def get(self, limit=5, skip=0): entries = [] for item in db.getCVEs(limit=limit, skip=skip, collection=self.collection): if not (self.namelookup) and not (self.rankinglookup): entries.append(item) elif self.namelookup or self.rankinglookup: if "vulnerable_configuration" in item: vulconf = [] ranking = [] for conf in item['vulnerable_configuration']: vulconf.append(self.getcpe(cpeid=conf)) if self.rankinglookup: rank = self.getranking(cpeid=conf) if rank and rank not in ranking: ranking.append(rank) item['vulnerable_configuration'] = vulconf if self.rankinglookup: item['ranking'] = ranking if "ranking" in item: if len(item['ranking']) == 0: del (item['ranking']) if "cwe" in item and self.capeclookup: if item['cwe'].lower() != 'unknown': item['capec'] = self.getcapec( cweid=(item['cwe'].split('-')[1])) entries.append(item) return (entries)
def filter_logic(unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, limit, skip): query = [] # retrieving lists if rejectedSelect == "hide": exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)" query.append({'summary': re.compile(exp)}) # cvss logic if cvssSelect != "all": if cvssSelect == "above": query.append({'cvss': {'$gt': float(cvss)}}) if cvssSelect == "equals": query.append({'cvss': float(cvss)}) if cvssSelect == "below": query.append({'cvss': {'$lt': float(cvss)}}) # date logic if timeSelect != "all": startDate = convertDateToDBFormat(startDate) endDate = convertDateToDBFormat(endDate) if timeSelect == "from": query.append({timeTypeSelect: {'$gt': startDate}}) if timeSelect == "until": query.append({timeTypeSelect: {'$lt': endDate}}) if timeSelect == "between": query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}}) if timeSelect == "outside": query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]}) return dbLayer.getCVEs(limit=limit, skip=skip, query=query)
def listManagementAdd(self): # retrieve the separate item parts item = request.args.get('item', type=str) listType = request.args.get('list', type=str) pattern = re.compile('^[a-z:/0-9.~_%-]+$') if pattern.match(item): item = item.split(":") added = False if len(item) == 1: # only vendor, so a check on cpe type is needed if self.redisdb.sismember("t:/o", item[0]): if self.addCPEToList("cpe:/o:" + item[0], listType): added = True if self.redisdb.sismember("t:/a", item[0]): if self.addCPEToList("cpe:/a:" + item[0], listType): added = True if self.redisdb.sismember("t:/h", item[0]): if self.addCPEToList("cpe:/h:" + item[0], listType): added = True elif 4 > len(item) > 1: # cpe type can be found with a mongo regex query result = db.getCVEs(query={'cpe_2_2': {'$regex': item[1]}}) if result.count() != 0: prefix = ((result[0])['cpe_2_2'])[:7] if len(item) == 2: if self.addCPEToList(prefix + item[0] + ":" + item[1], listType): added = True if len(item) == 3: if self.addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType): added = True status = "added_to_list" if added else "could_not_add_to_list" else: status = "invalid_cpe" j={"status":status, "listType":listType} return jsonify(j)
def get(self, limit=5, skip=0): entries = [] for item in db.getCVEs(limit=limit, skip=skip, collection=self.collection): if not(self.namelookup) and not(self.rankinglookup): entries.append(item) elif self.namelookup or self.rankinglookup: if "vulnerable_configuration" in item: vulconf = [] ranking = [] for conf in item['vulnerable_configuration']: vulconf.append(self.getcpe(cpeid=conf)) if self.rankinglookup: rank = self.getranking(cpeid=conf) if rank and rank not in ranking: ranking.append(rank) item['vulnerable_configuration'] = vulconf if self.rankinglookup: item['ranking'] = ranking if "ranking" in item: if len(item['ranking']) == 0: del(item['ranking']) if "cwe" in item and self.capeclookup: if item['cwe'].lower() != 'unknown': item['capec'] = self.getcapec(cweid=(item['cwe'].split('-')[1])) entries.append(item) return (entries)
