Loading lib/DatabaseLayer.py +16 −0 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ def sanitize(x): x=list(x) if type(x)==list: for y in x: sanitize(y) # if x: if "_id" in x: x.pop("_id") return x Loading Loading @@ -110,6 +111,21 @@ def getInfo(collection): def getWhitelist(): return sanitize(colWHITELIST.find()) def getRules(list): if list.lower()=='whitelist': col=colWHITELIST elif list.lower()=='blacklist': col=colBLACKLIST else: return [] rlist=col.find({'type':'cpe'}).distinct('id') hardware=["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in col.find({'type':'cpe'}).distinct('id')] software=["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in col.find({'type':'cpe'}).distinct('id')] rlist.extend(hardware) rlist.extend(software) return rlist def getBlacklist(): return sanitize(colBLACKLIST.find()) Loading web/index.py +13 −42 Original line number Diff line number Diff line Loading @@ -83,26 +83,8 @@ def getBrowseList(vendor): return result def getWhitelistRules(): collection = db.mgmt_whitelist whitelist = collection.find({'type':'cpe'}).distinct('id') hardware = ["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in collection.find({'type':'targethardware'}).distinct('id')] software = ["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in collection.find({'type':'targetsoftware'}).distinct('id')] whitelist.extend(hardware) whitelist.extend(software) return whitelist def getWhitelistRegexes(): whitelist = getWhitelistRules() regexes = [] for whitelistRule in whitelist: regexes.append(re.compile(whitelistRule)) return regexes def whitelist_mark(cve): whitelistitems = getWhitelistRegexes() whitelistitems = compile(dbLayer.getRules('whitelist')) # ensures we're working with a list object, in case we get a pymongo.cursor object cve = list(cve) # check the cpes (full or partially) in the whitelist Loading @@ -115,7 +97,7 @@ def whitelist_mark(cve): def blacklist_mark(cve): blacklistitems = getBlacklistRegexes() blacklistitems = compile(dbLayer.getRules('blacklist')) # ensures we're working with a list object, in case we get a pymongo.cursor object cve = list(cve) # check the cpes (full or partially) in the blacklist Loading @@ -133,22 +115,11 @@ def seen_mark(cve): for c in cve: if c["id"] in seen: cve[cve.index(c)]['seen'] = 'yes' def getBlacklistRules(): collection = db.mgmt_blacklist blacklist = collection.find({'type':'cpe'}).distinct('id') hardware = ["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in collection.find({'type':'targethardware'}).distinct('id')] software = ["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in collection.find({'type':'targetsoftware'}).distinct('id')] blacklist.extend(hardware) blacklist.extend(software) return blacklist def getBlacklistRegexes(): blacklist = getBlacklistRules() regexes = [] for blacklistRule in blacklist: regexes.append(re.compile(blacklistRule)) return regexes def compile(regexes): r=[] for rule in regexes: r.append(re.compile(rule)) return r def addCPEToList(cpe, listType, cpeType=None): Loading Loading @@ -197,7 +168,7 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, query = [] # retrieving lists if blacklist == "on": regexes = getBlacklistRules() regexes = dbLayer.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, Loading @@ -205,7 +176,7 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, {'vulnerable_configuration': []} ]}) if whitelist == "hide": regexes = getWhitelistRules() regexes = dbLayer.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, Loading @@ -213,8 +184,8 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, {'vulnerable_configuration': []} ]}) if unlisted == "hide": wlregexes = getWhitelistRegexes() blregexes = getBlacklistRegexes() wlregexes = compile(dbLayer.getRules('whitelist')) blregexes = compile(dbLayer.getRules('blacklist')) query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}}, {'vulnerable_configuration': {'$in': blregexes}}]}) if rejectedSelect == "hide": Loading Loading @@ -257,8 +228,8 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, def markCPEs(cve): blacklist = getBlacklistRegexes() whitelist = getWhitelistRegexes() blacklist = compile(dbLayer.getRules('blacklist')) whitelist = compile(dbLayer.getRules('whitelist')) for conf in cve['vulnerable_configuration']: conf['list'] = 'none' Loading Loading
