STRLCPY/Sirius

API/.DS_Store

Binary file.

■ ■ ■ ■ ■ ■

API/API/APIHandler.go

1	+	package APIHandler
2	+
3	+	/*
4	+	This is the API handler for the Sirius-Scan API. This is where the API calls are handled and the data is passed to the correct functions and the result is returned as a JSON response. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API
5	+	The following functions are exported:
6	+	- GetHost
7	+
8	+	TODO: Add the following functions:
9	+	- UpdateHost
10	+	- DeleteHost
11	+	- CreateHost
12	+	...and so on
13	+	*/
14	+
15	+	import (
16	+	_ "encoding/json"
17	+	"log"
18	+	"net/http"
19	+
20	+	"github.com/gin-gonic/gin"
21	+	hostAPI "github.com/0sm0s1z/Sirius-Scan/API/hosts"
22	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
23	+	)
24	+
25	+	func GetHost(c *gin.Context) {
26	+	var hostRequest siriusDB.SVDBHost
27	+
28	+	if c.ShouldBind(&hostRequest) != nil {
29	+	log.Println("Vulnerability Report Failed for: ", hostRequest.IP)
30	+	}
31	+
32	+	//Get the host data from the database
33	+	var result siriusDB.SVDBHost
34	+	result = hostAPI.GetHost(hostRequest)
35	+
36	+	c.IndentedJSON(http.StatusOK, result)
37	+	}
38	+
39	+	func UpdateHost(c *gin.Context) {
40	+	var newHostDetails siriusDB.SVDBHost
41	+
42	+	// Call BindJSON to bind the received JSON a local variable
43	+	//fmt.Println(c)
44	+	if c.ShouldBind(&newHostDetails) == nil {
45	+	log.Println("Updating Host: " + newHostDetails.IP)
46	+	}
47	+
48	+	hostAPI.UpdateHost(newHostDetails)
49	+
50	+	response := "Updated "
51	+
52	+	c.String(200, response)
53	+	}

■ ■ ■ ■ ■ ■

API/API/agents/AgentCheck.go

1	+	package agentsAPI
2	+
3	+	/*
4	+	Sirius Agents API:
5	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/agents
6	+	The following functions are exported:
7	+	- AgentCheck: API Handler for agent checkin
8	+	*/
9	+
10	+	import (
11	+	_ "encoding/json"
12	+	_ "errors"
13	+	"log"
14	+	"net/http"
15	+	_ "os"
16	+	_ "os/exec"
17	+	"sort"
18	+
19	+	"github.com/gin-gonic/gin"
20	+
21	+	//Internal Libraries
22	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
23	+	//3rd Party Dependencies
24	+	)
25	+
26	+	func AgentCheck(c *gin.Context) {
27	+	var newAgent siriusDB.SiriusAgent
28	+
29	+	// Call BindJSON to bind the received JSON a local variable
30	+	//fmt.Println(c)
31	+	if c.ShouldBind(&newAgent) == nil {
32	+	log.Println("Agent Checkin")
33	+	}
34	+	log.Println("Agent ID: ", newAgent.IP)
35	+
36	+	//Should retrieve any commands for the agent and pass along in JSON Response below
37	+	// - Get Task List from Host collection
38	+	var taskList []siriusDB.Task
39	+	taskList = GetTasks(newAgent)
40	+
41	+	// - Sort by date
42	+	sort.Slice(taskList, func(i, j int) bool {
43	+	return taskList[i].Date.Before(taskList[j].Date)
44	+	})
45	+	// - foreach pick first status = 0
46	+	var curTask siriusDB.Task
47	+	for i := 0; i < len(taskList); i++ {
48	+	if taskList[i].Status != "1" && taskList[i].Status != "2" {
49	+	curTask = taskList[i]
50	+	i = 1000000
51	+	}
52	+	}
53	+
54	+	c.IndentedJSON(http.StatusOK, curTask)
55	+	}
56	+

■ ■ ■ ■ ■ ■

API/API/agents/AgentRegistration.go

1	+	package agentsAPI
2	+
3	+	/*
4	+	Sirius Agents API:
5	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/agents
6	+	The following functions are exported:
7	+	- AgentRegistration
8	+	*/
9	+
10	+	import (
11	+	_ "encoding/json"
12	+	_ "errors"
13	+	"log"
14	+	_ "os"
15	+	_ "os/exec"
16	+
17	+	"github.com/gin-gonic/gin"
18	+
19	+	//Internal Libraries
20	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
21	+	//3rd Party Dependencies
22	+	)
23	+
24	+	func AgentRegistration(c *gin.Context) {
25	+	var newAgent siriusDB.SiriusAgent
26	+
27	+	if c.ShouldBind(&newAgent) == nil {
28	+	log.Println("Registering New Agent")
29	+	}
30	+	log.Println("Agent ID: ", newAgent.AgentId)
31	+	RegisterAgent(newAgent)
32	+
33	+	}
34	+

■ ■ ■ ■ ■ ■

API/API/agents/AgentReport.go

1	+	package agentsAPI
2	+
3	+	//CRITICAL TODOs
4	+	//Convert report to vulns
5	+	//Store in hosts database
6	+
7	+	/*
8	+	Sirius Agents API:
9	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/agents
10	+	The following functions are exported:
11	+	- AgentReport: API Handler for agent report submission
12	+	*/
13	+
14	+	import (
15	+	_ "encoding/json"
16	+	_ "errors"
17	+	"log"
18	+	"net/http"
19	+	_ "os"
20	+	_ "os/exec"
21	+
22	+	"github.com/gin-gonic/gin"
23	+
24	+	//Internal Libraries
25	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
26	+	//3rd Party Dependencies
27	+	)
28	+
29	+	func AgentReport(c *gin.Context) {
30	+	var newReport Report
31	+
32	+	// Call BindJSON to bind the received JSON a local variable
33	+	//fmt.Println(c)
34	+	if c.ShouldBind(&newReport) == nil {
35	+	log.Println("Agent Scan Report Recieved!")
36	+	}
37	+	//log.Println(newReport)
38	+
39	+	//Get CVEs from report
40	+	var cveList []string
41	+	for i := 0; i < len(newReport.Updates); i++ {
42	+	cveList = append(cveList, newReport.Updates[i].CVEIDs)
43	+	}
44	+	for i := 0; i < len(cveList); i++ {
45	+	if cveList[i] != "CVEIDs" && cveList[i] != "" {
46	+	siriusDB.NewCVE(newReport.IP, cveList[i])
47	+	}
48	+	}
49	+
50	+	//Process Report
51	+	for i := 0; i < len(newReport.Updates); i++ {
52	+	//log.Println(newReport.Updates[i])
53	+	//Get KB
54	+	id := newReport.Updates[i].ID
55	+	if id[0:1] == "M" {
56	+	id = newReport.Updates[i].KBID
57	+	}
58	+	//log.Println(id)
59	+
60	+	}
61	+
62	+	//Convert to vulns
63	+	//Store in hosts database
64	+
65	+	//Should retrieve any commands for the agent and pass along in JSON Response below
66	+
67	+	var msg = "Success"
68	+	c.JSON(http.StatusOK, gin.H{
69	+	"code": http.StatusOK,
70	+	"command": string(msg), // cast it to string before showing
71	+	})
72	+	}
73	+

■ ■ ■ ■ ■ ■

API/API/agents/AgentTask.go

1	+	package agentsAPI
2	+
3	+	/*
4	+	Sirius Agents API:
5	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/agents
6	+	The following functions are exported:
7	+	- AgentRegistration
8	+	*/
9	+
10	+	import (
11	+	_ "encoding/json"
12	+	_ "errors"
13	+	"log"
14	+	_ "os"
15	+	_ "os/exec"
16	+
17	+	"github.com/gin-gonic/gin"
18	+
19	+	//Internal Libraries
20	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
21	+	//3rd Party Dependencies
22	+	)
23	+
24	+	func AgentTask(c *gin.Context) {
25	+	var newAgent siriusDB.SiriusAgent
26	+
27	+	if c.ShouldBind(&newAgent) == nil {
28	+	log.Println("Assigning Agent Task")
29	+	}
30	+	TaskAgent(newAgent)
31	+
32	+	}
33	+

■ ■ ■ ■ ■ ■

API/API/agents/agents.go

1	+	package agentsAPI
2	+
3	+	/*
4	+	Sirius Agents API:
5	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/agents
6	+	The following functions are exported:
7	+	-
8	+	*/
9	+
10	+	import (
11	+	"context"
12	+	_ "encoding/json"
13	+	_ "errors"
14	+	"fmt"
15	+	"log"
16	+	_ "os"
17	+	_ "os/exec"
18	+	"time"
19	+
20	+	"github.com/gin-gonic/gin"
21	+	"go.mongodb.org/mongo-driver/bson"
22	+	"go.mongodb.org/mongo-driver/mongo"
23	+	"go.mongodb.org/mongo-driver/mongo/options"
24	+
25	+	//Internal Libraries
26	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
27	+	//3rd Party Dependencies
28	+	)
29	+
30	+	/*
31	+	[SIRIUS AGENTS API STRUCTs]
32	+	*/
33	+
34	+	type Report struct {
35	+	AgentId int
36	+	IP string
37	+	Status string
38	+	Updates []Update
39	+	}
40	+
41	+	type Update struct {
42	+	ID string
43	+	BulletinID string
44	+	KBID string
45	+	IsInstalled string
46	+	Severity string
47	+	SeverityText string
48	+	Title string
49	+	InformationURL string
50	+	CVEIDs string
51	+	Categories string
52	+	}
53	+	type Agent struct {
54	+	AgentId int `json:"AgentId"`
55	+	}
56	+
57	+	/*
58	+	[SIRIUS AGENTS DATABASE OPERATIONS]
59	+	*/
60	+
61	+	func AgentResponse(c *gin.Context) {
62	+	var taskResponse siriusDB.TaskResponse
63	+
64	+	if c.ShouldBind(&taskResponse) == nil {
65	+	log.Println("Task Response Recieved")
66	+	}
67	+	log.Println(taskResponse)
68	+
69	+	//DB Connection
70	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
71	+	if err != nil {
72	+	log.Fatal(err)
73	+	}
74	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
75	+	err = client.Connect(ctx)
76	+	if err != nil {
77	+	log.Fatal(err)
78	+	}
79	+	defer client.Disconnect(ctx)
80	+	//Get base SiriusAgent from DB and append new task
81	+	hostCollection := client.Database("Sirius").Collection("Hosts")
82	+	log.Println(taskResponse.IP)
83	+
84	+	var result siriusDB.SVDBHost
85	+	err = hostCollection.FindOne(context.TODO(), bson.D{{"ip", taskResponse.IP}}).Decode(&result)
86	+	if err != nil {
87	+	if err == mongo.ErrNoDocuments {
88	+	// This error means your query did not match any documents.
89	+	return
90	+	}
91	+	panic(err)
92	+	}
93	+
94	+	updatedTask := taskResponse.Task
95	+	updatedTask.Date = time.Now()
96	+	for i := 0; i < len(result.Agent.Tasks); i++ {
97	+	if result.Agent.Tasks[i].ID == updatedTask.ID {
98	+	result.Agent.Tasks[i] = updatedTask
99	+	}
100	+	}
101	+	log.Println("updatedTask")
102	+
103	+	//Update Agent Details
104	+	res, err := hostCollection.UpdateOne(
105	+	ctx,
106	+	bson.M{"ip": taskResponse.IP},
107	+	bson.D{
108	+	{"$set", bson.D{{"Agent", result.Agent}}},
109	+	},
110	+	)
111	+	if err != nil {
112	+	log.Fatal(err)
113	+	}
114	+	fmt.Println(res)
115	+	fmt.Println("Task Updated for Agent: ", taskResponse.AgentId)
116	+
117	+	}
118	+
119	+	func RegisterAgent(agent siriusDB.SiriusAgent) {
120	+	//DB Connection
121	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
122	+	if err != nil {
123	+	log.Fatal(err)
124	+	}
125	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
126	+	err = client.Connect(ctx)
127	+	if err != nil {
128	+	log.Fatal(err)
129	+	}
130	+	defer client.Disconnect(ctx)
131	+	hostCollection := client.Database("Sirius").Collection("Hosts")
132	+
133	+	//Update Agent Details
134	+	res, err := hostCollection.UpdateOne(
135	+	ctx,
136	+	bson.M{"ip": agent.IP},
137	+	bson.D{
138	+	{"$set", bson.D{{"Agent", agent}}},
139	+	},
140	+	)
141	+	if err != nil {
142	+	log.Fatal(err)
143	+	}
144	+	fmt.Println(res)
145	+	fmt.Println("New Agent Registration Successful!")
146	+	}
147	+
148	+	func TaskAgent(agent siriusDB.SiriusAgent) {
149	+	//DB Connection
150	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
151	+	if err != nil {
152	+	log.Fatal(err)
153	+	}
154	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
155	+	err = client.Connect(ctx)
156	+	if err != nil {
157	+	log.Fatal(err)
158	+	}
159	+	defer client.Disconnect(ctx)
160	+	//Get base SiriusAgent from DB and append new task
161	+	hostCollection := client.Database("Sirius").Collection("Hosts")
162	+
163	+	var result siriusDB.SVDBHost
164	+	err = hostCollection.FindOne(context.TODO(), bson.D{{"ip", agent.IP}}).Decode(&result)
165	+	if err != nil {
166	+	if err == mongo.ErrNoDocuments {
167	+	// This error means your query did not match any documents.
168	+	return
169	+	}
170	+	panic(err)
171	+	}
172	+	newTask := agent.Tasks[0]
173	+	newTask.Date = time.Now()
174	+	result.Agent.Tasks = append(result.Agent.Tasks, newTask)
175	+
176	+	fmt.Println(agent)
177	+	//Update Agent Details
178	+	res, err := hostCollection.UpdateOne(
179	+	ctx,
180	+	bson.M{"ip": agent.IP},
181	+	bson.D{
182	+	{"$set", bson.D{{"Agent", result.Agent}}},
183	+	},
184	+	)
185	+	if err != nil {
186	+	log.Fatal(err)
187	+	}
188	+	fmt.Println(res)
189	+	fmt.Println("Task Assigned to Agent: ", agent.AgentId)
190	+	}
191	+
192	+	func GetTasks(agent siriusDB.SiriusAgent) []siriusDB.Task {
193	+	//DB Connection
194	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
195	+	if err != nil {
196	+	log.Fatal(err)
197	+	}
198	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
199	+	err = client.Connect(ctx)
200	+	if err != nil {
201	+	log.Fatal(err)
202	+	}
203	+	defer client.Disconnect(ctx)
204	+	hostCollection := client.Database("Sirius").Collection("Hosts")
205	+
206	+	//Update Agent Details
207	+	var result siriusDB.SVDBHost
208	+	var taskList []siriusDB.Task
209	+	err = hostCollection.FindOne(context.TODO(), bson.D{{"ip", agent.IP}}).Decode(&result)
210	+	if err != nil {
211	+	if err == mongo.ErrNoDocuments {
212	+	// This error means your query did not match any documents.
213	+	return taskList
214	+	}
215	+	panic(err)
216	+	}
217	+	taskList = result.Agent.Tasks
218	+
219	+	return taskList
220	+	}
221	+
222	+	/*
223	+	[SIRIUS AGENTS API HELPER FUNCTIONS]
224	+	*/
225	+
226	+	func processReport() {
227	+	fmt.Println("test")
228	+	}
229	+

■ ■ ■ ■ ■ ■

API/API/data/data.go

1	+	package dataAPI
2	+
3	+	/*
4	+	Sirius Data API:
5	+	This file contains functions and objects to support interaction with agents. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/data
6	+	The following functions are exported:
7	+	-
8	+	*/
9	+
10	+	import (
11	+	"context"
12	+	_ "encoding/json"
13	+	_ "errors"
14	+	"log"
15	+	"net/http"
16	+	_ "os"
17	+	_ "os/exec"
18	+	"time"
19	+
20	+	"github.com/gin-gonic/gin"
21	+	"go.mongodb.org/mongo-driver/bson"
22	+	"go.mongodb.org/mongo-driver/mongo"
23	+	"go.mongodb.org/mongo-driver/mongo/options"
24	+
25	+	//Internal Libraries
26	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
27	+	//3rd Party Dependencies
28	+	)
29	+
30	+	/*
31	+	[SIRIUS AGENTS API QUERIES]
32	+	*/
33	+
34	+	func TerminalHistory(c *gin.Context) {
35	+	//DB Connection
36	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
37	+	if err != nil {
38	+	log.Fatal(err)
39	+	}
40	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
41	+	err = client.Connect(ctx)
42	+	if err != nil {
43	+	log.Fatal(err)
44	+	}
45	+	defer client.Disconnect(ctx)
46	+	//Get base SiriusAgent from DB and append new task
47	+	hostCollection := client.Database("Sirius").Collection("Hosts")
48	+
49	+	//find records
50	+	//pass these options to the Find method
51	+	findOptions := options.Find()
52	+	//Set the limit of the number of record to find
53	+	findOptions.SetLimit(5)
54	+	//Define an array in which you can store the decoded documents
55	+	var results []siriusDB.SVDBHost
56	+
57	+	//Passing the bson.D{{}} as the filter matches documents in the collection
58	+	cur, err := hostCollection.Find(context.TODO(), bson.D{{}}, findOptions)
59	+	if err != nil {
60	+	log.Fatal(err)
61	+	}
62	+	//Finding multiple documents returns a cursor
63	+	//Iterate through the cursor allows us to decode documents one at a time
64	+
65	+	for cur.Next(context.TODO()) {
66	+	//Create a value into which the single document can be decoded
67	+	var hosts siriusDB.SVDBHost
68	+	err := cur.Decode(&hosts)
69	+	if err != nil {
70	+	log.Fatal(err)
71	+	}
72	+
73	+	results = append(results, hosts)
74	+	}
75	+
76	+	if err := cur.Err(); err != nil {
77	+	log.Fatal(err)
78	+	}
79	+
80	+	//Close the cursor once finished
81	+	cur.Close(context.TODO())
82	+
83	+	var history []siriusDB.TerminalHistory
84	+	var historyEntry siriusDB.TerminalHistory
85	+	for i := 0; i < len(results); i++ {
86	+	for j := 0; j < len(results[i].Agent.Tasks); j++ {
87	+	historyEntry.Id = results[i].Agent.Tasks[j].ID
88	+	historyEntry.IP = results[i].IP
89	+	historyEntry.Command = results[i].Agent.Tasks[j].Command
90	+	historyEntry.Result = results[i].Agent.Tasks[j].Result
91	+	historyEntry.Status = results[i].Agent.Tasks[j].Status
92	+	historyEntry.Date = results[i].Agent.Tasks[j].Date
93	+	history = append(history, historyEntry)
94	+	}
95	+	}
96	+
97	+	c.IndentedJSON(http.StatusOK, history)
98	+	}
99	+

