From b5d285b5b415f70ab03a2624a97316b5d28285f0 Mon Sep 17 00:00:00 2001 From: Terrtia Date: Wed, 21 Dec 2022 16:48:08 +0100 Subject: [PATCH] chg: [CVE] CVE search integration --- bin/lib/objects/Cves.py | 15 +++++ bin/lib/objects/Domains.py | 4 +- .../correlation/metadata_card_cve.html | 56 ++++++++++++++++++- 3 files changed, 71 insertions(+), 4 deletions(-) diff --git a/bin/lib/objects/Cves.py b/bin/lib/objects/Cves.py index 16b8e766..619d5809 100755 --- a/bin/lib/objects/Cves.py +++ b/bin/lib/objects/Cves.py @@ -7,6 +7,8 @@ import sys from flask import url_for from pymisp import MISPObject +import requests + sys.path.append(os.environ['AIL_BIN']) ################################## # Import Project packages @@ -71,6 +73,18 @@ class Cve(AbstractDaterangeObject): def add(self, date, item_id): self._add(date, item_id) + def get_cve_search(self): + response = requests.get(f'https://cvepremium.circl.lu/api/cve/{self.id}', timeout=10) + if response.status_code == 200: + json_response = response.json() + # 'summary' + # 'references' + # 'last-modified' + # 'Published' + # 'Modified' + return json_response + else: + return {'error': 'cve search error'} # TODO # TODO ADD SEARCH FUNCTION @@ -108,4 +122,5 @@ def api_get_cves_meta_by_daterange(date_from, date_to): date = Date.sanitise_date_range(date_from, date_to) return get_cves_meta(get_cves_by_daterange(date['date_from'], date['date_to']), options=['sparkline']) + # if __name__ == '__main__': diff --git a/bin/lib/objects/Domains.py b/bin/lib/objects/Domains.py index 7d59984b..97d73b46 100755 --- a/bin/lib/objects/Domains.py +++ b/bin/lib/objects/Domains.py @@ -101,8 +101,8 @@ class Domain(AbstractObject): if obj and origin['item']: if origin['item'] != 'manual' and origin['item'] != 'auto': item_id = origin['item'] - origin['domain'] = get_item_domain() - origin['url'] = get_item_url() + origin['domain'] = get_item_domain(item_id) + origin['url'] = get_item_url(item_id) return origin def set_last_origin(self, origin_id): diff --git a/var/www/templates/correlation/metadata_card_cve.html b/var/www/templates/correlation/metadata_card_cve.html index 39fca4e6..1abd1a84 100644 --- a/var/www/templates/correlation/metadata_card_cve.html +++ b/var/www/templates/correlation/metadata_card_cve.html @@ -46,6 +46,59 @@ + {% if dict_object["metadata_card"]["cve_search"] %} +
  • + + + + + + + + + + + + + + + + + + + +
    Summary{{ dict_object["metadata_card"]["cve_search"].get("summary") }}
    Published{{ dict_object["metadata_card"]["cve_search"].get("Published") }}
    Modified{{ dict_object["metadata_card"]["cve_search"].get("Modified") }}
    last-modified{{ dict_object["metadata_card"]["cve_search"].get("last-modified") }}
    +
    • + + {% if dict_object["metadata_card"]["cve_search"].get("references") %} +
    +
    +
    +
    + +
    +
    +
    +
    +
      + {% for ref in dict_object["metadata_card"]["cve_search"].get("references") %} +
    • {{ ref }}
      • + {% endfor %} +
    +
    +
    +
    +
    + {% endif %} + + {% endif %} {#
  • #} {#
    #} {#
    #} @@ -63,8 +116,7 @@ {#
    • #} - - {% with obj_type='decoded', obj_id=dict_object['correlation_id'], obj_subtype='' %} + {% with obj_type='cve', obj_id=dict_object['correlation_id'], obj_subtype='' %} {% include 'modals/investigations_register_obj.html' %} {% endwith %}