def filter_logic(f, limit, skip): query = [] # retrieving lists if f['blacklistSelect'] == "on": regexes = db.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if f['whitelistSelect'] == "hide": regexes = db.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if f['unlistedSelect'] == "hide": wlregexes = compile(db.getRules('whitelist')) blregexes = compile(db.getRules('blacklist')) query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}}, {'vulnerable_configuration': {'$in': blregexes}}]}) if f['rejectedSelect'] == "hide": exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)" query.append({'summary': re.compile(exp)}) # plugin filters query.extend(plugManager.doFilter(f, **pluginArgs())) # cvss logic if f['cvssSelect'] == "above": query.append({'cvss': {'$gt': float(f['cvss'])}}) elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])}) elif f['cvssSelect'] == "below": query.append({'cvss': {'$lt': float(f['cvss'])}}) # date logic if f['timeSelect'] != "all": if f['startDate']: startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True) if f['endDate']: endDate = parse_datetime(f['endDate'], ignoretz=True, dayfirst=True) if f['timeSelect'] == "from": query.append({f['timeTypeSelect']: {'$gt': startDate}}) if f['timeSelect'] == "until": query.append({f['timeTypeSelect']: {'$lt': endDate}}) if f['timeSelect'] == "between": query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}}) if f['timeSelect'] == "outside": query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]}) cve=db.getCVEs(limit=limit, skip=skip, query=query) # marking relevant records if f['whitelistSelect'] == "on": cve = whitelist_mark(cve) if f['blacklistSelect'] == "mark": cve = blacklist_mark(cve) plugManager.mark(cve, **pluginArgs()) cve = list(cve) return cve
def filter_logic(self, f, limit, skip, plugManager, **args): query = [] # retrieving lists if f['blacklistSelect'] == "on": regexes = db.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if f['whitelistSelect'] == "hide": regexes = db.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if f['unlistedSelect'] == "hide": wlregexes = compile(db.getRules('whitelist')) blregexes = compile(db.getRules('blacklist')) query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}}, {'vulnerable_configuration': {'$in': blregexes}}]}) if f['rejectedSelect'] == "hide": exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)" query.append({'summary': re.compile(exp)}) # plugin filters query.extend(plugManager.doFilter(f, **args)) # cvss logic if f['cvssSelect'] == "above": query.append({'cvss': {'$gt': float(f['cvss'])}}) elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])}) elif f['cvssSelect'] == "below": query.append({'cvss': {'$lt': float(f['cvss'])}}) # date logic if f['timeSelect'] != "all": if f['startDate']: startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True) if f['endDate']: endDate = parse_datetime(f['endDate'], ignoretz=True, dayfirst=True) if f['timeSelect'] == "from": query.append({f['timeTypeSelect']: {'$gt': startDate}}) if f['timeSelect'] == "until": query.append({f['timeTypeSelect']: {'$lt': endDate}}) if f['timeSelect'] == "between": query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}}) if f['timeSelect'] == "outside": query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]}) cve=db.getCVEs(limit=limit, skip=skip, query=query) # marking relevant records if f['whitelistSelect'] == "on": cve = self.whitelist_mark(cve) if f['blacklistSelect'] == "mark": cve = self.blacklist_mark(cve) plugManager.mark(cve, **args) cve = list(cve) return cve
def getFilterSettingsFromPost(r): filters = dict(request.form) filters = {x: filters[x][0] for x in filters.keys()} # retrieving data try: cve = filter_logic(filters, pageLength, r) except: cve = db.getCVEs(limit=pageLength, skip=r) return(filters,cve)
def listManagementAdd(): # retrieve the separate item parts item = request.args.get('item', type=str) listType = request.args.get('list', type=str) vendor = None product = None version = None pattern = re.compile('^[a-z:/0-9.~_%-]+$') if pattern.match(item): item = item.split(":") added = False if len(item) == 1: # only vendor, so a check on cpe type is needed if redisdb.sismember("t:/o", item[0]): if addCPEToList("cpe:/o:" + item[0], listType): added = True if redisdb.sismember("t:/a", item[0]): if addCPEToList("cpe:/a:" + item[0], listType): added = True if redisdb.sismember("t:/h", item[0]): if addCPEToList("cpe:/h:" + item[0], listType): added = True browseList = getBrowseList(None) vendor = browseList['vendor'] elif 4 > len(item) > 1: # cpe type can be found with a mongo regex query result = db.getCVEs(query={'cpe_2_2': {'$regex': item[1]}}) if result.count() != 0: prefix = ((result[0])['cpe_2_2'])[:7] if len(item) == 2: if addCPEToList(prefix + item[0] + ":" + item[1], listType): added = True if len(item) == 3: if addCPEToList( prefix + item[0] + ":" + item[1] + ":" + item[2], listType): added = True vendor = item[0] if len(item) > 2: product = item[1] version = getVersionsOfProduct(product) else: product = (getBrowseList(vendor))['product'] if added: status = ["cpe_added", "success"] else: status = ["cpe_not_added", "error"] else: browseList = getBrowseList(None) vendor = browseList['vendor'] status = ["invalid_cpe_format", "error"] j = {"status": status, "listType": listType} return jsonify(j)
