File Coverage

blib/lib/Metabrik/Database/Cvesearch.pm

Criterion	Covered	Total	%
statement	9	92	9.7
branch	0	42	0.0
condition	0	20	0.0
subroutine	3	12	25.0
pod	2	9	22.2
total	14	175	8.0

line	stmt	bran	cond	sub	pod	time	code
1							#
2							# $Id$
3							#
4							# database::cvesearch Brik
5							#
6							package Metabrik::Database::Cvesearch;
7	1			1		667	use strict;
	1					3
	1					28
8	1			1		5	use warnings;
	1					2
	1					28
9
10	1			1		5	use base qw(Metabrik::Shell::Command Metabrik::System::Package);
	1					2
	1					484
11
12							sub brik_properties {
13							return {
14	0			0	1		revision => '$Revision$',
15							tags => [ qw(unstable cve cpe vfeed circl) ],
16							author => 'GomoR ',
17							license => 'http://opensource.org/licenses/BSD-3-Clause',
18							attributes => {
19							repo => [ qw(repo) ],
20							},
21							commands => {
22							install => [ ], # Inherited
23							init_database => [ ],
24							update_database => [ ],
25							repopulate_database => [ ],
26							cpe_search => [ qw(cpe) ],
27							cve_search => [ qw(cve) ],
28							dump_last => [ ],
29							},
30							require_modules => {
31							'Metabrik::Devel::Git' => [ ],
32							'Metabrik::String::Json' => [ ],
33							'Metabrik::String::Xml' => [ ],
34							},
35							require_binaries => {
36							python3 => [ ],
37							pip3 => [ ],
38							},
39							need_packages => {
40							ubuntu => [ qw(python3 python3-pip mongodb redis-server) ],
41							debian => [ qw(python3 python3-pip mongodb redis-server) ],
42							kali => [ qw(python3 python3-pip mongodb redis-server) ],
43							},
44							};
45							}
46
47							#
48							# https://github.com/cve-search/cve-search
49							#
50
51							sub brik_use_properties {
52	0			0	1		my $self = shift;
53
54							my $global_datadir = defined($self->global) && $self->global->datadir
55	0		0				\|\| defined($ENV{HOME}) && $ENV{HOME}."/metabrik"
56							\|\| '/tmp/metabrik';
57	0						my $repo = $global_datadir."/devel-git/cve-search";
58
59							return {
60	0						attributes_default => {
61							repo => $repo,
62							},
63							};
64							}
65
66							sub install {
67	0			0	0		my $self = shift;
68
69	0	0					$self->SUPER::install(@_) or return;
70
71	0						my $url = 'https://github.com/cve-search/cve-search';
72
73	0	0					my $dg = Metabrik::Devel::Git->new_from_brik_init($self) or return;
74
75	0						my $repo = $self->repo;
76	0	0					if (-d $repo) {
77	0	0					$repo = $dg->update($url) or return;
78							}
79							else {
80	0	0					$repo = $dg->clone($url) or return;
81							}
82
83	0	0					$self->sudo_execute('pip3 install -r '.$repo.'/requirements.txt') or return;
84
85	0						return 1;
86							}
87
88							sub init_database {
89	0			0	0		my $self = shift;
90
91	0						my $repo = $self->repo;
92
93	0						for my $this (
94							'sbin/db_mgmt.py -p', 'sbin/db_mgmt_cpe_dictionary.py', 'sbin/db_updater.py -c'
95							) {
96	0						my $cmd = $repo.'/'.$this;
97	0						$self->log->verbose("init_database: cmd [$cmd]");
98	0						$self->execute($cmd);
99							}
100
101	0						return 1;
102							}
103
104							sub update_database {
105	0			0	0		my $self = shift;
106
107	0						my $repo = $self->repo;
108
109	0						for my $this ('sbin/db_updater.py -v') {
110	0						my $cmd = $repo.'/'.$this;
