From 8d7d37746450d653e23398ab77a802789e225324 Mon Sep 17 00:00:00 2001
From: Igor Ivanov <evanowe@gmail.com>
Date: Tue, 18 Sep 2018 12:11:47 +0200
Subject: [PATCH] added exploit information

---
 misp_modules/modules/expansion/__init__.py |  2 +-
 misp_modules/modules/expansion/vulners.py  | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/misp_modules/modules/expansion/__init__.py b/misp_modules/modules/expansion/__init__.py
index c6e81a7..fce9343 100644
--- a/misp_modules/modules/expansion/__init__.py
+++ b/misp_modules/modules/expansion/__init__.py
@@ -1,3 +1,3 @@
 from . import _vmray
 
-__all__ = ['vmray_submit', 'asn_history', 'circl_passivedns', 'circl_passivessl', 'countrycode', 'cve', 'dns', 'domaintools', 'eupi', 'farsight_passivedns', 'ipasn', 'passivetotal', 'sourcecache', 'virustotal', 'whois', 'shodan', 'reversedns', 'geoip_country', 'wiki', 'iprep', 'threatminer', 'otx', 'threatcrowd', 'vulndb', 'crowdstrike_falcon', 'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl', 'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator', 'sigma_queries', 'dbl_spamhaus']
+__all__ = ['vmray_submit', 'asn_history', 'circl_passivedns', 'circl_passivessl', 'countrycode', 'cve', 'dns', 'domaintools', 'eupi', 'farsight_passivedns', 'ipasn', 'passivetotal', 'sourcecache', 'virustotal', 'whois', 'shodan', 'reversedns', 'geoip_country', 'wiki', 'iprep', 'threatminer', 'otx', 'threatcrowd', 'vulndb', 'crowdstrike_falcon', 'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl', 'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator', 'sigma_queries', 'dbl_spamhaus', 'vulners']
diff --git a/misp_modules/modules/expansion/vulners.py b/misp_modules/modules/expansion/vulners.py
index 70b5d12..7d1b54b 100644
--- a/misp_modules/modules/expansion/vulners.py
+++ b/misp_modules/modules/expansion/vulners.py
@@ -18,14 +18,21 @@ def handler(q=False):
         misperrors['error'] = 'Vulnerability id missing'
         return misperrors
 
-    key = q["config"]["apikey"]
+    key = request['config'].get('apikey')
     vulners_api = vulners.Vulners(api_key=key)
-    vulners_document = vulners_api.document("CVE-2017-14174")
+    vulners_document = vulners_api.document(request.get('vulnerability'))
+    vulners_exploits = vulners_api.searchExploit(request.get('vulnerability'))
     if vulners_document:
         summary = vulners_document.get('description')
     else:
         summary = 'Non existing CVE'
 
+    if vulners_exploits:
+        for exploit in vulners_exploits[0]:
+            exploit_summary += exploit['title'] + " " + exploit['href'] + "\n"
+        summary +=  vulners_exploits[1] + " Public exploits available:\n " + exploit_summary
+
+
     r = {'results': [{'types': mispattributes['output'], 'values': summary}]}
     return r