■ ■ ■ ■ ■ ■

API/API/hosts/AddCPE.go

1	+	package hostAPI
2	+
3	+	/*
4	+	Sirius Hosts API:
5	+	This file contains functions and objects to support interaction with hosts. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/hosts
6	+	The following functions are exported:
7	+	- CPEScan
8	+	*/

■ ■ ■ ■ ■ ■

API/API/hosts/AddHost.go

1	+	package hostAPI
2	+
3	+	/*
4	+	Sirius Hosts API:
5	+	This file contains functions and objects to support interaction with hosts. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/hosts
6	+	The following functions are exported:
7	+	- AddHost
8	+	*/
9	+
10	+	import (
11	+	"context"
12	+	_ "encoding/json"
13	+	_ "errors"
14	+	"log"
15	+	"reflect"
16	+
17	+	"fmt"
18	+	_ "os"
19	+	_ "os/exec"
20	+	"time"
21	+
22	+	"go.mongodb.org/mongo-driver/mongo"
23	+	"go.mongodb.org/mongo-driver/mongo/options"
24	+
25	+	//Internal Libraries
26	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
27	+	//3rd Party Dependencies
28	+	)
29	+
30	+	func AddHost(host siriusDB.SVDBHost) {
31	+	log.Println(host)
32	+
33	+	//DB Connection
34	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
35	+	if err != nil {
36	+	log.Fatal(err)
37	+	}
38	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
39	+	err = client.Connect(ctx)
40	+	if err != nil {
41	+	log.Fatal(err)
42	+	}
43	+	defer client.Disconnect(ctx)
44	+
45	+	//Perform DB Operations
46	+	fmt.Println(reflect.TypeOf(client))
47	+	newHost(client, host)
48	+
49	+	log.Println("Success: Operation completed successfully")
50	+	}
51	+
52	+	func newHost(client *mongo.Client, host siriusDB.SVDBHost) string {
53	+	hostCollection := client.Database("Sirius").Collection("Hosts")
54	+	//log.Println(hostCollection)
55	+
56	+	fmt.Println(host)
57	+
58	+	result, err := hostCollection.InsertOne(context.TODO(), host)
59	+	// check for errors in the insertion
60	+	if err != nil {
61	+	panic(err)
62	+	}
63	+	// display the id of the newly inserted object
64	+	fmt.Println(result.InsertedID)
65	+	return "result"
66	+	}

■ ■ ■ ■ ■ ■

API/API/hosts/GetHost.go

1	+	package hostAPI
2	+
3	+	/*
4	+	Sirius Hosts API:
5	+	This file contains functions and objects to support interaction with hosts. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/hosts
6	+	The following functions are exported:
7	+	- CPEScan
8	+	*/
9	+
10	+	import (
11	+	"context"
12	+	_ "encoding/json"
13	+	_ "errors"
14	+	"log"
15	+
16	+	//"reflect"
17	+	"fmt"
18	+	_ "os"
19	+	_ "os/exec"
20	+	"time"
21	+
22	+	"go.mongodb.org/mongo-driver/bson"
23	+	"go.mongodb.org/mongo-driver/mongo"
24	+	"go.mongodb.org/mongo-driver/mongo/options"
25	+
26	+	//Internal Libraries
27	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
28	+	//3rd Party Dependencies
29	+	)
30	+
31	+	func GetHost(hostRequest siriusDB.SVDBHost) siriusDB.SVDBHost {
32	+
33	+	//Get the host data from the database
34	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
35	+	if err != nil {
36	+	log.Fatal(err)
37	+	}
38	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
39	+	err = client.Connect(ctx)
40	+	if err != nil {
41	+	log.Fatal(err)
42	+	}
43	+	defer client.Disconnect(ctx)
44	+
45	+	//Perform DB Operations
46	+	hostCollection := client.Database("Sirius").Collection("Hosts")
47	+
48	+	//Find the appropriate Host
49	+	var result siriusDB.SVDBHost
50	+	err = hostCollection.FindOne(context.TODO(), bson.M{"ip": hostRequest.IP}).Decode(&result)
51	+	if err != nil {
52	+	fmt.Println("Error retrieving result from DB")
53	+	if err == mongo.ErrNoDocuments {
54	+	// This error means your query did not match any documents.
55	+	fmt.Println("No result found with that ID")
56	+	}
57	+	}
58	+
59	+	return result
60	+	}
61	+

■ ■ ■ ■ ■ ■

API/API/hosts/UpdateHost.go

1	+	package hostAPI
2	+
3	+	/*
4	+	Sirius Hosts API:
5	+	This file contains functions and objects to support interaction with hosts. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/hosts
6	+	The following functions are exported:
7	+	- CPEScan
8	+	*/
9	+
10	+	import (
11	+	"context"
12	+	_ "encoding/json"
13	+	_ "errors"
14	+	"log"
15	+
16	+	//"reflect"
17	+	"fmt"
18	+	_ "os"
19	+	_ "os/exec"
20	+	"time"
21	+
22	+	"go.mongodb.org/mongo-driver/bson"
23	+	"go.mongodb.org/mongo-driver/mongo"
24	+	"go.mongodb.org/mongo-driver/mongo/options"
25	+
26	+	//Internal Libraries
27	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
28	+	//3rd Party Dependencies
29	+	)
30	+
31	+	func UpdateHost(updateRequest siriusDB.SVDBHost) {
32	+
33	+	//DB Connection
34	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
35	+	if err != nil {
36	+	log.Fatal(err)
37	+	}
38	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
39	+	err = client.Connect(ctx)
40	+	if err != nil {
41	+	log.Fatal(err)
42	+	}
43	+	defer client.Disconnect(ctx)
44	+
45	+	//Perform DB Operations
46	+	hostCollection := client.Database("Sirius").Collection("Hosts")
47	+
48	+	//Find the appropriate Host
49	+	var result siriusDB.SVDBHost
50	+	err = hostCollection.FindOne(context.TODO(), bson.M{"ip": updateRequest.IP}).Decode(&result)
51	+	if err != nil {
52	+	fmt.Println("Error retrieving result from DB")
53	+	if err == mongo.ErrNoDocuments {
54	+	// This error means your query did not match any documents.
55	+	fmt.Println("No result found with that ID")
56	+	return
57	+	}
58	+	panic(err)
59	+	}
60	+
61	+	//Splice the new data into the old data (do it later)
62	+	//This only does CPEs and CVEs for now
63	+	for i := 0; i < len(updateRequest.CPE); i++ {
64	+	result.CPE = append(result.CPE, updateRequest.CPE[i])
65	+	}
66	+	for i := 0; i < len(updateRequest.CVE); i++ {
67	+	result.CVE = append(result.CVE, updateRequest.CVE[i])
68	+	}
69	+
70	+	//Update Host
71	+	res, err := hostCollection.UpdateOne(
72	+	ctx,
73	+	bson.M{"ip": updateRequest.IP},
74	+	bson.D{
75	+	{"$set", bson.D{{"CPE", updateRequest.CPE}, {"CVE", updateRequest.CVE}}},
76	+	},
77	+	)
78	+	if err != nil {
79	+	log.Fatal(err)
80	+	}
81	+	log.Println("Updated", res.ModifiedCount, "documents in the hosts collection.")
82	+	return
83	+	}
84	+

■ ■ ■ ■ ■ ■

API/API/hosts/host.go

1	+	package hostAPI
2	+
3	+	/*
4	+	Sirius Hosts API:
5	+	This file contains functions and objects to support interaction with hosts. It can be imported as follows: github.com/0sm0s1z/Sirius-Scan/API/hosts
6	+	The following functions are exported:
7	+	- CPEScan
8	+	*/

■ ■ ■ ■ ■ ■

API/API/scan/NewScan.go

1	+	package scanAPI
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"log"
7	+	"net/http"
8	+	"os"
9	+	"os/exec"
10	+
11	+	"github.com/gin-gonic/gin"
12	+	//Internal Libraries
13	+	hostAPI "github.com/0sm0s1z/Sirius-Scan/API/hosts"
14	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
15	+	siriusHelper "github.com/0sm0s1z/Sirius-Scan/lib/utils"
16	+	siriusNmap "github.com/0sm0s1z/Sirius-Scan/scanner/engines/nmap"
17	+	//3rd Party Dependencies
18	+	)
19	+
20	+	type ScanRequest struct {
21	+	ScanID string
22	+	Targets []string
23	+	}
24	+
25	+	type HostCVE struct {
26	+	Host string
27	+	CVEList []string
28	+	}
29	+
30	+	// NewScan -
31	+	func NewScan(c *gin.Context) {
32	+
33	+	log.Println("New Scan Requested")
34	+
35	+	//Get Scan Profile from Request
36	+	var request ScanRequest
37	+	if c.ShouldBind(&request) == nil {
38	+	//log.Println("Request Received")
39	+	}
40	+
41	+	//Create Scan ID
42	+	scanID := "scan-" + siriusHelper.RandomString(10)
43	+
44	+	//Create Scratch Directory for Scan
45	+	os.MkdirAll("/tmp/sirius/" + scanID, 0755)
46	+
47	+	//For each Target run a scan
48	+
49	+	for _, target := range request.Targets {
50	+	//Execute Nmap Scan
51	+	rawScanResults := "/tmp/sirius/" + scanID + "/" + target + "-nmapportscan.xml"
52	+	exec.Command("/opt/homebrew/bin/nmap", "-A", "--script=vuln,vulners", target, "-oX", rawScanResults).Output()
53	+	}
54	+
55	+	//Hardcoded Scan ID for Testing
56	+	//scanID = "scan-BpLnfgDsc2"
57	+
58	+	//log.Println("Processing Scan Results")
59	+	var scanResults []siriusNmap.CVE
60	+	var hostCVEs []HostCVE
61	+
62	+	//Process Scan Results for each Target
63	+	for _, target := range request.Targets {
64	+	rawScanResults := "/tmp/sirius/" + scanID + "/" + target + "-nmapportscan.xml"
65	+	dat, err := os.ReadFile(rawScanResults)
66	+	siriusHelper.ErrorCheck(err)
67	+
68	+	//Process Scan Results and append to scanResults
69	+	scanResults = append(scanResults, processScanResults(dat)...)
70	+
71	+	//Create HostCVE
72	+	var hostCVE HostCVE
73	+	hostCVE.Host = target
74	+
75	+	//Create CVEList
76	+	var cveList []string
77	+	for _, cve := range scanResults {
78	+	newCVE := "CVE-" + cve.CVEID
79	+	cveList = append(cveList, newCVE)
80	+	}
81	+
82	+	hostCVE.CVEList = cveList
83	+
84	+	//Append HostCVE to hostCVEs
85	+	hostCVEs = append(hostCVEs, hostCVE)
86	+	}
87	+
88	+	//Send Scan Results to Database
89	+	SubmitFindings(hostCVEs)
90	+	log.Println("Scan Complete")
91	+	//log.Println(hostCVEs)
92	+
93	+	//Return Scan Results
94	+	c.IndentedJSON(http.StatusOK, hostCVEs)
95	+	}
96	+
97	+	func processScanResults(dat []byte) []siriusNmap.CVE {
98	+
99	+	//Parse XML Using Lair Project's Nmap Parser
100	+	var scanResults []siriusNmap.CVE
101	+	scanResults = siriusNmap.ProcessReport(dat)
102	+
103	+	log.Println(scanResults)
104	+
105	+	//Return DiscoveryDetails struct
106	+
107	+	return scanResults
108	+	}
109	+
110	+	// Update hosts in database with new findings
111	+	func SubmitFindings(cveList []HostCVE) {
112	+	//For each host in cveList
113	+	for _, host := range cveList {
114	+	//Get the host from the database
115	+	var hostRequest siriusDB.SVDBHost
116	+	hostRequest.IP = host.Host
117	+	hostRequest = hostAPI.GetHost(hostRequest)
118	+
119	+	//If host does not exist in the database, create it
120	+	if hostRequest.IP == "" {
121	+	hostRequest.IP = host.Host
122	+	hostRequest.CVE = host.CVEList
123	+	hostAPI.AddHost(hostRequest)
124	+	continue
125	+	} else {
126	+	//If host exists in the database, update it
127	+	//Combine the new cve list with the old cve
128	+	hostRequest.CVE = append(hostRequest.CVE, host.CVEList...)
129	+
130	+	//Update the host in the database
131	+	hostAPI.UpdateHost(hostRequest)
132	+	}
133	+	}
134	+	}
135	+

■ ■ ■ ■ ■ ■

API/API/scan/scan.go

1

+

package scanAPI

■ ■ ■ ■ ■ ■

API/API/svdb/AddVuln.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"log"
7	+	_ "os"
8	+	_ "os/exec"
9	+
10	+	"github.com/gin-gonic/gin"
11	+
12	+	//Internal Libraries
13	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
14	+	//3rd Party Dependencies
15	+	)
16	+
17	+	func AddVuln(c *gin.Context) {
18	+	var newVuln siriusDB.SVDBEntry
19	+
20	+	// Call BindJSON to bind the received JSON a local variable
21	+	//fmt.Println(c)
22	+	if c.ShouldBind(&newVuln) == nil {
23	+	log.Println("Adding Vulnerability...")
24	+	}
25	+	siriusDB.AddVuln(newVuln)
26	+
27	+	c.String(200, "Success")
28	+	}
29	+

■ ■ ■ ■ ■ ■

API/API/svdb/FullVulnerabilityReport.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	_ "log"
7	+	"net/http"
8	+	_ "os"
9	+	_ "os/exec"
10	+
11	+	"github.com/gin-gonic/gin"
12	+
13	+	//Internal Libraries
14	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
15	+	//3rd Party Dependencies
16	+	)
17	+
18	+	type EnterpriseVulnerability struct {
19	+	CVE string
20	+	Host []string
21	+	}
22	+
23	+	type EnterpriseCPE struct {
24	+	CPE siriusDB.CPEMatch
25	+	Host []string
26	+	}
27	+
28	+	type EnterpriseVulnerabilityReport struct {
29	+	CVEDataFormat string
30	+	CVEDataType string
31	+	CVEDataVersion string
32	+	CVEDataNumberOfCVEs string
33	+	CVEDataTimestamp string
34	+	CVEItems []siriusDB.CVEItem
35	+	CVEDataMeta siriusDB.CVEDataMeta
36	+	Description siriusDB.Description
37	+	CPE siriusDB.Node
38	+	CVSSV3 siriusDB.CVSSV3
39	+	References []string
40	+	Tags []string
41	+	AffectedHosts []string
42	+	}
43	+
44	+	// FullVulnerabilityReport responds with a report of vulnerability data related all hosts.
45	+	func FullVulnerabilityReport(c *gin.Context) {
46	+
47	+	//Get hosts from database
48	+	var hosts []siriusDB.SVDBHost
49	+	hosts = siriusDB.GetHosts()
50	+
51	+	//For each host, identify the CVEs
52	+	var EnterpriseVulnerabilityList []EnterpriseVulnerability
53	+	var cpeHostList []EnterpriseCPE
54	+	for i := 0; i < len(hosts); i++ {
55	+	var vuln EnterpriseVulnerability
56	+	for j := 0; j < len(hosts[i].CVE); j++ {
57	+	vuln.CVE = hosts[i].CVE[j]
58	+	vuln.Host = append(vuln.Host, hosts[i].IP)
59	+	EnterpriseVulnerabilityList = append(EnterpriseVulnerabilityList, vuln)
60	+	}
61	+
62	+	//Make CPE struct for each CPE with the host affected
63	+	var cpeHost EnterpriseCPE
64	+	for j := 0; j < len(hosts[i].CPE); j++ {
65	+	cpeHost.CPE.CPE23URI = hosts[i].CPE[j]
66	+	cpeHost.Host = append(cpeHost.Host, hosts[i].IP)
67	+
68	+	//Check if the CPE is already in the list
69	+	var found bool
70	+	for k := 0; k < len(cpeHostList); k++ {
71	+	if cpeHostList[k].CPE.CPE23URI == cpeHost.CPE.CPE23URI {
72	+	cpeHostList[k].Host = append(cpeHostList[k].Host, hosts[i].IP)
73	+	found = true
74	+	}
75	+	}
76	+	if !found {
77	+	cpeHostList = append(cpeHostList, cpeHost)
78	+	}
79	+	}
80	+	}
81	+
82	+	//For each CPE, identify the CVEs
83	+	for j := 0; j < len(cpeHostList); j++ {
84	+	var cveList []siriusDB.SVDBEntry
85	+	cveList = MatchToCVE(cpeHostList[j].CPE)
86	+	for k := 0; k < len(cveList); k++ {
87	+	var vuln EnterpriseVulnerability
88	+	vuln.CVE = cveList[k].CVEDataMeta.ID
89	+	vuln.Host = cpeHostList[j].Host
90	+	EnterpriseVulnerabilityList = append(EnterpriseVulnerabilityList, vuln)
91	+	}
92	+	}
93	+
94	+	//Create a finding request for each CVE and add to EnterpriseVulnerabilityReport
95	+	var VulnerabilityReport []EnterpriseVulnerabilityReport
96	+	for i := 0; i < len(EnterpriseVulnerabilityList); i++ {
97	+	var finding siriusDB.FindingRequest
98	+	finding.CVE = append(finding.CVE, EnterpriseVulnerabilityList[i].CVE)
99	+	var findingList []siriusDB.SVDBEntry
100	+	findingList = siriusDB.GetFinding(finding)
101	+	for j := 0; j < len(findingList); j++ {
102	+	var report EnterpriseVulnerabilityReport
103	+
104	+	//Update report with finding data
105	+	report.CVEDataFormat = findingList[j].CVEDataFormat
106	+	report.CVEDataType = findingList[j].CVEDataType
107	+	report.CVEDataVersion = findingList[j].CVEDataVersion
108	+	report.CVEDataNumberOfCVEs = findingList[j].CVEDataNumberOfCVEs
109	+	report.CVEDataTimestamp = findingList[j].CVEDataTimestamp
110	+	report.CVEDataMeta = findingList[j].CVEDataMeta
111	+	report.CVEItems = findingList[j].CVEItems
112	+	report.Description = findingList[j].Description
113	+	report.CPE = findingList[j].CPE
114	+	report.CVSSV3 = findingList[j].CVSSV3
115	+	report.References = findingList[j].References
116	+	report.Tags = findingList[j].Tags
117	+
118	+	//Add affected hosts
119	+	report.AffectedHosts = EnterpriseVulnerabilityList[i].Host
120	+	VulnerabilityReport = append(VulnerabilityReport, report)
121	+	}
122	+	}
123	+
124	+	c.IndentedJSON(http.StatusOK, VulnerabilityReport)
125	+	}
126	+

■ ■ ■ ■ ■ ■

API/API/svdb/GetCPE.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	"context"
5	+	_ "encoding/json"
6	+	_ "errors"
7	+	"fmt"
8	+	"log"
9	+	"net/http"
10	+	_ "os"
11	+	_ "os/exec"
12	+	"strings"
13	+	"time"
14	+
15	+	"github.com/gin-gonic/gin"
16	+	"go.mongodb.org/mongo-driver/bson"
17	+	"go.mongodb.org/mongo-driver/mongo"
18	+	"go.mongodb.org/mongo-driver/mongo/options"
19	+
20	+	//Internal Libraries
21	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
22	+	//3rd Party Dependencies
23	+	)
24	+
25	+	type CPE struct {
26	+	Product string
27	+	Vendor string
28	+	Version string
29	+	CPE23URI string
30	+	}
31	+
32	+	// GetCPE responds with the list of a CPE as JSON.
33	+	func GetCPE(c *gin.Context) {
34	+	//Selector (CPE or other?)
35	+	var request siriusDB.CPEMatch
36	+
37	+	if c.ShouldBind(&request) == nil {
38	+	log.Println("CPE lookup request recieved!")
39	+	log.Println("Building CVE Data for:", request.CPE23URI)
40	+	}
41	+
42	+	var finding []siriusDB.SVDBEntry
43	+	finding = MatchToCVE(request)
44	+	c.IndentedJSON(http.StatusOK, finding)
45	+	}
46	+
47	+	//Performs DB lookup for all vulnerabilities and matches underlying CVEs to matched CPE
48	+	func MatchToCVE(request siriusDB.CPEMatch) []siriusDB.SVDBEntry {
49	+	//Get CPE Request Version String
50	+	var cpeRequest CPE
51	+	if request.CPE23URI != "" {
52	+	cpeRequest.CPE23URI = request.CPE23URI
53	+	cpeRequest.Vendor = strings.Split(request.CPE23URI, ":")[3]
54	+	cpeRequest.Product = strings.Split(request.CPE23URI, ":")[4]
55	+	cpeRequest.Version = strings.Split(request.CPE23URI, ":")[5]
56	+	}
57	+
58	+	//DB Connection
59	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
60	+	if err != nil {
61	+	log.Fatal(err)
62	+	}
63	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
64	+	err = client.Connect(ctx)
65	+	if err != nil {
66	+	log.Fatal(err)
67	+	}
68	+
69	+	var cveList []siriusDB.SVDBEntry
70	+	filter := bson.D{}
71	+
72	+	//Get ALL vulnerabilities & check CPE Match Details for each.
73	+	//Add matches to cveList
74	+	//Optimize this in the future by adding matched vulns to CVE cache DB (currently doesn't exist)
75	+	vulnCollection := client.Database("Sirius").Collection("Vulnerabilities")
76	+
77	+	cursor, err := vulnCollection.Find(context.TODO(), filter)
78	+	if err == mongo.ErrNoDocuments {
79	+	// Do something when no record was found
80	+	// IE Database is empty/has not been built
81	+	fmt.Println("record does not exist")
82	+	} else if err != nil {
83	+	log.Fatal(err)
84	+	}
85	+
86	+	//Iterate through all vulnerabilities
87	+	for cursor.Next(context.TODO()) {
88	+	var cveEntry siriusDB.SVDBEntry
89	+	if err := cursor.Decode(&cveEntry); err != nil {
90	+	log.Fatal(err)
91	+	}
92	+	vuln := cpeLookup(cveEntry, cpeRequest)
93	+
94	+	//Append to list if not empty
95	+	if (siriusDB.SVDBEntry{}.CVEDataType != vuln.CVEDataType) {
96	+	cveList = append(cveList, vuln)
97	+
98	+	}
99	+	}
100	+	if err := cursor.Err(); err != nil {
101	+	log.Fatal(err)
102	+	}
103	+	defer cursor.Close(context.TODO())
104	+
105	+	return cveList
106	+	}
107	+
108	+	//CPE Match
109	+	func cpeLookup(cveEntry siriusDB.SVDBEntry, cpeRequest CPE) siriusDB.SVDBEntry {
110	+	var vuln siriusDB.SVDBEntry
111	+	var cpeMatch CPE
112	+
113	+	//Iterate through all CPEs for each vulnerability
114	+	for i := 0; i < len(cveEntry.CPE.CPEMatch); i++ {
115	+	//Check for hard match
116	+	if cveEntry.CPE.CPEMatch[i].CPE23URI == cpeRequest.CPE23URI {
117	+	vuln = cveEntry
118	+	return vuln
119	+	} else {
120	+	//Collect CPEMatch Details
121	+	cpeMatch.Vendor = strings.Split(cveEntry.CPE.CPEMatch[i].CPE23URI, ":")[3]
122	+	cpeMatch.Product = strings.Split(cveEntry.CPE.CPEMatch[i].CPE23URI, ":")[4]
123	+	cpeMatch.Version = strings.Split(cveEntry.CPE.CPEMatch[i].CPE23URI, ":")[5]
124	+
125	+	//Check Vendor & Product
126	+	if cpeMatch.Vendor == cpeRequest.Vendor && cpeMatch.Product == cpeRequest.Product {
127	+	//Get version details
128	+	start := cveEntry.CPE.CPEMatch[i].VersionStartIncluding
129	+	end := cveEntry.CPE.CPEMatch[i].VersionEndExcluding
130	+
131	+	//Append if request is for * (all versions)
132	+	if cpeRequest.Version == "*" {
133	+	vuln = cveEntry
134	+	return vuln
135	+	} else {
136	+	//Check if version is in range
137	+	if cpeRequest.Version >= start && cpeMatch.Version < end {
138	+	vuln = cveEntry
139	+	return vuln
140	+	}
141	+	}
142	+	}
143	+	}
144	+	}
145	+	return vuln
146	+	}
147	+

■ ■ ■ ■ ■ ■

API/API/svdb/GetCPEVendors.go

1	+	package svdbAPI
2	+
3	+	/*
4	+	NVD CPE Match API Vendor List
5	+	*/
6	+
7	+	import (
8	+	"encoding/json"
9	+	_ "encoding/json"
10	+	_ "errors"
11	+	"io/ioutil"
12	+	"log"
13	+
14	+	//"reflect"
15	+	"fmt"
16	+	"net/http"
17	+	_ "os"
18	+	_ "os/exec"
19	+
20	+	"github.com/gin-gonic/gin"
21	+	)
22	+
23	+	type CPEVendor struct {
24	+	VendorName string `json:"vendor_name"`
25	+	Product []CPEProduct `json:"product"`
26	+	}
27	+	type CPEProduct struct {
28	+	ProductName string `json:"product_name"`
29	+	}
30	+
31	+	func GetCPEVendors(c *gin.Context) {
32	+	fmt.Println(c)
33	+
34	+	//Retrieve CPE Vendor List
35	+	var result []CPEVendor
36	+	result = getVendors()
37	+
38	+	c.IndentedJSON(http.StatusOK, result)
39	+	}
40	+
41	+	func getVendors() []CPEVendor {
42	+	//Open CPE List File
43	+	dat, err := ioutil.ReadFile("./data/vendorlist.json")
44	+	if err != nil {
45	+	log.Println("Error reading CPE List")
46	+	log.Println(err)
47	+	}
48	+	//Parse CPE List
49	+	var result []CPEVendor
50	+	err = json.Unmarshal(dat, &result)
51	+	if err != nil {
52	+	log.Println("Error parsing CPE List")
53	+	}
54	+
55	+	return result
56	+	}
57	+

■ ■ ■ ■ ■ ■

API/API/svdb/GetFinding.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"log"
7	+	"net/http"
8	+	_ "os"
9	+	_ "os/exec"
10	+
11	+	"github.com/gin-gonic/gin"
12	+
13	+	//Internal Libraries
14	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
15	+	//3rd Party Dependencies
16	+	)
17	+
18	+	// getFindings responds with the list of a Finding as JSON.
19	+	func GetFinding(c *gin.Context) {
20	+	//Selector (CVE or other?)
21	+	var request siriusDB.FindingRequest
22	+
23	+	if c.ShouldBind(&request) == nil {
24	+	log.Println("Building CVE Data")
25	+	log.Println(request)
26	+	}
27	+
28	+	var finding []siriusDB.SVDBEntry
29	+	finding = siriusDB.GetFinding(request)
30	+	c.IndentedJSON(http.StatusOK, finding)
31	+	}
32	+

■ ■ ■ ■ ■ ■

API/API/svdb/UpdateVuln.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	"context"
5	+	_ "encoding/json"
6	+	_ "errors"
7	+	"log"
8	+
9	+	//"reflect"
10	+	"fmt"
11	+	_ "os"
12	+	_ "os/exec"
13	+	"time"
14	+
15	+	"github.com/gin-gonic/gin"
16	+	"go.mongodb.org/mongo-driver/bson"
17	+	"go.mongodb.org/mongo-driver/mongo"
18	+	"go.mongodb.org/mongo-driver/mongo/options"
19	+
20	+	//Internal Libraries
21	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
22	+	//3rd Party Dependencies
23	+	)
24	+
25	+	func UpdateVuln(c *gin.Context) {
26	+	var newVuln siriusDB.SVDBEntry
27	+
28	+	// Call BindJSON to bind the received JSON a local variable
29	+	//fmt.Println(c)
30	+	if c.ShouldBind(&newVuln) == nil {
31	+	log.Println("Updating Vulnerability Entry...")
32	+	}
33	+
34	+	//DB Connection
35	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
36	+	if err != nil {
37	+	log.Fatal(err)
38	+	}
39	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
40	+	err = client.Connect(ctx)
41	+	if err != nil {
42	+	log.Fatal(err)
43	+	}
44	+	defer client.Disconnect(ctx)
45	+
46	+	//Perform DB Operations
47	+	vulnCollection := client.Database("Sirius").Collection("Vulnerabilities")
48	+
49	+	//Find the appropriate vulnerability
50	+	var finding siriusDB.SVDBEntry
51	+	err = vulnCollection.FindOne(context.TODO(), bson.M{"cvedatameta.id": newVuln.CVEDataMeta.ID}).Decode(&finding)
52	+	if err != nil {
53	+	fmt.Println("Error retrieving finding from DB")
54	+	if err == mongo.ErrNoDocuments {
55	+	// This error means your query did not match any documents.
56	+	fmt.Println("No finding found with that ID")
57	+	return
58	+	}
59	+	panic(err)
60	+	}
61	+	finding.Tags = append(finding.Tags, newVuln.Tags...)
62	+	fmt.Println(finding.Tags)
63	+
64	+	//Update Vulnerability
65	+	res, err := vulnCollection.UpdateOne(
66	+	ctx,
67	+	bson.M{"cvedatameta.id": newVuln.CVEDataMeta.ID},
68	+	bson.D{
69	+	{"$set", bson.D{{"Tags", finding.Tags}}},
70	+	},
71	+	)
72	+	if err != nil {
73	+	log.Fatal(err)
74	+	}
75	+	fmt.Printf("Updated %v Documents!\n", res.ModifiedCount)
76	+
77	+	c.String(200, "Success")
78	+	}

■ ■ ■ ■ ■ ■

API/API/svdb/VulnerabilityReport.go

1	+	package svdbAPI
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"log"
7	+	"net/http"
8	+	_ "os"
9	+	_ "os/exec"
10	+
11	+	"github.com/gin-gonic/gin"
12	+
13	+	//Internal Libraries
14	+	hostAPI "github.com/0sm0s1z/Sirius-Scan/API/hosts"
15	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
16	+	//3rd Party Dependencies
17	+	)
18	+
19	+	// VulnerabilityReport responds with a report of vulnerability data related to a given host.
20	+	func VulnerabilityReport(c *gin.Context) {
21	+
22	+	var hostRequest siriusDB.SVDBHost
23	+
24	+	if c.ShouldBind(&hostRequest) != nil {
25	+	log.Println("Vulnerability Report Failed for: ", hostRequest.IP)
26	+	}
27	+
28	+	//Get the host data from the database
29	+	var result siriusDB.SVDBHost
30	+	result = hostAPI.GetHost(hostRequest)
31	+
32	+	//Collect the vulnerability data for each CVE
33	+	var finding siriusDB.FindingRequest
34	+	finding.CVE = result.CVE
35	+
36	+	var findingList []siriusDB.SVDBEntry
37	+	findingList = siriusDB.GetFinding(finding)
38	+
39	+	//Collect the vulnerability data for each CPE
40	+	var cpeList []siriusDB.SVDBEntry
41	+	var cpe siriusDB.CPEMatch
42	+	for i := 0; i < len(result.CPE); i++ {
43	+	cpe.CPE23URI = result.CPE[i]
44	+	cpeList = append(cpeList, MatchToCVE(cpe)...)
45	+
46	+	}
47	+
48	+	//Combine the two lists
49	+	var combinedList []siriusDB.SVDBEntry
50	+	combinedList = append(combinedList, findingList...)
51	+	combinedList = append(combinedList, cpeList...)
52	+
53	+	c.IndentedJSON(http.StatusOK, combinedList)
54	+	}
55	+

■ ■ ■ ■ ■ ■

API/LICENSE

1	+	MIT License
2	+
3	+	Copyright (c) 2022 Matthew Toussain
4	+
5	+	Permission is hereby granted, free of charge, to any person obtaining a copy
6	+	of this software and associated documentation files (the "Software"), to deal
7	+	in the Software without restriction, including without limitation the rights
8	+	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9	+	copies of the Software, and to permit persons to whom the Software is
10	+	furnished to do so, subject to the following conditions:
11	+
12	+	The above copyright notice and this permission notice shall be included in all
13	+	copies or substantial portions of the Software.
14	+
15	+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16	+	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17	+	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18	+	AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19	+	LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20	+	OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21	+	SOFTWARE.
22	+

■ ■ ■ ■ ■ ■

API/README.md

1	+	# Sirius-Scan
2	+
3	+
4	+
5	+
6	+	#### Dev Notes
7	+
8	+	- Plugins vs Engines?
9	+	- One off vs interchangable system
10	+
11	+	- Engines
12	+	- Vulnerability Correlation Engine
13	+	- Vulners
14	+	- NVD
15	+	- Port Scanning Engine
16	+	- Nmap
17	+
18	+
19	+	##### Scanner Methodology
20	+
21	+	- Discover Live Systems
22	+	- Nmap Discovery Custom -PS
23	+
24	+	- Discover Ports
25	+	- Nmap default
26	+
27	+	- Discover Service Version
28	+	- Nmap -sV
29	+	- Split port/service/banner/version
30	+	- Correlate into salient options
31	+	- Try match to global services file
32	+	- ID protocol/service/application => iterate on application if stack such as web
33	+	- Nmap --script discovery
34	+	- Custom discovery scripts
35	+
36	+
37	+	- Vulnerability Correlation
38	+	- Vulners (deconflict duplicate CVEs)
39	+
40	+	- Vulnerability Identification
41	+	- Nmap --script vuln (Sirius profiles long term)
42	+
43	+
44	+	- Authenticated Checks
45	+	- Vulners Agent?
46	+	- Windows WUA???
47	+	- NSE authenticated script support
48	+
49	+	- Reporting
50	+
51	+
52	+
53	+
54	+
55	+
56	+
57	+
58	+

API/Sirius-Scan

Binary file.

API/bin/air

Binary file.

API/bin/sirius-api.exe

Binary file.

■ ■ ■ ■ ■ ■

API/discover-vulners-cve.py

1	+	import vulners
2	+	import json
3	+
4	+	from os.path import expanduser
5	+	home = expanduser("~")
6	+
7	+	vulners_api = vulners.Vulners(api_key="IGAS7I7PPUYMMS1IXXNDPRCXE11XFQMKAL0J03LB7ELPK6P5MQKS915YJZED1WJG")
8	+
9	+	#Execute CVE searches under all service parameters
10	+	'''
11	+	CPE => cpe_results = vulners_api.cpeVulnerabilities("cpe:/a:cybozu:garoon:4.2.1")
12	+	Version String => vulners_api.softwareVulnerabilities("httpd", "1.3")
13	+	'''
14	+
15	+	#Get Services File
16	+	f = open(home + '/.sirius/scans/0001/hosts/services.json')
17	+
18	+	data = json.load(f)
19	+	f.close()
20	+	softwareList = []
21	+
22	+	# Iterating through the json
23	+	for port in data['nmap-version']['ports']:
24	+	for item in port.items():
25	+	nsw = {"details": [item[0], item[1]['service'], item[1]['version']]}
26	+	softwareList.append(nsw)
27	+
28	+	CVEList = []
29	+
30	+	#CPE Searches
31	+
32	+
33	+	#Version Searches
34	+	for target in softwareList:
35	+	sw_results = vulners_api.softwareVulnerabilities(target['details'][1], target['details'][2])
36	+	print(sw_results)
37	+	sw_exploit_list = sw_results.get('exploit')
38	+	sw_vulnerabilities_list = [sw_results.get(key) for key in sw_results if key not in ['info', 'blog', 'bugbounty']]
39	+
40	+	try:
41	+	for i in sw_vulnerabilities_list[0]:
42	+	CVEList.append(i['cvelist'])
43	+	except:
44	+	print("No known vulnerabilities for " + target['details'][1] + " " + target['details'][2])
45	+
46	+
47	+	print(CVEList)
48	+
49	+	f = open(home + "/.sirius/scans/0001/hosts/CVEs.json", "a")
50	+	f.write(str(CVEList))
51	+	f.close()
52	+
53	+	#print(CVE)
54	+	#help(vulners_api)
55	+

