2018-05-04 13:53:29 +02:00
|
|
|
#!/usr/bin/env python3
|
2016-06-30 14:38:28 +02:00
|
|
|
# -*-coding:UTF-8 -*
|
|
|
|
"""
|
2017-05-09 11:13:16 +02:00
|
|
|
The CVE Module
|
|
|
|
======================
|
|
|
|
|
|
|
|
This module is consuming the Redis-list created by the Categ module.
|
|
|
|
|
|
|
|
It apply CVE regexes on paste content and warn if a reference to a CVE is spotted.
|
|
|
|
|
2016-06-30 14:38:28 +02:00
|
|
|
"""
|
|
|
|
|
2021-09-08 10:32:47 +02:00
|
|
|
##################################
|
|
|
|
# Import External packages
|
|
|
|
##################################
|
2022-09-20 16:11:48 +02:00
|
|
|
import os
|
2016-06-30 14:38:28 +02:00
|
|
|
import re
|
2022-09-20 16:11:48 +02:00
|
|
|
import sys
|
2021-09-08 10:32:47 +02:00
|
|
|
|
2022-09-20 16:11:48 +02:00
|
|
|
sys.path.append(os.environ['AIL_BIN'])
|
2021-09-08 10:32:47 +02:00
|
|
|
##################################
|
|
|
|
# Import Project packages
|
|
|
|
##################################
|
|
|
|
from modules.abstract_module import AbstractModule
|
2022-10-25 16:25:19 +02:00
|
|
|
from lib.objects import Cves
|
2022-09-20 16:11:48 +02:00
|
|
|
from lib.objects.Items import Item
|
2016-06-30 14:38:28 +02:00
|
|
|
|
|
|
|
|
2022-12-19 16:38:20 +01:00
|
|
|
class CveModule(AbstractModule):
|
2021-09-08 10:32:47 +02:00
|
|
|
"""
|
2022-12-19 16:38:20 +01:00
|
|
|
CveModule for AIL framework
|
2021-09-08 10:32:47 +02:00
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self):
|
2022-12-19 16:38:20 +01:00
|
|
|
super(CveModule, self).__init__()
|
2021-09-08 10:32:47 +02:00
|
|
|
|
|
|
|
# regex to find CVE
|
2022-09-20 16:11:48 +02:00
|
|
|
self.reg_cve = re.compile(r'CVE-[1-2]\d{1,4}-\d{1,5}')
|
2021-09-08 10:32:47 +02:00
|
|
|
|
2022-10-25 16:25:19 +02:00
|
|
|
# Waiting time in seconds between to message processed
|
2021-09-08 10:32:47 +02:00
|
|
|
self.pending_seconds = 1
|
|
|
|
|
|
|
|
# Send module state to logs
|
2023-05-12 15:29:53 +02:00
|
|
|
self.logger.info(f'Module {self.module_name} initialized')
|
2021-09-08 10:32:47 +02:00
|
|
|
|
|
|
|
def compute(self, message):
|
2023-06-22 15:38:04 +02:00
|
|
|
count = message
|
|
|
|
item = self.get_obj()
|
2022-09-20 16:11:48 +02:00
|
|
|
item_id = item.get_id()
|
2021-09-08 10:32:47 +02:00
|
|
|
|
2022-09-20 16:11:48 +02:00
|
|
|
cves = self.regex_findall(self.reg_cve, item_id, item.get_content())
|
|
|
|
if cves:
|
2022-12-21 14:20:13 +01:00
|
|
|
# print(cves)
|
2022-10-25 16:25:19 +02:00
|
|
|
date = item.get_date()
|
|
|
|
for cve_id in cves:
|
|
|
|
cve = Cves.Cve(cve_id)
|
2023-10-12 13:53:00 +02:00
|
|
|
cve.add(date, item)
|
2022-10-25 16:25:19 +02:00
|
|
|
|
2024-03-13 11:58:40 +01:00
|
|
|
warning = f'{self.obj.get_global_id()} contains CVEs {cves}'
|
2021-09-08 10:32:47 +02:00
|
|
|
print(warning)
|
|
|
|
self.redis_logger.warning(warning)
|
2022-10-25 16:25:19 +02:00
|
|
|
|
2023-06-22 15:38:04 +02:00
|
|
|
tag = 'infoleak:automatic-detection="cve"'
|
2021-09-08 10:32:47 +02:00
|
|
|
# Send to Tags Queue
|
2023-06-22 15:38:04 +02:00
|
|
|
self.add_message_to_queue(message=tag, queue='Tags')
|
2022-09-20 16:11:48 +02:00
|
|
|
|
|
|
|
|
2016-06-30 14:38:28 +02:00
|
|
|
if __name__ == '__main__':
|
2021-09-08 10:32:47 +02:00
|
|
|
|
2022-12-19 16:38:20 +01:00
|
|
|
module = CveModule()
|
2023-04-04 14:12:23 +02:00
|
|
|
module.run()
|