ail-framework/bin/modules/CveModule.py

#!/usr/bin/env python3
# -*-coding:UTF-8 -*
"""
The CVE Module
======================

This module is consuming the Redis-list created by the Categ module.

It apply CVE regexes on paste content and warn if a reference to a CVE is spotted.

"""

##################################
# Import External packages
##################################
import os
import re
import sys

sys.path.append(os.environ['AIL_BIN'])
##################################
# Import Project packages
##################################
from modules.abstract_module import AbstractModule
from lib.objects import Cves
from lib.objects.Items import Item


class CveModule(AbstractModule):
    """
    CveModule for AIL framework
    """

    def __init__(self):
        super(CveModule, self).__init__()

        # regex to find CVE
        self.reg_cve = re.compile(r'CVE-[1-2]\d{1,4}-\d{1,5}')

        # Waiting time in seconds between to message processed
        self.pending_seconds = 1

        # Send module state to logs
        self.logger.info(f'Module {self.module_name} initialized')

    def compute(self, message):

        item_id, count = message.split()
        item = Item(item_id)
        item_id = item.get_id()

        cves = self.regex_findall(self.reg_cve, item_id, item.get_content())
        if cves:
            # print(cves)
            date = item.get_date()
            for cve_id in cves:
                cve = Cves.Cve(cve_id)
                cve.add(date, item_id)

            warning = f'{item_id} contains CVEs {cves}'
            print(warning)
            self.redis_logger.warning(warning)

            msg = f'infoleak:automatic-detection="cve";{item_id}'
            # Send to Tags Queue
            self.add_message_to_queue(msg, 'Tags')


if __name__ == '__main__':

    module = CveModule()
    module.run()
decode with redis connection 2018-05-04 11:53:29 +00:00			`#!/usr/bin/env python3`
Added new modules and started WebTrending web interface 2016-06-30 12:38:28 +00:00			`# --coding:UTF-8 -`
			`"""`
Improved description of modules inside the scripts 2017-05-09 09:13:16 +00:00			`The CVE Module`
			`======================`

			`This module is consuming the Redis-list created by the Categ module.`

			`It apply CVE regexes on paste content and warn if a reference to a CVE is spotted.`

Added new modules and started WebTrending web interface 2016-06-30 12:38:28 +00:00			`"""`

fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`##################################`
			`# Import External packages`
			`##################################`
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`import os`
Added new modules and started WebTrending web interface 2016-06-30 12:38:28 +00:00			`import re`
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`import sys`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`sys.path.append(os.environ['AIL_BIN'])`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`##################################`
			`# Import Project packages`
			`##################################`
			`from modules.abstract_module import AbstractModule`
chg: [crawler + core + cve] migrate crawler to lacus + add new CVE object and correlation + migrate core 2022-10-25 14:25:19 +00:00			`from lib.objects import Cves`
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`from lib.objects.Items import Item`
Added new modules and started WebTrending web interface 2016-06-30 12:38:28 +00:00

chg: [DB Migration] UI: Extract + highlight leaks and trackers match, Data Retention save object first/last date, Refactor Tools 2022-12-19 15:38:20 +00:00			`class CveModule(AbstractModule):`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`"""`
chg: [DB Migration] UI: Extract + highlight leaks and trackers match, Data Retention save object first/last date, Refactor Tools 2022-12-19 15:38:20 +00:00			`CveModule for AIL framework`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`"""`

			`def __init__(self):`
chg: [DB Migration] UI: Extract + highlight leaks and trackers match, Data Retention save object first/last date, Refactor Tools 2022-12-19 15:38:20 +00:00			`super(CveModule, self).__init__()`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
			`# regex to find CVE`
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`self.reg_cve = re.compile(r'CVE-[1-2]\d{1,4}-\d{1,5}')`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
chg: [crawler + core + cve] migrate crawler to lacus + add new CVE object and correlation + migrate core 2022-10-25 14:25:19 +00:00			`# Waiting time in seconds between to message processed`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`self.pending_seconds = 1`

			`# Send module state to logs`
chg: [logs] add new logger 2023-05-12 13:29:53 +00:00			`self.logger.info(f'Module {self.module_name} initialized')`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
			`def compute(self, message):`

chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`item_id, count = message.split()`
			`item = Item(item_id)`
			`item_id = item.get_id()`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`cves = self.regex_findall(self.reg_cve, item_id, item.get_content())`
			`if cves:`
chg: [CVE] migrate CVE + get CVEs by daterange 2022-12-21 13:20:13 +00:00			`# print(cves)`
chg: [crawler + core + cve] migrate crawler to lacus + add new CVE object and correlation + migrate core 2022-10-25 14:25:19 +00:00			`date = item.get_date()`
			`for cve_id in cves:`
			`cve = Cves.Cve(cve_id)`
			`cve.add(date, item_id)`

chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`warning = f'{item_id} contains CVEs {cves}'`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`print(warning)`
			`self.redis_logger.warning(warning)`
chg: [crawler + core + cve] migrate crawler to lacus + add new CVE object and correlation + migrate core 2022-10-25 14:25:19 +00:00
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00			`msg = f'infoleak:automatic-detection="cve";{item_id}'`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00			`# Send to Tags Queue`
chg: [AIL queues] rewrite module queues. remove PUBSUB 2023-04-13 12:25:02 +00:00			`self.add_message_to_queue(msg, 'Tags')`
chg: [modules + correlation] migrate Cve,Iban,Language + fix correlation graph 2022-09-20 14:11:48 +00:00

Added new modules and started WebTrending web interface 2016-06-30 12:38:28 +00:00			`if __name__ == '__main__':`
fix: inherit AbstractModule to prevent stuck queues regex compiled only at start, not in the loop no duplicate warning string comments 2021-09-08 08:32:47 +00:00
chg: [DB Migration] UI: Extract + highlight leaks and trackers match, Data Retention save object first/last date, Refactor Tools 2022-12-19 15:38:20 +00:00			`module = CveModule()`
fix: [modules] small fixs 2023-04-04 12:12:23 +00:00			`module.run()`