Loading bin/cve_doc.py 0 → 100644 +72 −0 Original line number Diff line number Diff line #!/usr/bin/env python3 # # cve_doc converts CVE to asciidoc # # Software is free software released under the "Modified BSD license" # # Copyright (c) 2015 Alexandre Dulaunoy - a@foo.be import os import sys runPath = os.path.dirname(os.path.realpath(__file__)) sys.path.append(os.path.join(runPath, "..")) import json import re from optparse import OptionParser from lib.Query import lastentries, apigetcve, apibrowse, apisearch optp = OptionParser() optp.add_option('-c', '--cve', dest='cve', default='CVE-2015-0001', help='CVE id to convert') optp.add_option('-f', '--format', dest='format', default='asciidoc', help='output format : asciidoc') optp.add_option('-a', '--api', dest='api', default='http://cve.circl.lu/', help='HTTP API url (default: http://cve.circl.lu)') (opts, args) = optp.parse_args() cve = json.loads(apigetcve(opts.api, cveid=opts.cve)) if not cve: sys.exit(10) print ("= Common Vulnerabilities and Exposures - {}".format(cve['id'])) print ("cve-search <{}/cve/{}>".format(opts.api,cve['id'])) print ("{},{}".format(cve['id'],cve['Modified'])) print (":toc:") print ("== {} Summary".format(cve['id'])) print ("\n"+cve['summary']) print ("\n== Vulnerable configurations\n") for vul in cve['vulnerable_configuration']: print ("* {}".format(re.sub(r'\n', '-', vul['title']))) if cve['cvss']: print ("\n== Common Vulnerability Scoring System") print ("CVSS value:: {}".format(cve['cvss'])) if cve['impact']: print ("\n== Impact Metrics") print ("\n[cols=\"1,2\"]") print ("|===") types = ['availability', 'confidentiality', 'integrity'] for t in types: print ("|{}".format(t.title())) print ("|{}".format(cve['impact'][t])) print ("|===") if cve['access']: print ("\n== Access to the vulnerability") print ("\n[cols=\"1,2\"]") print ("|===") types = ['authentication', 'complexity', 'vector'] for t in types: print ("|{}".format(t.title())) print ("|{}".format(cve['access'][t])) print ("|===") if cve['references']: print ("\n== References") if len(cve['references']) > 1: for ref in cve['references']: print ("* {}".format(ref)) elif len(cve['references']) == 1: ref = cve['references'][0] print ("* {}".format(ref)) bin/db_dump.py +3 −0 Original line number Diff line number Diff line Loading @@ -34,4 +34,7 @@ l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup, capeclookup= for cveid in db.getCVEIDs(limit=args.l): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) print (json.dumps(item, sort_keys=True, default=json_util.default)) bin/search_cpe.py +14 −2 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ # # Copyright (c) 2014 psychedelys # Copyright (c) 2015 Pieter-Jan Moreels - pieterjan.moreels@gmail.com # Copyright (c) 2015 Alexandre Dulaunoy - a@foo.be # Imports import os Loading @@ -14,6 +15,7 @@ sys.path.append(os.path.join(runPath, "..")) import re import argparse import json import lib.DatabaseLayer as db Loading @@ -23,7 +25,7 @@ vOutput = "" argParser = argparse.ArgumentParser(description='Search for CPE with a pattern') argParser.add_argument('-s', type=str, required=True, help='search in cpe list') argParser.add_argument('-o', type=str, help='O = output format [compact]') argParser.add_argument('-o', type=str, default='expanded' ,help='O = output format [expanded, compact, json] (default: expanded)') argParser.add_argument('-f', action='store_true', help='Enlarge the CPE search to all CPE indexed. Need the cpeother activated.', default=False) args = argParser.parse_args() Loading @@ -37,9 +39,19 @@ def search(cpe): if vOutput == "compact": for item in res: print(item['id']) else: elif vOutput == "expanded": for item in res: print(item['id'] + " " + item['title']) elif vOutput == "json": o = [] for item in res: x = {} x['id'] = item['id'] x['title'] = item['title'] o.append(x) print(json.dumps(o, sort_keys=True, indent=4)) # replace special characters in cpeSearch with encoded version. cpeSearch = re.sub(r'\(', '%28', cpeSearch) Loading Loading
