2016-03-18 07:51:13 +01:00
import json
import requests
misperrors = { ' error ' : ' Error ' }
2016-03-24 21:44:15 +01:00
mispattributes = { ' input ' : [ ' vulnerability ' ] , ' output ' : [ ' text ' ] }
2019-09-17 11:07:23 +02:00
moduleinfo = { ' version ' : ' 0.3 ' , ' author ' : ' Alexandre Dulaunoy ' , ' description ' : ' An expansion hover module to expand information about CVE id. ' , ' module-type ' : [ ' hover ' ] }
moduleconfig = [ " custom_API " ]
2016-03-18 07:51:13 +01:00
cveapi_url = ' https://cve.circl.lu/api/cve/ '
2019-09-17 14:13:05 +02:00
2019-09-17 11:07:23 +02:00
def check_url ( url ) :
return " {} / " . format ( url ) if not url . endswith ( ' / ' ) else url
2016-03-18 07:51:13 +01:00
2019-09-17 14:13:05 +02:00
2016-03-18 07:51:13 +01:00
def handler ( q = False ) :
if q is False :
return False
request = json . loads ( q )
if not request . get ( ' vulnerability ' ) :
misperrors [ ' error ' ] = ' Vulnerability id missing '
return misperrors
2019-10-04 17:22:32 +02:00
api_url = check_url ( request [ ' config ' ] [ ' custom_API ' ] ) if request . get ( ' config ' ) and request [ ' config ' ] . get ( ' custom_API ' ) else cveapi_url
2019-09-17 11:07:23 +02:00
r = requests . get ( " {} {} " . format ( api_url , request . get ( ' vulnerability ' ) ) )
2016-03-18 07:51:13 +01:00
if r . status_code == 200 :
vulnerability = json . loads ( r . text )
2017-10-21 19:52:19 +02:00
if vulnerability :
if vulnerability . get ( ' summary ' ) :
summary = vulnerability [ ' summary ' ]
else :
summary = ' Non existing CVE '
2016-03-18 07:51:13 +01:00
else :
2019-09-17 11:07:23 +02:00
misperrors [ ' error ' ] = ' API not accessible '
2016-03-18 07:51:13 +01:00
return misperrors [ ' error ' ]
2016-03-24 21:44:15 +01:00
r = { ' results ' : [ { ' types ' : mispattributes [ ' output ' ] , ' values ' : summary } ] }
return r
2016-03-18 07:51:13 +01:00
def introspection ( ) :
return mispattributes
def version ( ) :
moduleinfo [ ' config ' ] = moduleconfig
return moduleinfo