111	0						$self->execute($cmd);
112							}
113
114	0						return 1;
115							}
116
117							sub repopulate_database {
118	0			0	0		my $self = shift;
119
120	0						my $repo = $self->repo;
121
122	0						for my $this ('sbin/db_updater.py -v -f') {
123	0						my $cmd = $repo.'/'.$this;
124	0						$self->execute($cmd);
125							}
126
127	0						return 1;
128							}
129
130							#
131							# run database::cvesearch cpe_search cisco:ios:12.4
132							#
133							sub cpe_search {
134	0			0	0		my $self = shift;
135	0						my ($cpe) = @_;
136
137	0	0					$self->brik_help_run_undef_arg('cpe_search', $cpe) or return;
138
139	0						my $repo = $self->repo;
140
141	0						my $cmd = $repo.'/bin/search.py -o json -p '.$cpe;
142
143	0	0					my $json = $self->capture($cmd) or return;
144	0	0	0				if (@$json <= 0 \|\| (@$json == 1 && $json->[0] eq 'undef')) {
			0
145	0						return $self->log->error("search_cpe: invalid response: ".join('', @$json));
146							}
147
148	0	0					my $sj = Metabrik::String::Json->new_from_brik_init($self) or return;
149
150	0						my @results = ();
151	0						for my $this (@$json) {
152	0	0					my $r = $sj->decode($this) or next;
153	0						push @results, $r;
154							}
155
156	0						return \@results;
157							}
158
159							#
160							# run database::cvesearch cve_search CVE-2010-3333
161							#
162							sub cve_search {
163	0			0	0		my $self = shift;
164	0						my ($cve) = @_;
165
166	0	0					$self->brik_help_run_undef_arg('cve_search', $cve) or return;
167
168	0	0					if ($cve !~ m{^(cve\|can)\-\d+\-\d+$}i) {
169	0						return $self->log->error("search_cve: invalid CVE format [$cve]");
170							}
171
172	0						my $repo = $self->repo;
173
174	0						my $cmd = $repo.'/bin/search.py -o json -c '.$cve;
175
176	0	0					my $json = $self->capture($cmd) or return;
177	0	0	0				if (@$json <= 0 \|\| (@$json == 1 && $json->[0] eq 'undef')) {
			0
178	0						return $self->log->error("search_cve: invalid response: ".join('', @$json));
179							}
180
181	0	0					my $sj = Metabrik::String::Json->new_from_brik_init($self) or return;
182
183	0						my @results = ();
184	0						for my $this (@$json) {
185	0	0					my $r = $sj->decode($this) or next;
186	0						push @results, $r;
187							}
188
189	0						return \@results;
190							}
191
192							sub dump_last {
193	0			0	0		my $self = shift;
194
195	0						my $repo = $self->repo;
196
197	0						my $cmd = $repo.'/bin/dump_last.py -f atom';
198
199	0	0					my $xml = $self->capture($cmd) or return;
200	0	0	0				if (@$xml <= 0 \|\| (@$xml == 1 && $xml->[0] eq 'undef')) {
			0
201	0						return $self->log->error("last_entries: invalid response: ".join('', @$xml));
202							}
203
204	0						$xml = join('', @$xml);
205
206	0	0					my $sx = Metabrik::String::Xml->new_from_brik_init($self) or return;
207
208	0	0					my $decoded = $sx->decode($xml) or next;
209	0						my $h = $decoded->{entry};
210
211	0						my @results = ();
212	0						for my $k (keys %$h) {
213	0						my $title = $h->{$k}{title};
214	0						my ($cve) = $title =~ m{^\s*(CVE\-\d+\-\d+)\s+}i;
215	0						$h->{$k}{cve} = $cve;
216
217	0						my $href = $h->{$k}{link}{href};
218	0						$h->{$k}{link} = $href;
219
220	0						push @results, $h->{$k};
221							}
222
223	0						return \@results;
224							}
225
226							1;
227
228							__END__