bin/cve_doc.py 0 → 100644 +72 −0 Original line number Diff line number Diff line #!/usr/bin/env python3 # # cve_doc converts CVE to asciidoc # # Software is free software released under the "Modified BSD license" # # Copyright (c) 2015 Alexandre Dulaunoy - a@foo.be import os import sys runPath = os.path.dirname(os.path.realpath(__file__)) sys.path.append(os.path.join(runPath, "..")) import json import re from optparse import OptionParser from lib.Query import lastentries, apigetcve, apibrowse, apisearch optp = OptionParser() optp.add_option('-c', '--cve', dest='cve', default='CVE-2015-0001', help='CVE id to convert') optp.add_option('-f', '--format', dest='format', default='asciidoc', help='output format : asciidoc') optp.add_option('-a', '--api', dest='api', default='http://cve.circl.lu/', help='HTTP API url (default: http://cve.circl.lu)') (opts, args) = optp.parse_args() cve = json.loads(apigetcve(opts.api, cveid=opts.cve)) if not cve: sys.exit(10) print ("= Common Vulnerabilities and Exposures - {}".format(cve['id'])) print ("cve-search <{}/cve/{}>".format(opts.api,cve['id'])) print ("{},{}".format(cve['id'],cve['Modified'])) print (":toc:") print ("== {} Summary".format(cve['id'])) print ("\n"+cve['summary']) print ("\n== Vulnerable configurations\n") for vul in cve['vulnerable_configuration']: print ("* {}".format(re.sub(r'\n', '-', vul['title']))) if cve['cvss']: print ("\n== Common Vulnerability Scoring System") print ("CVSS value:: {}".format(cve['cvss'])) if cve['impact']: print ("\n== Impact Metrics") print ("\n[cols=\"1,2\"]") print ("|===") types = ['availability', 'confidentiality', 'integrity'] for t in types: print ("|{}".format(t.title())) print ("|{}".format(cve['impact'][t])) print ("|===") if cve['access']: print ("\n== Access to the vulnerability") print ("\n[cols=\"1,2\"]") print ("|===") types = ['authentication', 'complexity', 'vector'] for t in types: print ("|{}".format(t.title())) print ("|{}".format(cve['access'][t])) print ("|===") if cve['references']: print ("\n== References") if len(cve['references']) > 1: for ref in cve['references']: print ("* {}".format(ref)) elif len(cve['references']) == 1: ref = cve['references'][0] print ("* {}".format(ref))
bin/db_dump.py +3 −0 Original line number Diff line number Diff line Loading @@ -34,4 +34,7 @@ l = cves.last(rankinglookup=rankinglookup, vfeedlookup=vfeedlookup, capeclookup= for cveid in db.getCVEIDs(limit=args.l): item = l.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) print (json.dumps(item, sort_keys=True, default=json_util.default))
bin/search_cpe.py +14 −2 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ # # Copyright (c) 2014 psychedelys # Copyright (c) 2015 Pieter-Jan Moreels - pieterjan.moreels@gmail.com # Copyright (c) 2015 Alexandre Dulaunoy - a@foo.be # Imports import os Loading @@ -14,6 +15,7 @@ sys.path.append(os.path.join(runPath, "..")) import re import argparse import json import lib.DatabaseLayer as db Loading @@ -23,7 +25,7 @@ vOutput = "" argParser = argparse.ArgumentParser(description='Search for CPE with a pattern') argParser.add_argument('-s', type=str, required=True, help='search in cpe list') argParser.add_argument('-o', type=str, help='O = output format [compact]') argParser.add_argument('-o', type=str, default='expanded' ,help='O = output format [expanded, compact, json] (default: expanded)') argParser.add_argument('-f', action='store_true', help='Enlarge the CPE search to all CPE indexed. Need the cpeother activated.', default=False) args = argParser.parse_args() Loading @@ -37,9 +39,19 @@ def search(cpe): if vOutput == "compact": for item in res: print(item['id']) else: elif vOutput == "expanded": for item in res: print(item['id'] + " " + item['title']) elif vOutput == "json": o = [] for item in res: x = {} x['id'] = item['id'] x['title'] = item['title'] o.append(x) print(json.dumps(o, sort_keys=True, indent=4)) # replace special characters in cpeSearch with encoded version. cpeSearch = re.sub(r'\(', '%28', cpeSearch) Loading
