def get(self, limit=5, skip=0):
entries = []
for item in db.getCVEs(limit=limit,
skip=skip,
collection=self.collection):
if not (self.namelookup) and not (self.rankinglookup):
entries.append(item)
elif self.namelookup or self.rankinglookup:
if "vulnerable_configuration" in item:
vulconf = []
ranking = []
for conf in item['vulnerable_configuration']:
vulconf.append(self.getcpe(cpeid=conf))
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
item['vulnerable_configuration'] = vulconf
if self.rankinglookup:
item['ranking'] = ranking
if "ranking" in item:
if len(item['ranking']) == 0:
del (item['ranking'])
if "cwe" in item and self.capeclookup:
if item['cwe'].lower() != 'unknown':
item['capec'] = self.getcapec(
cweid=(item['cwe'].split('-')[1]))
entries.append(item)
return (entries)
def filter_logic(unlisted, timeSelect, startDate, endDate,
timeTypeSelect, cvssSelect, cvss, rejectedSelect, limit, skip):
query = []
# retrieving lists
if rejectedSelect == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
# cvss logic
if cvssSelect != "all":
if cvssSelect == "above":
query.append({'cvss': {'$gt': float(cvss)}})
if cvssSelect == "equals":
query.append({'cvss': float(cvss)})
if cvssSelect == "below":
query.append({'cvss': {'$lt': float(cvss)}})
# date logic
if timeSelect != "all":
startDate = convertDateToDBFormat(startDate)
endDate = convertDateToDBFormat(endDate)
if timeSelect == "from":
query.append({timeTypeSelect: {'$gt': startDate}})
if timeSelect == "until":
query.append({timeTypeSelect: {'$lt': endDate}})
if timeSelect == "between":
query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
if timeSelect == "outside":
query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]})
return dbLayer.getCVEs(limit=limit, skip=skip, query=query)
def filter_logic(unlisted, timeSelect, startDate, endDate,
timeTypeSelect, cvssSelect, cvss, rejectedSelect, limit, skip):
query = []
# retrieving lists
if rejectedSelect == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
# cvss logic
if cvssSelect != "all":
if cvssSelect == "above":
query.append({'cvss': {'$gt': float(cvss)}})
if cvssSelect == "equals":
query.append({'cvss': float(cvss)})
if cvssSelect == "below":
query.append({'cvss': {'$lt': float(cvss)}})
# date logic
if timeSelect != "all":
startDate = convertDateToDBFormat(startDate)
endDate = convertDateToDBFormat(endDate)
if timeSelect == "from":
query.append({timeTypeSelect: {'$gt': startDate}})
if timeSelect == "until":
query.append({timeTypeSelect: {'$lt': endDate}})
if timeSelect == "between":
query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
if timeSelect == "outside":
query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]})
return dbLayer.getCVEs(limit=limit, skip=skip, query=query)
def listManagementAdd(self):
# retrieve the separate item parts
item = request.args.get('item', type=str)
listType = request.args.get('list', type=str)
pattern = re.compile('^[a-z:/0-9.~_%-]+$')
if pattern.match(item):
item = item.split(":")
added = False
if len(item) == 1:
# only vendor, so a check on cpe type is needed
if self.redisdb.sismember("t:/o", item[0]):
if self.addCPEToList("cpe:/o:" + item[0], listType): added = True
if self.redisdb.sismember("t:/a", item[0]):
if self.addCPEToList("cpe:/a:" + item[0], listType): added = True
if self.redisdb.sismember("t:/h", item[0]):
if self.addCPEToList("cpe:/h:" + item[0], listType): added = True
elif 4 > len(item) > 1:
# cpe type can be found with a mongo regex query
result = db.getCVEs(query={'cpe_2_2': {'$regex': item[1]}})
if result.count() != 0:
prefix = ((result[0])['cpe_2_2'])[:7]
if len(item) == 2:
if self.addCPEToList(prefix + item[0] + ":" + item[1], listType):
added = True
if len(item) == 3:
if self.addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType):
added = True
status = "added_to_list" if added else "could_not_add_to_list"
else:
status = "invalid_cpe"
j={"status":status, "listType":listType}
return jsonify(j)
def listManagementAdd(self):
# retrieve the separate item parts
item = request.args.get('item', type=str)
listType = request.args.get('list', type=str)
pattern = re.compile('^[a-z:/0-9.~_%-]+$')
if pattern.match(item):
item = item.split(":")
added = False
if len(item) == 1:
# only vendor, so a check on cpe type is needed
if self.redisdb.sismember("t:/o", item[0]):