■ ■ ■ ■ ■ ■

API/go.mod

1	+	module github.com/0sm0s1z/Sirius-Scan
2	+
3	+	go 1.17
4	+
5	+	require (
6	+	github.com/cosmtrek/air v1.41.0 // indirect
7	+	github.com/creack/pty v1.1.18 // indirect
8	+	github.com/fatih/color v1.14.1 // indirect
9	+	github.com/fsnotify/fsnotify v1.6.0 // indirect
10	+	github.com/gin-contrib/cors v1.4.0 // indirect
11	+	github.com/gin-contrib/sse v0.1.0 // indirect
12	+	github.com/gin-gonic/gin v1.8.1 // indirect
13	+	github.com/go-playground/locales v0.14.0 // indirect
14	+	github.com/go-playground/universal-translator v0.18.0 // indirect
15	+	github.com/go-playground/validator/v10 v10.10.1 // indirect
16	+	github.com/go-stack/stack v1.8.0 // indirect
17	+	github.com/goccy/go-json v0.9.7 // indirect
18	+	github.com/golang/protobuf v1.5.2 // indirect
19	+	github.com/golang/snappy v0.0.1 // indirect
20	+	github.com/imdario/mergo v0.3.13 // indirect
21	+	github.com/json-iterator/go v1.1.12 // indirect
22	+	github.com/klauspost/compress v1.13.6 // indirect
23	+	github.com/lair-framework/go-nmap v0.0.0-20191202052157-3507e0b03523 // indirect
24	+	github.com/leodido/go-urn v1.2.1 // indirect
25	+	github.com/mattn/go-colorable v0.1.13 // indirect
26	+	github.com/mattn/go-isatty v0.0.17 // indirect
27	+	github.com/mitchellh/go-homedir v1.1.0 // indirect
28	+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
29	+	github.com/modern-go/reflect2 v1.0.2 // indirect
30	+	github.com/pelletier/go-toml v1.9.5 // indirect
31	+	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
32	+	github.com/pkg/errors v0.9.1 // indirect
33	+	github.com/ugorji/go/codec v1.2.7 // indirect
34	+	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
35	+	github.com/xdg-go/scram v1.0.2 // indirect
36	+	github.com/xdg-go/stringprep v1.0.2 // indirect
37	+	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
38	+	go.mongodb.org/mongo-driver v1.9.0 // indirect
39	+	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
40	+	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 // indirect
41	+	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e // indirect
42	+	golang.org/x/sys v0.5.0 // indirect
43	+	golang.org/x/text v0.3.7 // indirect
44	+	google.golang.org/protobuf v1.28.0 // indirect
45	+	gopkg.in/yaml.v2 v2.4.0 // indirect
46	+	)
47	+

■ ■ ■ ■ ■ ■

API/go.sum

1	+	github.com/cosmtrek/air v1.41.0 h1:6ck2LbcVvby6cyuwE8ruia41U2nppMZGWOpq+E/EhoU=
2	+	github.com/cosmtrek/air v1.41.0/go.mod h1:+RBGjJt7T2f3I7td8Tvk0XsH/hZ3E1QBLfiWObICO4c=
3	+	github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
4	+	github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
5	+	github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
6	+	github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
7	+	github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
8	+	github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
9	+	github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
10	+	github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
11	+	github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
12	+	github.com/gin-contrib/cors v1.4.0 h1:oJ6gwtUl3lqV0WEIwM/LxPF1QZ5qe2lGWdY2+bz7y0g=
13	+	github.com/gin-contrib/cors v1.4.0/go.mod h1:bs9pNM0x/UsmHPBWT2xZz9ROh8xYjYkiURUfmBoMlcs=
14	+	github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
15	+	github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
16	+	github.com/gin-gonic/gin v1.7.7 h1:3DoBmSbJbZAWqXJC3SLjAPfutPJJRN1U5pALB7EeTTs=
17	+	github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ1qq1U=
18	+	github.com/gin-gonic/gin v1.8.1 h1:4+fr/el88TOO3ewCmQr8cx/CtZ/umlIRIs5M4NTNjf8=
19	+	github.com/gin-gonic/gin v1.8.1/go.mod h1:ji8BvRH1azfM+SYow9zQ6SZMvR8qOMZHmsCuWR9tTTk=
20	+	github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
21	+	github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8=
22	+	github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU=
23	+	github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
24	+	github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA=
25	+	github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
26	+	github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
27	+	github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4=
28	+	github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
29	+	github.com/go-playground/validator/v10 v10.10.1 h1:uA0+amWMiglNZKZ9FJRKUAe9U3RX91eVn1JYXMWt7ig=
30	+	github.com/go-playground/validator/v10 v10.10.1/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU=
31	+	github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
32	+	github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
33	+	github.com/goccy/go-json v0.9.7 h1:IcB+Aqpx/iMHu5Yooh7jEzJk1JZ7Pjtmys2ukPr7EeM=
34	+	github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
35	+	github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
36	+	github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
37	+	github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
38	+	github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
39	+	github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
40	+	github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
41	+	github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
42	+	github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
43	+	github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
44	+	github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
45	+	github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
46	+	github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
47	+	github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
48	+	github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
49	+	github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc=
50	+	github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
51	+	github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
52	+	github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
53	+	github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
54	+	github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
55	+	github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
56	+	github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
57	+	github.com/lair-framework/go-nmap v0.0.0-20191202052157-3507e0b03523 h1:N4NQR4on0n3Kc3xlBXUYzCZorFdordwkR2kcZMk9te0=
58	+	github.com/lair-framework/go-nmap v0.0.0-20191202052157-3507e0b03523/go.mod h1:7Em1Lxm3DFdLvXWUZ6bQ/xIbGlxFy7jl07bziQMZ/kU=
59	+	github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
60	+	github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
61	+	github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
62	+	github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
63	+	github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
64	+	github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
65	+	github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
66	+	github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
67	+	github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
68	+	github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
69	+	github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
70	+	github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
71	+	github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
72	+	github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
73	+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
74	+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
75	+	github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
76	+	github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
77	+	github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
78	+	github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
79	+	github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
80	+	github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
81	+	github.com/pelletier/go-toml/v2 v2.0.1 h1:8e3L2cCQzLFi2CR4g7vGFuFxX7Jl1kKX8gW+iV0GUKU=
82	+	github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
83	+	github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
84	+	github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
85	+	github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
86	+	github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
87	+	github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
88	+	github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
89	+	github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
90	+	github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
91	+	github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
92	+	github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
93	+	github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
94	+	github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
95	+	github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
96	+	github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
97	+	github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
98	+	github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
99	+	github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo=
100	+	github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
101	+	github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
102	+	github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
103	+	github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY=
104	+	github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
105	+	github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
106	+	github.com/xdg-go/scram v1.0.2 h1:akYIkZ28e6A96dkWNJQu3nmCzH3YfwMPQExUYDaRv7w=
107	+	github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs=
108	+	github.com/xdg-go/stringprep v1.0.2 h1:6iq84/ryjjeRmMJwxutI51F2GIPlP5BfTvXHeYjyhBc=
109	+	github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM=
110	+	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA=
111	+	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
112	+	go.mongodb.org/mongo-driver v1.9.0 h1:f3aLGJvQmBl8d9S40IL+jEyBC6hfLPbJjv9t5hEM9ck=
113	+	go.mongodb.org/mongo-driver v1.9.0/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY=
114	+	golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
115	+	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
116	+	golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f h1:aZp0e2vLN4MToVqnjNEYEtrEA8RH8U8FN1CU7JgqsPU=
117	+	golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
118	+	golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
119	+	golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
120	+	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 h1:kUhD7nTDoI3fVd9G4ORWrbV5NY0liEs/Jg2pv5f+bBA=
121	+	golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
122	+	golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
123	+	golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
124	+	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
125	+	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
126	+	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
127	+	golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
128	+	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
129	+	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
130	+	golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
131	+	golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
132	+	golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
133	+	golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
134	+	golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
135	+	golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
136	+	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
137	+	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
138	+	golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
139	+	golang.org/x/sys v0.0.0-20220412211240-33da011f77ad h1:ntjMns5wyP/fN65tdBD4g8J5w8n015+iIIs9rtjXkY0=
140	+	golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
141	+	golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
142	+	golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
143	+	golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
144	+	golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
145	+	golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
146	+	golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
147	+	golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
148	+	golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
149	+	golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
150	+	golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
151	+	golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
152	+	golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
153	+	golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
154	+	golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
155	+	golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
156	+	golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
157	+	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
158	+	google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
159	+	google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
160	+	google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
161	+	google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
162	+	gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
163	+	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
164	+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
165	+	gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
166	+	gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
167	+	gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
168	+	gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
169	+	gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
170	+	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
171	+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
172	+	gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
173	+	gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
174	+

■ ■ ■ ■ ■ ■

API/lib/db/db.go

1	+	package siriusDB
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"fmt"
7	+	"log"
8	+	_ "os"
9	+	_ "os/exec"
10	+	_ "strings"
11	+
12	+	"context"
13	+	"reflect"
14	+	"time"
15	+
16	+	"go.mongodb.org/mongo-driver/bson"
17	+	"go.mongodb.org/mongo-driver/mongo"
18	+	"go.mongodb.org/mongo-driver/mongo/options"
19	+	//Internal Libraries
20	+	//3rd Party Dependencies
21	+	)
22	+
23	+	type SVDBEntry struct {
24	+	CVEDataFormat string
25	+	CVEDataType string
26	+	CVEDataVersion string
27	+	CVEDataNumberOfCVEs string
28	+	CVEDataTimestamp string
29	+	CVEItems []CVEItem
30	+	CVEDataMeta CVEDataMeta
31	+	Description Description
32	+	CPE Node
33	+	CVSSV3 CVSSV3
34	+	References []string
35	+	Tags []string
36	+	}
37	+
38	+	type SVDBHost struct {
39	+	OS string `json:"os"`
40	+	OSVersion string `json:"osversion"`
41	+	IP string `json:"ip"`
42	+	Hostname string `json:"hostname"`
43	+	Services []Service
44	+	CVE []string
45	+	CPE []string `json:"cpe"`
46	+	Agent SiriusAgent
47	+	}
48	+	type SiriusAgent struct {
49	+	AgentId string
50	+	HostKey string
51	+	IP string
52	+	OS string
53	+	Tasks []Task
54	+	}
55	+	type TaskResponse struct {
56	+	AgentId string
57	+	IP string
58	+	Task Task
59	+	}
60	+	type Task struct {
61	+	ID string
62	+	Type string
63	+	Command string
64	+	Result string
65	+	Status string
66	+	Date time.Time
67	+	}
68	+	type Service struct {
69	+	Port int `json:"port"`
70	+	Product string `json:"product"`
71	+	Version string `json:"version"`
72	+	CPE string `json:"cpe"`
73	+	}
74	+	type TerminalHistory struct {
75	+	Id string
76	+	IP string
77	+	Command string
78	+	Result string
79	+	Status string
80	+	Date time.Time
81	+	}
82	+	type Finding struct {
83	+	CVE CVE
84	+	SVDBID string
85	+	}
86	+	type FindingRequest struct {
87	+	CVE []string
88	+	SVDBID string
89	+	}
90	+	type CVEFinding struct {
91	+	CVEDataType string `json:"cvedatatype"`
92	+	CVEDataFormat string `json:"cvedataformat"`
93	+	CVEDataVersion string `json:"cvedataversion"`
94	+	CVEDataNumberOfCVEs *string `json:"cvedatanumberofcves,omitempty"`
95	+	CVEDataTimestamp string `json:"cvedatatimestamp"`
96	+	CVEDataMeta CVEDataMeta
97	+	Description Description `json:"description"`
98	+	}
99	+
100	+	func newHost(client *mongo.Client, host SVDBHost) string {
101	+	hostCollection := client.Database("Sirius").Collection("Hosts")
102	+	//log.Println(hostCollection)
103	+
104	+	fmt.Println(host)
105	+
106	+	result, err := hostCollection.InsertOne(context.TODO(), host)
107	+	// check for errors in the insertion
108	+	if err != nil {
109	+	panic(err)
110	+	}
111	+	// display the id of the newly inserted object
112	+	fmt.Println(result.InsertedID)
113	+	return "result"
114	+	}
115	+	func AddVuln(vuln SVDBEntry) {
116	+	log.Println("Updating Sirius General Purpose Vulnerability Database...")
117	+
118	+	//DB Connection
119	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
120	+	if err != nil {
121	+	log.Fatal(err)
122	+	}
123	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
124	+	err = client.Connect(ctx)
125	+	if err != nil {
126	+	log.Fatal(err)
127	+	}
128	+	defer client.Disconnect(ctx)
129	+
130	+	//Perform DB Operations
131	+	fmt.Println(reflect.TypeOf(client))
132	+
133	+	newVuln(client, vuln)
134	+
135	+	log.Println("Success: Operation completed successfully")
136	+	}
137	+	func newVuln(client *mongo.Client, vuln SVDBEntry) string {
138	+	vulnCollection := client.Database("Sirius").Collection("Vulnerabilities")
139	+	//log.Println(vulnCollection)
140	+
141	+	fmt.Println(vuln)
142	+
143	+	result, err := vulnCollection.InsertOne(context.TODO(), vuln)
144	+	// check for errors in the insertion
145	+	if err != nil {
146	+	panic(err)
147	+	}
148	+	// display the id of the newly inserted object
149	+	fmt.Println(result.InsertedID)
150	+
151	+	return "result"
152	+	}
153	+
154	+	type Host struct {
155	+	Name string
156	+	IP string
157	+	OS string
158	+	}
159	+
160	+	func DatabaseConnect() *mongo.Client {
161	+	//DB Connection
162	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
163	+	if err != nil {
164	+	log.Fatal(err)
165	+	}
166	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
167	+	err = client.Connect(ctx)
168	+	if err != nil {
169	+	log.Fatal(err)
170	+	}
171	+	defer client.Disconnect(ctx)
172	+	return client
173	+	}
174	+
175	+	func GetHosts() []SVDBHost {
176	+	//DB Connection
177	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
178	+	if err != nil {
179	+	log.Fatal(err)
180	+	}
181	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
182	+	err = client.Connect(ctx)
183	+	if err != nil {
184	+	log.Fatal(err)
185	+	}
186	+	defer client.Disconnect(ctx)
187	+
188	+	//Perform DB Operations
189	+	results := listHosts(client)
190	+	return results
191	+	}
192	+
193	+	func GetFinding(request FindingRequest) []SVDBEntry {
194	+	//DB Connection
195	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
196	+	if err != nil {
197	+	log.Fatal(err)
198	+	}
199	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
200	+	err = client.Connect(ctx)
201	+	if err != nil {
202	+	log.Fatal(err)
203	+	}
204	+
205	+	vulnCollection := client.Database("Sirius").Collection("Vulnerabilities")
206	+	var findingList []SVDBEntry
207	+
208	+	for i := 0; i < len(request.CVE); i++ {
209	+	var finding SVDBEntry
210	+	err = vulnCollection.FindOne(context.TODO(), bson.M{"cvedatameta.id": request.CVE[i]}).Decode(&finding)
211	+	if err != nil {
212	+	if err == mongo.ErrNoDocuments {
213	+	// This error means your query did not match any documents.
214	+	fmt.Println("Unknown Vulnerability: " + request.CVE[i])
215	+	}
216	+	} else {
217	+	findingList = append(findingList, finding)
218	+	}
219	+	}
220	+
221	+	fmt.Println(findingList)
222	+	return findingList
223	+	}
224	+
225	+	func listHosts(client *mongo.Client) []SVDBHost {
226	+	client, err := mongo.Connect(context.TODO())
227	+	hostCollection := client.Database("Sirius").Collection("Hosts")
228	+
229	+	var host SVDBHost
230	+	var result []SVDBHost
231	+	filter := bson.D{}
232	+
233	+	cursor, err := hostCollection.Find(context.TODO(), filter)
234	+	if err == mongo.ErrNoDocuments {
235	+	// Do something when no record was found
236	+	fmt.Println("record does not exist")
237	+	} else if err != nil {
238	+	log.Fatal(err)
239	+	}
240	+
241	+	for cursor.Next(context.TODO()) {
242	+	//var result bson.D
243	+	if err := cursor.Decode(&host); err != nil {
244	+	log.Fatal(err)
245	+	}
246	+
247	+	//fmt.Println(host.IP)
248	+	result = append(result, host)
249	+	}
250	+	if err := cursor.Err(); err != nil {
251	+	log.Fatal(err)
252	+	}
253	+
254	+	defer cursor.Close(context.TODO())
255	+
256	+	return result
257	+	}
258	+
259	+	func AddHost(host SVDBHost) {
260	+	log.Println(host)
261	+
262	+	//DB Connection
263	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
264	+	if err != nil {
265	+	log.Fatal(err)
266	+	}
267	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
268	+	err = client.Connect(ctx)
269	+	if err != nil {
270	+	log.Fatal(err)
271	+	}
272	+	defer client.Disconnect(ctx)
273	+
274	+	//Perform DB Operations
275	+	fmt.Println(reflect.TypeOf(client))
276	+	newHost(client, host)
277	+
278	+	log.Println("Success: Operation completed successfully")
279	+	}
280	+
281	+	func NewReport(vuln SVDBEntry) {
282	+	log.Println("Got host update report")
283	+
284	+	//DB Connection
285	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
286	+	if err != nil {
287	+	log.Fatal(err)
288	+	}
289	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
290	+	err = client.Connect(ctx)
291	+	if err != nil {
292	+	log.Fatal(err)
293	+	}
294	+	defer client.Disconnect(ctx)
295	+
296	+	//Perform DB Operations
297	+	//fmt.Println(reflect.TypeOf(client))
298	+
299	+	log.Println("Success: Operation completed successfully")
300	+	}
301	+
302	+	//Add CVE API Endpoint?
303	+	func NewCVE(host string, cve string) {
304	+	//DB Connection
305	+	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
306	+	if err != nil {
307	+	log.Fatal(err)
308	+	}
309	+	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
310	+	err = client.Connect(ctx)
311	+	if err != nil {
312	+	log.Fatal(err)
313	+	}
314	+	defer client.Disconnect(ctx)
315	+
316	+	//Perform DB Operations
317	+	hostCollection := client.Database("Sirius").Collection("Hosts")
318	+
319	+	var result SVDBHost
320	+	err = hostCollection.FindOne(context.TODO(), bson.D{{"ip", host}}).Decode(&result)
321	+	if err != nil {
322	+	if err == mongo.ErrNoDocuments {
323	+	// This error means your query did not match any documents.
324	+	return
325	+	}
326	+	panic(err)
327	+	}
328	+	cveList := append(result.CVE, cve)
329	+
330	+	//Update CVE Listing
331	+	res, err := hostCollection.UpdateOne(
332	+	ctx,
333	+	bson.M{"ip": host},
334	+	bson.D{
335	+	{"$set", bson.D{{"CVE", cveList}}},
336	+	},
337	+	)
338	+	if err != nil {
339	+	log.Fatal(err)
340	+	}
341	+	fmt.Printf("Updated %v Documents!\n", res.ModifiedCount)
342	+	}
343	+
344	+	type (
345	+	CVEResponse struct {
346	+	ResultsPerPage int `json:"resultsPerPage"`
347	+	StartIndex int `json:"startIndex"`
348	+	TotalResults int `json:"totalResults"`
349	+	Result CVEResult `json:"result"`
350	+	}
351	+
352	+	CVEResult struct {
353	+	CVEDataType string `json:"CVE_data_type"`
354	+	CVEDataFormat string `json:"CVE_data_format"`
355	+	CVEDataVersion string `json:"CVE_data_version"`
356	+	CVEDataNumberOfCVEs *string `json:"CVE_data_numberOfCVEs,omitempty"`
357	+	CVEDataTimestamp string `json:"CVE_data_timestamp"`
358	+	CVEItems *[]CVEItem `json:"CVE_Items,omitempty"`
359	+	}
360	+
361	+	// CVEITEM defines a vulnerability in the NVD data feed as defined
362	+	// in the NIST API schema.
363	+	CVEItem struct {
364	+	CVE CVE `json:"cve"`
365	+	Configurations Configurations `json:"configurations,omitempty"`
366	+	Impact *Impact `json:"impact,omitempty"`
367	+	PublishedDate *string `json:"publishedDate,omitempty"`
368	+	LastModifiedDate *string `json:"lastModifiedDate,omitempty"`
369	+	}
370	+
371	+	// CVE as defined in the NIST API schema.
372	+	CVE struct {
373	+	DataType string `json:"data_type"`
374	+	DataFormat string `json:"data_format"`
375	+	DataVersion string `json:"data_version"`
376	+	CVEDataMeta CVEDataMeta `json:"cve_data_meta"`
377	+	Affects *Affects `json:"affects,omitempty"`
378	+	ProblemType ProblemType `json:"problemtype"`
379	+	References References `json:"references"`
380	+	Description Description `json:"description"`
381	+	}
382	+
383	+	CVEDataMeta struct {
384	+	ID string `json:"ID"`
385	+	ASSIGNER string `json:"ASSIGNER"`
386	+	STATE *string `json:"STATE,omitempty"`
387	+	}
388	+
389	+	Affects struct {
390	+	Vendor Vendor `json:"vendor"`
391	+	}
392	+
393	+	Vendor struct {
394	+	// VendorData has a minimum of 0 items according to the
395	+	// NIST API schema.
396	+	VendorData []VendorData `json:""`
397	+	}
398	+
399	+	VendorData struct {
400	+	VendorName string `json:"vendor_name"`
401	+	Product VendorProduct `json:"product"`
402	+	}
403	+
404	+	VendorProduct struct {
405	+	// ProductData has a minimum of 1 item according to the
406	+	// NIST API schema.
407	+	ProductData []Product `json:"product_data"`
408	+	}
409	+
410	+	ProblemType struct {
411	+	// ProblemTypeData has a minimum of 0 items according to the
412	+	// NIST API schema.
413	+	ProblemTypeData []ProblemTypeData `json:"problemtype_data"`
414	+	}
415	+
416	+	ProblemTypeData struct {
417	+	// Description has a minimum of 0 items according to the
418	+	// NIST API schema.
419	+	Description []LangString `json:"description"`
420	+	}
421	+
422	+	References struct {
423	+	// ReferenceData has a minimum of 0 and a maximum of 500
424	+	// items according to the NIST API schema.
425	+	ReferenceData []CVEReference `json:"reference_data"`
426	+	}
427	+
428	+	Description struct {
429	+	// DescriptionData has a minimum of 0 items according to
430	+	// the NIST API schema.
431	+	DescriptionData []LangString `json:"description_data"`
432	+	}
433	+
434	+	Product struct {
435	+	ProductName string `json:"product_name"`
436	+	Version Version `json:"version"`
437	+	}
438	+
439	+	Version struct {
440	+	// VersionData has a minimum of 1 item according to the
441	+	// NIST API schema.
442	+	VersionData []VersionData `json:"version_data"`
443	+	}
444	+
445	+	VersionData struct {
446	+	VersionValue string `json:"version_value"`
447	+	VersionAffected *string `json:"version_affected,omitempty"`
448	+	}
449	+
450	+	CVEReference struct {
451	+	// URL has a maximum length of 500 characters according to the
452	+	// NIST API schema.
453	+	URL string `json:"url"`
454	+	Name *string `json:"name,omitempty"`
455	+	Refsource *string `json:"refsource,omitempty"`
456	+	Tags *[]string `json:"tags,omitempty"`
457	+	}
458	+
459	+	LangString struct {
460	+	Lang string `json:"lang"`
461	+	// Value has a maximum length of 3999 characters according to the
462	+	// NIST API schema.
463	+	Value string `json:"value"`
464	+	}
465	+
466	+	// Configurations defines the set of product configurations for a
467	+	// NVD applicability statement as defined in the NIST API schema.
468	+	Configurations struct {
469	+	CVEDataVersion string `json:"CVE_data_version"`
470	+	Nodes []Node `json:"nodes,omitempty"`
471	+	}
472	+
473	+	// Node is a node or sub-node in an NVD applicability statement
474	+	// as defined in the NIST API schema.
475	+	Node struct {
476	+	Operator string `json:"operator,omitempty"`
477	+	Negate bool `json:"negate,omitempty"`
478	+	Children []Node `json:"children,omitempty"`
479	+	CPEMatch []CPEMatch `json:"cpe_match,omitempty"`
480	+	}
481	+
482	+	// CPEMatch is the CPE Match string or range as defined in the
483	+	// NIST API schema.
484	+	CPEMatch struct {
485	+	Vulnerable bool `json:"vulnerable"`
486	+	CPE22URI string `json:"cpe22Uri,omitempty"`
487	+	CPE23URI string `json:"cpe23Uri"`
488	+	VersionStartExcluding string `json:"versionStartExcluding,omitempty"`
489	+	VersionStartIncluding string `json:"versionStartIncluding,omitempty"`
490	+	VersionEndExcluding string `json:"versionEndExcluding,omitempty"`
491	+	VersionEndIncluding string `json:"versionEndIncluding,omitempty"`
492	+	CPEName []CVECPEName `json:"cpe_name,omitempty"`
493	+	}
494	+
495	+	// CPEName is the CPE name as defined in the NIST API schema.
496	+	CVECPEName struct {
497	+	CPE22URI string `json:"cpe22Uri,omitempty"`
498	+	CPE23URI string `json:"cpe23Uri"`
499	+	LastModifiedDate string `json:"lastModifiedDate,omitempty"`
500	+	}
501	+
502	+	// Impact scores for a vulnerability as found on NVD as defined
503	+	// in the NIST API schema.
504	+	Impact struct {
505	+	BaseMetricV3 BaseMetricV3 `json:"baseMetricV3,omitempty"`
506	+	BaseMetricV2 BaseMetricV2 `json:"baseMetricV2,omitempty"`
507	+	}
508	+
509	+	// BaseMetricV3 is the CVSS V3.x score as defined in the NIST API
510	+	// schema.
511	+	BaseMetricV3 struct {
512	+	CVSSV3 CVSSV3 `json:"cvssV3,omitempty"`
513	+	ExploitabilityScore float64 `json:"exploitabilityScore,omitempty"`
514	+	ImpactScore float64 `json:"impactScore,omitempty"`
515	+	}
516	+
517	+	CVSSV3 struct {
518	+	// Version should be implemented using an enum
519	+	Version string `json:"version"`
520	+	VectorString string `json:"vectorString"`
521	+	AttackVector string `json:"attackVector,omitempty"`
522	+	AttackComplexity string `json:"attackComplexity,omitempty"`
523	+	PrivilegesRequired string `json:"privilegesRequired,omitempty"`
524	+	UserInteraction string `json:"userInteraction,omitempty"`
525	+	Scope string `json:"scope,omitempty"`
526	+	ConfidentialityImpact string `json:"confidentialityImpact,omitempty"`
527	+	IntegrityImpact string `json:"integrityImpact,omitempty"`
528	+	AvailabilityImpact string `json:"availabilityImpact,omitempty"`
529	+	BaseScore float64 `json:"baseScore"`
530	+	BaseSeverity string `json:"baseSeverity"`
531	+	ExploitCodeMaturity string `json:"exploitCodeMaturity,omitempty"`
532	+	RemediationLevel string `json:"remediationLevel,omitempty"`
533	+	ReportConfidence string `json:"reportConfidence,omitempty"`
534	+	TemporalScore float64 `json:"temporalScore,omitempty"`
535	+	TemporalSeverity string `json:"temporalSeverity,omitempty"`
536	+	ConfidentialityRequirement string `json:"confidentialityRequirement,omitempty"`
537	+	IntegrityRequirement string `json:"integrityRequirement,omitempty"`
538	+	AvailabilityRequirement string `json:"availabilityRequirement,omitempty"`
539	+	ModifiedAttackVector string `json:"modifiedAttackVector,omitempty"`
540	+	ModifiedAttackComplexity string `json:"modifiedAttackComplexity,omitempty"`
541	+	ModifiedPrivilegesRequired string `json:"modifiedPrivilegesRequired,omitempty"`
542	+	ModifiedUserInteraction string `json:"modifiedUserInteraction,omitempty"`
543	+	ModifiedScope string `json:"modifiedScope,omitempty"`
544	+	ModifiedConfidentialityImpact string `json:"modifiedConfidentialityImpact,omitempty"`
545	+	ModifiedIntegrityImpact string `json:"modifiedIntegrityImpact,omitempty"`
546	+	ModifiedAvailabilityImpact string `json:"modifiedAvailabilityImpact,omitempty"`
547	+	EnvironmentalScore float64 `json:"environmentalScore,omitempty"`
548	+	EnvironmentalSeverity string `json:"environmentalSeverity,omitempty"`
549	+	}
550	+
551	+	// BaseMetricV2 is the CVSS V2.0 score as defined in the NIST API
552	+	// schema.
553	+	BaseMetricV2 struct {
554	+	CVSSV2 CVSSV2 `json:"cvssV2,omitempty"`
555	+	Severity string `json:"severity,omitempty"`
556	+	ExploitabilityScore float64 `json:"exploitabilityScore,omitempty"`
557	+	ImpactScore float64 `json:"impactScore,omitempty"`
558	+	AcInsufInfo bool `json:"acInsufInfo,omitempty"`
559	+	ObtainAllPrivilege bool `json:"obtainAllPrivilege,omitempty"`
560	+	ObtainUserPrivilege bool `json:"obtainUserPrivilege,omitempty"`
561	+	ObtainOtherPrivilege bool `json:"obtainOtherPrivilege,omitempty"`
562	+	UserInteractionRequired bool `json:"userInteractionRequired,omitempty"`
563	+	}
564	+
565	+	CVSSV2 struct {
566	+	Version string `json:"version"`
567	+	VectorString string `json:"vectorString"`
568	+	AccessVector string `json:"accessVector,omitempty"`
569	+	AccessComplexity string `json:"accessComplexity,omitempty"`
570	+	Authentication string `json:"authentication,omitempty"`
571	+	ConfidentialityImpact string `json:"confidentialityImpact,omitempty"`
572	+	IntegrityImpact string `json:"integrityImpact,omitempty"`
573	+	AvailabilityImpact string `json:"availabilityImpact,omitempty"`
574	+	BaseScore float64 `json:"baseScore"`
575	+	Exploitability string `json:"exploitability,omitempty"`
576	+	RemediationLevel string `json:"remediationLevel,omitempty"`
577	+	ReportConfidence string `json:"reportConfidence,omitempty"`
578	+	TemporalScore float64 `json:"temporalScore,omitempty"`
579	+	CollateralDamagePotential string `json:"collateralDamagePotential,omitempty"`
580	+	TargetDistribution string `json:"targetDistribution,omitempty"`
581	+	ConfidentialityRequirement string `json:"confidentialityRequirement,omitempty"`
582	+	IntegrityRequirement string `json:"integrityRequirement,omitempty"`
583	+	AvailabilityRequirement string `json:"availabilityRequirement,omitempty"`
584	+	EnvironmentalScore float64 `json:"environmentalScore,omitempty"`
585	+	}
586	+
587	+	CPEResponse struct {
588	+	ResultsPerPage int `json:"resultsPerPage"`
589	+	StartIndex int `json:"startIndex"`
590	+	TotalResults int `json:"totalResults"`
591	+	Result CPEResult `json:"result"`
592	+	}
593	+
594	+	CPEResult struct {
595	+	DataType string `json:"dataType"`
596	+	FeedVersion string `json:"feedVersion"`
597	+	// Number of CPE in this feed
598	+	CPECount int `json:"cpeCount"`
599	+	// Timestamp indicates when feed was generated
600	+	FeedTimestamp *string `json:"feedTimestamp,omitempty"`
601	+	CPEs []CPEName `json:"cpes"`
602	+	}
603	+
604	+	// CPE name
605	+	CPEName struct {
606	+	CPE23URI string `json:"cpe23Uri"`
607	+	LastModifiedDate string `json:"lastModifiedDate"`
608	+	Deprecated bool `json:"deprecated,omitempty"`
609	+	DeprecatedBy []string `json:"deprecatedBy,omitempty"`
610	+	Titles []Title `json:"titles,omitempty"`
611	+	Refs []CPEReference `json:"refs,omitempty"`
612	+	Vulnerabilities []string `json:"vulnerabilities,omitempty"`
613	+	}
614	+
615	+	// Human readable title for CPE
616	+	Title struct {
617	+	Title string `json:"title"`
618	+	Lang string `json:"lang"`
619	+	}
620	+
621	+	// Internet resource for CPE
622	+	CPEReference struct {
623	+	Ref string `json:"ref"`
624	+	Type CPEReferenceType `json:"type,omitempty"`
625	+	}
626	+
627	+	CPEReferenceType string
628	+	)
629	+
630	+	var (
631	+	ADVISORY CPEReferenceType = "Advisory"
632	+	CHANGE_LOG CPEReferenceType = "Change Log"
633	+	PRODUCT CPEReferenceType = "Product"
634	+	PROJECT CPEReferenceType = "Project"
635	+	VENDOR CPEReferenceType = "Vendor"
636	+	VERSION CPEReferenceType = "Version"
637	+	)
638	+

