CIRCL
/
AIL-framework
mirror of https://github.com/CIRCL/AIL-framework
2
1
Fork 0
Code Issues Releases Wiki Activity

chg: [CVE] CVE search integration

pull/594/head
Terrtia 2022-12-21 16:48:08 +01:00
parent 82ff568feb
commit b5d285b5b4
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
3 changed files with 71 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
bin/lib/objects/Cves.py
View File

@ -7,6 +7,8 @@ import sys
from flask import url_for from flask import url_for
from pymisp import MISPObject from pymisp import MISPObject
import requests
sys.path.append(os.environ['AIL_BIN']) sys.path.append(os.environ['AIL_BIN'])
################################## ##################################
# Import Project packages # Import Project packages
@ -71,6 +73,18 @@ class Cve(AbstractDaterangeObject):
def add(self, date, item_id): def add(self, date, item_id):
self._add(date, item_id) self._add(date, item_id)
def get_cve_search(self):
response = requests.get(f'https://cvepremium.circl.lu/api/cve/{self.id}', timeout=10)
if response.status_code == 200:
json_response = response.json()
# 'summary'
# 'references'
# 'last-modified'
# 'Published'
# 'Modified'
return json_response
else:
return {'error': 'cve search error'} # TODO
# TODO ADD SEARCH FUNCTION # TODO ADD SEARCH FUNCTION
@ -108,4 +122,5 @@ def api_get_cves_meta_by_daterange(date_from, date_to):
date = Date.sanitise_date_range(date_from, date_to) date = Date.sanitise_date_range(date_from, date_to)
return get_cves_meta(get_cves_by_daterange(date['date_from'], date['date_to']), options=['sparkline']) return get_cves_meta(get_cves_by_daterange(date['date_from'], date['date_to']), options=['sparkline'])
# if __name__ == '__main__': # if __name__ == '__main__':

4
bin/lib/objects/Domains.py
View File

@ -101,8 +101,8 @@ class Domain(AbstractObject):
if obj and origin['item']: if obj and origin['item']:
if origin['item'] != 'manual' and origin['item'] != 'auto': if origin['item'] != 'manual' and origin['item'] != 'auto':
item_id = origin['item'] item_id = origin['item']
origin['domain'] = get_item_domain() origin['domain'] = get_item_domain(item_id)
origin['url'] = get_item_url() origin['url'] = get_item_url(item_id)
return origin return origin
def set_last_origin(self, origin_id): def set_last_origin(self, origin_id):

56
var/www/templates/correlation/metadata_card_cve.html
View File

@ -46,6 +46,59 @@
</div> </div>
</div> </div>
</li> </li>
{% if dict_object["metadata_card"]["cve_search"] %}
<li class="list-group-item py-0">
<table class="table table-sm table-hover">
<tbody>
<tr>
<td><b>Summary</b></td>
<td>{{ dict_object["metadata_card"]["cve_search"].get("summary") }}</td>
</tr>
<tr>
<td><b>Published</b></td>
<td>{{ dict_object["metadata_card"]["cve_search"].get("Published") }}</td>
</tr>
<tr>
<td><b>Modified</b></td>
<td>{{ dict_object["metadata_card"]["cve_search"].get("Modified") }}</td>
</tr>
<tr>
<td><b>last-modified</b></td>
<td>{{ dict_object["metadata_card"]["cve_search"].get("last-modified") }}</td>
</tr>
</tbody>
</table>
</li>
{% if dict_object["metadata_card"]["cve_search"].get("references") %}
<div id="accordion" class="mb-2">
<div class="card">
<div class="card-header bg-dark" id="headingRefs">
<h5 class="mb-0">
<button class="btn btn-link collapsed w-100" data-toggle="collapse" data-target="#collapseRefs" aria-expanded="false" aria-controls="collapseRefs">
<span class="row">
<div class="col-10 text-left">
References <span class="badge badge-primary badge-pill">{{ dict_object["metadata_card"]["cve_search"]["references"] | length }}</span>
</div>
<div class="col-2 text-right"><i class="fas fa-chevron-circle-down"></i></div>
</span>
</button>
</h5>
</div>
<div id="collapseRefs" class="collapse" aria-labelledby="headingRefs" data-parent="#accordion">
<div class="card-body">
<ul>
{% for ref in dict_object["metadata_card"]["cve_search"].get("references") %}
<li>{{ ref }}</li>
{% endfor %}
</ul>
</div>
</div>
</div>
</div>
{% endif %}
{% endif %}
{# <li class="list-group-item py-0">#} {# <li class="list-group-item py-0">#}
{# <br>#} {# <br>#}
{# <div class="mb-3">#} {# <div class="mb-3">#}
@ -63,8 +116,7 @@
{# </li>#} {# </li>#}
</ul> </ul>
{% with obj_type='cve', obj_id=dict_object['correlation_id'], obj_subtype='' %}
{% with obj_type='decoded', obj_id=dict_object['correlation_id'], obj_subtype='' %}
{% include 'modals/investigations_register_obj.html' %} {% include 'modals/investigations_register_obj.html' %}
{% endwith %} {% endwith %}
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#investigations_register_obj_modal"> <button type="button" class="btn btn-primary" data-toggle="modal" data-target="#investigations_register_obj_modal">