if self.addCPEToList("cpe:/o:" + item[0], listType): added = True
if self.redisdb.sismember("t:/a", item[0]):
if self.addCPEToList("cpe:/a:" + item[0], listType): added = True
if self.redisdb.sismember("t:/h", item[0]):
if self.addCPEToList("cpe:/h:" + item[0], listType): added = True
elif 4 > len(item) > 1:
# cpe type can be found with a mongo regex query
result = db.getCVEs(query={'cpe_2_2': {'$regex': item[1]}})
if result.count() != 0:
prefix = ((result[0])['cpe_2_2'])[:7]
if len(item) == 2:
if self.addCPEToList(prefix + item[0] + ":" + item[1], listType):
added = True
if len(item) == 3:
if self.addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType):
added = True
status = "added_to_list" if added else "could_not_add_to_list"
else:
status = "invalid_cpe"
j={"status":status, "listType":listType}
return jsonify(j)
def get(self, limit=5, skip=0):
entries = []
for item in db.getCVEs(limit=limit, skip=skip, collection=self.collection):
if not(self.namelookup) and not(self.rankinglookup):
entries.append(item)
elif self.namelookup or self.rankinglookup:
if "vulnerable_configuration" in item:
vulconf = []
ranking = []
for conf in item['vulnerable_configuration']:
vulconf.append(self.getcpe(cpeid=conf))
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
item['vulnerable_configuration'] = vulconf
if self.rankinglookup:
item['ranking'] = ranking
if "ranking" in item:
if len(item['ranking']) == 0:
del(item['ranking'])
if "cwe" in item and self.capeclookup:
if item['cwe'].lower() != 'unknown':
item['capec'] = self.getcapec(cweid=(item['cwe'].split('-')[1]))
entries.append(item)
return (entries)
def filter_logic(f, limit, skip):
query = []
# retrieving lists
if f['blacklistSelect'] == "on":
regexes = db.getRules('blacklist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if f['whitelistSelect'] == "hide":
regexes = db.getRules('whitelist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if f['unlistedSelect'] == "hide":
wlregexes = compile(db.getRules('whitelist'))
blregexes = compile(db.getRules('blacklist'))
query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
{'vulnerable_configuration': {'$in': blregexes}}]})
if f['rejectedSelect'] == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
# plugin filters
query.extend(plugManager.doFilter(f, **pluginArgs()))
# cvss logic
if f['cvssSelect'] == "above": query.append({'cvss': {'$gt': float(f['cvss'])}})
elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])})
elif f['cvssSelect'] == "below": query.append({'cvss': {'$lt': float(f['cvss'])}})
# date logic
if f['timeSelect'] != "all":
if f['startDate']:
startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True)
if f['endDate']:
endDate = parse_datetime(f['endDate'], ignoretz=True, dayfirst=True)
if f['timeSelect'] == "from":
query.append({f['timeTypeSelect']: {'$gt': startDate}})
if f['timeSelect'] == "until":
query.append({f['timeTypeSelect']: {'$lt': endDate}})
if f['timeSelect'] == "between":
query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}})
if f['timeSelect'] == "outside":
query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]})
cve=db.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if f['whitelistSelect'] == "on": cve = whitelist_mark(cve)
if f['blacklistSelect'] == "mark": cve = blacklist_mark(cve)
plugManager.mark(cve, **pluginArgs())
cve = list(cve)
return cve
def filter_logic(self, f, limit, skip, plugManager, **args):
query = []
# retrieving lists
if f['blacklistSelect'] == "on":
regexes = db.getRules('blacklist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if f['whitelistSelect'] == "hide":
regexes = db.getRules('whitelist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if f['unlistedSelect'] == "hide":
wlregexes = compile(db.getRules('whitelist'))
blregexes = compile(db.getRules('blacklist'))
query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
{'vulnerable_configuration': {'$in': blregexes}}]})
if f['rejectedSelect'] == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
# plugin filters
query.extend(plugManager.doFilter(f, **args))
# cvss logic
if f['cvssSelect'] == "above": query.append({'cvss': {'$gt': float(f['cvss'])}})
elif f['cvssSelect'] == "equals": query.append({'cvss': float(f['cvss'])})
elif f['cvssSelect'] == "below": query.append({'cvss': {'$lt': float(f['cvss'])}})
# date logic
if f['timeSelect'] != "all":
