Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support to Exploits model #1562

Merged
merged 19 commits into from
Sep 30, 2024
Merged

Conversation

ziadhany
Copy link
Collaborator

issue #95

Collect exploit pointers:

I think it's best to handle these issues in a single pull request, as they're all closely related to our exploit model.

@ziadhany ziadhany marked this pull request as ready for review September 2, 2024 21:25
@ziadhany
Copy link
Collaborator Author

ziadhany commented Sep 2, 2024

Here’s the updated view of the exploits tab. Let me know if any further changes are needed. @DennisClark

CVE-ID: CVE-2020-14871

image

Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany thanks, see few nits for your considerations.

vulnerabilities/improvers/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/improvers/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/improvers/vulnerability_kev.py Outdated Show resolved Hide resolved
Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany some nits in metasploit.py for your consideration. I was wondering if we should rename this pipeline to something like enhance_with_metasploit.py? similar to how we name our scancode.io pipelines https://github.com/aboutcode-org/scancode.io/tree/main/scanpipe/pipelines.

vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/metasploit.py Outdated Show resolved Hide resolved
Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany few more suggestions for your consideration. How about using enhance_with_exploitdb.py and enhance_with_kev.py as pipeline names?
Since there are model changes, we need to make adjustments here too

class V2ExploitSerializer(ModelSerializer):
class Meta:
model = Kev
fields = ("description", "required_action", "date_added", "due_date", "resources_and_notes")
.

vulnerabilities/pipelines/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/exploitdb.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/vulnerability_kev.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/vulnerability_kev.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/vulnerability_kev.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/vulnerability_kev.py Outdated Show resolved Hide resolved
vulnerabilities/pipelines/vulnerability_kev.py Outdated Show resolved Hide resolved
Set data_source as the header for the exploit table.
Squash the migration files into a single file.
Add test for exploit-db , metasploit
Add a missing migration file
Rename resources_and_notes to notes
Fix Api test
Refactor metasploit , exploitdb , kev improver
Rename Kev tab to exploit tab
Add support for exploitdb , metasploit, kev

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Refactor the error handling logic in the code.

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Address the exploit in the API extension.

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@keshav-space
Copy link
Member

@ziadhany please mark the addressed review as Resolve Conversation. Also please avoid force-pushing after the review, as this removes the reviews from the Files Changed tab. Instead we should squash these commits while merging.

@ziadhany
Copy link
Collaborator Author

@ziadhany please mark the addressed review as Resolve Conversation. Also please avoid force-pushing after the review, as this removes the reviews from the Files Changed tab. Instead we should squash these commits while merging.

Got it, I try to avoid force-pushing

Remove unused logging module

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
# Conflicts:
#	vulnerabilities/improvers/__init__.py
#	vulnerabilities/improvers/vulnerability_kev.py
Set data_source as the header for the exploit table.
Squash the migration files into a single file.
Add test for exploit-db , metasploit
Add a missing migration file
Rename resources_and_notes to notes
Fix Api test
Refactor metasploit , exploitdb , kev improver
Rename Kev tab to exploit tab
Add support for exploitdb , metasploit, kev

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Refactor the error handling logic in the code.

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Address the exploit in the API extension.

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Remove unused logging module

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Add pipeline_id for ( kev, metasploit, exploit-db )

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
# Conflicts:
#	vulnerabilities/pipelines/enhance_with_exploitdb.py
#	vulnerabilities/pipelines/enhance_with_kev.py
#	vulnerabilities/pipelines/enhance_with_metasploit.py
Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@ziadhany
Copy link
Collaborator Author

@keshav-space I've merged all the required changes and hope I didn't overlook anything. Could you please review it once more?

@keshav-space
Copy link
Member

@keshav-space I've merged all the required changes and hope I didn't overlook anything. Could you please review it once more?

@ziadhany Thanks ++, this looks good already.

Add missing logs
Handle cases of one exploit for multiple vulnerabilities.

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ziadhany, LGTM!

Please run these pipelines locally and paste the logs here.

@ziadhany
Copy link
Collaborator Author

Thanks, @keshav-space

The logs are too large to paste directly, so I've compressed them.

logs.zip

Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany Thanks for the logs.

Found these in the log you provided.

INFO 2024-09-24 12:40:10.640 No vulnerability found for aliases []
INFO 2024-09-24 12:40:10.640 No vulnerability found for aliases []
INFO 2024-09-24 12:40:10.640 No vulnerability found for aliases []
INFO 2024-09-24 12:40:10.640 No vulnerability found for aliases []

INFO 2024-09-24 12:40:28.783 No vulnerability found for aliases ['']
INFO 2024-09-24 12:40:28.783 No vulnerability found for aliases ['']
INFO 2024-09-24 12:40:28.783 No vulnerability found for aliases ['']
INFO 2024-09-24 12:40:28.784 No vulnerability found for aliases ['']

IMO we should skip the empty aliases altogether.

Remove empty vulnerability_kev.py file

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@ziadhany
Copy link
Collaborator Author

ziadhany commented Sep 24, 2024

@keshav-space Here are the updated logs:
logs.zip

Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany looking good. I'll run this locally on my side and then merge it.

vulnerabilities/pipelines/enhance_with_metasploit.py Outdated Show resolved Hide resolved
Copy link
Member

@keshav-space keshav-space left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ziadhany, this is working alright. I've added some improvements to the vulnerability details template.
Merging this now!

@keshav-space keshav-space merged commit e273c67 into aboutcode-org:main Sep 30, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants