Rename Kev tab to exploit tab

Add support for exploitdb , metasploit, kev
Fix Exploit data_source typo

Signed-off-by: ziadhany <ziadhany2016@gmail.com>

Author: ziadhany

vulnerabilities/improvers/exploitdb.py

@@ -3,14 +3,14 @@
 import logging
 from typing import Iterable
 
-from django.db import IntegrityError
 from django.db.models import QuerySet
 from sphinx.util import requests
 
 from vulnerabilities.improver import Improver
 from vulnerabilities.improver import Inference
 from vulnerabilities.models import Advisory
 from vulnerabilities.models import Alias
+from vulnerabilities.models import Exploit
 from vulnerabilities.models import VulnerabilityReference
 from vulnerabilities.models import VulnerabilityRelatedReference
 
@@ -48,45 +48,61 @@ def get_inferences(self, advisory_data) -> Iterable[Inference]:
 
         csvreader = csv.reader(raw_data)
 
-        # Ignore the csv header
-        next(csvreader)  # header
+        header = next(csvreader)
         for row in csvreader:
             try:
                 aliases = row[11].split(";")
+
                 for raw_alias in aliases:
-                    alias = Alias.objects.get(alias=raw_alias)
-                    if not alias:
+                    try:
+                        alias = Alias.objects.get(alias=raw_alias)
+                    except Alias.DoesNotExist:
                         continue
 
                     vul = alias.vulnerability
                     if not vul:
                         continue
 
-                    if raw_alias:
-                        url_map = {
-                            "file_url": f"https://gitlab.com/exploit-database/exploitdb/-/blob/main/{row[1]}"
-                            if row[1]
-                            else None,
-                            "direct_url": row[16] if row[16] else None,
-                        }
-
-                        for key, url in url_map.items():
-                            if url:
-                                ref, created = VulnerabilityReference.objects.update_or_create(
-                                    reference_id=row[11],
-                                    reference_type=VulnerabilityReference.EXPLOIT,
-                                    defaults={"url": url},
+                    url_map = {
+                        "file_url": f"https://gitlab.com/exploit-database/exploitdb/-/blob/main/{row[1]}"
+                        if row[1]
+                        else None,
+                        "direct_url": row[16] if row[16] else None,
+                    }
+
+                    for key, url in url_map.items():
+                        if url:
+                            ref, created = VulnerabilityReference.objects.update_or_create(
+                                reference_id=row[11],
+                                reference_type=VulnerabilityReference.EXPLOIT,
+                                defaults={"url": url},
+                            )
+
+                            if created:
+                                VulnerabilityRelatedReference.objects.get_or_create(
+                                    vulnerability=vul,
+                                    reference=ref,
                                 )
 
-                                if created:
-                                    VulnerabilityRelatedReference.objects.create(
-                                        vulnerability=vul,
-                                        reference=ref,
-                                    )
+                    try:
+                        Exploit.objects.update_or_create(
+                            vulnerability=vul,
+                            data_source="Exploit-DB",
+                            defaults={
+                                "date_added": row[header.index("date_added")],
+                                "description": row[header.index("description")],
+                                "known_ransomware_campaign_use": row[header.index("verified")],
+                                "source_date_published": row[header.index("date_published")],
+                                "exploit_type": row[header.index("type")],
+                                "platform": row[header.index("platform")],
+                                "source_date_updated": row[header.index("date_updated")],
+                                "source_url": row[header.index("codes")],
+                            },
+                        )
+                    except Exception as e:
+                        logger.error(f"Error updating or creating Exploit: {e}")
 
-            except Alias.DoesNotExist as e:
-                logger.error(f"No Alias found for exploit id {row[0]}: {e}")
             except Exception as e:
-                logger.error(e)
+                logger.error(f"Error processing row {row}: {e}")
 
         return []

vulnerabilities/improvers/metasploit.py

@@ -1,13 +1,17 @@
 import logging
 from typing import Iterable
 
+import requests
 from django.db.models import QuerySet
-from sphinx.util import requests
 
 from vulnerabilities.improver import Improver
 from vulnerabilities.improver import Inference
-from vulnerabilities.models import Advisory, VulnerabilityReference, VulnerabilityRelatedReference
+from vulnerabilities.models import Advisory
 from vulnerabilities.models import Alias
+from vulnerabilities.models import Exploit
+from vulnerabilities.models import VulnerabilityReference
+from vulnerabilities.models import VulnerabilityRelatedReference
+from vulnerabilities.utils import get_reference_id
 
 logger = logging.getLogger(__name__)
 
@@ -19,69 +23,74 @@ class MetasploitImprover(Improver):
 
     @property
     def interesting_advisories(self) -> QuerySet:
-        # TODO Modify Metasploit Improver to iterate over the vulnerabilities alias, not the advisory
+        # TODO: Modify Metasploit Improver to iterate over the vulnerabilities alias, not the advisory
         return [Advisory.objects.first()]
 
     def get_inferences(self, advisory_data) -> Iterable[Inference]:
-        """
-        """
+        """"""
+
+        metasploit_modules_url = "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/db/modules_metadata_base.json"
 
-        metasploit_modules_url = (
-            "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/db/modules_metadata_base.json"
-        )
         response = requests.get(metasploit_modules_url)
-        metasploit_data = response.json()
         if response.status_code != 200:
-            logger.error(
-                f"Failed to fetch the Metasploit Exploits: {metasploit_modules_url}"
-            )
+            logger.error(f"Failed to fetch the Metasploit Exploits: {metasploit_modules_url}")
             return []
-        try:
-            for file_path, record in metasploit_data.items():
-                file_url = f"https://github.com/rapid7/metasploit-framework/tree/master/modules/{file_path}"
 