if f['startDate']:
startDate = parse_datetime(f['startDate'], ignoretz=True, dayfirst=True)
if f['endDate']:
endDate = parse_datetime(f['endDate'], ignoretz=True, dayfirst=True)
if f['timeSelect'] == "from":
query.append({f['timeTypeSelect']: {'$gt': startDate}})
if f['timeSelect'] == "until":
query.append({f['timeTypeSelect']: {'$lt': endDate}})
if f['timeSelect'] == "between":
query.append({f['timeTypeSelect']: {'$gt': startDate, '$lt': endDate}})
if f['timeSelect'] == "outside":
query.append({'$or': [{f['timeTypeSelect']: {'$lt': startDate}}, {f['timeTypeSelect']: {'$gt': endDate}}]})
cve=db.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if f['whitelistSelect'] == "on": cve = self.whitelist_mark(cve)
if f['blacklistSelect'] == "mark": cve = self.blacklist_mark(cve)
plugManager.mark(cve, **args)
cve = list(cve)
return cve
def getFilterSettingsFromPost(r):
filters = dict(request.form)
filters = {x: filters[x][0] for x in filters.keys()}
# retrieving data
try:
cve = filter_logic(filters, pageLength, r)
except:
cve = db.getCVEs(limit=pageLength, skip=r)
return(filters,cve)
def listManagementAdd():
# retrieve the separate item parts
item = request.args.get('item', type=str)
listType = request.args.get('list', type=str)
vendor = None
product = None
version = None
pattern = re.compile('^[a-z:/0-9.~_%-]+$')
if pattern.match(item):
item = item.split(":")
added = False
if len(item) == 1:
# only vendor, so a check on cpe type is needed
if redisdb.sismember("t:/o", item[0]):
if addCPEToList("cpe:/o:" + item[0], listType):
added = True
if redisdb.sismember("t:/a", item[0]):
if addCPEToList("cpe:/a:" + item[0], listType):
added = True
if redisdb.sismember("t:/h", item[0]):
if addCPEToList("cpe:/h:" + item[0], listType):
added = True
browseList = getBrowseList(None)
vendor = browseList['vendor']
elif 4 > len(item) > 1:
# cpe type can be found with a mongo regex query
result = db.getCVEs(query={'cpe_2_2': {'$regex': item[1]}})
if result.count() != 0:
prefix = ((result[0])['cpe_2_2'])[:7]
if len(item) == 2:
if addCPEToList(prefix + item[0] + ":" + item[1],
listType):
added = True
if len(item) == 3:
if addCPEToList(
prefix + item[0] + ":" + item[1] + ":" + item[2],
listType):
added = True
vendor = item[0]
if len(item) > 2:
product = item[1]
version = getVersionsOfProduct(product)
else:
product = (getBrowseList(vendor))['product']
if added:
status = ["cpe_added", "success"]
else:
status = ["cpe_not_added", "error"]
else:
browseList = getBrowseList(None)
vendor = browseList['vendor']
status = ["invalid_cpe_format", "error"]
j = {"status": status, "listType": listType}
return jsonify(j)
def getFilterSettingsFromPost(self, r):
filters = dict(request.form)
errors = False
# retrieving data
try:
cve = self.filter_logic(filters, r)
except Exception as e:
cve = db.getCVEs(limit=self.args['pageLength'], skip=r)
errors = True
return {'filters': filters, 'cve': cve, 'errors': errors}
def filter_logic(self, filters, skip, limit=None):
query = self.generate_full_query(filters)
limit = limit if limit else self.args['pageLength']
cve = db.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if current_user.is_authenticated():
if filters['whitelistSelect'] == "on": cve = self.list_mark('white', cve)
if filters['blacklistSelect'] == "mark": cve = self.list_mark('black', cve)
self.plugManager.mark(cve, **self.pluginArgs)
cve = list(cve)
return cve
def filter_logic(self, filters, skip, limit=None):
query = self.generate_full_query(filters)
limit = limit if limit else self.args['pageLength']
cve = db.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if current_user.is_authenticated():
if filters['whitelistSelect'] == "on": cve = self.list_mark('white', cve)
if filters['blacklistSelect'] == "mark": cve = self.list_mark('black', cve)
self.plugManager.mark(cve, **self.pluginArgs)
cve = list(cve)
return cve
def getFilterSettingsFromPost(self, r):
filters = dict(request.form)
filters = {x: filters[x][0] for x in filters.keys()}
errors = False
# retrieving data
try:
cve = self.filter_logic(filters, r)
except Exception as e:
cve = db.getCVEs(limit=self.args['pageLength'], skip=r)
errors = True
return {'filters': filters, 'cve': cve, 'errors': errors}
return(filters,cve,errors)
def listManagementAdd():
# retrieve the separate item parts
item = request.args.get('item', type=str)
