2015-11-08 00:11:48 +00:00
|
|
|
"""Read CVE in your IM client"""
|
|
|
|
|
|
|
|
# PYTHON STUFFS #######################################################
|
|
|
|
|
2014-11-17 13:24:18 +00:00
|
|
|
from bs4 import BeautifulSoup
|
2015-07-07 10:34:00 +00:00
|
|
|
from urllib.parse import quote
|
|
|
|
|
2015-01-03 19:34:44 +00:00
|
|
|
from nemubot.hooks import hook
|
2015-11-08 00:11:48 +00:00
|
|
|
from nemubot.tools.web import getURLContent, striphtml
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-11-08 00:11:48 +00:00
|
|
|
from more import Response
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-11-08 00:11:48 +00:00
|
|
|
BASEURL_NIST = 'https://web.nvd.nist.gov/view/vuln/detail?vulnId='
|
2014-11-17 13:24:18 +00:00
|
|
|
|
|
|
|
|
2015-11-08 00:11:48 +00:00
|
|
|
# MODULE CORE #########################################################
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-07-07 10:34:00 +00:00
|
|
|
def get_cve(cve_id):
|
2015-11-08 00:11:48 +00:00
|
|
|
search_url = BASEURL_NIST + quote(cve_id.upper())
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-07-07 10:34:00 +00:00
|
|
|
soup = BeautifulSoup(getURLContent(search_url))
|
2016-05-30 15:22:44 +00:00
|
|
|
vuln = soup.body.find(class_="vuln-detail")
|
|
|
|
cvss = vuln.findAll('div')[4]
|
2015-11-08 00:11:48 +00:00
|
|
|
|
|
|
|
return [
|
|
|
|
"Base score: " + cvss.findAll('div')[0].findAll('a')[0].text.strip(),
|
|
|
|
vuln.findAll('p')[0].text, # description
|
|
|
|
striphtml(vuln.findAll('div')[0].text).strip(), # publication date
|
|
|
|
striphtml(vuln.findAll('div')[1].text).strip(), # last revised
|
|
|
|
]
|
|
|
|
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-11-08 00:11:48 +00:00
|
|
|
# MODULE INTERFACE ####################################################
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-11-08 00:11:48 +00:00
|
|
|
@hook.command("cve",
|
|
|
|
help="Display given CVE",
|
|
|
|
help_usage={"CVE_ID": "Display the description of the given CVE"})
|
2015-07-07 10:34:00 +00:00
|
|
|
def get_cve_desc(msg):
|
|
|
|
res = Response(channel=msg.channel)
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-07-07 10:34:00 +00:00
|
|
|
for cve_id in msg.args:
|
|
|
|
if cve_id[:3].lower() != 'cve':
|
|
|
|
cve_id = 'cve-' + cve_id
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-07-07 10:34:00 +00:00
|
|
|
res.append_message(get_cve(cve_id))
|
2014-11-17 13:24:18 +00:00
|
|
|
|
2015-07-07 10:34:00 +00:00
|
|
|
return res
|