lib/DatabaseLayer.py +16 −0 Original line number Diff line number Diff line Loading @@ -29,6 +29,7 @@ def sanitize(x): x=list(x) if type(x)==list: for y in x: sanitize(y) # if x: if "_id" in x: x.pop("_id") return x Loading Loading @@ -110,6 +111,21 @@ def getInfo(collection): def getWhitelist(): return sanitize(colWHITELIST.find()) def getRules(list): if list.lower()=='whitelist': col=colWHITELIST elif list.lower()=='blacklist': col=colBLACKLIST else: return [] rlist=col.find({'type':'cpe'}).distinct('id') hardware=["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in col.find({'type':'cpe'}).distinct('id')] software=["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in col.find({'type':'cpe'}).distinct('id')] rlist.extend(hardware) rlist.extend(software) return rlist def getBlacklist(): return sanitize(colBLACKLIST.find()) Loading
web/index.py +13 −42 Original line number Diff line number Diff line Loading @@ -83,26 +83,8 @@ def getBrowseList(vendor): return result def getWhitelistRules(): collection = db.mgmt_whitelist whitelist = collection.find({'type':'cpe'}).distinct('id') hardware = ["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in collection.find({'type':'targethardware'}).distinct('id')] software = ["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in collection.find({'type':'targetsoftware'}).distinct('id')] whitelist.extend(hardware) whitelist.extend(software) return whitelist def getWhitelistRegexes(): whitelist = getWhitelistRules() regexes = [] for whitelistRule in whitelist: regexes.append(re.compile(whitelistRule)) return regexes def whitelist_mark(cve): whitelistitems = getWhitelistRegexes() whitelistitems = compile(dbLayer.getRules('whitelist')) # ensures we're working with a list object, in case we get a pymongo.cursor object cve = list(cve) # check the cpes (full or partially) in the whitelist Loading @@ -115,7 +97,7 @@ def whitelist_mark(cve): def blacklist_mark(cve): blacklistitems = getBlacklistRegexes() blacklistitems = compile(dbLayer.getRules('blacklist')) # ensures we're working with a list object, in case we get a pymongo.cursor object cve = list(cve) # check the cpes (full or partially) in the blacklist Loading @@ -133,22 +115,11 @@ def seen_mark(cve): for c in cve: if c["id"] in seen: cve[cve.index(c)]['seen'] = 'yes' def getBlacklistRules(): collection = db.mgmt_blacklist blacklist = collection.find({'type':'cpe'}).distinct('id') hardware = ["cpe:2.3:([^:]*:){9}"+re.escape(x) for x in collection.find({'type':'targethardware'}).distinct('id')] software = ["cpe:2.3:([^:]*:){8}"+re.escape(x) for x in collection.find({'type':'targetsoftware'}).distinct('id')] blacklist.extend(hardware) blacklist.extend(software) return blacklist def getBlacklistRegexes(): blacklist = getBlacklistRules() regexes = [] for blacklistRule in blacklist: regexes.append(re.compile(blacklistRule)) return regexes def compile(regexes): r=[] for rule in regexes: r.append(re.compile(rule)) return r def addCPEToList(cpe, listType, cpeType=None): Loading Loading @@ -197,7 +168,7 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, query = [] # retrieving lists if blacklist == "on": regexes = getBlacklistRules() regexes = dbLayer.getRules('blacklist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, Loading @@ -205,7 +176,7 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, {'vulnerable_configuration': []} ]}) if whitelist == "hide": regexes = getWhitelistRules() regexes = dbLayer.getRules('whitelist') if len(regexes) != 0: exp = "^(?!" + "|".join(regexes) + ")" query.append({'$or': [{'vulnerable_configuration': re.compile(exp)}, Loading @@ -213,8 +184,8 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, {'vulnerable_configuration': []} ]}) if unlisted == "hide": wlregexes = getWhitelistRegexes() blregexes = getBlacklistRegexes() wlregexes = compile(dbLayer.getRules('whitelist')) blregexes = compile(dbLayer.getRules('blacklist')) query.append({'$or': [{'vulnerable_configuration': {'$in': wlregexes}}, {'vulnerable_configuration': {'$in': blregexes}}]}) if rejectedSelect == "hide": Loading Loading @@ -257,8 +228,8 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, def markCPEs(cve): blacklist = getBlacklistRegexes() whitelist = getWhitelistRegexes() blacklist = compile(dbLayer.getRules('blacklist')) whitelist = compile(dbLayer.getRules('whitelist')) for conf in cve['vulnerable_configuration']: conf['list'] = 'none' Loading