listType = request.args.get('list', type=str)
vendor = None
product = None
version = None
pattern = re.compile('^[a-z:/0-9.~_%-]+$')
if pattern.match(item):
item = item.split(":")
added = False
if len(item) == 1:
# only vendor, so a check on cpe type is needed
if redisdb.sismember("t:/o", item[0]):
if addCPEToList("cpe:/o:" + item[0], listType):
added = True
if redisdb.sismember("t:/a", item[0]):
if addCPEToList("cpe:/a:" + item[0], listType):
added = True
if redisdb.sismember("t:/h", item[0]):
if addCPEToList("cpe:/h:" + item[0], listType):
added = True
browseList = getBrowseList(None)
vendor = browseList['vendor']
elif 4 > len(item) > 1:
# cpe type can be found with a mongo regex query
result = dbLayer.getCVEs(query={'cpe_2_2': {'$regex': item[1]}})
if result.count() != 0:
prefix = ((result[0])['cpe_2_2'])[:7]
if len(item) == 2:
if addCPEToList(prefix + item[0] + ":" + item[1], listType):
added = True
if len(item) == 3:
if addCPEToList(prefix + item[0] + ":" + item[1] + ":" + item[2], listType):
added = True
vendor = item[0]
if len(item) > 2:
product = item[1]
version = getVersionsOfProduct(product)
else:
product = (getBrowseList(vendor))['product']
if added:
status = ["cpe_added", "success"]
else:
status = ["cpe_not_added", "error"]
else:
browseList = getBrowseList(None)
vendor = browseList['vendor']
status = ["invalid_cpe_format", "error"]
j={"status":status, "listType":listType}
return jsonify(j)
def getFilterSettingsFromPost(self, r):
filters = dict(request.form)
filters = {x: filters[x][0] for x in filters.keys()}
errors = False
# retrieving data
try:
cve = self.filter_logic(filters, r)
except Exception as e:
print(e)
cve = db.getCVEs(limit=self.args['pageLength'], skip=r)
errors = True
return {'filters': filters, 'cve': cve, 'errors': errors}
return (filters, cve, errors)
def lastentries(limit=5, namelookup=False, rankinglookup=True):
entries = []
for item in db.getCVEs(limit):
if not namelookup and rankinglookup is not True:
entries.append(item)
else:
if "vulnerable_configuration" in item:
vulconf = []
ranking = []
for conf in item['vulnerable_configuration']:
if namelookup:
vulconf.append(lookupcpe(cpeid=conf))
else:
vulconf.append(conf)
if rankinglookup:
rank = findranking(cpe=conf)
if rank and rank not in ranking:
ranking.append(rank)
item['vulnerable_configuration'] = vulconf
if rankinglookup and len(ranking) > 0:
item['ranking'] = ranking
entries.append(item)
return entries
def lastentries(limit=5, namelookup=False, rankinglookup=True):
entries = []
for item in db.getCVEs(limit):
if not namelookup and rankinglookup is not True:
entries.append(item)
else:
if "vulnerable_configuration" in item:
vulconf = []
ranking = []
for conf in item["vulnerable_configuration"]:
if namelookup:
vulconf.append(lookupcpe(cpeid=conf))
else:
vulconf.append(conf)
if rankinglookup:
rank = findranking(cpe=conf)
if rank and rank not in ranking:
ranking.append(rank)
item["vulnerable_configuration"] = vulconf
if rankinglookup and len(ranking) > 0:
item["ranking"] = ranking
entries.append(item)
return entries
def listManagementAdd(self):
# retrieve the separate item parts
item = request.args.get('item', type=str)
pprint("item0 {0}".format(item))
listType = request.args.get('list', type=str)
isadmin = db.isMasterAccount(current_user.get_id())
pattern = re.compile('^[a-z:0-9.~_%-]+$')
if pattern.match(item):
item = item.split(":")
added = False
if len(item) == 1:
# only vendor, so a check on cpe type is needed
logging.info(
"listManagementAdd: Adding from level 1:{0}".format(
item[0]))
if self.redisdb.sismember("t:/o", item[0]):
if self.addCPEToList("cpe:/o:" + item[0],
listType,
isglobal=isadmin,
user=current_user.get_id()):
added = True
if self.redisdb.sismember("t:/a", item[0]):
if self.addCPEToList("cpe:/a:" + item[0],
listType,
isglobal=isadmin,
user=current_user.get_id()):
added = True
if self.redisdb.sismember("t:/h", item[0]):
if self.addCPEToList("cpe:/h:" + item[0],
listType,
isglobal=isadmin,
user=current_user.get_id()):
added = True
elif 4 > len(item) > 1:
logging.info(
"size is bigger than, look for item[1]: {0}".format(
item[1]))
# cpe type can be found with a mongo regex query
result = db.getCVEs(query={'cpe_2_2': {
'$regex': item[1]
}},
collection="cpe")
if len(result) != 0:
prefix = ((result[0])['cpe_2_2'])[:7]
logging.info(
"listManagementAdd: Adding from level 2:{0}{1}{2}".
