From 4f70011edfda4b7256c6dad0ce6bcb773d38cec1 Mon Sep 17 00:00:00 2001 From: chrisr3d Date: Thu, 31 Oct 2019 11:48:59 +0100 Subject: [PATCH] fix: Fixed config parsing + results parsing - Avoiding errors with config field when it is empty or the apikey is not set - Parsing all the results instead of only the first one --- misp_modules/modules/expansion/vulners.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/misp_modules/modules/expansion/vulners.py b/misp_modules/modules/expansion/vulners.py index 557fdb6..c2ec7de 100644 --- a/misp_modules/modules/expansion/vulners.py +++ b/misp_modules/modules/expansion/vulners.py @@ -21,7 +21,10 @@ def handler(q=False): exploit_summary = '' vuln_summary = '' - key = request['config'].get('apikey') + if not request.get('config') or not request['config'].get('apikey'): + return {'error': "A Vulners api key is required for this module."} + + key = request['config']['apikey'] vulners_api = vulners.Vulners(api_key=key) vulnerability = request.get('vulnerability') vulners_document = vulners_api.document(vulnerability) @@ -44,8 +47,8 @@ def handler(q=False): ai_summary += 'Vulners AI Score is ' + str(vulners_ai_score[0]) + " " if vulners_exploits: - exploit_summary += " || " + str(len(vulners_exploits[0])) + " Public exploits available:\n " - for exploit in vulners_exploits[0]: + exploit_summary += " || " + str(len(vulners_exploits)) + " Public exploits available:\n " + for exploit in vulners_exploits: exploit_summary += exploit['title'] + " " + exploit['href'] + "\n " exploit_summary += "|| Vulnerability Description: " + vuln_summary