move MISP to a plug-in (b3f4319b) · Commits · Zhang Yushan / cve-search

etc/configuration.ini.sample

+0 −3

Original line number	Diff line number	Diff line
		@@ -24,9 +24,6 @@ CAPEC: http://capec.mitre.org/data/xml/capec_v2.6.xml
		MSBULLETIN: http://download.microsoft.com/download/6/7/3/673E4349-1CA5-40B9-8879-095C72D5B49D/BulletinSearch.xlsx
		Ref: https://cve.mitre.org/data/refs/refmap/allrefmaps.zip
		exploitdb: https://github.com/offensive-security/exploit-database/raw/master/files.csv
		[MISP]
		URL:
		Key:
		[Webserver]
		Host: 127.0.0.1
		Port: 5000

lib/CVEs.py

+2 −15

Original line number	Diff line number	Diff line
		@@ -23,11 +23,10 @@ from lib.Config import Configuration
		from lib.Toolkit import exploitabilityScore,impactScore
		import lib.DatabaseLayer as db

		class last:

		class last():
		def __init__(self, collection="cves", rankinglookup=False,
		namelookup=False, vfeedlookup=False, capeclookup=False,
		subscorelookup=False, reflookup=False, misplookup=False):
		subscorelookup=False, reflookup=False):

		self.collectionname = collection
		self.rankinglookup = rankinglookup
		@@ -35,7 +34,6 @@ class last:
		self.vfeedlookup = vfeedlookup
		self.capeclookup = capeclookup
		self.subscorelookup = subscorelookup
		self.misplookup = misplookup

		self.collection = collection

		@@ -74,12 +72,6 @@ class last:
		e = db.getvFeed(cveid)
		return e if e else cveid

		def getMISP(self, cveid=None):
		if not (self.misplookup):
		return cveid
		e = db.getMISP(cveid)
		return e if e else None

		def getcve(self, cveid=None):
		if cveid is not None:
		e = db.getCVE(cveid, collection=self.collection)
		@@ -110,11 +102,6 @@ class last:
		impactCVSS =impactScore(e)
		e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
		e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
		if self.misplookup:
		misp = self.getMISP(cveid=cveid)
		if misp:
		misp.pop('id')
		e['misp']=misp
		else:
		e = None

lib/Config.py

+0 −8

Original line number	Diff line number	Diff line
		@@ -50,7 +50,6 @@ class Configuration():
		'msbulletin': "http://download.microsoft.com/download/6/7/3/673E4349-1CA5-40B9-8879-095C72D5B49D/BulletinSearch.xlsx",
		'ref': "https://cve.mitre.org/data/refs/refmap/allrefmaps.zip",
		'exploitdb': "https://github.com/offensive-security/exploit-database/raw/master/files.csv",
		'misp_url': "", 'misp_key': "",
		'logging': True, 'logfile': "./log/cve-search.log",
		'maxLogSize': '100MB', 'backlog': 5,
		'Indexdir': './indexdir', 'updatelogfile': './log/update.log',
		@@ -231,13 +230,6 @@ class Configuration():
		def getexploitdbDict(cls):
		return cls.readSetting("Sources", "exploitdb", cls.default['exploitdb'])

		# MISP
		@classmethod
		def getMISPCredentials(cls):
		url = cls.readSetting("MISP", "URL", cls.default['misp_url'])
		key = cls.readSetting("MISP", "Key", cls.default['misp_key'])
		return (url, key) if url and key else (None, None)

		# Logging
		@classmethod
		def getLogfile(cls):

lib/DatabaseLayer.py

+8 −10

Original line number	Diff line number	Diff line
		@@ -32,7 +32,6 @@ colVFEED= db['vfeed']
		colRANKING= db['ranking']
		colMSBULLETIN= db['ms']
		colCAPEC= db['capec']
		colMISP= db['user_misp']
		colPlugSettings=db['plugin_settings']

		# Functions
		@@ -205,9 +204,6 @@ def getAlternativeCPEs():
		def getvFeed(id):
		return sanitize(colVFEED.find_one({'id': id}))

		def getMISP(id):
		return sanitize(colMISP.find_one({'id': id}))

		def getCPEMatching(regex, fullSearch=False):
		lst=list(colCPE.find({"id": {"$regex": regex}}))
		if fullSearch: lst.extend(colCPEOTHER.find({"id": {"$regex": regex}}))
		@@ -226,8 +222,9 @@ def getSearchResults(search):
		'map_redhat_bugzilla.redhatid', 'map_cve_ubuntu.ubuntuid',
		'map_cve_suse.suseid', 'map_cve_fedora.fedoraid', 'map_cve_hp.hpid',
		'map_cve_cisco.ciscoid']
		threat= {'n': 'Threat', 'd': sanitize(colMISP.find({'threats': {'$in': [regSearch]}}))}
		misp_tag={'n': 'MISP tag', 'd': sanitize(colMISP.find({'tags': {'$in': [regSearch]}}))}
		# Temporally disable these (to be revised how to implement this in plugin searching)
		#threat= {'n': 'Threat', 'd': sanitize(colMISP.find({'threats': {'$in': [regSearch]}}))}
		#misp_tag={'n': 'MISP tag', 'd': sanitize(colMISP.find({'tags': {'$in': [regSearch]}}))}
		links = {'n': 'Link', 'd': []}
		for vLink in vFeedLinks:
		links['d'].extend(sanitize(colVFEED.find({vLink: {'$in': [regSearch]}})))
		@@ -237,7 +234,8 @@ def getSearchResults(search):
		except:
		textsearch={'n': 'Text search', 'd': []}
		result['errors']=['textsearch']
		for collection in [threat, misp_tag, textsearch, links]:
		#for collection in [threat, misp_tag, textsearch, links]:
		for collection in [links, textsearch]:
		for item in collection['d']:
		# Check if already in result data
		if not any(item['id']==entry['id'] for entry in result['data']):
		@@ -369,7 +367,7 @@ def getUser(user):
		###########
		# Settings
		def p_writeSetting(plugin, setting, value):
		colPlugSettings({"plugin": plugin}, {"$set": {setting: value}}, upsert=True)
		colPlugSettings.update({"plugin": plugin}, {"$set": {setting: value}}, upsert=True)

		def p_readSetting(plugin, setting):
		data = colPlugSettings.distinct(setting, {'plugin': plugin})
		@@ -378,10 +376,10 @@ def p_readSetting(plugin, setting):

		# Query
		def p_queryData(collection, query):
		return list(db['plug_%s'%collection].find(query))
		return sanitize(db['plug_%s'%collection].find(query))

		def p_queryOne(collection, query):
		return db['plug_%s'%collection].find_one(query)
		return sanitize(db['plug_%s'%collection].find_one(query))

		# Data manipulation
		def p_addEntry(collection, data):

requirements.txt

+0 −1

Original line number	Diff line number	Diff line
		@@ -11,5 +11,4 @@ xlrd
		lxml
		https://github.com/marianoguerra/feedformatter/archive/master.zip
		six>=1.9.0
		pymisp
		pytz

Admin message