mirror of https://github.com/MISP/misp-modules
added exploit information
parent
5dc05bfafc
commit
8d7d377464
|
@ -1,3 +1,3 @@
|
||||||
from . import _vmray
|
from . import _vmray
|
||||||
|
|
||||||
__all__ = ['vmray_submit', 'asn_history', 'circl_passivedns', 'circl_passivessl', 'countrycode', 'cve', 'dns', 'domaintools', 'eupi', 'farsight_passivedns', 'ipasn', 'passivetotal', 'sourcecache', 'virustotal', 'whois', 'shodan', 'reversedns', 'geoip_country', 'wiki', 'iprep', 'threatminer', 'otx', 'threatcrowd', 'vulndb', 'crowdstrike_falcon', 'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl', 'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator', 'sigma_queries', 'dbl_spamhaus']
|
__all__ = ['vmray_submit', 'asn_history', 'circl_passivedns', 'circl_passivessl', 'countrycode', 'cve', 'dns', 'domaintools', 'eupi', 'farsight_passivedns', 'ipasn', 'passivetotal', 'sourcecache', 'virustotal', 'whois', 'shodan', 'reversedns', 'geoip_country', 'wiki', 'iprep', 'threatminer', 'otx', 'threatcrowd', 'vulndb', 'crowdstrike_falcon', 'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl', 'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator', 'sigma_queries', 'dbl_spamhaus', 'vulners']
|
||||||
|
|
|
@ -18,14 +18,21 @@ def handler(q=False):
|
||||||
misperrors['error'] = 'Vulnerability id missing'
|
misperrors['error'] = 'Vulnerability id missing'
|
||||||
return misperrors
|
return misperrors
|
||||||
|
|
||||||
key = q["config"]["apikey"]
|
key = request['config'].get('apikey')
|
||||||
vulners_api = vulners.Vulners(api_key=key)
|
vulners_api = vulners.Vulners(api_key=key)
|
||||||
vulners_document = vulners_api.document("CVE-2017-14174")
|
vulners_document = vulners_api.document(request.get('vulnerability'))
|
||||||
|
vulners_exploits = vulners_api.searchExploit(request.get('vulnerability'))
|
||||||
if vulners_document:
|
if vulners_document:
|
||||||
summary = vulners_document.get('description')
|
summary = vulners_document.get('description')
|
||||||
else:
|
else:
|
||||||
summary = 'Non existing CVE'
|
summary = 'Non existing CVE'
|
||||||
|
|
||||||
|
if vulners_exploits:
|
||||||
|
for exploit in vulners_exploits[0]:
|
||||||
|
exploit_summary += exploit['title'] + " " + exploit['href'] + "\n"
|
||||||
|
summary += vulners_exploits[1] + " Public exploits available:\n " + exploit_summary
|
||||||
|
|
||||||
|
|
||||||
r = {'results': [{'types': mispattributes['output'], 'values': summary}]}
|
r = {'results': [{'types': mispattributes['output'], 'values': summary}]}
|
||||||
return r
|
return r
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue