mirror of https://github.com/MISP/misp-modules
Modules for expansion services, import and export in MISP
http://misp.github.io/misp-modules
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 lines
1.2 KiB
41 lines
1.2 KiB
import json |
|
import requests |
|
|
|
misperrors = {'error': 'Error'} |
|
mispattributes = {'input': ['vulnerability'], 'output': ['text']} |
|
moduleinfo = {'version': '0.2', 'author': 'Alexandre Dulaunoy', 'description': 'An expansion hover module to expand information about CVE id.', 'module-type': ['hover']} |
|
moduleconfig = [] |
|
cveapi_url = 'https://cve.circl.lu/api/cve/' |
|
|
|
|
|
def handler(q=False): |
|
if q is False: |
|
return False |
|
request = json.loads(q) |
|
if not request.get('vulnerability'): |
|
misperrors['error'] = 'Vulnerability id missing' |
|
return misperrors |
|
|
|
r = requests.get(cveapi_url + request.get('vulnerability')) |
|
if r.status_code == 200: |
|
vulnerability = json.loads(r.text) |
|
if vulnerability: |
|
if vulnerability.get('summary'): |
|
summary = vulnerability['summary'] |
|
else: |
|
summary = 'Non existing CVE' |
|
else: |
|
misperrors['error'] = 'cve.circl.lu API not accessible' |
|
return misperrors['error'] |
|
|
|
r = {'results': [{'types': mispattributes['output'], 'values': summary}]} |
|
return r |
|
|
|
|
|
def introspection(): |
|
return mispattributes |
|
|
|
|
|
def version(): |
|
moduleinfo['config'] = moduleconfig |
|
return moduleinfo
|
|
|