feat(detector): add known exploited vulnerabilities (#1331)
* feat(kevuln): add known exploited vulnerabilities * chore: transfer repository owner * feat: show CISA on top of CERT * chore: rename var * chore: rename var * chore: fix review * chore: fix message
This commit is contained in:
MaineK00n
@@ -105,13 +105,12 @@ func (r *ScanResult) FilterInactiveWordPressLibs(detectInactive bool) {
|
||||
return false
|
||||
})
|
||||
r.ScannedCves = filtered
|
||||
return
|
||||
}
|
||||
|
||||
// ReportFileName returns the filename on localhost without extension
|
||||
func (r ScanResult) ReportFileName() (name string) {
|
||||
if r.Container.ContainerID == "" {
|
||||
return fmt.Sprintf("%s", r.ServerName)
|
||||
return r.ServerName
|
||||
}
|
||||
return fmt.Sprintf("%s@%s", r.Container.Name, r.ServerName)
|
||||
}
|
||||
@@ -246,17 +245,21 @@ func (r ScanResult) FormatMetasploitCveSummary() string {
|
||||
|
||||
// FormatAlertSummary returns a summary of CERT alerts
|
||||
func (r ScanResult) FormatAlertSummary() string {
|
||||
jaCnt := 0
|
||||
enCnt := 0
|
||||
cisaCnt := 0
|
||||
uscertCnt := 0
|
||||
jpcertCnt := 0
|
||||
for _, vuln := range r.ScannedCves {
|
||||
if len(vuln.AlertDict.En) > 0 {
|
||||
enCnt += len(vuln.AlertDict.En)
|
||||
if len(vuln.AlertDict.CISA) > 0 {
|
||||
cisaCnt += len(vuln.AlertDict.CISA)
|
||||
}
|
||||
if len(vuln.AlertDict.Ja) > 0 {
|
||||
jaCnt += len(vuln.AlertDict.Ja)
|
||||
if len(vuln.AlertDict.USCERT) > 0 {
|
||||
uscertCnt += len(vuln.AlertDict.USCERT)
|
||||
}
|
||||
if len(vuln.AlertDict.JPCERT) > 0 {
|
||||
jpcertCnt += len(vuln.AlertDict.JPCERT)
|
||||
}
|
||||
}
|
||||
return fmt.Sprintf("en: %d, ja: %d alerts", enCnt, jaCnt)
|
||||
return fmt.Sprintf("cisa: %d, uscert: %d, jpcert: %d alerts", cisaCnt, uscertCnt, jpcertCnt)
|
||||
}
|
||||
|
||||
func (r ScanResult) isDisplayUpdatableNum(mode config.ScanMode) bool {
|
||||
@@ -418,11 +421,14 @@ func (r *ScanResult) SortForJSONOutput() {
|
||||
|
||||
v.CveContents.Sort()
|
||||
|
||||
sort.Slice(v.AlertDict.En, func(i, j int) bool {
|
||||
return v.AlertDict.En[i].Title < v.AlertDict.En[j].Title
|
||||
sort.Slice(v.AlertDict.USCERT, func(i, j int) bool {
|
||||
return v.AlertDict.USCERT[i].Title < v.AlertDict.USCERT[j].Title
|
||||
})
|
||||
sort.Slice(v.AlertDict.Ja, func(i, j int) bool {
|
||||
return v.AlertDict.Ja[i].Title < v.AlertDict.Ja[j].Title
|
||||
sort.Slice(v.AlertDict.JPCERT, func(i, j int) bool {
|
||||
return v.AlertDict.JPCERT[i].Title < v.AlertDict.JPCERT[j].Title
|
||||
})
|
||||
sort.Slice(v.AlertDict.CISA, func(i, j int) bool {
|
||||
return v.AlertDict.CISA[i].Title < v.AlertDict.CISA[j].Title
|
||||
})
|
||||
r.ScannedCves[k] = v
|
||||
}
|
||||
|
||||
@@ -212,11 +212,15 @@ func TestScanResult_Sort(t *testing.T) {
|
||||
},
|
||||
},
|
||||
AlertDict: AlertDict{
|
||||
En: []Alert{
|
||||
USCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