-                ref_list = []
-                vulnerabilities = set()
-                for ref in record.get("references"):
-                    if ref.startswith("URL-"):
-                        ref_list.append(ref[4::])
+        metasploit_data = response.json()
 
-                    alias = Alias.objects.get_or_none(alias=ref)
+        for _, record in metasploit_data.items():
+            vul = None
+            references = {
+                f"https://github.com/rapid7/metasploit-framework/tree/master{record.get('path')}"
+            }
 
-                    if not alias:
-                        continue
+            for ref in record.get("references", []):
+                if ref.startswith("OSVDB"):
+                    continue
 
-                    vul = alias.vulnerability
+                if ref.startswith("URL-"):
+                    references.add(ref[4:])
 
-                    if not vul:
+                if not vul:
+                    try:
+                        alias = Alias.objects.get(alias=ref)
+                    except Alias.DoesNotExist:
                         continue
 
-                    ref, created = VulnerabilityReference.objects.update_or_create(
-                        reference_id=alias,
-                        reference_type=VulnerabilityReference.EXPLOIT,
-                        defaults={"url": file_url},
+                    if not alias.vulnerability:
+                        continue
+
+                    vul = alias.vulnerability
+
+            if not vul:
+                continue
+
+            try:
+                Exploit.objects.update_or_create(
+                    vulnerability=vul,
+                    date_source="Metasploit",
+                    defaults={
+                        "description": record.get("description", ""),
+                        "resources_and_notes": str(record.get("notes", {})),
+                        "source_date_published": record.get("disclosure_date"),
+                        "platform": record.get("platform"),
+                        "source_url": str(references),
+                    },
+                )
+            except Exception as e:
+                logger.error(e)
+
+            for ref_url in references:
+                ref, created = VulnerabilityReference.objects.update_or_create(
+                    reference_id=get_reference_id(ref_url),
+                    reference_type=VulnerabilityReference.EXPLOIT,
+                    defaults={"url": ref_url},
+                )
+
+                if created:
+                    VulnerabilityRelatedReference.objects.get_or_create(
+                        vulnerability=vul,
+                        reference=ref,
                     )
 
-                    if created:
-                        VulnerabilityRelatedReference.objects.create(
-                            vulnerability=vul,
-                            reference=ref,
-                        )
-                    vulnerabilities.add(vul)
-
-                for vul in vulnerabilities:
-                    for ref in ref_list:
-                        ref_obj, created = VulnerabilityReference.objects.update_or_create(
-                            reference_id=ref,
-                            defaults={"url": file_url},
-                        )
-
-                        if created:
-                            VulnerabilityRelatedReference.objects.create(
-                                vulnerability=vul,
-                                reference=ref_obj,
-                            )
-        except Exception as e:
-            logger.error(e)
-
-        return []
+            return []

vulnerabilities/improvers/vulnerability_kev.py

@@ -28,40 +28,40 @@ def get_inferences(self, advisory_data) -> Iterable[Inference]:
         Fetch Kev data, iterate over it to find the vulnerability with the specified alias, and create or update
         the Kev instance accordingly.
         """
+        try:
+            kev_url = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
+            response = requests.get(kev_url)
+            kev_data = response.json()
+            if response.status_code != 200:
+                logger.error(
+                    f"Failed to fetch the CISA Catalog of Known Exploited Vulnerabilities: {kev_url}"
+                )
+                return []
 
-        kev_url = (
-            "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
-        )
-        response = requests.get(kev_url)
-        kev_data = response.json()
-        if response.status_code != 200:
-            logger.error(
-                f"Failed to fetch the CISA Catalog of Known Exploited Vulnerabilities: {kev_url}"
-            )
-            return []
+            for kev_vul in kev_data.get("vulnerabilities", []):
+                alias = Alias.objects.get_or_none(alias=kev_vul["cveID"])
+                if not alias:
+                    continue
 
-        for kev_vul in kev_data.get("vulnerabilities", []):
-            alias = Alias.objects.get_or_none(alias=kev_vul["cveID"])
-            if not alias:
-                continue
+                vul = alias.vulnerability
 
-            vul = alias.vulnerability
-
-            if not vul:
-                continue
-
-            Exploit.objects.update_or_create(
-                vulnerability=vul,
-                defaults={
-                    "description": kev_vul["shortDescription"],
-                    "date_added": kev_vul["dateAdded"],
-                    "required_action": kev_vul["requiredAction"],
-                    "due_date": kev_vul["dueDate"],
-                    "resources_and_notes": kev_vul["notes"],
-                    "known_ransomware_campaign_use": True
-                    if kev_vul["knownRansomwareCampaignUse"] == "Known"
-                    else False,
-                },
-            )
+                if not vul:
+                    continue
 
+                Exploit.objects.update_or_create(
+                    vulnerability=vul,
+                    data_source="KEV",
+                    defaults={
+                        "description": kev_vul["shortDescription"],
+                        "date_added": kev_vul["dateAdded"],
+                        "required_action": kev_vul["requiredAction"],
+                        "due_date": kev_vul["dueDate"],
+                        "resources_and_notes": kev_vul["notes"],
+                        "known_ransomware_campaign_use": True
+                        if kev_vul["knownRansomwareCampaignUse"] == "Known"
+                        else False,
+                    },
+                )
+        except Exception as e:
+            logger.error(e)
         return []