Last active
August 29, 2015 13:57
-
-
Save mattburch/9627590 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var mergeVulnerabilityDetails = function(vulnerabilityName, vulnerabilityRegex, score) { | |
// | |
// | |
// Usage: mergeVulnerabilityDetails("Obsolete Version of the Java Runtime Environment",/Java/,'high') | |
// | |
// Created by: Matt Burch | |
// Requires client-side updates: false | |
score = score.toLowerCase(); | |
var RATING = { | |
'hightop' : 10.0, | |
'highbot' : 7.0, | |
'mediumtop' : 6.9, | |
'mediumbot' : 4.0, | |
'lowtop' : 3.9, | |
'lowbot' : 1.0, | |
}; | |
if (RATING[score + 'top'] == undefined) { | |
return ("Vulnerability score must be: high, medium or low"); | |
}; | |
if (typeof vulnerabilityRegex !== 'object') { | |
return console.log('Vulnerability regex can not be a string, must be a object'); | |
} | |
if (typeof vulnerabilityName !== 'string') { | |
return console.log('Invalid title'); | |
} | |
var newVulmData = {}; | |
var projectId = Session.get('projectId'); | |
var orgVulnerability = Vulnerabilities.findOne({"project_id": projectId, "title": vulnerabilityName}); | |
var vulmDetails = getVulnerabilities(orgVulnerability.hosts, orgVulnerability); | |
if (vulmDetails.Count < 1) { | |
return console.log('Did not find any vulnerabilities with the given regex'); | |
} | |
console.log('Going to merge ' + vulmDetails.Count + ' vulnerabilities'); | |
//Adds notes, hosts, and cves to new vulnerablity | |
Meteor.call('setVulnerabilityDescription', projectId, orgVulnerability._id, vulmDetails.Description); | |
Meteor.call('setVulnerabilityEvidence', projectId, orgVulnerability._id, vulmDetails.Evidence); | |
Meteor.call('setVulnerabilitySolution', projectId, orgVulnerability._id, vulmDetails.Solution); | |
vulmDetails.CVES.forEach(function(cve){ | |
Meteor.call('addCve', projectId, orgVulnerability._id, cve); | |
}); | |
vulmDetails.Notes.forEach(function(note){ | |
Meteor.call('addVulnerabilityNote', projectId, orgVulnerability._id, note.title, note.content); | |
}); | |
//Return and object with new vulnerability data | |
function getVulnerabilities (hosts, org) { | |
var vulmList = {}; | |
var HostList = []; | |
var cves = []; | |
var vulmDetails = { | |
'Description' : '', | |
'Solution' : '', | |
'Evidence' : '', | |
'Notes' : [], | |
'CVES' : [], | |
'HostList' : [], | |
'CVES' : '', | |
'Vers' : '', | |
'Count' : 0, | |
}; | |
vulmDetails.Description += org.description; | |
vulmDetails.Solution += org.solution; | |
vulmDetails.Evidence += org.evidence; | |
vulmDetails.Notes = vulmDetails.Notes.concat(org.notes); | |
cves = cves.concat(org.cves); | |
HostList = HostList.concat(org.hosts); | |
hosts.forEach(function(host){ | |
var vulnerabilities = Vulnerabilities.find({"project_id": projectId, "title": {"$regex": vulnerabilityRegex}, "hosts": {"$elemMatch": {"string_addr": host.string_addr}}, "$and": [{"cvss": {"$gte": RATING[score + 'bot']}}, {"cvss": {"$lte": RATING[score + 'top']}}] }).fetch(); | |
vulnerabilities.forEach(function(vulm){ | |
if (vulm._id == org._id) { | |
return; | |
}; | |
if (vulmList[vulm.plugin_ids[0].id] == undefined) { | |
vulmList[vulm.plugin_ids[0].id] = true; | |
vulmDetails.Description += "\n\n" + "From " + vulm.title + "\n" + vulm.description; | |
vulmDetails.Solution += "\n\n" + "From " + vulm.title + "\n" + vulm.solution; | |
vulmDetails.Evidence += "\n\n" + "From " + vulm.title + "\n" + vulm.evidence; | |
vulmDetails.Notes = vulmDetails.Notes.concat(vulm.notes); | |
cves = cves.concat(vulm.cves); | |
HostList = HostList.concat(host); | |
vulmDetails.Count ++; | |
removeHost(vulm,host); | |
} | |
else { | |
removeHost(vulm,host); | |
}; | |
}); | |
}); | |
vulmDetails.HostList = unique(HostList); | |
vulmDetails.CVES = unique(cves); | |
return vulmDetails; | |
} | |
function removeHost (vulm, host) { | |
Meteor.call('removeHostFromVulnerability', projectId, vulm._id, host.string_addr, host.port, host.protocol); | |
if (vulm.hosts.length == 1) { | |
Meteor.call('removeVulnerability', projectId, vulm._id); | |
}; | |
} | |
// I found this off the internet | |
function unique(arr) { | |
var hash = {}, result = []; | |
for (var i = 0, l = arr.length; i < l; ++i) { | |
var objString = JSON.stringify(arr[i]); | |
if (!hash.hasOwnProperty(objString)) { | |
hash[objString] = true; | |
result.push(arr[i]); | |
} | |
} | |
return result; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment