CVE hover expansion module

An hover module is a module returning a JSON that can be used
as hover element in the MISP UI.
pull/2/head
Alexandre Dulaunoy 2016-03-18 07:51:13 +01:00
parent c469681b68
commit 909efc1e42
1 changed files with 36 additions and 0 deletions

36
modules/expansion/cve.py Executable file
View File

@ -0,0 +1,36 @@
import json
import requests
misperrors = {'error': 'Error'}
mispattributes = {'input': ['vulnerability'], 'output': ['']}
moduleinfo = {'version': '0.1', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': 'hover'}
moduleconfig = []
cveapi_url = 'https://cve.circl.lu/api/cve/'
def handler(q=False):
if q is False:
return False
print (q)
request = json.loads(q)
if not request.get('vulnerability'):
misperrors['error'] = 'Vulnerability id missing'
return misperrors
r = requests.get(cveapi_url+request.get('vulnerability'))
if r.status_code == 200:
vulnerability = json.loads(r.text)
else:
misperrors['error'] = 'cve.circl.lu API not accessible'
return misperrors['error']
return vulnerability
def introspection():
return mispattributes
def version():
moduleinfo['config'] = moduleconfig
return moduleinfo