format(prefix, item[0], item[1]))
if len(item) == 2:
if self.addCPEToList(prefix + item[0] + ":" + item[1],
listType,
isglobal=isadmin,
user=current_user.get_id()):
added = True
if len(item) == 3:
if self.addCPEToList(prefix + item[0] + ":" + item[1] +
":" + item[2],
listType,
isglobal=isadmin,
user=current_user.get_id()):
added = True
status = "added_to_list" if added else "could_not_add_to_list"
else:
status = "invalid_cpe"
j = {"status": status, "listType": listType}
return jsonify(j)
item['vulnerable_configuration'] = vulconf
if rankinglookup:
item['ranking'] = ranking
if "cwe" in item and capeclookup:
if item['cwe'].lower() != 'unknown':
item['capec'] = cves.getcapec(
cweid=(item['cwe'].split('-')[1]))
print(
json.dumps(item,
sort_keys=True,
default=json_util.default,
indent=indent))
if cveSearch:
for cveid in db.getCVEs(cves=cveSearch):
printCVE(cveid)
sys.exit(0)
# Basic freetext search (in vulnerability summary).
# Full-text indexing is more efficient to search across all CVEs.
if vFreeSearch:
try:
for item in db.getFreeText(vFreeSearch):
printCVE(item, indent=2)
except:
sys.exit("Free text search not enabled on the database!")
sys.exit(0)
# Search Product (best to use CPE notation, e.g. cisco:ios:12.2
if vSearch:
for item in db.cvesForCPE(vSearch):
def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate,
timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, limit, skip):
query = []
# retrieving lists
if blacklist == "on":
regexes = dbLayer.getRules('blacklist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if whitelist == "hide":
regexes = dbLayer.getRules('whitelist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({'$or': [{'vulnerable_configuration': re.compile(exp)},
{'vulnerable_configuration': {'$exists': False}},
{'vulnerable_configuration': []}
]})
if unlisted == "hide":
wlregexes = compile(dbLayer.getRules('whitelist'))
blregexes = compile(dbLayer.getRules('blacklist'))
query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}},
{'vulnerable_configuration': {'$in': blregexes}}]})
if rejectedSelect == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
if current_user.is_authenticated():
if hideSeen == "hide":
query.append({'id': {"$nin":dbLayer.seenCVEs(current_user.get_id())}})
# cvss logic
if cvssSelect != "all":
if cvssSelect == "above":
query.append({'cvss': {'$gt': float(cvss)}})
if cvssSelect == "equals":
query.append({'cvss': float(cvss)})
if cvssSelect == "below":
query.append({'cvss': {'$lt': float(cvss)}})
# date logic
if timeSelect != "all":
startDate = convertDateToDBFormat(startDate)
endDate = convertDateToDBFormat(endDate)
if timeSelect == "from":
query.append({timeTypeSelect: {'$gt': startDate}})
if timeSelect == "until":
query.append({timeTypeSelect: {'$lt': endDate}})
if timeSelect == "between":
query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
if timeSelect == "outside":
query.append({'$or': [{timeTypeSelect: {'$lt': startDate}}, {timeTypeSelect: {'$gt': endDate}}]})
cve=dbLayer.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if whitelist == "on":
cve = whitelist_mark(cve)
if blacklist == "mark":
cve = blacklist_mark(cve)
seen_mark(cve)
bookmarked_mark(cve)
cve = list(cve)
return cve
for ra in ranking:
for e in ra:
for i in e:
print(i + ": " + str(e[i]))
print("\n\n")
# Search in summary text
def search_in_summary(item):
print(item['summary'])
#if args.a in str(item['summary']):
# printCVE_json(item)
if cveSearch:
for item in db.getCVEs(cves=cveSearch):
if csvOutput:
printCVE_csv(item)
elif htmlOutput:
printCVE_html(item)
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE_json(item)
elif xmlOutput:
printCVE_xml(item)
elif cveidOutput:
printCVE_id(item)
else:
printCVE_human(item)
def filter_logic(self, filters, skip, limit=None):
query = self.generate_minimal_query(filters)
limit = limit if limit else request.args.get(
"pageLength") #self.args['pageLength']
return db.getCVEs(limit=limit, skip=skip, query=query)
# check modification date
date = False
if icve is not None and icpeo is not None:
# Go check date
if icve >= icpeo:
print("Not modified")
sys.exit(0)
else:
date = True
# only get collection of new CVE's
collections = []
if date:
collections = db.getCVEsNewerThan(icve)['results']
else:
collections = db.getCVEs()['results']
# check cpes for cves and parse and store missing cpes in cpeother
batch = []
# skip on empty collections
col=list(collections)
if not col:
print ("Empty collections, import skipped")
sys.exit(2)
for item in progressbar(col):
for cpeentry in item['vulnerable_configuration']:
checkdup = db.getAlternativeCPE(cpeentry)
if checkdup and len(checkdup) <= 0:
entry = db.getCPE(cpeentry)
if entry and len(entry.count) <= 0:
def filter_logic(self, filters, skip):
query = self.generate_minimal_query(filters)
limit = self.args['pageLength']
return db.getCVEs(limit=limit, skip=skip, query=query)
# check modification date
date = False