■ ■ ■ ■ ■ ■

API/lib/nvd/nvd-schema.go

1	+	package nvd
2	+
3	+	type (
4	+	CVEResponse struct {
5	+	ResultsPerPage int `json:"resultsPerPage"`
6	+	StartIndex int `json:"startIndex"`
7	+	TotalResults int `json:"totalResults"`
8	+	Result CVEResult `json:"result"`
9	+	}
10	+
11	+	CVEResult struct {
12	+	CVEDataType string `json:"CVE_data_type"`
13	+	CVEDataFormat string `json:"CVE_data_format"`
14	+	CVEDataVersion string `json:"CVE_data_version"`
15	+	CVEDataNumberOfCVEs *string `json:"CVE_data_numberOfCVEs,omitempty"`
16	+	CVEDataTimestamp string `json:"CVE_data_timestamp"`
17	+	CVEItems *[]CVEItem `json:"CVE_Items,omitempty"`
18	+	}
19	+
20	+	// CVEITEM defines a vulnerability in the NVD data feed as defined
21	+	// in the NIST API schema.
22	+	CVEItem struct {
23	+	CVE CVE `json:"cve"`
24	+	Configurations *Configurations `json:"configurations,omitempty"`
25	+	Impact *Impact `json:"impact,omitempty"`
26	+	PublishedDate *string `json:"publishedDate,omitempty"`
27	+	LastModifiedDate *string `json:"lastModifiedDate,omitempty"`
28	+	}
29	+
30	+	// CVE as defined in the NIST API schema.
31	+	CVE struct {
32	+	DataType string `json:"data_type"`
33	+	DataFormat string `json:"data_format"`
34	+	DataVersion string `json:"data_version"`
35	+	CVEDataMeta CVEDataMeta `json:"CVE_data_meta"`
36	+	Affects *Affects `json:"affects,omitempty"`
37	+	ProblemType ProblemType `json:"problemtype"`
38	+	References References `json:"references"`
39	+	Description Description `json:"description"`
40	+	}
41	+
42	+	CVEDataMeta struct {
43	+	ID string `json:"ID"`
44	+	ASSIGNER string `json:"ASSIGNER"`
45	+	STATE *string `json:"STATE,omitempty"`
46	+	}
47	+
48	+	Affects struct {
49	+	Vendor Vendor `json:"vendor"`
50	+	}
51	+
52	+	Vendor struct {
53	+	// VendorData has a minimum of 0 items according to the
54	+	// NIST API schema.
55	+	VendorData []VendorData `json:""`
56	+	}
57	+
58	+	VendorData struct {
59	+	VendorName string `json:"vendor_name"`
60	+	Product VendorProduct `json:"product"`
61	+	}
62	+
63	+	VendorProduct struct {
64	+	// ProductData has a minimum of 1 item according to the
65	+	// NIST API schema.
66	+	ProductData []Product `json:"product_data"`
67	+	}
68	+
69	+	ProblemType struct {
70	+	// ProblemTypeData has a minimum of 0 items according to the
71	+	// NIST API schema.
72	+	ProblemTypeData []ProblemTypeData `json:"problemtype_data"`
73	+	}
74	+
75	+	ProblemTypeData struct {
76	+	// Description has a minimum of 0 items according to the
77	+	// NIST API schema.
78	+	Description []LangString `json:"description"`
79	+	}
80	+
81	+	References struct {
82	+	// ReferenceData has a minimum of 0 and a maximum of 500
83	+	// items according to the NIST API schema.
84	+	ReferenceData []CVEReference `json:"reference_data"`
85	+	}
86	+
87	+	Description struct {
88	+	// DescriptionData has a minimum of 0 items according to
89	+	// the NIST API schema.
90	+	DescriptionData []LangString `json:"description_data"`
91	+	}
92	+
93	+	Product struct {
94	+	ProductName string `json:"product_name"`
95	+	Version Version `json:"version"`
96	+	}
97	+
98	+	Version struct {
99	+	// VersionData has a minimum of 1 item according to the
100	+	// NIST API schema.
101	+	VersionData []VersionData `json:"version_data"`
102	+	}
103	+
104	+	VersionData struct {
105	+	VersionValue string `json:"version_value"`
106	+	VersionAffected *string `json:"version_affected,omitempty"`
107	+	}
108	+
109	+	CVEReference struct {
110	+	// URL has a maximum length of 500 characters according to the
111	+	// NIST API schema.
112	+	URL string `json:"url"`
113	+	Name *string `json:"name,omitempty"`
114	+	Refsource *string `json:"refsource,omitempty"`
115	+	Tags *[]string `json:"tags,omitempty"`
116	+	}
117	+
118	+	LangString struct {
119	+	Lang string `json:"lang"`
120	+	// Value has a maximum length of 3999 characters according to the
121	+	// NIST API schema.
122	+	Value string `json:"value"`
123	+	}
124	+
125	+	// Configurations defines the set of product configurations for a
126	+	// NVD applicability statement as defined in the NIST API schema.
127	+	Configurations struct {
128	+	CVEDataVersion string `json:"CVE_data_version"`
129	+	Nodes *[]Node `json:"nodes,omitempty"`
130	+	}
131	+
132	+	// Node is a node or sub-node in an NVD applicability statement
133	+	// as defined in the NIST API schema.
134	+	Node struct {
135	+	Operator *string `json:"operator,omitempty"`
136	+	Negate *bool `json:"negate,omitempty"`
137	+	Children *[]Node `json:"children,omitempty"`
138	+	CPEMatch *[]CPEMatch `json:"cpe_match,omitempty"`
139	+	}
140	+
141	+	// CPEMatch is the CPE Match string or range as defined in the
142	+	// NIST API schema.
143	+	CPEMatch struct {
144	+	Vulnerable bool `json:"vulnerable"`
145	+	CPE22URI *string `json:"cpe22Uri,omitempty"`
146	+	CPE23URI string `json:"cpe23Uri"`
147	+	VersionStartExcluding *string `json:"versionStartExcluding,omitempty"`
148	+	VersionStartIncluding *string `json:"versionStartIncluding,omitempty"`
149	+	VersionEndExcluding *string `json:"versionEndExcluding,omitempty"`
150	+	VersionEndIncluding *string `json:"versionEndIncluding,omitempty"`
151	+	CPEName *[]CVECPEName `json:"cpe_name,omitempty"`
152	+	}
153	+
154	+	// CPEName is the CPE name as defined in the NIST API schema.
155	+	CVECPEName struct {
156	+	CPE22URI *string `json:"cpe22Uri,omitempty"`
157	+	CPE23URI string `json:"cpe23Uri"`
158	+	LastModifiedDate *string `json:"lastModifiedDate,omitempty"`
159	+	}
160	+
161	+	// Impact scores for a vulnerability as found on NVD as defined
162	+	// in the NIST API schema.
163	+	Impact struct {
164	+	BaseMetricV3 *BaseMetricV3 `json:"baseMetricV3,omitempty"`
165	+	BaseMetricV2 *BaseMetricV2 `json:"baseMetricV2,omitempty"`
166	+	}
167	+
168	+	// BaseMetricV3 is the CVSS V3.x score as defined in the NIST API
169	+	// schema.
170	+	BaseMetricV3 struct {
171	+	CVSSV3 *CVSSV3 `json:"cvssV3,omitempty"`
172	+	ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"`
173	+	ImpactScore *float64 `json:"impactScore,omitempty"`
174	+	}
175	+
176	+	CVSSV3 struct {
177	+	// Version should be implemented using an enum
178	+	Version string `json:"version"`
179	+	VectorString string `json:"vectorString"`
180	+	AttackVector *string `json:"attackVector,omitempty"`
181	+	AttackComplexity *string `json:"attackComplexity,omitempty"`
182	+	PrivilegesRequired *string `json:"privilegesRequired,omitempty"`
183	+	UserInteraction *string `json:"userInteraction,omitempty"`
184	+	Scope *string `json:"scope,omitempty"`
185	+	ConfidentialityImpact *string `json:"confidentialityImpact,omitempty"`
186	+	IntegrityImpact *string `json:"integrityImpact,omitempty"`
187	+	AvailabilityImpact *string `json:"availabilityImpact,omitempty"`
188	+	BaseScore float64 `json:"baseScore"`
189	+	BaseSeverity string `json:"baseSeverity"`
190	+	ExploitCodeMaturity *string `json:"exploitCodeMaturity,omitempty"`
191	+	RemediationLevel *string `json:"remediationLevel,omitempty"`
192	+	ReportConfidence *string `json:"reportConfidence,omitempty"`
193	+	TemporalScore *float64 `json:"temporalScore,omitempty"`
194	+	TemporalSeverity *string `json:"temporalSeverity,omitempty"`
195	+	ConfidentialityRequirement *string `json:"confidentialityRequirement,omitempty"`
196	+	IntegrityRequirement *string `json:"integrityRequirement,omitempty"`
197	+	AvailabilityRequirement *string `json:"availabilityRequirement,omitempty"`
198	+	ModifiedAttackVector *string `json:"modifiedAttackVector,omitempty"`
199	+	ModifiedAttackComplexity *string `json:"modifiedAttackComplexity,omitempty"`
200	+	ModifiedPrivilegesRequired *string `json:"modifiedPrivilegesRequired,omitempty"`
201	+	ModifiedUserInteraction *string `json:"modifiedUserInteraction,omitempty"`
202	+	ModifiedScope *string `json:"modifiedScope,omitempty"`
203	+	ModifiedConfidentialityImpact *string `json:"modifiedConfidentialityImpact,omitempty"`
204	+	ModifiedIntegrityImpact *string `json:"modifiedIntegrityImpact,omitempty"`
205	+	ModifiedAvailabilityImpact *string `json:"modifiedAvailabilityImpact,omitempty"`
206	+	EnvironmentalScore *float64 `json:"environmentalScore,omitempty"`
207	+	EnvironmentalSeverity *string `json:"environmentalSeverity,omitempty"`
208	+	}
209	+
210	+	// BaseMetricV2 is the CVSS V2.0 score as defined in the NIST API
211	+	// schema.
212	+	BaseMetricV2 struct {
213	+	CVSSV2 *CVSSV2 `json:"cvssV2,omitempty"`
214	+	Severity *string `json:"severity,omitempty"`
215	+	ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"`
216	+	ImpactScore *float64 `json:"impactScore,omitempty"`
217	+	AcInsufInfo *bool `json:"acInsufInfo,omitempty"`
218	+	ObtainAllPrivilege *bool `json:"obtainAllPrivilege,omitempty"`
219	+	ObtainUserPrivilege *bool `json:"obtainUserPrivilege,omitempty"`
220	+	ObtainOtherPrivilege *bool `json:"obtainOtherPrivilege,omitempty"`
221	+	UserInteractionRequired *bool `json:"userInteractionRequired,omitempty"`
222	+	}
223	+
224	+	CVSSV2 struct {
225	+	Version string `json:"version"`
226	+	VectorString string `json:"vectorString"`
227	+	AccessVector *string `json:"accessVector,omitempty"`
228	+	AccessComplexity *string `json:"accessComplexity,omitempty"`
229	+	Authentication *string `json:"authentication,omitempty"`
230	+	ConfidentialityImpact *string `json:"confidentialityImpact,omitempty"`
231	+	IntegrityImpact *string `json:"integrityImpact,omitempty"`
232	+	AvailabilityImpact *string `json:"availabilityImpact,omitempty"`
233	+	BaseScore float64 `json:"baseScore"`
234	+	Exploitability *string `json:"exploitability,omitempty"`
235	+	RemediationLevel *string `json:"remediationLevel,omitempty"`
236	+	ReportConfidence *string `json:"reportConfidence,omitempty"`
237	+	TemporalScore *float64 `json:"temporalScore,omitempty"`
238	+	CollateralDamagePotential *string `json:"collateralDamagePotential,omitempty"`
239	+	TargetDistribution *string `json:"targetDistribution,omitempty"`
240	+	ConfidentialityRequirement *string `json:"confidentialityRequirement,omitempty"`
241	+	IntegrityRequirement *string `json:"integrityRequirement,omitempty"`
242	+	AvailabilityRequirement *string `json:"availabilityRequirement,omitempty"`
243	+	EnvironmentalScore *float64 `json:"environmentalScore,omitempty"`
244	+	}
245	+
246	+	CPEResponse struct {
247	+	ResultsPerPage int `json:"resultsPerPage"`
248	+	StartIndex int `json:"startIndex"`
249	+	TotalResults int `json:"totalResults"`
250	+	Result CPEResult `json:"result"`
251	+	}
252	+
253	+	CPEResult struct {
254	+	DataType string `json:"dataType"`
255	+	FeedVersion string `json:"feedVersion"`
256	+	// Number of CPE in this feed
257	+	CPECount int `json:"cpeCount"`
258	+	// Timestamp indicates when feed was generated
259	+	FeedTimestamp *string `json:"feedTimestamp,omitempty"`
260	+	CPEs []CPEName `json:"cpes"`
261	+	}
262	+
263	+	// CPE name
264	+	CPEName struct {
265	+	CPE23URI string `json:"cpe23Uri"`
266	+	LastModifiedDate string `json:"lastModifiedDate"`
267	+	Deprecated *bool `json:"deprecated,omitempty"`
268	+	DeprecatedBy *[]string `json:"deprecatedBy,omitempty"`
269	+	Titles *[]Title `json:"titles,omitempty"`
270	+	Refs *[]CPEReference `json:"refs,omitempty"`
271	+	Vulnerabilities *[]string `json:"vulnerabilities,omitempty"`
272	+	}
273	+
274	+	// Human readable title for CPE
275	+	Title struct {
276	+	Title string `json:"title"`
277	+	Lang string `json:"lang"`
278	+	}
279	+
280	+	// Internet resource for CPE
281	+	CPEReference struct {
282	+	Ref string `json:"ref"`
283	+	Type *CPEReferenceType `json:"type,omitempty"`
284	+	}
285	+
286	+	CPEReferenceType string
287	+	)
288	+
289	+	var (
290	+	ADVISORY CPEReferenceType = "Advisory"
291	+	CHANGE_LOG CPEReferenceType = "Change Log"
292	+	PRODUCT CPEReferenceType = "Product"
293	+	PROJECT CPEReferenceType = "Project"
294	+	VENDOR CPEReferenceType = "Vendor"
295	+	VERSION CPEReferenceType = "Version"
296	+	)
297	+

■ ■ ■ ■ ■ ■

API/lib/utils/func.go

1	+	package siriusHelper
2	+
3	+	import (
4	+	"math/rand"
5	+	)
6	+
7	+	//Random string generation
8	+	func RandomString(n int) string {
9	+	var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
10	+
11	+	s := make([]rune, n)
12	+	for i := range s {
13	+	s[i] = letters[rand.Intn(len(letters))]
14	+	}
15	+	return string(s)
16	+	}
17	+
18	+	func ErrorCheck(e error) {
19	+	if e != nil {
20	+	panic(e)
21	+	}
22	+	}
23	+

■ ■ ■ ■ ■ ■

API/lib/utils/powershell/New-CPE.ps1

1	+	function New-CPE {
2	+	<#
3	+	.SYNOPSIS
4	+	This module will
5	+	Function: New-CPE
6	+	Author: Matthew Toussain (@0sm0s1z)
7	+	License: MIT
8	+	Required Dependencies: None
9	+	Optional Dependencies: None
10	+	.DESCRIPTION
11	+	This module will submit a specified CPE to a Sirius API endpoint.
12	+	.EXAMPLE
13	+	C:\PS> New-CPE -API localhost:8080 -HostIP "192.168.1.15" -CPE "cpe:2.3:a:mruby:mruby::::::::"
14	+	#>
15	+	Param
16	+	(
17	+	[Parameter(Position = 0, Mandatory = $True)]
18	+	[string]$API = "",
19	+	[Parameter(Position = 0, Mandatory = $True)]
20	+	[string]$HostIP = "",
21	+	[Parameter(Position = 0, Mandatory = $True)]
22	+	[string]$CPE = ""
23	+	)
24	+
25	+	$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
26	+	$headers.Add("Content-Type", "application/json")
27	+
28	+	$body = "{`n `"ip`":`"$HostIP`",`n `"CPE`": [`"$CPE`"]`n}"
29	+
30	+	$response = Invoke-RestMethod "http://$API/api/update/host" -Method 'POST' -Headers $headers -Body $body
31	+	$response \| ConvertTo-Json
32	+
33	+
34	+	}
35	+

■ ■ ■ ■ ■ ■

API/lib.go

1	+	package main
2	+
3	+	import (
4	+	"flag"
5	+	"fmt"
6	+	"io/ioutil"
7	+	"log"
8	+	"os"
9	+	//"reflect"
10	+
11	+	"github.com/lair-framework/go-nmap"
12	+	)
13	+
14	+	const (
15	+	version = "2.1.1"
16	+	tool = "nmap"
17	+	osWeight = 50
18	+	usage = `
19	+	Parses an nmap XML file into a lair project.
20	+	Usage:
21	+	drone-nmap [options] <id> <filename>
22	+	export LAIR_ID=<id>; drone-nmap [options] <filename>
23	+	Options:
24	+	-v show version and exit
25	+	-h show usage and exit
26	+	-k allow insecure SSL connections
27	+	-force-ports disable data protection in the API server for excessive ports
28	+	-limit-hosts only import hosts that have listening ports
29	+	-tags a comma separated list of tags to add to every host that is imported
30	+	`
31	+	)
32	+
33	+
34	+
35	+
36	+
37	+	func handleXML(run *nmap.NmapRun) (res string, err error) {
38	+
39	+	// CPE (Common Platform Enumeration) is a standardized way to name software
40	+
41	+	type Service struct {
42	+	ID string `json:"_id" bson:"_id"`
43	+	ProjectID string `json:"projectId" bson:"projectId"`
44	+	HostID string `json:"hostId" bson:"hostId"`
45	+	Port int `json:"port" bson:"port"`
46	+	Protocol string `json:"protocol" bson:"protocol"`
47	+	Service string `json:"service" bson:"service"`
48	+	Product string `json:"product" bson:"product"`
49	+	Status string `json:"status" bson:"status"`
50	+	IsFlagged bool `json:"isFlagged" bson:"isFlagged"`
51	+	LastModifiedBy string `json:"lastModifiedBy" bson:"lastModifiedBy"`
52	+	CPE []nmap.CPE `json:"cpe" bson:"cpe"`
53	+	}
54	+
55	+	type Host struct {
56	+	ID string `json:"_id" bson:"_id"`
57	+	ProjectID string `json:"projectId" bson:"projectId"`
58	+	LongIPv4Addr uint64 `json:"longIpv4Addr" bson:"longIpv4Addr"`
59	+	IPv4 string `json:"ipv4" bson:"ipv4"`
60	+	MAC string `json:"mac" bson:"mac"`
61	+	Hostnames []string `json:"hostnames" bson:"hostnames"`
62	+	StatusMessage string `json:"statusMessage" bson:"statusMessage"`
63	+	Tags []string `json:"tags" bson:"tags"`
64	+	Status string `json:"status" bson:"status"`
65	+	LastModifiedBy string `json:"lastModifiedBy" bson:"lastModifiedBy"`
66	+	IsFlagged bool `json:"isFlagged" bson:"isFlagged"`
67	+	Services []Service `json:"services"`
68	+	}
69	+
70	+	type Scan struct {
71	+	ID string `json:"_id" bson:"_id"`
72	+	Tool string `json:"tool"`
73	+	Hosts []Host `json:"hosts"`
74	+	}
75	+
76	+
77	+	// OS fingerprint for a host.
78	+	type OS struct {
79	+	Tool string `json:"tool" bson:"tool"`
80	+	Weight int `json:"weight" bson:"weight"`
81	+	Fingerprint string `json:"fingerprint" bson:"fingerprint"`
82	+	}
83	+
84	+	scan := new(Scan)
85	+
86	+
87	+	for _, h := range run.Hosts {
88	+	host := Host{ID: "1"}
89	+	if h.Status.State != "up" {
90	+	continue
91	+	}
92	+
93	+	for _, address := range h.Addresses {
94	+	switch {
95	+	case address.AddrType == "ipv4":
96	+	host.IPv4 = address.Addr
97	+	case address.AddrType == "mac":
98	+	host.MAC = address.Addr
99	+	}
100	+	}
101	+
102	+	for _, hostname := range h.Hostnames {
103	+	host.Hostnames = append(host.Hostnames, hostname.Name)
104	+	}
105	+
106	+	//Service Detection
107	+	for _, p := range h.Ports {
108	+	service := Service{}
109	+	service.Port = p.PortId
110	+	service.Protocol = p.Protocol
111	+
112	+	if p.State.State != "open" {
113	+	continue
114	+	}
115	+
116	+	if p.Service.Name != "" {
117	+	service.Service = p.Service.Name
118	+	service.Product = "Unknown"
119	+	if p.Service.Product != "" {
120	+	service.Product = p.Service.Product
121	+	if p.Service.Version != "" {
122	+	service.Product += " " + p.Service.Version
123	+	}
124	+	}
125	+
126	+	if p.Service.CPEs != nil {
127	+	service.CPE = p.Service.CPEs
128	+	}
129	+	}
130	+
131	+
132	+	host.Services = append(host.Services, service)
133	+	}
134	+
135	+
136	+	scan.Hosts = append(scan.Hosts, host)
137	+	fmt.Println(host.Services)
138	+	fmt.Println("===========")
139	+
140	+	}
141	+
142	+	return "asdf", nil
143	+	}
144	+
145	+
146	+	func main() {
147	+
148	+	showVersion := flag.Bool("v", false, "")
149	+
150	+	flag.Usage = func() {
151	+	fmt.Println(usage)
152	+	}
153	+	flag.Parse()
154	+	if *showVersion {
155	+	log.Println(version)
156	+	os.Exit(0)
157	+	}
158	+
159	+
160	+
161	+
162	+	data, err := ioutil.ReadFile("./testdata")
163	+	if err != nil {
164	+	log.Fatalf("Fatal: Could not open file. Error %s", err.Error())
165	+	}
166	+
167	+	nmapRun, err := nmap.Parse(data)
168	+	if err != nil {
169	+	log.Fatalf("Fatal: Error parsing nmap. Error %s", err.Error())
170	+	}
171	+	//xType := fmt.Sprintf("%T", nmapRun)
172	+	//fmt.Println(xType) // "[]int"
173	+	//fmt.Println(nmapRun)
174	+	scan, err := handleXML(nmapRun)
175	+	fmt.Println(scan)
176	+
177	+	//val := reflect.Indirect(reflect.ValueOf(&nmapRun))
178	+	//fmt.Println(val.Type().Field(0).Name)
179	+
180	+
181	+
182	+	log.Println("Success: Operation completed successfully")
183	+	}
184	+

API/main

Binary file.

