def get_entry_info(self, entry): """Parse the top level entry object in the XML file Args: entry (lxml.etree._Element): This is an lxml Element Returns: Dictionary { "cvss_vector": [ { "metric": "Access Vector", "value": "Network" }, { "metric": "Access Complexity", "value": "Medium" } ], "cve_sev": "Medium", "cve_id": "CVE-2009-5138", "cvss_base_score": "5.8", "cvss_exploit_subscore": "8.6", "cvss_version": "2.0", "cvss_impact_subscore": "4.9", "cvss_score": "5.8" } """ data = {} attrib = entry.attrib data[CveKey.CveId] = attrib.get(CVEStrings.CVE_NAME) data[CveKey.CveSev] = attrib.get(CVEStrings.CVE_SEVERITY) data[CveKey.CvePublishedDate] = (r.epoch_time( timestamp_verifier( date_parser(attrib.get(CVEStrings.CVE_PUBLISHED_DATE))))) data[CveKey.CveModifiedDate] = (r.epoch_time( timestamp_verifier( date_parser(attrib.get(CVEStrings.CVE_MODIFIED_DATE))))) data[CveKey.CvssScore] = (attrib.get(CVEStrings.CVSS_SCORE)) data[CveKey.CvssBaseScore] = (attrib.get(CVEStrings.CVSS_BASE_SCORE)) data[CveKey.CvssImpactSubScore] = (attrib.get( CVEStrings.CVSS_IMPACT_SUBSCORE)) data[CveKey.CvssExploitSubScore] = (attrib.get( CVEStrings.CVSS_EXPLOIT_SUBSCORE)) data[CveKey.CvssVector] = (self._parse_vectors( attrib.get(CVEStrings.CVSS_VECTOR))) data[CveKey.CvssVersion] = (attrib.get(CVEStrings.CVSS_VERSION)) return (data)
def get_entry_info(self, entry): """Parse the top level entry object in the XML file Args: entry (lxml.etree._Element): This is an lxml Element Returns: Dictionary { "cvss_vector": [ { "metric": "Access Vector", "value": "Network" }, { "metric": "Access Complexity", "value": "Medium" } ], "cve_sev": "Medium", "cve_id": "CVE-2009-5138", "cvss_base_score": "5.8", "cvss_exploit_subscore": "8.6", "cvss_version": "2.0", "cvss_impact_subscore": "4.9", "cvss_score": "5.8" } """ data = {} attrib = entry.attrib data[CveKey.CveId] = attrib.get(CVEStrings.CVE_NAME) data[CveKey.CveSev] = attrib.get(CVEStrings.CVE_SEVERITY) data[CveKey.CvePublishedDate] = r.epoch_time( timestamp_verifier(date_parser(attrib.get(CVEStrings.CVE_PUBLISHED_DATE))) ) data[CveKey.CveModifiedDate] = r.epoch_time( timestamp_verifier(date_parser(attrib.get(CVEStrings.CVE_MODIFIED_DATE))) ) data[CveKey.CvssScore] = attrib.get(CVEStrings.CVSS_SCORE) data[CveKey.CvssBaseScore] = attrib.get(CVEStrings.CVSS_BASE_SCORE) data[CveKey.CvssImpactSubScore] = attrib.get(CVEStrings.CVSS_IMPACT_SUBSCORE) data[CveKey.CvssExploitSubScore] = attrib.get(CVEStrings.CVSS_EXPLOIT_SUBSCORE) data[CveKey.CvssVector] = self._parse_vectors(attrib.get(CVEStrings.CVSS_VECTOR)) data[CveKey.CvssVersion] = attrib.get(CVEStrings.CVSS_VERSION) return data
def store_package_info_in_db(username, customer_name, uri, method, size, md5, operating_system, uuid, name, severity, arch, major_version, minor_version, release_date=0.0, vendor_name=None, description=None, cli_options=None, support_url=None, kb=None, conn=None): PKG_FILE = TMP_DIR + uuid + '/' + name URL_PATH = 'https://localhost/packages/tmp/' + uuid + '/' url = URL_PATH + name if os.path.exists(PKG_FILE): if (isinstance(release_date, str) or isinstance(release_date, unicode)): orig_release_date = release_date if (len(release_date.split('-')) == 3 or len(release_date.split('/')) == 3): release_date = (r.epoch_time(date_parser(release_date))) else: release_date = (r.epoch_time(timestamp_verifier(release_date))) data_to_store = { CustomAppsKey.Name: name, CustomAppsPerAgentKey.Dependencies: [], CustomAppsKey.RvSeverity: severity, CustomAppsKey.VendorSeverity: severity, CustomAppsKey.ReleaseDate: release_date, CustomAppsKey.VendorName: vendor_name, CustomAppsKey.Description: description, CustomAppsKey.MajorVersion: