove):
  host,port=Configuration.getCVESearch()
  encode=True
  copied={}
  for system in scan['systems']:
    cpe=system['cpes'] if 'cpes' in system else None
    if cpe:
      cpes=[]
      for c in cpe:
        data,encode,copied=send_request(host,port,c,encode,remove,copied)
        cpes.append({'cpe':c, 'cves':json.loads(str(data))})
      system['cpes']=cpes
      #TODO get possible dpe info and store in dpe
    for service in system['services']:
      if 'cpe' in service:
        c=service["cpe"]
        data,encode,copied=send_request(host,port,c,encode,remove,copied)
        service['cves']=json.loads(str(data))
      #TODO get dpe info for service
  scan['enhanced']={"time": int(datetime.now().strftime('%s'))}
  return scan
示例#7
0
def enhance(systems):
    host, port = Configuration.getCVESearch()
    for system in systems:
        cpe = system['cpes'] if 'cpes' in system else None
        if cpe:
            cpes = []
            for c in cpe:
                c = urllib.parse.quote_plus(c).lower()
                data = (urlopen('http://%s:%s/api/cvefor/%s' %
                                (host, port, c)).read()).decode('utf8')
                vulns = json.loads(str(data))
                cpes.append({'cpe': c, 'cves': vulns})
            system['cpes'] = cpes
            #get possible dpe info and store in dpe
        for service in system['services']:
            if 'cpe' in service:
                c = urllib.parse.quote_plus(service['cpe']).lower()
                data = (urlopen('http://%s:%s/api/cvefor/%s' %
                                (host, port, c)).read()).decode('utf8')
                service['cves'] = json.loads(str(data))

            #get dpe info for service
    return systems
示例#8
0
def enhance(systems, exploitsOnly=False, filters=[]):
  host,port=Configuration.getCVESearch()
  # deal with filters
  for system in systems:
    cpe=system['cpes'] if 'cpes' in system else None
    if cpe:
      cpes=[]
      for c in cpe:
        cEnc=c.lower()
        data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,cEnc)).read()).decode('utf8')
        vulns=json.loads(str(data))
        # filters
        if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']]
        if len(filters['impact'])!=0:
          for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE']
        # exploits only
        if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)]
        # done
        cpes.append({'cpe':c, 'cves':vulns})
      system['cpes']=cpes
      #TODO get possible dpe info and store in dpe
    for service in system['services']:
      if 'cpe' in service:
        c=service['cpe'].lower()
        data = (urlopen('http://%s:%s/api/cvefor/%s'%(host,port,c)).read()).decode('utf8')
        vulns=json.loads(str(data))
        # filters
        if len(filters['access.vector'])!=0: vulns=[x for x in vulns if x['access']['vector'] in filters['access.vector']]
        if len(filters['impact'])!=0:
          for fil in filters['impact']: vulns=[x for x in vulns if x['impact'][fil] !='NONE']
        # exploits only
        if exploitsOnly: vulns=[x for x in vulns if ('map_cve_exploitdb' in x or 'map_cve_msf' in x)]
        # done
        service['cves']=vulns

      #TODO get dpe info for service
  return systems
示例#9
0
from lib.Config import Configuration

from bin.converter import parseNMap
from bin.analyzer import enhance
from bin.visualizer import filtersFromArgs, displayTypeFromArgs, visualize

description='''Read Nmap scans of services or systems and use the 
               cve-search core to get information about these cpes.'''

parser = argparse.ArgumentParser(description=description)
parser.add_argument('-t',  action='store_true',      help='Use terminal GUI')
parser.add_argument('-fE', action='store_true',      help='Filter: Exploit scripts/frameworks available')
parser.add_argument('-fN', action='store_true',      help='Filter: Exploitable via network')
parser.add_argument('-fL', action='store_true',      help='Filter: Exploitable locally')
parser.add_argument('-fAN',action='store_true',      help='Filter: Exploitable via adjecent network')
parser.add_argument('-fC', action='store_true',      help='Filter: Impacts Confidentiality')
parser.add_argument('-fI', action='store_true',      help='Filter: Impacts Integrity')
parser.add_argument('-fA', action='store_true',      help='Filter: Impacts Availability')
parser.add_argument('file',metavar='xml',  type=str, help='NMap XML file' )
args = parser.parse_args()

if __name__ == '__main__':
  syslist=parseNMap(file=args.file)
  try:
    syslist=enhance(syslist)
  except:
    sys.exit("Could not connect to the CVE-Search API on %s:%s"%(Configuration.getCVESearch()))
  filters=filtersFromArgs(args)
  display=displayTypeFromArgs(args)
  visualize(syslist, args.fE, filters, display)
示例#10
0
    parser.add_argument('-j',
                        metavar='json',
                        type=str,
                        help='Read Json file in Nmap2CVE format')
    parser.add_argument('-x',
                        metavar='xml',
                        type=str,
                        help='Read NMap XML file')
    parser.add_argument('out', metavar='output', type=str, help='Output file')
    args = parser.parse_args()

    # input
    if not args.x and not args.j: sys.exit("No input selected!")
    if args.x:
        syslist = parseNMap(file=args.x)
    elif args.j:
        try:
            syslist = json.loads(open(args.j).read())
        except:
            sys.exit("Invalid JSon format!")
    #output

    #CVE-Scan magic
    try:
        syslist = enhance(syslist)
        writeJson(args.out, syslist)
    except Exception as e:
        print(e)
        sys.exit("Could not connect to the CVE-Search API on %s:%s" %
                 (Configuration.getCVESearch()))
示例#11
0
# This software is licensed under the Original BSD License

# Imports
import dateutil.parser
import json
import os
import re
import urllib.request

from datetime       import datetime
from dateutil       import tz

from lib.Config    import Configuration

api = 'http%s://%s:%s/api/cvefor/%s'
host,port=Configuration.getCVESearch()
ssl = "s" if Configuration.getCVESearchSSL() else ""

# string to dict
def make_dict(s):
  # break into list of keys and values
  chunks = re.split('\s*(\w+\:)\s*',s)
  res={}
  # work backwards in value, key pairs
  args=[reversed(chunks)]*2
  for value,key in zip(*args):
    key=key.rstrip(':')
    if value:
      #add to current result-dict
      res[key]=value
    else: