mirror of https://github.com/MISP/misp-modules
47 lines
1.4 KiB
Python
Executable File
47 lines
1.4 KiB
Python
Executable File
import json
|
|
import requests
|
|
|
|
misperrors = {'error': 'Error'}
|
|
mispattributes = {'input': ['vulnerability'], 'output': ['text']}
|
|
moduleinfo = {'version': '0.3', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']}
|
|
moduleconfig = ["custom_API"]
|
|
cveapi_url = 'https://cve.circl.lu/api/cve/'
|
|
|
|
|
|
def check_url(url):
|
|
return "{}/".format(url) if not url.endswith('/') else url
|
|
|
|
|
|
def handler(q=False):
|
|
if q is False:
|
|
return False
|
|
request = json.loads(q)
|
|
if not request.get('vulnerability'):
|
|
misperrors['error'] = 'Vulnerability id missing'
|
|
return misperrors
|
|
|
|
api_url = check_url(request['config']['custom_API']) if request.get('config') and request['config'].get('custom_API') else cveapi_url
|
|
r = requests.get("{}{}".format(api_url, request.get('vulnerability')))
|
|
if r.status_code == 200:
|
|
vulnerability = json.loads(r.text)
|
|
if vulnerability:
|
|
if vulnerability.get('summary'):
|
|
summary = vulnerability['summary']
|
|
else:
|
|
summary = 'Non existing CVE'
|
|
else:
|
|
misperrors['error'] = 'API not accessible'
|
|
return misperrors['error']
|
|
|
|
r = {'results': [{'types': mispattributes['output'], 'values': summary}]}
|
|
return r
|
|
|
|
|
|
def introspection():
|
|
return mispattributes
|
|
|
|
|
|
def version():
|
|
moduleinfo['config'] = moduleconfig
|
|
return moduleinfo
|