cve-search.org connector happy path

KTZgraph · Apr 21, 2020 · b7d4443 · b7d4443
1 parent 80e8a2a
commit b7d4443
Show file tree

Hide file tree

Showing 6 changed files with 191 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -1,13 +1,20 @@
 # sarenka
-https://sarenka.readthedocs.io/en/latest/
-Everything I like in one place for passive reconnaissance.
+Passive reconnaissance for everyone
+
+# logo
 Logo was generated with https://www.renderforest.com/
 [![Build Status](https://travis-ci.org/joemccann/dillinger.svg?branch=master)](https://travis-ci.org/joemccann/dillinger)
 
 
+# heroku
+https://sarenka.herokuapp.com/
+
 # doc
+https://sarenka.readthedocs.io/en/latest/
+https://sarenka.readthedocs.io/pl/latest/ (Polish)
 https://app.gitbook.com/@pawlaczyk/s/sarenka/
 
+
 # Config
 example sarenka/backend/connectors/credentials.json
 
@@ -52,6 +59,13 @@ example sarenka/backend/connectors/credentials.json
         "base_url": "https://www.zoomeye.org/",
         "user": "<my_user>",
         "api_key": "<my_api_key>"
+    },
+    "cve_search":{
+        "base_url": "https://cve.circl.lu/api/",
+        "cve": "https://cve.circl.lu/api/cve/",
+        "vendor": "https://cve.circl.lu/api/browse/",
+        "last": "https://cve.circl.lu/api/last",
+        "db_info": "https://cve.circl.lu/api/dbInfo"
     }
 }
 ```
@@ -70,6 +84,8 @@ example sarenka/backend/connectors/credentials.json
   - https://who.is/
   - https://yandex.com/
   - https://www.zoomeye.org/
+  - https://www.cve-search.org/ https://github.com/cve-search/cve-search
+  - https://developer.github.com/v3/
 
   - https://greynoise.io/ (maybe?)
   - https://www.ebay.com/ (helpful when I totally don't know what it is)
@@ -85,8 +101,8 @@ example sarenka/backend/connectors/credentials.json
   - https://github.com/ElevenPaths/FOCA (maybe)
   - https://github.com/wireshark/wireshark (maybe)
   - https://github.com/VowpalWabbit (maybe)
-  - Docker
-  - Virtualbox
+  - Docker (maybe)
+  - Virtualbox (maybe)
 
 # Chorme extension
     Open question: Can I get data from them?

diff --git a/backend/connectors/credential.py b/backend/connectors/credential.py
@@ -43,6 +43,39 @@ def secret(self):
     def api_url(self):
         return self.__api_url
 
+class CVESEarchData:
+    def __init__(self, data):
+        """API nie wymaga rejestracji, dany uzupełnione na sztywno 
+        w programie
+        url do api się specjalnie nie zmienia; ale na razie nie zaszywam logiki w kodzie
+        """
+        self.__base_url = data["base_url"]
+        self.__cve = data["cve"]
+        self.__vendor = data["vendor"]
+        self.__last = data["last"]
+        self.__db_info = data["db_info"]
+
+    @property
+    def base_url(self):
+        return self.__base_url
+
+    @property
+    def vendor(self):
+        return self.__vendor
+
+    @property
+    def cve(self):
+        return self.__cve
+
+    @property
+    def db_info(self):
+        return self.__db_info
+
+
+    @property
+    def last(self):
+        return self.__last
+
 
 class Credential:
     """Credentials for shodan, censys, etc"""
@@ -62,6 +95,7 @@ def __init__(self, config_file="connectors/credentials.json")->None:
             self.__shodan = CredentialData(data["shodan"])
             self.__yandex = CredentialData(data["yandex"])
             self.__zoomeye = CredentialData(data["zoomeye"])
+            self.__cve_search = CVESEarchData(data["cve_search"])
         else:
             self.getInstance()
 
@@ -106,3 +140,8 @@ def yandex(self):
     @property
     def zoomeye(self):
         return self.__zoomeye
+
+    @property
+    def cve_search(self):
+        print(self.__cve_search.base_url )
+        return self.__cve_search
diff --git a/backend/connectors/cve_search/connector.py b/backend/connectors/cve_search/connector.py
@@ -0,0 +1,55 @@
+import requests
+from requests.exceptions import HTTPError
+
+
+from connectors.credential import Credential 
+from connector_interface import ConnectorInterface
+
+
+class Connector(ConnectorInterface):
+    """
+    http://cve-search.org/api/
+    """
+    def __init__(self, credentials):
+        super().__init__(credentials)
+
+    def search_by_cve_code(self, cve_code):
+        url = f'{self.cve}{cve_code}'
+        print(url)
+        response = requests.get(url)
+        return response
+
+    def get_last_30_cves(self):
+        response = requests.get(self.last)
+        return response
+
+    def get_vendors_list(self):
+        response = requests.get(self.vendor)
+        return response
+
+    def get_vendor_products(self, vendor):
+        url = f'{self.vendor}{vendor}/'
+        response = requests.get(url)
+        return response
+
+    def get_product(self, vendor, product):
+        url = f'{self.vendor}{vendor}/{product}'
+        response = requests.get(url)
+        return response
+
+    def get_db_info(self):
+        response = requests.get(self.db_info)
+        return response
+
+
+
+if __name__ == "__main__":
+    # \sarenka\backend>python connectors\cve_search\connector.py  
+    credentials = Credential().cve_search
+    connector = Connector(credentials)
+    print(connector.search_by_cve_code("CVE-2010-3333"))
+    print(connector.get_last_30_cves())
+    print(connector.get_vendors_list())
+    print(connector.get_vendor_products("microsoft"))
+    print(connector.get_product("microsoft","office"))
+    print(connector.get_db_info())
diff --git a/backend/connectors/cve_search/connector_interface.py b/backend/connectors/cve_search/connector_interface.py
@@ -0,0 +1,71 @@
+from typing import Dict, Tuple, Sequence, List, NoReturn
+from abc import ABC, abstractmethod
+
+
+class ConnectorInterface(ABC):
+    def __init__(self, credentials):
+        print(credentials)
+        self.__base_url = credentials.base_url
+        self.__cve = credentials.cve
+        self.__vendor = credentials.vendor
+        self.__last = credentials.last
+        self.__db_info = credentials.db_info
+
+    @property
+    def base_url(self):
+        return self.__base_url
+
+    @property
+    def vendor(self):
+        return self.__vendor
+
+    @property
+    def cve(self):
+        return self.__cve
+
+    @property
+    def db_info(self):
+        return self.__db_info
+
+    @property
+    def last(self):
+        return self.__last
+
+    @abstractmethod
+    def search_by_cve_code(self, cve_code):
+        """
+        curl https://cve.circl.lu/api/cve/CVE-2010-3333
+        """
+        pass
+
+    @abstractmethod
+    def get_last_30_cves(self):
+        pass
+
+    @abstractmethod
+    def get_vendors_list(self):
+        """
+        curl https://cve.circl.lu/api/browse
+        """
+        pass
+
+    @abstractmethod
+    def get_vendor_products(self, vendor):
+        """
+        curl https://cve.circl.lu/api/browse/microsoft
+        """
+        pass
+
+    @abstractmethod
+    def get_product(self, vendor, product):
+        """
+        curl https://cve.circl.lu/api/search/microsoft/office
+        """
+        pass
+
+    @abstractmethod
+    def get_db_info(self):
+        """
+        curl https://cve.circl.lu/api/dbInfo
+        """
+        pass
diff --git a/backend/connectors/cve_search/test_connector.py b/backend/connectors/cve_search/test_connector.py
diff --git a/todo.txt b/todo.txt
@@ -31,4 +31,9 @@
     np zapytania z shodana
     noSQL MongoDB
 
-12. opakować i zrobić endpointa do cve
+12. opakować i zrobić endpointa do cve
+
+13. przeglądanie rejestrów windowsa i wyciaganie oprogramowania z wersją
+    - na podstawie danych szukanie cve do wersji
+
+14. ogarnac jeninka do testow bo nie damy recznie rady