def getFilterSettingsFromPost(self, r): filters = dict(request.form) errors = False # retrieving data try: cve = self.filter_logic(filters, r) except Exception as e: cve = db.getCVEs(limit=self.args['pageLength'], skip=r) errors = True return {'filters': filters, 'cve': cve, 'errors': errors}
def filter_logic(self, filters, skip, limit=None): query = self.generate_full_query(filters) limit = limit if limit else self.args['pageLength'] cve = db.getCVEs(limit=limit, skip=skip, query=query) # marking relevant records if current_user.is_authenticated(): if filters['whitelistSelect'] == "on": cve = self.list_mark('white', cve) if filters['blacklistSelect'] == "mark": cve = self.list_mark('black', cve) self.plugManager.mark(cve, **self.pluginArgs) cve = list(cve) return cve
def getFilterSettingsFromPost(self, r): filters = dict(request.form) filters = {x: filters[x][0] for x in filters.keys()} errors = False # retrieving data try: cve = self.filter_logic(filters, r) except Exception as e: cve = db.getCVEs(limit=self.args['pageLength'], skip=r) errors = True return {'filters': filters, 'cve': cve, 'errors': errors} return(filters,cve,errors)
def listManagementAdd(): # retrieve the separate item parts item = request.args.get('item', type=str) listType = request.args.get('list', type=str) vendor = None product = None version = None pattern = re.compile('^[a-z:/0-9.~_%-]+$') if pattern.match(item): item = item.split(":") added = False if len(item) == 1: # only vendor, so a check on cpe type is needed if redisdb.sismember("t:/o", item[0]): if addCPEToList("cpe:/o:" + item[0], listType): added = True if redisdb.sismember("t:/a", item[0]): if addCPEToList("cpe:/a:" + item[0], listType): added = True if redisdb.sismember("t:/h", item[0]): if addCPEToList("cpe:/h:" + item[0], listType): added = True browseList = getBrowseList(None) vendor = browseList['vendor'] elif 4 > len(item) > 1: # cpe type can be found with a mongo regex query result = dbLayer.getCVEs(query={'cpe_2_2': {'$regex': item[1]}}) if result.count() != 0: prefix = ((result[0])['cpe_2_2'])[:7] if len(item) == 2: if addCPEToList(prefix + item[0] + ":" + item[1], listType): added = True if len(item) == 3: if addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType): added = True vendor = item[0] if len(item) > 2: product = item[1] version = getVersionsOfProduct(product) else: product = (getBrowseList(vendor))['product'] if added: status = ["cpe_added", "success"] else: status = ["cpe_not_added", "error"] else: browseList = getBrowseList(None) vendor = browseList['vendor'] status = ["invalid_cpe_format", "error"] j={"status":status, "listType":listType} return jsonify(j)
def getFilterSettingsFromPost(self, r): filters = dict(request.form) filters = {x: filters[x][0] for x in filters.keys()} errors = False # retrieving data try: cve = self.filter_logic(filters, r) except Exception as e: print(e) cve = db.getCVEs(limit=self.args['pageLength'], skip=r) errors = True return {'filters': filters, 'cve': cve, 'errors': errors} return (filters, cve, errors)
def lastentries(limit=5, namelookup=False, rankinglookup=True): entries = [] for item in db.getCVEs(limit): if not namelookup and rankinglookup is not True: entries.append(item) else: if "vulnerable_configuration" in item: vulconf = [] ranking = [] for conf in item['vulnerable_configuration']: if namelookup: vulconf.append(lookupcpe(cpeid=conf)) else: vulconf.append(conf) if rankinglookup: rank = findranking(cpe=conf) if rank and rank not in ranking: ranking.append(rank) item['vulnerable_configuration'] = vulconf if rankinglookup and len(ranking) > 0: item['ranking'] = ranking entries.append(item) return entries
