fix: [variotdbs] Fixed some typos, missing imports, and some issues in the main parsing process

2022-10-24 14:53:00 +02:00 · 2022-10-24 14:53:00 +02:00 · 98031beeae
parent baa52f5ab9
commit 98031beeae
2 changed files with 23 additions and 17 deletions
--- a/misp_modules/modules/expansion/init.py
+++ b/misp_modules/modules/expansion/init.py
@ -18,7 +18,8 @@ __all__ = ['cuckoo_submit', 'vmray_submit', 'bgpranking', 'circl_passivedns', 'c
           'assemblyline_submit', 'assemblyline_query', 'ransomcoindb', 'malwarebazaar',
           'lastline_query', 'lastline_submit', 'sophoslabs_intelix', 'cytomic_orion', 'censys_enrich',
           'trustar_enrich', 'recordedfuture', 'html_to_markdown', 'socialscan', 'passive-ssh',
-           'qintel_qsentry', 'mwdb', 'hashlookup', 'mmdb_lookup', 'ipqs_fraud_and_risk_scoring', 'clamav', 'jinja_template_rendering','hyasinsight']
+           'qintel_qsentry', 'mwdb', 'hashlookup', 'mmdb_lookup', 'ipqs_fraud_and_risk_scoring',
+           'clamav', 'jinja_template_rendering','hyasinsight', 'variotdbs']


 minimum_required_fields = ('type', 'uuid', 'value')
--- a/misp_modules/modules/expansion/variotdbs.py
+++ b/misp_modules/modules/expansion/variotdbs.py
@ -1,7 +1,7 @@
 import json
 import requests
 from . import check_input_attribute, standard_error_message
-from pymisp import MISPEvent, MISPObject
+from pymisp import MISPAttribute, MISPEvent, MISPObject

 misperrors = {'error': 'Error'}
 mispattributes = {'input': ['vulnerability'], 'format': 'misp_standard'}
@ -31,7 +31,7 @@ class VariotdbsParser:

    @property
    def misp_attribute(self) -> MISPAttribute:
-        return self.__attribute
+        return self.__misp_attribute

    @property
    def misp_event(self) -> MISPEvent:
@ -65,7 +65,8 @@ class VariotdbsParser:
                    query_results[feature]['data']
                )
        if query_results.get('configurations', {}).get('data'):
-            for node in query_results['configurations']['data']['nodes']:
+            for configuration in query_results['configurations']['data']:
+                for node in configuration['nodes']:
                    for cpe_match in node['cpe_match']:
                        if cpe_match['vulnerable']:
                            vulnerability_object.add_attribute(
@ -129,15 +130,19 @@ def handler(q=False):
    headers = {'Content-Type': 'application/json'}
    if request.get('config', {}).get('API_key'):
        headers['Authorization'] = f"Token {request['config']['API_key']}"
+    empty = True
+    parser = VariotdbsParser(attribute)
    r = requests.get(f"{variotdbs_url}/vuln/{attribute['value']}/", headers=headers)
    if r.status_code == 200:
-        query_results = r.json()
-        if not query_results:
-            return {'error': 'Empty results'}
+        vulnerability_results = r.json()
+        if vulnerability_results:
+            parser.parse_vulnerability_information(vulnerability_results)
+            empty = False
    else:
+        if r.reason != 'Not found':
            return {'error': 'Error while querying the variotdbs API.'}
-    parser = VariotdbsParser(attribute, query_results)
-    parser.parse_vulnerability_information()
+    if empty:
+        return {'error': 'Empty results'}
    return parser.get_results()


@ -147,4 +152,4 @@ def introspection():

 def version():
    moduleinfo['config'] = moduleconfig
-    return moduleconfig
+    return moduleinfo