if icve is not None and icpeo is not None:
# Go check date
if icve >= icpeo:
print("Not modified")
sys.exit(0)
else:
date = True
# only get collection of new CVE's
collections = []
if date:
collections = db.getCVEsNewerThan(icve)["results"]
else:
collections = db.getCVEs()["results"]
# check cpes for cves and parse and store missing cpes in cpeother
batch = []
# skip on empty collections
col = list(collections)
if not col:
print("Empty collections, import skipped")
sys.exit(2)
for item in progressbar(col):
for cpeentry in item["vulnerable_configuration"]:
checkdup = db.getAlternativeCPE(cpeentry)
if checkdup and len(checkdup) <= 0:
entry = db.getCPE(cpeentry)
if entry and len(entry.count) <= 0:
def filter_logic(self, filters, skip): query = self.generate_minimal_query(filters) limit = self.args['pageLength'] return db.getCVEs(limit=limit, skip=skip, query=query)
# check modification date
date = False
if icve is not None and icpeo is not None:
# Go check date
if icve >= icpeo:
print("Not modified")
sys.exit(0)
else:
date = True
# only get collection of new CVE's
collections = []
if date:
collections = db.getCVEsNewerThan(icve)
else:
collections = db.getCVEs()
# check cpes for cves and parse and store missing cpes in cpeother
batch = []
# skip on empty collections
col=list(collections)
if not col:
print ("Empty collections, import skipped")
sys.exit(2)
for item in progressbar(col):
for cpeentry in item['vulnerable_configuration']:
checkdup = db.getAlternativeCPE(cpeentry)
if checkdup and len(checkdup) <= 0:
entry = db.getCPE(cpeentry)
if entry and len(entry.count) <= 0:
for ra in ranking:
for e in ra:
for i in e:
print("{}: {}".format(i, str(e[i])))
print("\n\n")
# Search in summary text
def search_in_summary(item):
print(item['summary'])
#if args.a in str(item['summary']):
# printCVE_json(item)
if cveSearch:
for item in db.getCVEs(cves=cveSearch)['results']:
print_job(item)
if htmlOutput:
print("</body></html>")
sys.exit(0)
# Basic freetext search (in vulnerability summary).
# Full-text indexing is more efficient to search across all CVEs.
if vFreeSearch:
try:
for item in db.getFreeText(vFreeSearch):
printCVE_json(item, indent=2)
except:
sys.exit("Free text search not enabled on the database!")
sys.exit(0)
def search_func(args, output=sys.__stdout__):
"Implement main cve-search function."
# set output pipe
# output is set back to sys.__stdout__ at the end of
# the function
sys.stdout = output
# init control variables
csvOutput = 0
htmlOutput = 0
jsonOutput = 0
xmlOutput = 0
last_ndays = 0
nlimit = 0
# init various variables :-)
vSearch = ""
vOutput = ""
vFreeSearch = ""
summary_text = ""
vSearch = args["p"]
cveSearch = [x.upper() for x in args["c"]] if args["c"] else None
vOutput = args["o"]
vFreeSearch = args["f"]
sLatest = args["l"]
namelookup = args["n"]
rankinglookup = args["r"]
capeclookup = args["a"]
last_ndays = args["t"]
summary_text = args["s"]
nlimit = args["i"]
cves = CVEs.last(rankinglookup=rankinglookup,
namelookup=namelookup,
capeclookup=capeclookup)
# replace special characters in vSearch with encoded version.
# Basically cuz I'm to lazy to handle conversion on DB creation ...
if vSearch:
vSearch = re.sub(r"\(", "%28", vSearch)
vSearch = re.sub(r"\)", "%29", vSearch)
# define which output to generate.
if vOutput == "csv":
csvOutput = 1
elif vOutput == "html":
htmlOutput = 1
elif vOutput == "xml":
xmlOutput = 1
r = Element("cve-search")
elif vOutput == "json":
jsonOutput = 1
elif vOutput == "cveid":
cveidOutput = 1
else:
cveidOutput = False
# Print first line of html output
if htmlOutput and args["p"] is not None:
print("<html><body><h1>CVE search " + args["p"] + " </h1>")
elif htmlOutput and args["c"] is not None:
print("<html><body><h1>CVE-ID " + str(args["c"]) + " </h1>")
# search default is ascending mode
sorttype = 1
if sLatest:
sorttype = -1
if cveSearch:
results = db.getCVEs(cves=cveSearch)
for index, item in enumerate(results):
if csvOutput:
printCVE_csv(item, namelookup, rankinglookup, cves)
elif htmlOutput:
printCVE_html(item, rankinglookup, cves)
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE_json(item, namelookup, rankinglookup, capeclookup,
cves)
if index != len(results) - 1:
print(",", end="")
elif xmlOutput:
printCVE_xml(item, rankinglookup, cves, r)
elif cveidOutput:
printCVE_id(item)
else:
printCVE_human(item, namelookup, rankinglookup, cves)
if htmlOutput:
print("</body></html>")
sys.stdout = sys.__stdout__
return 1
# Basic freetext search (in vulnerability summary).
# Full-text indexing is more efficient to search across all CVEs.
if vFreeSearch:
try:
results = db.getFreeText(vFreeSearch)
for index, item in enumerate(results):
if jsonOutput:
printCVE_json(item,
namelookup,
rankinglookup,
capeclookup,
cves,
indent=2)
if index != len(results) - 1:
print(",", end="")
else:
printCVE_human(item, namelookup, rankinglookup, cves)
except:
sys.exit("Free text search not enabled on the database!")
