mirror of
https://github.com/cve-search/cpe-guesser.git
synced 2024-11-24 15:57:22 +00:00
Merge pull request #10 from cosad3s/main
Add Docker & Docker-compose + external configuration
This commit is contained in:
commit
3a487c078a
10 changed files with 104 additions and 11 deletions
18
Dockerfile
Normal file
18
Dockerfile
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
|
FROM python:3.8-slim-buster
|
||||||
|
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
COPY REQUIREMENTS REQUIREMENTS
|
||||||
|
RUN pip3 install -r REQUIREMENTS
|
||||||
|
|
||||||
|
COPY bin bin
|
||||||
|
COPY etc /etc
|
||||||
|
COPY lib lib
|
||||||
|
COPY docker/entrypoint.sh entrypoint.sh
|
||||||
|
|
||||||
|
RUN mkdir /app/config
|
||||||
|
RUN chmod u+x entrypoint.sh
|
||||||
|
|
||||||
|
ENTRYPOINT ["/app/entrypoint.sh"]
|
33
README.md
33
README.md
|
@ -10,19 +10,46 @@ be used against [cve-search](https://github.com/cve-search/cve-search) to do act
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
To use CPE guesser, you have to initialise the Redis database with `import.py`. Then you can use
|
To use CPE guesser, you have to initialise the Redis database with `import.py`.
|
||||||
the software with `lookup.py` to find the most probable CPE matching the keywords provided.
|
|
||||||
|
Then you can use the software with `lookup.py` to find the most probable CPE matching the keywords provided.
|
||||||
|
|
||||||
|
Or by calling the Web server (After running `server.py`), example: `curl -s -X POST http://localhost:8000/search -d "{\"query\": [\"tomcat\"]}" | jq .`
|
||||||
|
|
||||||
### Installation
|
### Installation
|
||||||
|
|
||||||
- `git clone https://github.com/cve-search/cpe-guesser.git`
|
- `git clone https://github.com/cve-search/cpe-guesser.git`
|
||||||
- `cd cpe-guesser/bin`
|
- `cd cpe-guesser/bin`
|
||||||
- Download the CPE dictionary & populate the database with `python3 ./import.py`.
|
- Download the CPE dictionary & populate the database with `python3 ./import.py`.
|
||||||
- Take a cup of black or green tea.
|
- Take a cup of black or green tea ().
|
||||||
- `python3 cpe-guesser/bin/server.py` to run the local HTTP server.
|
- `python3 cpe-guesser/bin/server.py` to run the local HTTP server.
|
||||||
|
|
||||||
If you don't want to install it locally, there is a public online version. Check below.
|
If you don't want to install it locally, there is a public online version. Check below.
|
||||||
|
|
||||||
|
### Docker
|
||||||
|
|
||||||
|
#### Single image with existing Redis
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker build . -t cpe-guesser:l.0
|
||||||
|
# Edit settings.yaml content and/or path
|
||||||
|
docker run cpe-guesser:l.0 -v $(pwd)/config/settings.yaml:/app/config/settings.yaml
|
||||||
|
# Please wait for full import
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Docker-compose
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cd docker
|
||||||
|
# Edit docker/settings.yaml as you want
|
||||||
|
docker-compose up --build -d
|
||||||
|
# Please wait for full import
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Specific usage
|
||||||
|
|
||||||
|
If you do not want to use the Web server, `lookup.py` can still be used. Example: `docker exec -it cpe-guesser python3 /app/bin/lookup.py tomcat`
|
||||||
|
|
||||||
## Public online version
|
## Public online version
|
||||||
|
|
||||||
[cpe-guesser.cve-search.org](https://cpe-guesser.cve-search.org) is public online version of CPE guesser which can be used via
|
[cpe-guesser.cve-search.org](https://cpe-guesser.cve-search.org) is public online version of CPE guesser which can be used via
|
||||||
|
|
|
@ -1,2 +1,3 @@
|
||||||
redis
|
redis
|
||||||
falcon
|
falcon
|
||||||
|
dynaconf
|
||||||
|
|
|
@ -10,14 +10,15 @@ import shutil
|
||||||
import xml.sax
|
import xml.sax
|
||||||
import redis
|
import redis
|
||||||
import time
|
import time
|
||||||
|
from dynaconf import Dynaconf
|
||||||
|
|
||||||
# Configuration
|
# Configuration
|
||||||
cpe_path = '../data/official-cpe-dictionary_v2.3.xml'
|
settings = Dynaconf(
|
||||||
cpe_source = (
|
settings_files=['../config/settings.yaml']
|
||||||
'https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz'
|
|
||||||
)
|
)
|
||||||
rdb = redis.Redis(host='127.0.0.1', port=6379, db=8)
|
cpe_path = settings.cpe.path
|
||||||
|
cpe_source = (settings.cpe.source)
|
||||||
|
rdb = redis.Redis(host=settings.redis.host, port=settings.redis.port, db=8)
|
||||||
|
|
||||||
class CPEHandler(xml.sax.ContentHandler):
|
class CPEHandler(xml.sax.ContentHandler):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
|
@ -127,7 +128,7 @@ if __name__ == '__main__':
|
||||||
if args.replace == 0 and rdb.dbsize() > 0 and not args.update:
|
if args.replace == 0 and rdb.dbsize() > 0 and not args.update:
|
||||||
print(f"Warning! The Redis database already has {rdb.dbsize()} keys.")
