forked from lair-framework/browser-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
merge_vulnerabilities_by_title.js
106 lines (98 loc) · 4.17 KB
/
merge_vulnerabilities_by_title.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
var mergeVulnerabilitiesByTitle = function(vulnerabilityRegex, newTitle, cvss) {
// Merges all vulnerabilities identified by a regular expression into a new or existing vulnerability
// provided by newTitle.
// I highly recommend you perform a dry run yourself and see what vulnerabilities the regex is going
// to match, something lie the following should do.
//
// var vulnerabilities = Vulnerabilities.find({"title": {"$regex": /.SOME_REGEX.*$/}}).fetch()
// vulnerabilities.forEach(function(v) {
// console.log(v);
// });
//
// Usage: mergeVulnerabilitiesByTitle(/^VMSA.*/, "Multiple VMWare Vulneraiblities", "10.0")
// Created by: Tom Steele
// Requires client-side updates: false
// Do some light variable checking, you're still pretty much on your own
if (typeof vulnerabilityRegex !== 'object') {
return console.log('Vulnerability regex can not be a string, must be a object');
}
if (typeof newTitle !== 'string') {
return console.log('Invalid title');
}
if (typeof cvss !== 'string') {
return console.log('Invalid cvss. Variable must be a string');
}
var projectId = Session.get('projectId');
var vulnerabilities = Vulnerabilities.find({"project_id": projectId, "title": {"$regex": vulnerabilityRegex}}).fetch();
if (vulnerabilities.length < 1) {
return console.log('Did not find any vulnerabilities with the given regex');
}
// If the vulnerability given in newTitle already exists, then we push it onto the regex list so we can combine them
// Remove the existing vulnerability first
var existingVenerability = Vulnerabilities.findOne({"project_id": projectId, "title": newTitle});
if (typeof existingVenerability !== 'undefined') {
vulnerabilities.push(existingVenerability);
Meteor.call('removeVulnerability', projectId, existingVenerability._id);
}
console.log('Going to merge ' + vulnerabilities.length + ' vulnerabilities');
var newDescription = '';
var newSolution = '';
var newEvidence = '';
var newNotes = [];
var cves = [];
var hostList = [];
// Loop over each vulnerability and combine the data
vulnerabilities.forEach(function(vulnerability) {
newDescription += "\n\n" + "From " + vulnerability.title + "\n" + vulnerability.description;
newSolution += "\n\n" + "From " + vulnerability.title + "\n" + vulnerability.solution;
newEvidence += "\n\n" + "From " + vulnerability.title + "\n" + vulnerability.evidence;
newNotes = newNotes.concat(vulnerability.notes);
cves = cves.concat(vulnerability.cves);
hostList = hostList.concat(vulnerability.hosts);
});
var newHostList = unique(hostList);
var newCVEs = unique(cves);
// Create the new vulnerability
Meteor.call('addVulnerability', projectId, newTitle, cvss, newDescription, newEvidence, newSolution, function(err, res) {
if (err) {
console.log('Error: could not create new vulnerability', err.message);
if (existingVenerability) {
console.log('Looks like you lost', existingVenerability.title);
}
} else {
addExistingContentToVenerability(res);
}
});
return console.log('Complete');
// Adds notes, hosts, and cves to new vulnerablity
function addExistingContentToVenerability(vulnerabilityId) {
newNotes.forEach(function(note) {
Meteor.call('addVulnerabilityNote', projectId, vulnerabilityId, note.title, note.content);
});
newHostList.forEach(function(host) {
Meteor.call('addHostToVulnerability', projectId, vulnerabilityId, host.string_addr, host.port, host.protocol);
});
newCVEs.forEach(function(cve) {
Meteor.call('addCve', projectId, vulnerabilityId, cve);
});
removeVulnerabilities();
}
// Loop over all vulnerabilities and remove them
function removeVulnerabilities() {
vulnerabilities.forEach(function(vulnerability) {
Meteor.call('removeVulnerability', projectId, vulnerability._id);
});
}
// I found this off the internet
function unique(arr) {
var hash = {}, result = [];
for (var i = 0, l = arr.length; i < l; ++i) {
var objString = JSON.stringify(arr[i]);
if (!hash.hasOwnProperty(objString)) {
hash[objString] = true;
result.push(arr[i]);
}
}
return result;
}
};