Commit cbda887b authored by Alexandre Dulaunoy's avatar Alexandre Dulaunoy
Browse files

Merge pull request #114 from PidgeyL/master

bugfix + new features
parents c0a5dde5 d82f58bc
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -24,6 +24,9 @@ CAPEC: http://capec.mitre.org/data/xml/capec_v2.6.xml
MSBULLETIN: http://download.microsoft.com/download/6/7/3/673E4349-1CA5-40B9-8879-095C72D5B49D/BulletinSearch.xlsx
Ref: https://cve.mitre.org/data/refs/refmap/allrefmaps.zip
exploitdb: https://github.com/offensive-security/exploit-database/raw/master/files.csv
[MISP]
URL:
Key:
[Webserver]
Host: 127.0.0.1
Port: 5000
+25 −20
Original line number Diff line number Diff line
@@ -26,8 +26,8 @@ import lib.DatabaseLayer as db
class last:

    def __init__(self, collection="cves", rankinglookup=False,
                 namelookup=False, vfeedlookup=False,
                 capeclookup=False, subscorelookup=False, reflookup=False):
                 namelookup=False, vfeedlookup=False, capeclookup=False,
                 subscorelookup=False, reflookup=False, misplookup=False):

        self.collectionname = collection
        self.rankinglookup = rankinglookup
@@ -35,6 +35,7 @@ class last:
        self.vfeedlookup = vfeedlookup
        self.capeclookup = capeclookup
        self.subscorelookup = subscorelookup
        self.misplookup = misplookup
        
        self.collection = collection

@@ -68,19 +69,18 @@ class last:
            return e['title']

    def getvfeed(self, cveid=None):

        if not(self.vfeedlookup):
            return cveid

        e = db.getvFeed(cveid)
        return e if e else cveid

        if e is None:
    def getMISP(self, cveid=None):
        if not (self.misplookup):
            return cveid
        else:
            return e
        e = db.getMISP(cveid)
        return e if e else None

    def getcve(self, cveid=None):

        if cveid is not None:
            e = db.getCVE(cveid, collection=self.collection)
            if e is None:
@@ -110,6 +110,11 @@ class last:
                impactCVSS =impactScore(e)
                e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
                e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
            if self.misplookup:
                misp = self.getMISP(cveid=cveid)
                if misp:
                   misp.pop('id')
                   e['misp']=misp
        else:
            e = None

+9 −3
Original line number Diff line number Diff line
@@ -50,6 +50,7 @@ class Configuration():
               'msbulletin': "http://download.microsoft.com/download/6/7/3/673E4349-1CA5-40B9-8879-095C72D5B49D/BulletinSearch.xlsx",
               'ref': "https://cve.mitre.org/data/refs/refmap/allrefmaps.zip",
               'exploitdb': "https://github.com/offensive-security/exploit-database/raw/master/files.csv",
               'misp_url': "",            'misp_key': "",
               'logging': True,           'logfile': "./log/cve-search.log",
               'maxLogSize': '100MB',     'backlog': 5,
               'Indexdir': './indexdir',  'updatelogfile': './log/update.log',
@@ -133,8 +134,6 @@ class Configuration():
        redisDB = cls.readSetting("Redis", "RefDB", cls.default['redisRefDB'])
        return redis.StrictRedis(host=redisHost, port=redisPort, db=redisDB, charset="utf-8", decode_responses=True)



    # Flask
    @classmethod
    def getFlaskHost(cls):
@@ -230,6 +229,13 @@ class Configuration():
    def getexploitdbDict(cls):
        return cls.readSetting("Sources", "exploitdb", cls.default['exploitdb'])

    # MISP
    @classmethod
    def getMISPCredentials(cls):
        url = cls.readSetting("MISP", "URL", cls.default['misp_url'])
        key = cls.readSetting("MISP", "Key", cls.default['misp_key'])
        return (url, key) if url and key else (None, None)
               
    # Logging
    @classmethod
    def getLogfile(cls):
+24 −0
Original line number Diff line number Diff line
@@ -32,6 +32,8 @@ colVFEED= db['vfeed']
colRANKING=   db['ranking']
colMSBULLETIN=db['ms']
colCAPEC=     db['capec']
colMISP=      db['user_misp']

# Functions
def sanitize(x):
  if type(x)==pymongo.cursor.Cursor:
@@ -222,6 +224,9 @@ def getAlternativeCPEs():
def getvFeed(id):
  return sanitize(colVFEED.find_one({'id': id}))

def getMISP(id):
  return sanitize(colMISP.find_one({'id': id}))

def getCPEMatching(regex, fullSearch=False):
  lst=list(colCPE.find({"id": {"$regex": regex}}))
  if fullSearch: lst.extend(colCPEOTHER.find({"id": {"$regex": regex}}))
@@ -233,6 +238,25 @@ def getFreeText(text):
  except: # As of Mongo 3
    return sanitize(colCVE.find({"$text":{"$search":text}}))

def getSearchResults(search):
  result={'data':[]}
  regSearch = re.compile(re.escape(search), re.I)
  threat=  {'n': 'Threat',   'd': sanitize(colMISP.find({'threats': {'$in': [regSearch]}}))}
  misp_tag={'n': 'MISP tag', 'd': sanitize(colMISP.find({'tags':    {'$in': [regSearch]}}))}
  try:
    textsearch={'n': 'Text search', 'd': getFreeText(search)}
  except:
    textsearch={'n': 'Text search', 'd': []}
    result['errors']=['textsearch']
  for collection in [threat, misp_tag, textsearch]:
    for item in collection['d']:
      # Check if already in result data
      if not any(item['id']==entry['id'] for entry in result['data']):
        entry=getCVE(item['id'])
        entry['reason']=collection['n']
        result['data'].append(entry)
  return result

def getCAPECFor(cwe):
  return sanitize(colCAPEC.find({'related_weakness': {'$in': [cwe]}}))

+1 −0
Original line number Diff line number Diff line
@@ -11,3 +11,4 @@ xlrd
lxml
https://github.com/marianoguerra/feedformatter/archive/master.zip
six>=1.9.0
pymisp
Loading