-
Notifications
You must be signed in to change notification settings - Fork 0
/
isc_dshield.py
161 lines (124 loc) · 4.63 KB
/
isc_dshield.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import sys, argparse, os
from argparse import RawTextHelpFormatter
from timeit import default_timer as timer
import json
import requests
from datetime import date
from datetime import datetime, timedelta
from colorama import init, Fore, Back, Style
import pyfiglet
from icecream import ic
description = f''' Internet Storm Center / DShield API access '''
banner = f"""
Zzzzz |\ _,,,---,,_
/,`.-'`' -. ;-;;,_ __author__ : [ zd ]
|,4- ) )-,_..;\ ( `'-' __year__ : [ 2022.05 ]
'---''(_/--' `-'\_) __file__ : [ {__file__} ]
[ {description} ]
"""
notes="""
Internet Storm Center / DShield API
@ https://isc.sans.edu/api/
- url_handler = 'https://isc.sans.edu/api/handler'
- url_infocon = 'https://isc.sans.edu/api/infocon'
- url_getmspatch = 'https://isc.sans.edu/api/getmspatch/'
- url_getmspcves = 'https://isc.sans.edu/api/getmspatchcves/'
- url_getmspreplaces = 'https://isc.sans.edu/api/getmspatchreplaces/'
"""
identifier = 'zd2600@gmail.com'
url_handler = 'https://isc.sans.edu/api/handler'
url_infocon = 'https://isc.sans.edu/api/infocon'
url_getmspatch = 'https://isc.sans.edu/api/getmspatch/'
url_getmspcves = 'https://isc.sans.edu/api/getmspatchcves/'
url_getmspreplaces = 'https://isc.sans.edu/api/getmspatchreplaces/'
verberos = False
count = 0
def cr(x): return (f'{Fore.RED}{x}{Style.RESET_ALL}')
def cg(x): return (f'{Fore.GREEN}{x}{Style.RESET_ALL}')
def cy(x): return (f'{Fore.YELLOW}{x}{Style.RESET_ALL}')
def cc(x): return (f'{Fore.CYAN}{x}{Style.RESET_ALL}')
def hl(stat):
if stat == "green":
return cg(stat)
elif stat == "yellow":
return cy(stat)
elif stat == "red":
return cr(stat)
else:
return cc(stat)
def curl(url):
hdrs = {'content-type': 'application/json', 'User-Agent': identifier}
try:
resp = requests.get(url, headers=hdrs)
except requests.exceptions.RequestException as e:
print('Fail for : ', url, e)
return resp.json()
def Print_MS(msp, data):
if data.get('getmspatch'):
print(f'')
d = data.get('getmspatch')
print(f' [*] {msp} -- {d.get("title")}')
print(f' [-] Products : {d.get("affected")} / {d.get("severity")}')
print(f' [-] ID/KB : {d.get("id")} / {d.get("kb")}')
print(f' [-] Exploits : {d.get("exploits")}')
if data.get('getmspatchcves'):
cves = data.get('getmspatchcves')
cvelist = []
for cve in cves:
cve_exp = cve.get('cve') + '[' + str(cve.get('exploitability')) + ']'
cvelist.append(cve_exp)
cve_list = ', '.join(cvelist)
print(f' [-] CVEs : {cve_list}')
if data.get('getmspatchreplaces'):
d = data.get('getmspatchreplaces')
kb_list = ', '.join(d)
print(f' [-] KB : {kb_list}')
def main():
""" main() function """
g = globals()
parser = argparse.ArgumentParser(description=banner, formatter_class=RawTextHelpFormatter, epilog=notes)
parser.add_argument('-m', dest='msp', metavar='<ms-patch>', nargs='+', help='Get MS patch (like MS17-010).')
parser.add_argument('-v', action='count', default=0, help='verbose output')
args = parser.parse_args()
g['verbose'] = True if args.v else False
init(autoreset=True)
print(f'')
word = pyfiglet.figlet_format("ISC.DShield", font="slant")
print(Fore.BLUE + word)
link = url_handler + '?json'
d_handler = curl(link)
#ic(d_handler, link)
link = url_infocon + '?json'
d_infocon = curl(link)
#ic(d_infocon, link)
print(f'')
print(f'ISC InfoCon/Handler : {hl(d_infocon.get("status"))} / {hl(d_handler.get("name"))} [ {date.today()} ]')
if args.msp:
for msp in args.msp:
link = url_getmspatch + msp + '?json'
d_mspatch = curl(link)
#ic(msp, d_mspatch)
Print_MS(msp, d_mspatch)
if g['verbose']:
link = url_getmspcves + msp + '?json'
d_mspcves = curl(link)
#ic(msp, d_mspcves)
Print_MS(msp, d_mspcves)
link = url_getmspreplaces + msp + '?json'
d_mspreplaces = curl(link)
#ic(msp, d_mspreplaces)
Print_MS(msp, d_mspreplaces)
return
if __name__ == "__main__":
if sys.version_info.major == 2:
print(f'')
print(' [!] This script needs Python 3.')
print(f'')
exit()
start = timer()
main()
end = timer()
print(f'')
print(f'\n [{date.today()}] Completed within [{end-start:.2f} sec].\n')