cve: improve read of partial and inexistant CVE

This commit is contained in:
nemunaire 2017-08-03 21:28:56 +02:00
parent 128afb5914
commit 0a576410c7

View File

@ -5,6 +5,7 @@
from bs4 import BeautifulSoup from bs4 import BeautifulSoup
from urllib.parse import quote from urllib.parse import quote
from nemubot.exception import IMException
from nemubot.hooks import hook from nemubot.hooks import hook
from nemubot.tools.web import getURLContent, striphtml from nemubot.tools.web import getURLContent, striphtml
@ -15,31 +16,44 @@ BASEURL_NIST = 'https://nvd.nist.gov/vuln/detail/'
# MODULE CORE ######################################################### # MODULE CORE #########################################################
VULN_DATAS = {
"alert-title": "vuln-warning-status-name",
"alert-content": "vuln-warning-banner-content",
"description": "vuln-description",
"published": "vuln-published-on",
"last_modified": "vuln-last-modified-on",
"source": "vuln-source",
"base_score": "vuln-cvssv3-base-score-link",
"severity": "vuln-cvssv3-base-score-severity",
"impact_score": "vuln-cvssv3-impact-score",
"exploitability_score": "vuln-cvssv3-exploitability-score",
"av": "vuln-cvssv3-av",
"ac": "vuln-cvssv3-ac",
"pr": "vuln-cvssv3-pr",
"ui": "vuln-cvssv3-ui",
"s": "vuln-cvssv3-s",
"c": "vuln-cvssv3-c",
"i": "vuln-cvssv3-i",
"a": "vuln-cvssv3-a",
}
def get_cve(cve_id): def get_cve(cve_id):
search_url = BASEURL_NIST + quote(cve_id.upper()) search_url = BASEURL_NIST + quote(cve_id.upper())
soup = BeautifulSoup(getURLContent(search_url)) soup = BeautifulSoup(getURLContent(search_url))
return { vuln = {}
"description": soup.body.find(attrs={"data-testid":"vuln-description"}).text.strip(),
"published": soup.body.find(attrs={"data-testid":"vuln-published-on"}).text.strip(),
"last_modified": soup.body.find(attrs={"data-testid":"vuln-last-modified-on"}).text.strip(),
"source": soup.body.find(attrs={"data-testid":"vuln-source"}).text.strip(),
"base_score": float(soup.body.find(attrs={"data-testid":"vuln-cvssv3-base-score-link"}).text.strip()), for vd in VULN_DATAS:
"severity": soup.body.find(attrs={"data-testid":"vuln-cvssv3-base-score-severity"}).text.strip(), r = soup.body.find(attrs={"data-testid": VULN_DATAS[vd]})
"impact_score": float(soup.body.find(attrs={"data-testid":"vuln-cvssv3-impact-score"}).text.strip()), if r:
"exploitability_score": float(soup.body.find(attrs={"data-testid":"vuln-cvssv3-exploitability-score"}).text.strip()), vuln[vd] = r.text.strip()
"av": soup.body.find(attrs={"data-testid":"vuln-cvssv3-av"}).text.strip(), return vuln
"ac": soup.body.find(attrs={"data-testid":"vuln-cvssv3-ac"}).text.strip(),
"pr": soup.body.find(attrs={"data-testid":"vuln-cvssv3-pr"}).text.strip(),
"ui": soup.body.find(attrs={"data-testid":"vuln-cvssv3-ui"}).text.strip(),
"s": soup.body.find(attrs={"data-testid":"vuln-cvssv3-s"}).text.strip(),
"c": soup.body.find(attrs={"data-testid":"vuln-cvssv3-c"}).text.strip(),
"i": soup.body.find(attrs={"data-testid":"vuln-cvssv3-i"}).text.strip(),
"a": soup.body.find(attrs={"data-testid":"vuln-cvssv3-a"}).text.strip(),
}
def display_metrics(av, ac, pr, ui, s, c, i, a, **kwargs): def display_metrics(av, ac, pr, ui, s, c, i, a, **kwargs):
@ -68,7 +82,19 @@ def get_cve_desc(msg):
cve_id = 'cve-' + cve_id cve_id = 'cve-' + cve_id
cve = get_cve(cve_id) cve = get_cve(cve_id)
if not cve:
raise IMException("CVE %s doesn't exists." % cve_id)
if "alert-title" in cve or "alert-content" in cve:
alert = "\x02%s:\x0F %s " % (cve["alert-title"] if "alert-title" in cve else "",
cve["alert-content"] if "alert-content" in cve else "")
else:
alert = ""
if "base_score" not in cve and "description" in cve:
res.append_message("{alert}From \x02{source}\x0F, last modified on \x02{last_modified}\x0F. {description}".format(alert=alert, **cve), title=cve_id)
else:
metrics = display_metrics(**cve) metrics = display_metrics(**cve)
res.append_message("{cveid}: Base score: \x02{base_score} {severity}\x0F (impact: \x02{impact_score}\x0F, exploitability: \x02{exploitability_score}\x0F; {metrics}), from \x02{source}\x0F, last modified on \x02{last_modified}\x0F. {description}".format(cveid=cve_id, metrics=metrics, **cve)) res.append_message("{alert}Base score: \x02{base_score} {severity}\x0F (impact: \x02{impact_score}\x0F, exploitability: \x02{exploitability_score}\x0F; {metrics}), from \x02{source}\x0F, last modified on \x02{last_modified}\x0F. {description}".format(alert=alert, metrics=metrics, **cve), title=cve_id)
return res return res