major_version, CustomAppsKey.MinorVersion: minor_version, CustomAppsKey.Version: major_version + '.' + minor_version, CustomAppsKey.OsCode: operating_system, CustomAppsKey.Kb: kb, CustomAppsKey.Hidden: 'no', CustomAppsKey.CliOptions: cli_options, CustomAppsKey.Arch: arch, CustomAppsKey.RebootRequired: 'possible', CustomAppsKey.SupportUrl: support_url, CustomAppsKey.Customers: [customer_name], CustomAppsPerAgentKey.Update: PackageCodes.ThisIsNotAnUpdate, CustomAppsKey.FilesDownloadStatus: PackageCodes.FileCompletedDownload, CustomAppsKey.AppId: uuid } file_data = ([{ FilesKey.FileUri: url, FilesKey.FileSize: int(size), FilesKey.FileHash: md5, FilesKey.FileName: name }]) try: updated = (r.table(AppCollections.CustomApps).insert( data_to_store, upsert=True).run(conn)) add_custom_app_to_agents(username, customer_name, uri, method, file_data, app_id=uuid) data_to_store['release_date'] = orig_release_date results = (GenericResults(username, uri, method).object_created( uuid, 'custom_app', data_to_store)) logger.info(results) except Exception as e: results = (GenericResults(username, uri, method).something_broke( uuid, 'custom_app', e)) logger.exception(e) else: results = (GenericResults(username, uri, method).file_doesnt_exist(name, e)) logger.info(results) return (results)
def store_package_info_in_db( username, customer_name, uri, method, size, md5, operating_system, uuid, name, severity, arch, major_version, minor_version, release_date=0.0, vendor_name=None, description=None, cli_options=None, support_url=None, kb=None, conn=None): PKG_FILE = TMP_DIR + uuid + '/' + name URL_PATH = 'https://localhost/packages/tmp/' + uuid + '/' url = URL_PATH + name if os.path.exists(PKG_FILE): if (isinstance(release_date, str) or isinstance(release_date, unicode)): orig_release_date = release_date if (len(release_date.split('-')) == 3 or len(release_date.split('/')) == 3): release_date = ( r .epoch_time(date_parser(release_date)) ) else: release_date = ( r .epoch_time( timestamp_verifier(release_date) ) ) data_to_store = { CustomAppsKey.Name: name, CustomAppsPerAgentKey.Dependencies: [], CustomAppsKey.RvSeverity: severity, CustomAppsKey.VendorSeverity: severity, CustomAppsKey.ReleaseDate: release_date, CustomAppsKey.VendorName: vendor_name, CustomAppsKey.Description: description, CustomAppsKey.MajorVersion: major_version, CustomAppsKey.MinorVersion: minor_version, CustomAppsKey.Version: major_version + '.' + minor_version, CustomAppsKey.OsCode: operating_system, CustomAppsKey.Kb: kb, CustomAppsKey.Hidden: 'no', CustomAppsKey.CliOptions: cli_options, CustomAppsKey.Arch: arch, CustomAppsKey.RebootRequired: 'possible', CustomAppsKey.SupportUrl: support_url, CustomAppsKey.Customers: [customer_name], CustomAppsPerAgentKey.Update: PackageCodes.ThisIsNotAnUpdate, CustomAppsKey.FilesDownloadStatus: PackageCodes.FileCompletedDownload, CustomAppsKey.AppId: uuid } file_data = ( [ { FilesKey.FileUri: url, FilesKey.FileSize: int(size), FilesKey.FileHash: md5, FilesKey.FileName: name } ] ) try: updated = ( r .table(AppCollections.CustomApps) .insert(data_to_store, conflict="replace") .run(conn) ) add_custom_app_to_agents( username, customer_name, uri, method, file_data, app_id=uuid ) data_to_store['release_date'] = orig_release_date results = ( GenericResults( username, uri, method ).object_created(uuid, 'custom_app', data_to_store) ) logger.info(results) except Exception as e: results = ( GenericResults( username, uri, method ).something_broke(uuid, 'custom_app', e) ) logger.exception(e) else: results = ( GenericResults( username, uri, method ).file_doesnt_exist(name) ) logger.info(results) return(results)