def lastentries(limit=5, namelookup=False, rankinglookup=True): entries = [] for item in db.getCVEs(limit): if not namelookup and rankinglookup is not True: entries.append(item) else: if "vulnerable_configuration" in item: vulconf = [] ranking = [] for conf in item["vulnerable_configuration"]: if namelookup: vulconf.append(lookupcpe(cpeid=conf)) else: vulconf.append(conf) if rankinglookup: rank = findranking(cpe=conf) if rank and rank not in ranking: ranking.append(rank) item["vulnerable_configuration"] = vulconf if rankinglookup and len(ranking) > 0: item["ranking"] = ranking entries.append(item) return entries
def listManagementAdd(self): # retrieve the separate item parts item = request.args.get('item', type=str) pprint("item0 {0}".format(item)) listType = request.args.get('list', type=str) isadmin = db.isMasterAccount(current_user.get_id()) pattern = re.compile('^[a-z:0-9.~_%-]+$') if pattern.match(item): item = item.split(":") added = False if len(item) == 1: # only vendor, so a check on cpe type is needed logging.info( "listManagementAdd: Adding from level 1:{0}".format( item[0])) if self.redisdb.sismember("t:/o", item[0]): if self.addCPEToList("cpe:/o:" + item[0], listType, isglobal=isadmin, user=current_user.get_id()): added = True if self.redisdb.sismember("t:/a", item[0]): if self.addCPEToList("cpe:/a:" + item[0], listType, isglobal=isadmin, user=current_user.get_id()): added = True if self.redisdb.sismember("t:/h", item[0]): if self.addCPEToList("cpe:/h:" + item[0], listType, isglobal=isadmin, user=current_user.get_id()): added = True elif 4 > len(item) > 1: logging.info( "size is bigger than, look for item[1]: {0}".format( item[1])) # cpe type can be found with a mongo regex query result = db.getCVEs(query={'cpe_2_2': { '$regex': item[1] }}, collection="cpe") if len(result) != 0: prefix = ((result[0])['cpe_2_2'])[:7] logging.info( "listManagementAdd: Adding from level 2:{0}{1}{2}". format(prefix, item[0], item[1])) if len(item) == 2: if self.addCPEToList(prefix + item[0] + ":" + item[1], listType, isglobal=isadmin, user=current_user.get_id()): added = True if len(item) == 3: if self.addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType, isglobal=isadmin, user=current_user.get_id()): added = True status = "added_to_list" if added else "could_not_add_to_list" else: status = "invalid_cpe" j = {"status": status, "listType": listType} return jsonify(j)
item['vulnerable_configuration'] = vulconf if rankinglookup: item['ranking'] = ranking if "cwe" in item and capeclookup: if item['cwe'].lower() != 'unknown': item['capec'] = cves.getcapec( cweid=(item['cwe'].split('-')[1])) print( json.dumps(item, sort_keys=True, default=json_util.default, indent=indent)) if cveSearch: for cveid in db.getCVEs(cves=cveSearch): printCVE(cveid) sys.exit(0) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch):
def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, limit, skip): query = [] # retrieving lists if blacklist == "on": regexes = dbLayer.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if whitelist == "hide": regexes = dbLayer.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, {'vulnerable_configuration': {'$exists': False}}, {'vulnerable_configuration': []} ]}) if unlisted == "hide": wlregexes = compile(dbLayer.getRules('whitelist')) blregexes = compile(dbLayer.getRules('blacklist')) query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}}, {'vulnerable_configuration': {'$in': blregexes}}]}) if rejectedSelect == "hide": exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)" query.append({'summary': re.compile(exp)}) if current_user.is_authenticated(): if hideSeen == "hide": query.append({'id': {"$nin":dbLayer.seenCVEs(current_user.get_id())}}) # cvss logic if cvssSelect != "all": if cvssSelect == "above": query.append({'cvss': {'$gt': float(cvss)}}) if cvssSelect == "equals": query.append({'cvss': float(cvss)}) if cvssSelect == "below": query.append({'cvss': {'$lt': float(cvss)}}) # date logic if timeSelect != "all": startDate = convertDateToDBFormat(startDate) endDate = convertDateToDBFormat(endDate) if timeSelect == "from": query.append({timeTypeSelect: {'$gt': startDate}}) if timeSelect == "until": query.append({timeTypeSelect: {'$lt': endDate}}) if timeSelect == "between": query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}}) if timeSelect == "outside": query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]}) cve=dbLayer.getCVEs(limit=limit, skip=skip, query=query) # marking relevant records if whitelist == "on": cve = whitelist_mark(cve) if blacklist == "mark": cve = blacklist_mark(cve) seen_mark(cve) bookmarked_mark(cve) cve = list(cve) return cve