Ja: []Alert{
|
||||
JPCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
CISA: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
@@ -271,11 +275,15 @@ func TestScanResult_Sort(t *testing.T) {
|
||||
},
|
||||
},
|
||||
AlertDict: AlertDict{
|
||||
En: []Alert{
|
||||
USCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
Ja: []Alert{
|
||||
JPCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
CISA: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
@@ -333,11 +341,15 @@ func TestScanResult_Sort(t *testing.T) {
|
||||
},
|
||||
},
|
||||
AlertDict: AlertDict{
|
||||
En: []Alert{
|
||||
USCERT: []Alert{
|
||||
{Title: "b"},
|
||||
{Title: "a"},
|
||||
},
|
||||
Ja: []Alert{
|
||||
JPCERT: []Alert{
|
||||
{Title: "b"},
|
||||
{Title: "a"},
|
||||
},
|
||||
CISA: []Alert{
|
||||
{Title: "b"},
|
||||
{Title: "a"},
|
||||
},
|
||||
@@ -392,11 +404,15 @@ func TestScanResult_Sort(t *testing.T) {
|
||||
},
|
||||
},
|
||||
AlertDict: AlertDict{
|
||||
En: []Alert{
|
||||
USCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
Ja: []Alert{
|
||||
JPCERT: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
CISA: []Alert{
|
||||
{Title: "a"},
|
||||
{Title: "b"},
|
||||
},
|
||||
|
||||
@@ -241,7 +241,6 @@ func (ps PackageFixStatuses) Sort() {
|
||||
sort.Slice(ps, func(i, j int) bool {
|
||||
return ps[i].Name < ps[j].Name
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
// PackageFixStatus has name and other status about the package
|
||||
@@ -360,7 +359,7 @@ func (v VulnInfo) CveIDDiffFormat() string {
|
||||
if v.DiffStatus != "" {
|
||||
return fmt.Sprintf("%s %s", v.DiffStatus, v.CveID)
|
||||
}
|
||||
return fmt.Sprintf("%s", v.CveID)
|
||||
return v.CveID
|
||||
}
|
||||
|
||||
// Titles returns title (TUI)
|
||||
@@ -814,18 +813,27 @@ type Mitigation struct {
|
||||
URL string `json:"url,omitempty"`
|
||||
}
|
||||
|
||||
// AlertDict has target cve JPCERT and USCERT alert data
|
||||
// AlertDict has target cve JPCERT, USCERT and CISA alert data
|
||||
type AlertDict struct {
|
||||
Ja []Alert `json:"ja"`
|
||||
En []Alert `json:"en"`
|
||||
CISA []Alert `json:"cisa"`
|
||||
JPCERT []Alert `json:"jpcert"`
|
||||
USCERT []Alert `json:"uscert"`
|
||||
}
|
||||
|
||||
func (a AlertDict) IsEmpty() bool {
|
||||
return len(a.CISA) == 0 && len(a.JPCERT) == 0 && len(a.USCERT) == 0
|
||||
}
|
||||
|
||||
// FormatSource returns which source has this alert
|
||||
func (a AlertDict) FormatSource() string {
|
||||
if len(a.En) != 0 || len(a.Ja) != 0 {
|
||||
return "CERT"
|
||||
var s []string
|
||||
if len(a.CISA) != 0 {
|
||||
s = append(s, "CISA")
|
||||
}
|
||||
return ""
|
||||
if len(a.USCERT) != 0 || len(a.JPCERT) != 0 {
|
||||
s = append(s, "CERT")
|
||||
}
|
||||
return strings.Join(s, "/")
|
||||
}
|
||||
|
||||
// Confidences is a list of Confidence
|
||||
|
||||
Reference in New Issue
Block a user