■ ■ ■ ■ ■ ■

API/main.go

1	+	package main
2	+
3	+	import (
4	+	"fmt"
5	+	"os"
6	+
7	+	//"errors"
8	+	//"os/exec"
9	+
10	+	"log"
11	+
12	+	//Internal Libraries
13	+	siriusHelper "github.com/0sm0s1z/Sirius-Scan/lib/utils"
14	+	siriusScan "github.com/0sm0s1z/Sirius-Scan/scanner"
15	+	discoveryScan "github.com/0sm0s1z/Sirius-Scan/scanner/discovery"
16	+	//3rd Party Dependencies
17	+	)
18	+
19	+	/*
20	+
21	+	### APPLICATION START
22	+	## USAGE
23	+	- Sirius can be run in command-line and graphical modes. In command-line mode simply execute the program while specifying a scan profile. Create and configure the settings in the ~/.sirius folder within the user home directory.
24	+	- Alternately, in graphical mode all settings for the scanner can be configured in the UI (this is the easier operating mode)
25	+
26	+	## PURPOSE
27	+	This is THE scan manager. This program will execute and manage all scanning tasks. Individual task may be external functions or even programs; however, from the scanners perspective everything is controlled and monitored here.
28	+
29	+	## CONTRIBUTION
30	+	Pull requests are always appreciated, but the issues you may be looking to solve likely exist in subordinate files. This one is intended to remain as basic as possible.
31	+
32	+	*/
33	+
34	+	func main() {
35	+	log.Println("Initializing Sirius General Purpose Vulnerablity Scanning Engine...")
36	+
37	+	scanID := ""
38	+
39	+	// Two modes of execution. Specify Scan profile or gen new one if unspecified.
40	+	// Eventually add ez cmdline options with -target
41	+	if len(os.Args[1:]) > 0 {
42	+	scanID = os.Args[1]
43	+	} else {
44	+	scanID = "scan-" + siriusHelper.RandomString(10)
45	+	}
46	+
47	+	homedir, err := os.UserHomeDir()
48	+	siriusHelper.ErrorCheck(err)
49	+
50	+	// Grab scanning profile
51	+	var profile siriusScan.ScanProfile
52	+	profile = siriusScan.GetProfile(scanID, homedir)
53	+
54	+	log.Println("Beginning scan: " + scanID)
55	+	log.Println("Beginning scan of targets: ")
56	+
57	+	for i := 0; i < len(profile.Targets); i++ {
58	+	fmt.Println(profile.Targets[i])
59	+	}
60	+
61	+	// Discovery First
62	+	// Iterate through discovery techniques. Hard code this to Nmap for now.
63	+	// Will need to compile and thread out scan jobs long term. Let's do them in serial for now
64	+
65	+	var discovery siriusScan.DiscoveryDetails
66	+	var discoveryList []siriusScan.DiscoveryDetails
67	+
68	+	for i := 0; i < len(profile.Targets); i++ {
69	+	fmt.Println("Ennumerating: " + profile.Targets[i])
70	+	//outputfile := homedir + "/.sirius/scans/0001/nmapdiscovery.xml"
71	+
72	+	//Perform discovery for each target and append to discovery list
73	+	discovery = discoveryScan.Discovery(profile, profile.Targets[i], homedir)
74	+
75	+	discoveryList = append(discoveryList, discovery)
76	+
77	+	//Perform discovery
78	+	//
79	+
80	+	log.Println("Nmap Host Discovery Complete for: " + profile.Targets[i])
81	+	}
82	+
83	+	/*
84	+	// IP Address Discovery
85	+	outputfile := homedir + "/.sirius/scans/0001/nmapdiscovery.xml"
86	+	exec.Command("/opt/homebrew/bin/nmap", profile.Discovery, profile.Targets, "-oX", outputfile).Output()
87	+
88	+	log.Println("Nmap Host Discovery Complete for: " + profile.Targets)
89	+	//output := string(out[:])
90	+	//fmt.Println(output)
91	+
92	+	// Port Scanning
93	+	// Must make host directories for every system discovered
94	+	// Will need to pull individual targets out of the previous discovery. Assuming single target for now
95	+	path := homedir + "/.sirius/scans/0001/" + profile.Targets
96	+
97	+	if _, err := os.Stat(path); errors.Is(err, os.ErrNotExist) {
98	+	err := os.Mkdir(path, os.ModePerm)
99	+	if err != nil {
100	+	log.Println(err)
101	+	}
102	+	}
103	+
104	+	// Hardcoded single target again
105	+	outputfile = homedir + "/.sirius/scans/0001/" + profile.Targets + "/nmapportscan.xml"
106	+	exec.Command("/opt/homebrew/bin/nmap", "-Pn", "-sV", profile.Targets, "-oX", outputfile).Output()
107	+
108	+	log.Println("Nmap Version Scanning Complete for: " + profile.Targets)
109	+	//output = string(out[:])
110	+	//fmt.Println(output)
111	+	*/
112	+
113	+	log.Println("Success: Operation completed successfully")
114	+	}
115	+

API/nvd-cpematch-consumer

Binary file.

■ ■ ■ ■ ■ ■

API/nvd-cpematch-consumer.go

1	+	package main
2	+
3	+	/*
4	+	This program to parses the CPE List from NVD to build a list of vendors and products.
5	+	*/
6	+
7	+	import (
8	+	"encoding/json"
9	+	_ "errors"
10	+	"io/ioutil"
11	+	"log"
12	+	_ "os/exec"
13	+	"strings"
14	+
15	+	_ "github.com/gin-gonic/gin"
16	+	//Internal Libraries
17	+	//3rd Party Dependencies
18	+	)
19	+
20	+	type CPEMatches struct {
21	+	Matches []CPEMatch `json:"matches"`
22	+	}
23	+	type CPEMatch struct {
24	+	CPE23URI string `json:"cpe23Uri"`
25	+	VersionEndExcluding string `json:"versionEndExcluding"`
26	+	}
27	+	type CPEVendor struct {
28	+	VendorName string `json:"vendor_name"`
29	+	Product []CPEProduct `json:"product"`
30	+	}
31	+	type CPEProduct struct {
32	+	ProductName string `json:"product_name"`
33	+	}
34	+
35	+	func main() {
36	+	//Open CPE List json file
37	+	//dat, err := ioutil.ReadFile("./data/test.json")
38	+	dat, err := ioutil.ReadFile("./data/nvdcpematch-1.0.json")
39	+	if err != nil {
40	+	log.Println("Error reading CPE List")
41	+	}
42	+
43	+	//Parse JSON
44	+	var cpeData CPEMatches
45	+	err = json.Unmarshal(dat, &cpeData)
46	+	if err != nil {
47	+	log.Println("Error parsing CPE List")
48	+	log.Println(err)
49	+	}
50	+
51	+	//Build Vendor List
52	+	var vendorList []CPEVendor
53	+	for _, match := range cpeData.Matches {
54	+	//for i, match := range cpeData.Matches {
55	+	var curProduct CPEProduct
56	+	var curVendor CPEVendor
57	+	j := 0
58	+
59	+	//Parse CPE23URI
60	+	//cpe:2.3:a:vendor:product:version:update:edition:language
61	+	split := strings.Split(match.CPE23URI, ":")
62	+	vendorName := split[3]
63	+	productName := split[4]
64	+
65	+	//Check if Vendor exists
66	+	vendorExists := false
67	+	productExists := false
68	+
69	+	for _, vendor := range vendorList {
70	+	if vendor.VendorName == vendorName {
71	+	vendorExists = true
72	+	curVendor = vendor
73	+	j++
74	+
75	+	//Check if product exists for vendor
76	+	for _, product := range vendor.Product {
77	+	if product.ProductName == productName {
78	+	productExists = true
79	+	log.Println("Product Exists: " + productName)
80	+	break
81	+	}
82	+	}
83	+	break
84	+	}
85	+	}
86	+
87	+	//Add Vendor if it doesn't exist
88	+	if !vendorExists {
89	+	log.Println("New Vendor: " + vendorName)
90	+
91	+	//Add new vendor and current product
92	+	curVendor.VendorName = vendorName
93	+	curProduct.ProductName = productName
94	+	curVendor.Product = append(curVendor.Product, curProduct)
95	+
96	+	//Append to vendor list
97	+	vendorList = append(vendorList, curVendor)
98	+	productExists = false
99	+	}
100	+
101	+	//If vendor does exist and product doesn't for current vendor, add product
102	+	if !productExists && vendorExists {
103	+	log.Println("New Product: " + curVendor.VendorName + " " + productName)
104	+
105	+	//Add new product
106	+	var product CPEProduct
107	+	product.ProductName = productName
108	+	curVendor.Product = append(curVendor.Product, product)
109	+
110	+	//Append to vendor list
111	+	vendorList[j] = curVendor
112	+	}
113	+
114	+	/*
115	+	//Print Progress
116	+	if i%10 == 0 {
117	+	log.Println(i)
118	+	}
119	+	if i > 10 {
120	+	break
121	+	}*/
122	+	}
123	+
124	+	//Write Vendor List to JSON file
125	+	vendorListJSON, err := json.Marshal(vendorList)
126	+	if err != nil {
127	+	log.Println("Error writing Vendor List")
128	+	}
129	+	err = ioutil.WriteFile("./data/vendorlist.json", vendorListJSON, 0644)
130	+	if err != nil {
131	+	log.Println("Error writing Vendor List")
132	+	}
133	+
134	+	log.Println("Done")
135	+	}
136	+

■ ■ ■ ■ ■ ■

API/nvd-cve-consumer.go

1	+	package main
2	+
3	+	import (
4	+	"bytes"
5	+	"encoding/json"
6	+	_ "errors"
7	+	"fmt"
8	+	"log"
9	+	"os"
10	+	_ "os/exec"
11	+
12	+	"net/http"
13	+
14	+	_ "github.com/gin-gonic/gin"
15	+	//Internal Libraries
16	+	//3rd Party Dependencies
17	+	)
18	+
19	+	// Adapted/Modified from https://github.com/pandatix/nvdapi/blob/master/schema.go
20	+	// Special thanks to Pandatix aka Lucas Florian Tesson
21	+	// host represents data about a target host.
22	+	type NVDVulnerablityList struct {
23	+	CVEDataType string `json:"CVE_data_type"`
24	+	CVEDataFormat string `json:"CVE_data_format"`
25	+	CVEDataVersion string `json:"CVE_data_version"`
26	+	CVEDataNumberOfCVEs string `json:"CVE_data_numberOfCVEs,omitempty"`
27	+	CVEDataTimestamp string `json:"CVE_data_timestamp"`
28	+	CVEItems []CVEItem `json:"CVE_Items,omitempty"`
29	+	}
30	+
31	+	type SVDBEntry struct {
32	+	CVEDataFormat string
33	+	CVEDataType string
34	+	CVEDataVersion string
35	+	CVEDataNumberOfCVEs string
36	+	CVEDataTimestamp string
37	+	CVEItems []CVEItem
38	+	CVEDataMeta CVEDataMeta
39	+	Description Description
40	+	CPE Node
41	+	CVSSV3 CVSSV3
42	+	References []string
43	+	}
44	+
45	+	func main() {
46	+	log.Println("Updating Sirius Vulnerability Database")
47	+	dat, err := os.ReadFile("./data/nvdcve-1.1-2022.json")
48	+	fmt.Print(err)
49	+
50	+	var responseObject NVDVulnerablityList
51	+	json.Unmarshal(dat, &responseObject)
52	+	var vuln SVDBEntry
53	+
54	+	for i := 0; i < len(responseObject.CVEItems); i++ {
55	+	fmt.Println("================")
56	+
57	+	vuln.CVEDataType = responseObject.CVEItems[i].CVE.DataType
58	+	vuln.CVEDataFormat = responseObject.CVEItems[i].CVE.DataFormat
59	+
60	+	vuln.CVEDataMeta.ID = responseObject.CVEItems[i].CVE.CVEDataMeta.ID
61	+	vuln.CVEDataMeta.ASSIGNER = responseObject.CVEItems[i].CVE.CVEDataMeta.ASSIGNER
62	+	vuln.Description = responseObject.CVEItems[i].CVE.Description
63	+	vuln.CVSSV3 = responseObject.CVEItems[i].Impact.BaseMetricV3.CVSSV3
64	+
65	+	for j := 0; j < len(responseObject.CVEItems[i].Configurations.Nodes); j++ {
66	+	vuln.CPE = responseObject.CVEItems[i].Configurations.Nodes[j]
67	+	}
68	+
69	+	for j := 0; j < len(responseObject.CVEItems[i].CVE.References.ReferenceData); j++ {
70	+	vuln.References = append(vuln.References, responseObject.CVEItems[i].CVE.References.ReferenceData[j].URL)
71	+	}
72	+
73	+	b, err := json.Marshal(vuln)
74	+	if err != nil {
75	+	fmt.Println(err)
76	+	return
77	+	}
78	+	fmt.Println(string(b))
79	+
80	+	//Add Vulnerability Definition to SVDB
81	+	resp, err := http.Post("http://localhost:8080/api/svdb/new/vuln", "application/json", bytes.NewBuffer(b))
82	+
83	+	if err != nil {
84	+	log.Fatal(err)
85	+	}
86	+
87	+	var res map[string]interface{}
88	+	json.NewDecoder(resp.Body).Decode(&res)
89	+	fmt.Println(res["json"])
90	+
91	+	//Clear Vuln Entry
92	+	vuln = SVDBEntry{}
93	+	}
94	+
95	+	fmt.Println("================")
96	+	fmt.Println("And that's the things")
97	+	//fmt.Print(responseObject.CVEItems)
98	+	//fmt.Print(responseObject.CVE_Items[0].CVE.references)
99	+
100	+	}
101	+
102	+	type (
103	+	CVEResponse struct {
104	+	ResultsPerPage int `json:"resultsPerPage"`
105	+	StartIndex int `json:"startIndex"`
106	+	TotalResults int `json:"totalResults"`
107	+	Result CVEResult `json:"result"`
108	+	}
109	+
110	+	CVEResult struct {
111	+	CVEDataType string `json:"CVE_data_type"`
112	+	CVEDataFormat string `json:"CVE_data_format"`
113	+	CVEDataVersion string `json:"CVE_data_version"`
114	+	CVEDataNumberOfCVEs *string `json:"CVE_data_numberOfCVEs,omitempty"`
115	+	CVEDataTimestamp string `json:"CVE_data_timestamp"`
116	+	CVEItems *[]CVEItem `json:"CVE_Items,omitempty"`
117	+	}
118	+
119	+	// CVEITEM defines a vulnerability in the NVD data feed as defined
120	+	// in the NIST API schema.
121	+	CVEItem struct {
122	+	CVE CVE `json:"cve"`
123	+	Configurations Configurations `json:"configurations,omitempty"`
124	+	Impact *Impact `json:"impact,omitempty"`
125	+	PublishedDate *string `json:"publishedDate,omitempty"`
126	+	LastModifiedDate *string `json:"lastModifiedDate,omitempty"`
127	+	}
128	+
129	+	// CVE as defined in the NIST API schema.
130	+	CVE struct {
131	+	DataType string `json:"data_type"`
132	+	DataFormat string `json:"data_format"`
133	+	DataVersion string `json:"data_version"`
134	+	CVEDataMeta CVEDataMeta `json:"CVE_data_meta"`
135	+	Affects *Affects `json:"affects,omitempty"`
136	+	ProblemType ProblemType `json:"problemtype"`
137	+	References References `json:"references"`
138	+	Description Description `json:"description"`
139	+	}
140	+
141	+	CVEDataMeta struct {
142	+	ID string `json:"ID"`
143	+	ASSIGNER string `json:"ASSIGNER"`
144	+	STATE *string `json:"STATE,omitempty"`
145	+	}
146	+
147	+	Affects struct {
148	+	Vendor Vendor `json:"vendor"`
149	+	}
150	+
151	+	Vendor struct {
152	+	// VendorData has a minimum of 0 items according to the
153	+	// NIST API schema.
154	+	VendorData []VendorData `json:""`
155	+	}
156	+
157	+	VendorData struct {
158	+	VendorName string `json:"vendor_name"`
159	+	Product VendorProduct `json:"product"`
160	+	}
161	+
162	+	VendorProduct struct {
163	+	// ProductData has a minimum of 1 item according to the
164	+	// NIST API schema.
165	+	ProductData []Product `json:"product_data"`
166	+	}
167	+
168	+	ProblemType struct {
169	+	// ProblemTypeData has a minimum of 0 items according to the
170	+	// NIST API schema.
171	+	ProblemTypeData []ProblemTypeData `json:"problemtype_data"`
172	+	}
173	+
174	+	ProblemTypeData struct {
175	+	// Description has a minimum of 0 items according to the
176	+	// NIST API schema.
177	+	Description []LangString `json:"description"`
178	+	}
179	+
180	+	References struct {
181	+	// ReferenceData has a minimum of 0 and a maximum of 500
182	+	// items according to the NIST API schema.
183	+	ReferenceData []CVEReference `json:"reference_data"`
184	+	}
185	+
186	+	Description struct {
187	+	// DescriptionData has a minimum of 0 items according to
188	+	// the NIST API schema.
189	+	DescriptionData []LangString `json:"description_data"`
190	+	}
191	+
192	+	Product struct {
193	+	ProductName string `json:"product_name"`
194	+	Version Version `json:"version"`
195	+	}
196	+
197	+	Version struct {
198	+	// VersionData has a minimum of 1 item according to the
199	+	// NIST API schema.
200	+	VersionData []VersionData `json:"version_data"`
201	+	}
202	+
203	+	VersionData struct {
204	+	VersionValue string `json:"version_value"`
205	+	VersionAffected *string `json:"version_affected,omitempty"`
206	+	}
207	+
208	+	CVEReference struct {
209	+	// URL has a maximum length of 500 characters according to the
210	+	// NIST API schema.
211	+	URL string `json:"url"`
212	+	Name *string `json:"name,omitempty"`
213	+	Refsource *string `json:"refsource,omitempty"`
214	+	Tags *[]string `json:"tags,omitempty"`
215	+	}
216	+
217	+	LangString struct {
218	+	Lang string `json:"lang"`
219	+	// Value has a maximum length of 3999 characters according to the
220	+	// NIST API schema.
221	+	Value string `json:"value"`
222	+	}
223	+
224	+	// Configurations defines the set of product configurations for a
225	+	// NVD applicability statement as defined in the NIST API schema.
226	+	Configurations struct {
227	+	CVEDataVersion string `json:"CVE_data_version"`
228	+	Nodes []Node `json:"nodes,omitempty"`
229	+	}
230	+
231	+	// Node is a node or sub-node in an NVD applicability statement
232	+	// as defined in the NIST API schema.
233	+	Node struct {
234	+	Operator string `json:"operator,omitempty"`
235	+	Negate bool `json:"negate,omitempty"`
236	+	Children []Node `json:"children,omitempty"`
237	+	CPEMatch []CPEMatch `json:"cpe_match,omitempty"`
238	+	}
239	+
240	+	// CPEMatch is the CPE Match string or range as defined in the
241	+	// NIST API schema.
242	+	CPEMatch struct {
243	+	Vulnerable bool `json:"vulnerable"`
244	+	CPE22URI string `json:"cpe22Uri,omitempty"`
245	+	CPE23URI string `json:"cpe23Uri"`
246	+	VersionStartExcluding string `json:"versionStartExcluding,omitempty"`
247	+	VersionStartIncluding string `json:"versionStartIncluding,omitempty"`
248	+	VersionEndExcluding string `json:"versionEndExcluding,omitempty"`
249	+	VersionEndIncluding string `json:"versionEndIncluding,omitempty"`
250	+	CPEName []CVECPEName `json:"cpe_name,omitempty"`
251	+	}
252	+
253	+	// CPEName is the CPE name as defined in the NIST API schema.
254	+	CVECPEName struct {
255	+	CPE22URI string `json:"cpe22Uri,omitempty"`
256	+	CPE23URI string `json:"cpe23Uri"`
257	+	LastModifiedDate string `json:"lastModifiedDate,omitempty"`
258	+	}
259	+
260	+	// Impact scores for a vulnerability as found on NVD as defined
261	+	// in the NIST API schema.
262	+	Impact struct {
263	+	BaseMetricV3 BaseMetricV3 `json:"baseMetricV3,omitempty"`
264	+	BaseMetricV2 BaseMetricV2 `json:"baseMetricV2,omitempty"`
265	+	}
266	+
267	+	// BaseMetricV3 is the CVSS V3.x score as defined in the NIST API
268	+	// schema.
269	+	BaseMetricV3 struct {
270	+	CVSSV3 CVSSV3 `json:"cvssV3,omitempty"`
271	+	ExploitabilityScore float64 `json:"exploitabilityScore,omitempty"`
272	+	ImpactScore float64 `json:"impactScore,omitempty"`
273	+	}
274	+
275	+	CVSSV3 struct {
276	+	// Version should be implemented using an enum
277	+	Version string `json:"version"`
278	+	VectorString string `json:"vectorString"`
279	+	AttackVector string `json:"attackVector,omitempty"`
280	+	AttackComplexity string `json:"attackComplexity,omitempty"`
281	+	PrivilegesRequired string `json:"privilegesRequired,omitempty"`
282	+	UserInteraction string `json:"userInteraction,omitempty"`
283	+	Scope string `json:"scope,omitempty"`
284	+	ConfidentialityImpact string `json:"confidentialityImpact,omitempty"`
285	+	IntegrityImpact string `json:"integrityImpact,omitempty"`
286	+	AvailabilityImpact string `json:"availabilityImpact,omitempty"`
287	+	BaseScore float64 `json:"baseScore"`
288	+	BaseSeverity string `json:"baseSeverity"`
289	+	ExploitCodeMaturity string `json:"exploitCodeMaturity,omitempty"`
290	+	RemediationLevel string `json:"remediationLevel,omitempty"`
291	+	ReportConfidence string `json:"reportConfidence,omitempty"`
292	+	TemporalScore float64 `json:"temporalScore,omitempty"`
293	+	TemporalSeverity string `json:"temporalSeverity,omitempty"`
294	+	ConfidentialityRequirement string `json:"confidentialityRequirement,omitempty"`
295	+	IntegrityRequirement string `json:"integrityRequirement,omitempty"`
296	+	AvailabilityRequirement string `json:"availabilityRequirement,omitempty"`
297	+	ModifiedAttackVector string `json:"modifiedAttackVector,omitempty"`
298	+	ModifiedAttackComplexity string `json:"modifiedAttackComplexity,omitempty"`
299	+	ModifiedPrivilegesRequired string `json:"modifiedPrivilegesRequired,omitempty"`
300	+	ModifiedUserInteraction string `json:"modifiedUserInteraction,omitempty"`
301	+	ModifiedScope string `json:"modifiedScope,omitempty"`
302	+	ModifiedConfidentialityImpact string `json:"modifiedConfidentialityImpact,omitempty"`
303	+	ModifiedIntegrityImpact string `json:"modifiedIntegrityImpact,omitempty"`
304	+	ModifiedAvailabilityImpact string `json:"modifiedAvailabilityImpact,omitempty"`
305	+	EnvironmentalScore float64 `json:"environmentalScore,omitempty"`
306	+	EnvironmentalSeverity string `json:"environmentalSeverity,omitempty"`
307	+	}
308	+
309	+	// BaseMetricV2 is the CVSS V2.0 score as defined in the NIST API
310	+	// schema.
311	+	BaseMetricV2 struct {
312	+	CVSSV2 CVSSV2 `json:"cvssV2,omitempty"`
313	+	Severity string `json:"severity,omitempty"`
314	+	ExploitabilityScore float64 `json:"exploitabilityScore,omitempty"`
315	+	ImpactScore float64 `json:"impactScore,omitempty"`
316	+	AcInsufInfo bool `json:"acInsufInfo,omitempty"`
317	+	ObtainAllPrivilege bool `json:"obtainAllPrivilege,omitempty"`
318	+	ObtainUserPrivilege bool `json:"obtainUserPrivilege,omitempty"`
319	+	ObtainOtherPrivilege bool `json:"obtainOtherPrivilege,omitempty"`
320	+	UserInteractionRequired bool `json:"userInteractionRequired,omitempty"`
321	+	}
322	+
323	+	CVSSV2 struct {
324	+	Version string `json:"version"`
325	+	VectorString string `json:"vectorString"`
326	+	AccessVector string `json:"accessVector,omitempty"`
327	+	AccessComplexity string `json:"accessComplexity,omitempty"`
328	+	Authentication string `json:"authentication,omitempty"`
329	+	ConfidentialityImpact string `json:"confidentialityImpact,omitempty"`
330	+	IntegrityImpact string `json:"integrityImpact,omitempty"`
331	+	AvailabilityImpact string `json:"availabilityImpact,omitempty"`
332	+	BaseScore float64 `json:"baseScore"`
333	+	Exploitability string `json:"exploitability,omitempty"`
334	+	RemediationLevel string `json:"remediationLevel,omitempty"`
335	+	ReportConfidence string `json:"reportConfidence,omitempty"`
336	+	TemporalScore float64 `json:"temporalScore,omitempty"`
337	+	CollateralDamagePotential string `json:"collateralDamagePotential,omitempty"`
338	+	TargetDistribution string `json:"targetDistribution,omitempty"`
339	+	ConfidentialityRequirement string `json:"confidentialityRequirement,omitempty"`
340	+	IntegrityRequirement string `json:"integrityRequirement,omitempty"`
341	+	AvailabilityRequirement string `json:"availabilityRequirement,omitempty"`
342	+	EnvironmentalScore float64 `json:"environmentalScore,omitempty"`
343	+	}
344	+
345	+	CPEResponse struct {
346	+	ResultsPerPage int `json:"resultsPerPage"`
347	+	StartIndex int `json:"startIndex"`
348	+	TotalResults int `json:"totalResults"`
349	+	Result CPEResult `json:"result"`
350	+	}
351	+
352	+	CPEResult struct {
353	+	DataType string `json:"dataType"`
354	+	FeedVersion string `json:"feedVersion"`
355	+	// Number of CPE in this feed
356	+	CPECount int `json:"cpeCount"`
357	+	// Timestamp indicates when feed was generated
358	+	FeedTimestamp *string `json:"feedTimestamp,omitempty"`
359	+	CPEs []CPEName `json:"cpes"`
360	+	}
361	+
362	+	// CPE name
363	+	CPEName struct {
364	+	CPE23URI string `json:"cpe23Uri"`
365	+	LastModifiedDate string `json:"lastModifiedDate"`
366	+	Deprecated bool `json:"deprecated,omitempty"`
367	+	DeprecatedBy []string `json:"deprecatedBy,omitempty"`
368	+	Titles []Title `json:"titles,omitempty"`
369	+	Refs []CPEReference `json:"refs,omitempty"`
370	+	Vulnerabilities []string `json:"vulnerabilities,omitempty"`
371	+	}
372	+
373	+	// Human readable title for CPE
374	+	Title struct {
375	+	Title string `json:"title"`
376	+	Lang string `json:"lang"`
377	+	}
378	+
379	+	// Internet resource for CPE
380	+	CPEReference struct {
381	+	Ref string `json:"ref"`
382	+	Type CPEReferenceType `json:"type,omitempty"`
383	+	}
384	+
385	+	CPEReferenceType string
386	+	)
387	+
388	+	var (
389	+	ADVISORY CPEReferenceType = "Advisory"
390	+	CHANGE_LOG CPEReferenceType = "Change Log"
391	+	PRODUCT CPEReferenceType = "Product"
392	+	PROJECT CPEReferenceType = "Project"
393	+	VENDOR CPEReferenceType = "Vendor"
394	+	VERSION CPEReferenceType = "Version"
395	+	)
396	+

