def test_et(self): e = ExploitTarget() e.title = UNICODE_STR e.description = UNICODE_STR e.short_description = UNICODE_STR e2 = round_trip(e) self._test_equal(e, e2)
def test_et(self): e = ExploitTarget() e.title = UNICODE_STR e.description = UNICODE_STR e.short_description = UNICODE_STR e2 = round_trip(e) self._test_equal(e, e2)
def get_exploit_target_from_json(ttp_json): json_cve = ttp_json['value'] json_title = ttp_json['title'] # title は "%CVE番号% (index)" とする title = '%s (%s)' % (json_cve, json_title) # CVE 情報を circl から取得する cve_info = Cve.get_cve_info(json_cve) # 各種 CVE 情報のリンクを作成 mitre_url = 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=' + str( json_cve) circl_url = 'http://cve.circl.lu/cve/' + str(json_cve) # Expoit_Target, Vulnerability の Short Description は link common_short_description = '%s (<a href="%s" target="_blank">MITRE</a>, <a href="%s" target="_blank">circl.lu</a>)<br/>' % ( json_cve, mitre_url, circl_url) # base_score try: vul_cvss_score = CVSSVector() vul_cvss_score.base_score = cve_info['cvss'] except BaseException: vul_cvss_score = None # Expoit_Target, Vulnerability の Description 作成 common_decritpion = common_short_description # base_score があったら追加する if vul_cvss_score is not None: common_decritpion += ('Base Score: %s<br/>' % (vul_cvss_score.base_score)) # vulnerability の description は circl から取得した description try: common_decritpion += ('%s<br/>' % (cve_info['summary'])) except BaseException: # 取得失敗時は circl のページの url common_decritpion += ('%s<br/>' % (circl_url)) # ExploitTarget et = ExploitTarget() et.title = title et.description = common_decritpion et.short_description = common_short_description # Vulnerability vulnerablity = Vulnerability() vulnerablity.title = title vulnerablity.description = common_decritpion vulnerablity.short_description = common_short_description vulnerablity.cve_id = json_cve if vul_cvss_score is not None: vulnerablity.cvss_score = vul_cvss_score et.add_vulnerability(vulnerablity) return et
def get_exploit_target_from_cve(cve): title = cve # description は mitreのページヘのリンク description = 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=' + str( cve) # ExploitTarget et = ExploitTarget() et.title = title et.description = description et.short_description = description # Vulnerability vulnerablity = Vulnerability() vulnerablity.title = title vulnerablity.description = description vulnerablity.short_description = description vulnerablity.cve_id = cve et.add_vulnerability(vulnerablity) return et
def get_exploit_target_from_json(ttp_json): json_cve = ttp_json['value'] json_title = ttp_json['title'] # title は "%CVE番号% (index)" とする title = '%s (%s)' % (json_cve, json_title) # # CVE 情報を circl から取得する cve_info = CommonExtractor.get_cve_info(json_cve) # Expoit_Target, Vulnerability の Short Description は link common_short_description = CommonExtractor.get_ttp_common_short_description( ttp_json) # # base_score vul_cvss_score = CommonExtractor.get_vul_cvss_score(cve_info) # Expoit_Target, Vulnerability の Description 作成 common_decritpion = CommonExtractor.get_ttp_common_description( ttp_json) # ExploitTarget et = ExploitTarget() et.title = title et.description = common_decritpion et.short_description = common_short_description # Vulnerability vulnerablity = Vulnerability() vulnerablity.title = title vulnerablity.description = common_decritpion vulnerablity.short_description = common_short_description vulnerablity.cve_id = json_cve if vul_cvss_score is not None: vulnerablity.cvss_score = vul_cvss_score et.add_vulnerability(vulnerablity) return et
from stix.coa import CourseOfAction from stix.core import STIXPackage from stix.exploit_target import ExploitTarget from stix.exploit_target.configuration import Configuration from stix.exploit_target.vulnerability import CVSSVector, Vulnerability from stix.exploit_target.weakness import Weakness # Exploit Target 1 et1 = ExploitTarget(title='Apache HTTP Vulnerability - CVE-2018-1312') et1.description = ( 'In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, ' 'the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed.' 'In a cluster of servers using a common Digest authentication configuration, ' 'HTTP requests could be replayed across servers by an attacker without detection.' ) et1.short_description = 'Apache httpd 2.2.0 to 2.4.29 is vulnerable' # Exploit Target 1 - Weakness weakness = Weakness(cwe_id='CWE-287', description='Improper Authentication') et1.add_weakness(weakness) # Exploit Target 1 - Configuration config = Configuration( cce_id='CCE-27686-5', description='The Apache web server be run with the appropriate privileges.', short_description='Configuration Short Description') et1.add_configuration(config) # Exploit Target 1 - Vulnerability vuln = Vulnerability() vuln.cve_id = 'CVE-2018-1312'