From dc84c9f972ed7d42f213545a118bc4a1cd12dfb5 Mon Sep 17 00:00:00 2001 From: "Fafner [_KeyZee_]" Date: Tue, 17 Sep 2019 11:07:23 +0200 Subject: [PATCH] adding custom API Adding the possibility to have our own API server. --- misp_modules/modules/expansion/cve.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/misp_modules/modules/expansion/cve.py b/misp_modules/modules/expansion/cve.py index 81d8db5..b182b5d 100755 --- a/misp_modules/modules/expansion/cve.py +++ b/misp_modules/modules/expansion/cve.py @@ -3,10 +3,12 @@ import requests misperrors = {'error': 'Error'} mispattributes = {'input': ['vulnerability'], 'output': ['text']} -moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']} -moduleconfig = [] +moduleinfo = {'version': '0.3', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']} +moduleconfig = ["custom_API"] cveapi_url = 'https://cve.circl.lu/api/cve/' +def check_url(url): + return "{}/".format(url) if not url.endswith('/') else url def handler(q=False): if q is False: @@ -16,7 +18,8 @@ def handler(q=False): misperrors['error'] = 'Vulnerability id missing' return misperrors - r = requests.get(cveapi_url + request.get('vulnerability')) + api_url = check_url(request['config']['custom_API']) if request['config'].get('custom_API') else cveapi_url + r = requests.get("{}{}".format(api_url, request.get('vulnerability'))) if r.status_code == 200: vulnerability = json.loads(r.text) if vulnerability: @@ -25,7 +28,7 @@ def handler(q=False): else: summary = 'Non existing CVE' else: - misperrors['error'] = 'cve.circl.lu API not accessible' + misperrors['error'] = 'API not accessible' return misperrors['error'] r = {'results': [{'types': mispattributes['output'], 'values': summary}]}