|
print(f"Warning! The Redis database already has {rdb.dbsize()} keys.")
|
||||||
print("Use --replace if you want to flush the database and repopulate it.")
|
print("Use --replace if you want to flush the database and repopulate it.")
|
||||||
sys.exit(1)
|
sys.exit(0)
|
||||||
|
|
||||||
if args.download > 0 or not os.path.isfile(cpe_path):
|
if args.download > 0 or not os.path.isfile(cpe_path):
|
||||||
print(f"Downloading CPE data from {cpe_source} ...")
|
print(f"Downloading CPE data from {cpe_source} ...")
|
||||||
|
|
|
@ -6,9 +6,13 @@ import sys
|
||||||
import falcon
|
import falcon
|
||||||
from wsgiref.simple_server import make_server
|
from wsgiref.simple_server import make_server
|
||||||
import json
|
import json
|
||||||
|
from dynaconf import Dynaconf
|
||||||
|
|
||||||
# Configuration
|
# Configuration
|
||||||
port = 8000
|
settings = Dynaconf(
|
||||||
|
settings_files=['../config/settings.yaml']
|
||||||
|
)
|
||||||
|
port = settings.server.port
|
||||||
|
|
||||||
runPath = os.path.dirname(os.path.realpath(__file__))
|
runPath = os.path.dirname(os.path.realpath(__file__))
|
||||||
sys.path.append(os.path.join(runPath, ".."))
|
sys.path.append(os.path.join(runPath, ".."))
|
||||||
|
|
8
config/settings.yaml
Normal file
8
config/settings.yaml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
server:
|
||||||
|
port: 8000
|
||||||
|
redis:
|
||||||
|
host: 127.0.0.1
|
||||||
|
port: 6379
|
||||||
|
cpe:
|
||||||
|
path: '../data/official-cpe-dictionary_v2.3.xml'
|
||||||
|
source: 'https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz'
|
16
docker/docker-compose.yml
Normal file
16
docker/docker-compose.yml
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
server:
|
||||||
|
container_name: cpe-guesser
|
||||||
|
image: cpe-guesser:1.0
|
||||||
|
build: ..
|
||||||
|
volumes:
|
||||||
|
- ../data/:/data/:rw
|
||||||
|
- ./settings.yaml:/app/config/settings.yaml
|
||||||
|
ports:
|
||||||
|
- 8000:8000
|
||||||
|
depends_on:
|
||||||
|
- redis
|
||||||
|
redis:
|
||||||
|
container_name: cpe-guesser-db
|
||||||
|
image: "redis:alpine"
|
5
docker/entrypoint.sh
Normal file
5
docker/entrypoint.sh
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
python3 -u /app/bin/import.py
|
||||||
|
python3 -u /app/bin/server.py
|
8
docker/settings.yaml
Normal file
8
docker/settings.yaml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
server:
|
||||||
|
port: 8000
|
||||||
|
redis:
|
||||||
|
host: redis
|
||||||
|
port: 6379
|
||||||
|
cpe:
|
||||||
|
path: '/data/official-cpe-dictionary_v2.3.xml'
|
||||||
|
source: 'https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz'
|
|
@ -2,11 +2,16 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
import redis
|
import redis
|
||||||
|
from dynaconf import Dynaconf
|
||||||
|
|
||||||
|
# Configuration
|
||||||
|
settings = Dynaconf(
|
||||||
|
settings_files=['../config/settings.yaml']
|
||||||
|
)
|
||||||
|
|
||||||
class CPEGuesser:
|
class CPEGuesser:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.rdb = redis.Redis(host='127.0.0.1', port=6379, db=8, decode_responses=True)
|
self.rdb = redis.Redis(host=settings.redis.host, port=settings.redis.port, db=8, decode_responses=True)
|
||||||
|
|
||||||
def guessCpe(self, words):
|
def guessCpe(self, words):
|
||||||
k = []
|
k = []
|
||||||
|
|
Loading…
Reference in a new issue