for ra in ranking: for e in ra: for i in e: print(i + ": " + str(e[i])) print("\n\n") # Search in summary text def search_in_summary(item): print(item['summary']) #if args.a in str(item['summary']): # printCVE_json(item) if cveSearch: for item in db.getCVEs(cves=cveSearch): if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
def filter_logic(self, filters, skip, limit=None): query = self.generate_minimal_query(filters) limit = limit if limit else request.args.get( "pageLength") #self.args['pageLength'] return db.getCVEs(limit=limit, skip=skip, query=query)
# check modification date date = False if icve is not None and icpeo is not None: # Go check date if icve >= icpeo: print("Not modified") sys.exit(0) else: date = True # only get collection of new CVE's collections = [] if date: collections = db.getCVEsNewerThan(icve)['results'] else: collections = db.getCVEs()['results'] # check cpes for cves and parse and store missing cpes in cpeother batch = [] # skip on empty collections col=list(collections) if not col: print ("Empty collections, import skipped") sys.exit(2) for item in progressbar(col): for cpeentry in item['vulnerable_configuration']: checkdup = db.getAlternativeCPE(cpeentry) if checkdup and len(checkdup) <= 0: entry = db.getCPE(cpeentry) if entry and len(entry.count) <= 0:
def filter_logic(self, filters, skip): query = self.generate_minimal_query(filters) limit = self.args['pageLength'] return db.getCVEs(limit=limit, skip=skip, query=query)
# check modification date date = False if icve is not None and icpeo is not None: # Go check date if icve >= icpeo: print("Not modified") sys.exit(0) else: date = True # only get collection of new CVE's collections = [] if date: collections = db.getCVEsNewerThan(icve)["results"] else: collections = db.getCVEs()["results"] # check cpes for cves and parse and store missing cpes in cpeother batch = [] # skip on empty collections col = list(collections) if not col: print("Empty collections, import skipped") sys.exit(2) for item in progressbar(col): for cpeentry in item["vulnerable_configuration"]: checkdup = db.getAlternativeCPE(cpeentry) if checkdup and len(checkdup) <= 0: entry = db.getCPE(cpeentry) if entry and len(entry.count) <= 0:
# check modification date date = False if icve is not None and icpeo is not None: # Go check date if icve >= icpeo: print("Not modified") sys.exit(0) else: date = True # only get collection of new CVE's collections = [] if date: collections = db.getCVEsNewerThan(icve) else: collections = db.getCVEs() # check cpes for cves and parse and store missing cpes in cpeother batch = [] # skip on empty collections col=list(collections) if not col: print ("Empty collections, import skipped") sys.exit(2) for item in progressbar(col): for cpeentry in item['vulnerable_configuration']: checkdup = db.getAlternativeCPE(cpeentry) if checkdup and len(checkdup) <= 0: entry = db.getCPE(cpeentry) if entry and len(entry.count) <= 0:
for ra in ranking: for e in ra: for i in e: print("{}: {}".format(i, str(e[i]))) print("\n\n") # Search in summary text def search_in_summary(item): print(item['summary']) #if args.a in str(item['summary']): # printCVE_json(item) if cveSearch: for item in db.getCVEs(cves=cveSearch)['results']: print_job(item) if htmlOutput: print("</body></html>") sys.exit(0) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE_json(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0)
