mirror of https://github.com/MISP/misp-modules
CVE hover expansion module
An hover module is a module returning a JSON that can be used as hover element in the MISP UI.pull/2/head
parent
c469681b68
commit
909efc1e42
|
@ -0,0 +1,36 @@
|
||||||
|
import json
|
||||||
|
import requests
|
||||||
|
|
||||||
|
misperrors = {'error': 'Error'}
|
||||||
|
mispattributes = {'input': ['vulnerability'], 'output': ['']}
|
||||||
|
moduleinfo = {'version': '0.1', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': 'hover'}
|
||||||
|
moduleconfig = []
|
||||||
|
cveapi_url = 'https://cve.circl.lu/api/cve/'
|
||||||
|
|
||||||
|
|
||||||
|
def handler(q=False):
|
||||||
|
if q is False:
|
||||||
|
return False
|
||||||
|
print (q)
|
||||||
|
request = json.loads(q)
|
||||||
|
if not request.get('vulnerability'):
|
||||||
|
misperrors['error'] = 'Vulnerability id missing'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
r = requests.get(cveapi_url+request.get('vulnerability'))
|
||||||
|
if r.status_code == 200:
|
||||||
|
vulnerability = json.loads(r.text)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = 'cve.circl.lu API not accessible'
|
||||||
|
return misperrors['error']
|
||||||
|
|
||||||
|
return vulnerability
|
||||||
|
|
||||||
|
|
||||||
|
def introspection():
|
||||||
|
return mispattributes
|
||||||
|
|
||||||
|
|
||||||
|
def version():
|
||||||
|
moduleinfo['config'] = moduleconfig
|
||||||
|
return moduleinfo
|
Loading…
Reference in New Issue