sys.stdout = sys.__stdout__
return 1
# Search Product (best to use CPE notation, e.g. cisco:ios:12.2
if vSearch:
results = db.cvesForCPE(vSearch)
for index, item in enumerate(results):
if not last_ndays:
if csvOutput:
printCVE_csv(item, namelookup, rankinglookup, cves)
elif htmlOutput:
printCVE_html(item, rankinglookup, cves)
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE_json(item, namelookup, rankinglookup, capeclookup,
cves)
if index != len(results) - 1:
print(",", end="")
elif xmlOutput:
printCVE_xml(item, rankinglookup, cves, r)
elif cveidOutput:
printCVE_id(item)
else:
printCVE_human(item, namelookup, rankinglookup, cves)
else:
date_n_days_ago = datetime.now() - timedelta(days=last_ndays)
if item["Published"] > date_n_days_ago:
if csvOutput:
printCVE_csv(item, namelookup, rankinglookup, cves)
elif htmlOutput:
printCVE_html(item, rankinglookup, cves)
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE_json(item, namelookup, rankinglookup,
capeclookup, cves)
elif xmlOutput:
printCVE_xml(item, rankinglookup, cves, r)
elif cveidOutput:
printCVE_id(item)
else:
printCVE_human(item, namelookup, rankinglookup, cves)
if htmlOutput:
print("</body></html>")
sys.stdout = sys.__stdout__
return 1
# Search text in summary
if summary_text:
import lib.CVEs as cves
l = cves.last(rankinglookup=rankinglookup,
namelookup=namelookup,
capeclookup=capeclookup)
for cveid in db.getCVEIDs(limit=nlimit):
item = l.getcve(cveid=cveid)
if "cvss" in item:
if type(item["cvss"]) == str:
item["cvss"] = float(item["cvss"])
date_fields = ["cvss-time", "Modified", "Published"]
for field in date_fields:
if field in item:
item[field] = str(item[field])
if summary_text.upper() in item["summary"].upper():
if not last_ndays:
if vOutput:
printCVE_id(item)
else:
print(
json.dumps(item,
sort_keys=True,
default=json_util.default))
else:
date_n_days_ago = datetime.now() - timedelta(
days=last_ndays)
# print(item['Published'])
# print(type (item['Published']))
# print("Last n day " +str(last_ndays))
try:
if (datetime.strptime(item["Published"],
"%Y-%m-%d %H:%M:%S.%f") >
date_n_days_ago):
if vOutput:
printCVE_id(item)
else:
print(
json.dumps(item,
sort_keys=True,
default=json_util.default))
except:
pass
if htmlOutput:
print("</body></html>")
sys.stdout = sys.__stdout__
return 1
if xmlOutput:
# default encoding is UTF-8. Should this be detected on the terminal?
s = tostring(r).decode("utf-8")
print(s)
sys.stdout = sys.__stdout__
return 1
else:
sys.stdout = sys.__stdout__
return 0
sys.stdout = sys.__stdout__
return 1
# check modification date
date = False
if icve is not None and icpeo is not None:
# Go check date
if icve >= icpeo:
print("Not modified")
sys.exit(0)
else:
date = True
# only get collection of new CVE's
collections = []
if date:
collections = db.getCVEsNewerThan(icve)
else:
collections = db.getCVEs()
# check cpes for cves and parse and store missing cpes in cpeother
batch = []
# skip on empty collections
col = list(collections)
if not col:
print("Empty collections, import skipped")
sys.exit(2)
for item in progressbar(col):
for cpeentry in item['vulnerable_configuration']:
checkdup = db.getAlternativeCPE(cpeentry)
if checkdup and len(checkdup) <= 0:
entry = db.getCPE(cpeentry)
if entry and len(entry.count) <= 0:
vulconf.append(cves.getcpe(cpeid=conf))
if rankinglookup:
rank = cves.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
if namelookup:
item['vulnerable_configuration'] = vulconf
if rankinglookup:
item['ranking'] = ranking
if "cwe" in item and capeclookup:
if item['cwe'].lower() != 'unknown':
item['capec'] = cves.getcapec(cweid=(item['cwe'].split('-')[1]))
print(json.dumps(item, sort_keys=True, default=json_util.default, indent=indent))
if cveSearch:
for cveid in db.getCVEs(cves=cveSearch):
printCVE(cveid)
sys.exit(0)
# Basic freetext search (in vulnerability summary).
# Full-text indexing is more efficient to search across all CVEs.
if vFreeSearch:
try:
for item in db.getFreeText(vFreeSearch):
printCVE(item, indent=2)
except:
sys.exit("Free text search not enabled on the database!")
