misp-modules/misp_modules/modules/expansion/cve.py

import json
import requests

misperrors = {'error': 'Error'}
mispattributes = {'input': ['vulnerability'], 'output': ['text']}
moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']}
moduleconfig = []
cveapi_url = 'https://cve.circl.lu/api/cve/'


def handler(q=False):
    if q is False:
        return False
    request = json.loads(q)
    if not request.get('vulnerability'):
        misperrors['error'] = 'Vulnerability id missing'
        return misperrors

    r = requests.get(cveapi_url + request.get('vulnerability'))
    if r.status_code == 200:
        vulnerability = json.loads(r.text)
        if vulnerability:
            if vulnerability.get('summary'):
                summary = vulnerability['summary']
        else:
            summary = 'Non existing CVE'
    else:
        misperrors['error'] = 'cve.circl.lu API not accessible'
        return misperrors['error']

    r = {'results': [{'types': mispattributes['output'], 'values': summary}]}
    return r


def introspection():
    return mispattributes


def version():
    moduleinfo['config'] = moduleconfig
    return moduleinfo
CVE hover expansion module An hover module is a module returning a JSON that can be used as hover element in the MISP UI. 2016-03-18 07:51:13 +01:00			`import json`
			`import requests`

			`misperrors = {'error': 'Error'}`
Return a text attribute for an hover only module 2016-03-24 21:44:15 +01:00			`mispattributes = {'input': ['vulnerability'], 'output': ['text']}`
			`moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']}`
CVE hover expansion module An hover module is a module returning a JSON that can be used as hover element in the MISP UI. 2016-03-18 07:51:13 +01:00			`moduleconfig = []`
			`cveapi_url = 'https://cve.circl.lu/api/cve/'`


			`def handler(q=False):`
			`if q is False:`
			`return False`
			`request = json.loads(q)`
			`if not request.get('vulnerability'):`
			`misperrors['error'] = 'Vulnerability id missing'`
			`return misperrors`

Make PEP8 happy 2016-04-11 11:07:11 +02:00			`r = requests.get(cveapi_url + request.get('vulnerability'))`
CVE hover expansion module An hover module is a module returning a JSON that can be used as hover element in the MISP UI. 2016-03-18 07:51:13 +01:00			`if r.status_code == 200:`
			`vulnerability = json.loads(r.text)`
fix: #137 when a CVE is not found, a return message is given 2017-10-21 19:52:19 +02:00			`if vulnerability:`
			`if vulnerability.get('summary'):`
			`summary = vulnerability['summary']`
			`else:`
			`summary = 'Non existing CVE'`
CVE hover expansion module An hover module is a module returning a JSON that can be used as hover element in the MISP UI. 2016-03-18 07:51:13 +01:00			`else:`
			`misperrors['error'] = 'cve.circl.lu API not accessible'`
			`return misperrors['error']`

Return a text attribute for an hover only module 2016-03-24 21:44:15 +01:00			`r = {'results': [{'types': mispattributes['output'], 'values': summary}]}`
			`return r`
CVE hover expansion module An hover module is a module returning a JSON that can be used as hover element in the MISP UI. 2016-03-18 07:51:13 +01:00

			`def introspection():`
			`return mispattributes`


			`def version():`
			`moduleinfo['config'] = moduleconfig`
			`return moduleinfo`