def search_func(args, output=sys.__stdout__): "Implement main cve-search function." # set output pipe # output is set back to sys.__stdout__ at the end of # the function sys.stdout = output # init control variables csvOutput = 0 htmlOutput = 0 jsonOutput = 0 xmlOutput = 0 last_ndays = 0 nlimit = 0 # init various variables :-) vSearch = "" vOutput = "" vFreeSearch = "" summary_text = "" vSearch = args["p"] cveSearch = [x.upper() for x in args["c"]] if args["c"] else None vOutput = args["o"] vFreeSearch = args["f"] sLatest = args["l"] namelookup = args["n"] rankinglookup = args["r"] capeclookup = args["a"] last_ndays = args["t"] summary_text = args["s"] nlimit = args["i"] cves = CVEs.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) # replace special characters in vSearch with encoded version. # Basically cuz I'm to lazy to handle conversion on DB creation ... if vSearch: vSearch = re.sub(r"\(", "%28", vSearch) vSearch = re.sub(r"\)", "%29", vSearch) # define which output to generate. if vOutput == "csv": csvOutput = 1 elif vOutput == "html": htmlOutput = 1 elif vOutput == "xml": xmlOutput = 1 r = Element("cve-search") elif vOutput == "json": jsonOutput = 1 elif vOutput == "cveid": cveidOutput = 1 else: cveidOutput = False # Print first line of html output if htmlOutput and args["p"] is not None: print("<html><body><h1>CVE search " + args["p"] + " </h1>") elif htmlOutput and args["c"] is not None: print("<html><body><h1>CVE-ID " + str(args["c"]) + " </h1>") # search default is ascending mode sorttype = 1 if sLatest: sorttype = -1 if cveSearch: results = db.getCVEs(cves=cveSearch) for index, item in enumerate(results): if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: results = db.getFreeText(vFreeSearch) for index, item in enumerate(results): if jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves, indent=2) if index != len(results) - 1: print(",", end="") else: printCVE_human(item, namelookup, rankinglookup, cves) except: sys.exit("Free text search not enabled on the database!") sys.stdout = sys.__stdout__ return 1 # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: results = db.cvesForCPE(vSearch) for index, item in enumerate(results): if not last_ndays: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) if index != len(results) - 1: print(",", end="") elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) else: date_n_days_ago = datetime.now() - timedelta(days=last_ndays) if item["Published"] > date_n_days_ago: if csvOutput: printCVE_csv(item, namelookup, rankinglookup, cves) elif htmlOutput: printCVE_html(item, rankinglookup, cves) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item, namelookup, rankinglookup, capeclookup, cves) elif xmlOutput: printCVE_xml(item, rankinglookup, cves, r) elif cveidOutput: printCVE_id(item) else: printCVE_human(item, namelookup, rankinglookup, cves) if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 # Search text in summary if summary_text: import lib.CVEs as cves l = cves.last(rankinglookup=rankinglookup, namelookup=namelookup, capeclookup=capeclookup) for cveid in db.getCVEIDs(limit=nlimit): item = l.getcve(cveid=cveid) if "cvss" in item: if type(item["cvss"]) == str: item["cvss"] = float(item["cvss"]) date_fields = ["cvss-time", "Modified", "Published"] for field in date_fields: if field in item: item[field] = str(item[field]) if summary_text.upper() in item["summary"].upper(): if not last_ndays: if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) else: date_n_days_ago = datetime.now() - timedelta( days=last_ndays) # print(item['Published']) # print(type (item['Published'])) # print("Last n day " +str(last_ndays)) try: if (datetime.strptime(item["Published"], "%Y-%m-%d %H:%M:%S.%f") > date_n_days_ago): if vOutput: printCVE_id(item) else: print( json.dumps(item, sort_keys=True, default=json_util.default)) except: pass if htmlOutput: print("</body></html>") sys.stdout = sys.__stdout__ return 1 if xmlOutput: # default encoding is UTF-8. Should this be detected on the terminal? s = tostring(r).decode("utf-8") print(s) sys.stdout = sys.__stdout__ return 1 else: sys.stdout = sys.__stdout__ return 0 sys.stdout = sys.__stdout__ return 1
# check modification date date = False if icve is not None and icpeo is not None: # Go check date if icve >= icpeo: print("Not modified") sys.exit(0) else: date = True # only get collection of new CVE's collections = [] if date: collections = db.getCVEsNewerThan(icve) else: collections = db.getCVEs() # check cpes for cves and parse and store missing cpes in cpeother batch = [] # skip on empty collections col = list(collections) if not col: print("Empty collections, import skipped") sys.exit(2) for item in progressbar(col): for cpeentry in item['vulnerable_configuration']: checkdup = db.getAlternativeCPE(cpeentry) if checkdup and len(checkdup) <= 0: entry = db.getCPE(cpeentry) if entry and len(entry.count) <= 0:
