nemubot/modules/cve.py

"""Read CVE in your IM client"""

# PYTHON STUFFS #######################################################

from bs4 import BeautifulSoup
from urllib.parse import quote

from nemubot.hooks import hook
from nemubot.tools.web import getURLContent, striphtml

from more import Response

BASEURL_NIST = 'https://web.nvd.nist.gov/view/vuln/detail?vulnId='


# MODULE CORE #########################################################

def get_cve(cve_id):
    search_url = BASEURL_NIST + quote(cve_id.upper())

    soup = BeautifulSoup(getURLContent(search_url))
    vuln = soup.body.find(class_="vuln-detail")
    cvss = vuln.findAll('div')[4]

    return [
        "Base score: " + cvss.findAll('div')[0].findAll('a')[0].text.strip(),
        vuln.findAll('p')[0].text, # description
        striphtml(vuln.findAll('div')[0].text).strip(), # publication date
        striphtml(vuln.findAll('div')[1].text).strip(), # last revised
    ]


# MODULE INTERFACE ####################################################

@hook.command("cve",
              help="Display given CVE",
              help_usage={"CVE_ID": "Display the description of the given CVE"})
def get_cve_desc(msg):
    res = Response(channel=msg.channel)

    for cve_id in msg.args:
        if cve_id[:3].lower() != 'cve':
            cve_id = 'cve-' + cve_id

        res.append_message(get_cve(cve_id))

    return res
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`"""Read CVE in your IM client"""`

			`# PYTHON STUFFS #######################################################`

add cve module 2014-11-17 13:24:18 +00:00			`from bs4 import BeautifulSoup`
Dusting modules 2015-07-07 10:34:00 +00:00			`from urllib.parse import quote`

[wip] in modules, changes import to reflect new directory structure 2015-01-03 19:34:44 +00:00			`from nemubot.hooks import hook`
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`from nemubot.tools.web import getURLContent, striphtml`
add cve module 2014-11-17 13:24:18 +00:00
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`from more import Response`
add cve module 2014-11-17 13:24:18 +00:00
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`BASEURL_NIST = 'https://web.nvd.nist.gov/view/vuln/detail?vulnId='`
add cve module 2014-11-17 13:24:18 +00:00

[cve] Dusting module 2015-11-08 00:11:48 +00:00			`# MODULE CORE #########################################################`
add cve module 2014-11-17 13:24:18 +00:00
Dusting modules 2015-07-07 10:34:00 +00:00			`def get_cve(cve_id):`
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`search_url = BASEURL_NIST + quote(cve_id.upper())`
add cve module 2014-11-17 13:24:18 +00:00
Dusting modules 2015-07-07 10:34:00 +00:00			`soup = BeautifulSoup(getURLContent(search_url))`
[cve] Reflects site changes 2016-05-30 15:22:44 +00:00			`vuln = soup.body.find(class_="vuln-detail")`
			`cvss = vuln.findAll('div')[4]`
[cve] Dusting module 2015-11-08 00:11:48 +00:00
			`return [`
			`"Base score: " + cvss.findAll('div')[0].findAll('a')[0].text.strip(),`
			`vuln.findAll('p')[0].text, # description`
			`striphtml(vuln.findAll('div')[0].text).strip(), # publication date`
			`striphtml(vuln.findAll('div')[1].text).strip(), # last revised`
			`]`

add cve module 2014-11-17 13:24:18 +00:00
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`# MODULE INTERFACE ####################################################`
add cve module 2014-11-17 13:24:18 +00:00
[cve] Dusting module 2015-11-08 00:11:48 +00:00			`@hook.command("cve",`
			`help="Display given CVE",`
			`help_usage={"CVE_ID": "Display the description of the given CVE"})`
Dusting modules 2015-07-07 10:34:00 +00:00			`def get_cve_desc(msg):`
			`res = Response(channel=msg.channel)`
add cve module 2014-11-17 13:24:18 +00:00
Dusting modules 2015-07-07 10:34:00 +00:00			`for cve_id in msg.args:`
			`if cve_id[:3].lower() != 'cve':`
			`cve_id = 'cve-' + cve_id`
add cve module 2014-11-17 13:24:18 +00:00
Dusting modules 2015-07-07 10:34:00 +00:00			`res.append_message(get_cve(cve_id))`
add cve module 2014-11-17 13:24:18 +00:00
Dusting modules 2015-07-07 10:34:00 +00:00			`return res`