sys.exit(0)
# Search Product (best to use CPE notation, e.g. cisco:ios:12.2
if vSearch:
for item in db.cvesForCPE(vSearch):
print("\nRanking: ")
print("--------")
for ra in ranking:
for e in ra:
for i in e:
print( i + ": " + str(e[i]))
print("\n\n")
# Search in summary text
def search_in_summary(item):
print(item['summary'])
#if args.a in str(item['summary']):
# printCVE_json(item)
if cveSearch:
for item in db.getCVEs(cves=cveSearch):
if csvOutput:
printCVE_csv(item)
elif htmlOutput:
printCVE_html(item)
# bson straight from the MongoDB db - converted to JSON default
# representation
elif jsonOutput:
printCVE_json(item)
elif xmlOutput:
printCVE_xml(item)
elif cveidOutput:
printCVE_id(item)
else:
printCVE_human(item)
# check modification date
date = False
if icve is not None and icpeo is not None:
# Go check date
if icve['last-modified'] >= icpeo['last-modified']:
print("Not modified")
sys.exit(0)
else:
date = True
# only get collection of new CVE's
collections = []
if date:
db.getCVEsNewerThan(icve['last-modified'])
else:
db.getCVEs()
# check cpes for cves and parse and store missing cpes in cpeother
batch = []
# skip on empty collections
col=list(collections)
if not col:
print ("Empty collections, import skipped")
sys.exit(2)
for item in progressbar(col):
for cpeentry in item['vulnerable_configuration']:
checkdup = db.getAlternativeCPE(cpeentry)
if checkdup.count() <= 0:
entry = db.getCPE(cpeentry)
if entry.count() <= 0:
def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate,
endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect,
hideSeen, limit, skip):
query = []
# retrieving lists
if blacklist == "on":
regexes = db.getRules('blacklist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({
'$or': [{
'vulnerable_configuration': re.compile(exp)
}, {
'vulnerable_configuration': {
'$exists': False
}
}, {
'vulnerable_configuration': []
}]
})
if whitelist == "hide":
regexes = db.getRules('whitelist')
if len(regexes) != 0:
exp = "^(?!" + "|".join(regexes) + ")"
query.append({
'$or': [{
'vulnerable_configuration': re.compile(exp)
}, {
'vulnerable_configuration': {
'$exists': False
}
}, {
'vulnerable_configuration': []
}]
})
if unlisted == "hide":
wlregexes = compile(db.getRules('whitelist'))
blregexes = compile(db.getRules('blacklist'))
query.append({
'$or': [{
'vulnerable_configuration': {
'$in': wlregexes
}
}, {
'vulnerable_configuration': {
'$in': blregexes
}
}]
})
if rejectedSelect == "hide":
exp = "^(?!\*\* REJECT \*\*\s+DO NOT USE THIS CANDIDATE NUMBER.*)"
query.append({'summary': re.compile(exp)})
if current_user.is_authenticated():
if hideSeen == "hide":
query.append({'id': {"$nin": db.seenCVEs(current_user.get_id())}})
# cvss logic
if cvssSelect != "all":
if cvssSelect == "above":
query.append({'cvss': {'$gt': float(cvss)}})
if cvssSelect == "equals":
query.append({'cvss': float(cvss)})
if cvssSelect == "below":
query.append({'cvss': {'$lt': float(cvss)}})
# date logic
if timeSelect != "all":
startDate = convertDateToDBFormat(startDate)
endDate = convertDateToDBFormat(endDate)
if timeSelect == "from":
query.append({timeTypeSelect: {'$gt': startDate}})
if timeSelect == "until":
query.append({timeTypeSelect: {'$lt': endDate}})
if timeSelect == "between":
query.append({timeTypeSelect: {'$gt': startDate, '$lt': endDate}})
if timeSelect == "outside":
query.append({
'$or': [{
timeTypeSelect: {
'$lt': startDate
}
}, {
timeTypeSelect: {
'$gt': endDate
}
}]
})
cve = db.getCVEs(limit=limit, skip=skip, query=query)
# marking relevant records
if whitelist == "on":
cve = whitelist_mark(cve)
if blacklist == "mark":
cve = blacklist_mark(cve)
seen_mark(cve)
bookmarked_mark(cve)
cve = list(cve)
return cve