vulconf.append(cves.getcpe(cpeid=conf)) if rankinglookup: rank = cves.getranking(cpeid=conf) if rank and rank not in ranking: ranking.append(rank) if namelookup: item['vulnerable_configuration'] = vulconf if rankinglookup: item['ranking'] = ranking if "cwe" in item and capeclookup: if item['cwe'].lower() != 'unknown': item['capec'] = cves.getcapec(cweid=(item['cwe'].split('-')[1])) print(json.dumps(item, sort_keys=True, default=json_util.default, indent=indent)) if cveSearch: for cveid in db.getCVEs(cves=cveSearch): printCVE(cveid) sys.exit(0) # Basic freetext search (in vulnerability summary). # Full-text indexing is more efficient to search across all CVEs. if vFreeSearch: try: for item in db.getFreeText(vFreeSearch): printCVE(item, indent=2) except: sys.exit("Free text search not enabled on the database!") sys.exit(0) # Search Product (best to use CPE notation, e.g. cisco:ios:12.2 if vSearch: for item in db.cvesForCPE(vSearch):
print("\nRanking: ") print("--------") for ra in ranking: for e in ra: for i in e: print( i + ": " + str(e[i])) print("\n\n") # Search in summary text def search_in_summary(item): print(item['summary']) #if args.a in str(item['summary']): # printCVE_json(item) if cveSearch: for item in db.getCVEs(cves=cveSearch): if csvOutput: printCVE_csv(item) elif htmlOutput: printCVE_html(item) # bson straight from the MongoDB db - converted to JSON default # representation elif jsonOutput: printCVE_json(item) elif xmlOutput: printCVE_xml(item) elif cveidOutput: printCVE_id(item) else: printCVE_human(item)
# check modification date date = False if icve is not None and icpeo is not None: # Go check date if icve['last-modified'] >= icpeo['last-modified']: print("Not modified") sys.exit(0) else: date = True # only get collection of new CVE's collections = [] if date: db.getCVEsNewerThan(icve['last-modified']) else: db.getCVEs() # check cpes for cves and parse and store missing cpes in cpeother batch = [] # skip on empty collections col=list(collections) if not col: print ("Empty collections, import skipped") sys.exit(2) for item in progressbar(col): for cpeentry in item['vulnerable_configuration']: checkdup = db.getAlternativeCPE(cpeentry) if checkdup.count() <= 0: entry = db.getCPE(cpeentry) if entry.count() <= 0:
def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, limit, skip): query = [] # retrieving lists if blacklist == "on": regexes = db.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({ '$or': [{ 'vulnerable_configuration': re.compile(exp) }, { 'vulnerable_configuration': { '$exists': False } }, { 'vulnerable_configuration': [] }] }) if whitelist == "hide": regexes = db.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({ '$or': [{ 'vulnerable_configuration': re.compile(exp) }, { 'vulnerable_configuration': { '$exists': False } }, { 'vulnerable_configuration': [] }] }) if unlisted == "hide": wlregexes = compile(db.getRules('whitelist')) blregexes = compile(db.getRules('blacklist')) query.append({ '$or': [{ 'vulnerable_configuration': { '$in': wlregexes } }, { 'vulnerable_configuration': { '$in': blregexes } }] }) if rejectedSelect == "hide": exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)" query.append({'summary': re.compile(exp)}) if current_user.is_authenticated(): if hideSeen == "hide": query.append({'id': {"$nin": db.seenCVEs(current_user.get_id())}}) # cvss logic if cvssSelect != "all": if cvssSelect == "above": query.append({'cvss': {'$gt': float(cvss)}}) if cvssSelect == "equals": query.append({'cvss': float(cvss)}) if cvssSelect == "below": query.append({'cvss': {'$lt': float(cvss)}}) # date logic if timeSelect != "all": startDate = convertDateToDBFormat(startDate) endDate = convertDateToDBFormat(endDate) if timeSelect == "from": query.append({timeTypeSelect: {'$gt': startDate}}) if timeSelect == "until": query.append({timeTypeSelect: {'$lt': endDate}}) if timeSelect == "between": query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}}) if timeSelect == "outside": query.append({ '$or': [{ timeTypeSelect: { '$lt': startDate } }, { timeTypeSelect: { '$gt': endDate } }] }) cve = db.getCVEs(limit=limit, skip=skip, query=query) # marking relevant records if whitelist == "on": cve = whitelist_mark(cve) if blacklist == "mark": cve = blacklist_mark(cve) seen_mark(cve) bookmarked_mark(cve) cve = list(cve) return cve