■ ■ ■ ■ ■ ■

API/scanner/discovery/discovery.go

1	+	package siriusScan
2	+
3	+	import (
4	+	"fmt"
5	+	"log"
6	+	"os"
7	+
8	+	//"os/exec"
9	+
10	+	//Internal Libraries
11	+	siriusHelper "github.com/0sm0s1z/Sirius-Scan/lib/utils"
12	+	siriusScan "github.com/0sm0s1z/Sirius-Scan/scanner"
13	+	siriusNmap "github.com/0sm0s1z/Sirius-Scan/scanner/engines/nmap"
14	+	//3rd Party Dependencies
15	+	)
16	+
17	+	//ALL Discovery Types - Profile must match to one of these constants
18	+	const (
19	+	nmapCommonPortSweep = "-A"
20	+	)
21	+
22	+	// getFindings responds with the list of a Finding as JSON.
23	+	func Discovery(profile siriusScan.ScanProfile, target string, homedir string) siriusScan.DiscoveryDetails {
24	+
25	+	//Hardcoded scan name for now
26	+	outputfile := homedir + "/.sirius/scans/0001/nmapdiscovery.xml"
27	+
28	+	// Perform discovery for each type listed in the ScanProfile
29	+	for i := 0; i < len(profile.Discovery); i++ {
30	+	switch profile.Discovery[i] {
31	+	case "nmapCommonPortSweep":
32	+	fmt.Println("Performing Nmap Common Port Sweep")
33	+
34	+	//Glaring command injection vulnerability here. Need to sanitize input
35	+	// cmd := exec.Command("/opt/homebrew/bin/nmap", nmapCommonPortSweep, "--script=vuln,vulners", target, "-oX", outputfile)
36	+
37	+	// cmd.Stdout = os.Stdout
38	+	// cmd.Stderr = os.Stderr
39	+	//err := cmd.Run()
40	+	//siriusHelper.ErrorCheck(err)
41	+	//fmt.Println(cmd.Stdout)
42	+
43	+	//Process Nmap XML Output
44	+	dat, err := os.ReadFile(outputfile)
45	+	siriusHelper.ErrorCheck(err)
46	+	processScanResults(dat)
47	+	}
48	+	}
49	+
50	+	var discovery siriusScan.DiscoveryDetails
51	+
52	+	return discovery
53	+	}
54	+
55	+	// processScanResults processes the raw XML output from Nmap and returns a DiscoveryDetails struct
56	+	func processScanResults(dat []byte) siriusScan.DiscoveryDetails {
57	+	var discovery siriusScan.DiscoveryDetails
58	+
59	+	//Parse XML Using Lair Project's Nmap Parser
60	+	var scanResults []siriusNmap.CVE
61	+	scanResults = siriusNmap.ProcessReport(dat)
62	+
63	+	log.Println(scanResults)
64	+
65	+	//Return DiscoveryDetails struct
66	+
67	+	return discovery
68	+	}
69	+

■ ■ ■ ■ ■ ■

API/scanner/engines/nmap/nmap.go

1	+	package siriusNmap
2	+
3	+	import (
4	+	"fmt"
5	+	"log"
6	+	"strings"
7	+
8	+	"github.com/lair-framework/go-nmap"
9	+	)
10	+
11	+	const (
12	+	version = "2.1.1"
13	+	tool = "nmap"
14	+	osWeight = 50
15	+	)
16	+
17	+	//Nmap Discovery Scan Options / Parser / Execution
18	+	func NmapDiscovery(n int) string {
19	+	fmt.Println("JSON decode error!")
20	+	return "asdf"
21	+	}
22	+
23	+	func ProcessReport(nmapXML []byte) []CVE {
24	+
25	+	nmapRun, err := nmap.Parse(nmapXML)
26	+	if err != nil {
27	+	log.Fatalf("Fatal: Error parsing nmap. Error %s", err.Error())
28	+	}
29	+
30	+	scan := handleXML(nmapRun)
31	+
32	+	return scan
33	+	}
34	+
35	+	func handleXML(run *nmap.NmapRun) []CVE {
36	+	var scan Scan
37	+	var cvelist []CVE
38	+
39	+	// THIS IS GHETTO AND BAD AND I SHOULD FEEL BAD - but it works for now
40	+	for i := 0; i < len(run.Hosts[0].Ports); i++ {
41	+	for j := 0; j < len(run.Hosts[0].Ports[i].Scripts); j++ {
42	+
43	+	scriptOutput := run.Hosts[0].Ports[i].Scripts[j].Output
44	+
45	+	for _, line := range strings.Split(strings.TrimSuffix(scriptOutput, "\n"), "\n") {
46	+	if strings.Contains(line, "CVE-") {
47	+	cveid := strings.Split(line, "CVE-")[1]
48	+
49	+	if len(cveid) > 9 {
50	+	cveid = cveid[:10]
51	+	cvelist = append(cvelist, CVE{CVEID: cveid})
52	+	} else {
53	+	cveid = cveid[:9]
54	+	cvelist = append(cvelist, CVE{CVEID: cveid})
55	+	}
56	+	}
57	+	}
58	+	}
59	+	}
60	+
61	+	for _, h := range run.Hosts {
62	+	host := Host{ID: "1"}
63	+	if h.Status.State != "up" {
64	+	continue
65	+	}
66	+
67	+	for _, address := range h.Addresses {
68	+	switch {
69	+	case address.AddrType == "ipv4":
70	+	host.IPv4 = address.Addr
71	+	case address.AddrType == "mac":
72	+	host.MAC = address.Addr
73	+	}
74	+	}
75	+
76	+	for _, hostname := range h.Hostnames {
77	+	host.Hostnames = append(host.Hostnames, hostname.Name)
78	+	}
79	+
80	+	//Service Detection
81	+	for _, p := range h.Ports {
82	+	service := Service{}
83	+	service.Port = p.PortId
84	+	service.Protocol = p.Protocol
85	+
86	+	if p.State.State != "open" {
87	+	continue
88	+	}
89	+
90	+	if p.Service.Name != "" {
91	+	service.Service = p.Service.Name
92	+	service.Product = "Unknown"
93	+	if p.Service.Product != "" {
94	+	service.Product = p.Service.Product
95	+	if p.Service.Version != "" {
96	+	service.Product += " " + p.Service.Version
97	+	}
98	+	}
99	+
100	+	if p.Service.CPEs != nil {
101	+	service.CPE = p.Service.CPEs
102	+	}
103	+	}
104	+
105	+	host.Services = append(host.Services, service)
106	+	}
107	+
108	+	scan.Hosts = append(scan.Hosts, host)
109	+
110	+	}
111	+
112	+	return cvelist
113	+	}
114	+

■ ■ ■ ■ ■ ■

API/scanner/engines/nmap/nmaplib.go

1	+	package siriusNmap
2	+
3	+	import (
4	+	"github.com/lair-framework/go-nmap"
5	+	)
6	+
7	+
8	+	// CPE (Common Platform Enumeration) is a standardized way to name software
9	+	type Service struct {
10	+	ID string `json:"_id" bson:"_id"`
11	+	ProjectID string `json:"projectId" bson:"projectId"`
12	+	HostID string `json:"hostId" bson:"hostId"`
13	+	Port int `json:"port" bson:"port"`
14	+	Protocol string `json:"protocol" bson:"protocol"`
15	+	Service string `json:"service" bson:"service"`
16	+	Product string `json:"product" bson:"product"`
17	+	Status string `json:"status" bson:"status"`
18	+	IsFlagged bool `json:"isFlagged" bson:"isFlagged"`
19	+	LastModifiedBy string `json:"lastModifiedBy" bson:"lastModifiedBy"`
20	+	CPE []nmap.CPE `json:"cpe" bson:"cpe"`
21	+	}
22	+
23	+	type Host struct {
24	+	ID string `json:"_id" bson:"_id"`
25	+	ProjectID string `json:"projectId" bson:"projectId"`
26	+	LongIPv4Addr uint64 `json:"longIpv4Addr" bson:"longIpv4Addr"`
27	+	IPv4 string `json:"ipv4" bson:"ipv4"`
28	+	MAC string `json:"mac" bson:"mac"`
29	+	Hostnames []string `json:"hostnames" bson:"hostnames"`
30	+	StatusMessage string `json:"statusMessage" bson:"statusMessage"`
31	+	Tags []string `json:"tags" bson:"tags"`
32	+	Status string `json:"status" bson:"status"`
33	+	LastModifiedBy string `json:"lastModifiedBy" bson:"lastModifiedBy"`
34	+	IsFlagged bool `json:"isFlagged" bson:"isFlagged"`
35	+	Services []Service `json:"services"`
36	+	CVE []CVE `json:"cve"`
37	+	}
38	+
39	+	type Scan struct {
40	+	ID string `json:"_id" bson:"_id"`
41	+	Tool string `json:"tool"`
42	+	Hosts []Host `json:"hosts"`
43	+	}
44	+
45	+
46	+	// OS fingerprint for a host.
47	+	type OS struct {
48	+	Tool string `json:"tool" bson:"tool"`
49	+	Weight int `json:"weight" bson:"weight"`
50	+	Fingerprint string `json:"fingerprint" bson:"fingerprint"`
51	+	}
52	+
53	+
54	+	type CVE struct {
55	+	CVEID string `json:"cveid"`
56	+	}
57	+
58	+
59	+
60	+
61	+
62	+

■ ■ ■ ■ ■ ■

API/scanner/scanlib.go

1	+	package siriusScan
2	+
3	+	type ScanProfile struct {
4	+	Targets []string `json:"targets"`
5	+	Discovery []string `json:"discovery"`
6	+	Ports string `json:"ports"`
7	+	}
8	+
9	+	type DiscoveryDetails struct {
10	+	Targets []string `json:"targets"`
11	+	Discovery string `json:"discovery"`
12	+	Ports string `json:"ports"`
13	+	}
14	+

■ ■ ■ ■ ■ ■

API/scanner/scanner.go

1	+	package siriusScan
2	+
3	+	import (
4	+	"encoding/json"
5	+	"os"
6	+	"fmt"
7	+
8	+	//Internal Libraries
9	+	siriusHelper "github.com/0sm0s1z/Sirius-Scan/lib/utils"
10	+
11	+	//3rd Party Dependencies
12	+	)
13	+
14	+	// getFindings responds with the list of a Finding as JSON.
15	+	func GetProfile(scanID string, homedir string) ScanProfile {
16	+	//Selector (CVE or other?)
17	+	dat, err := os.ReadFile(homedir + "/.sirius/scans/" + scanID + "/profile.json")
18	+	siriusHelper.ErrorCheck(err)
19	+
20	+
21	+	// Parse options out of the scan profile
22	+
23	+
24	+	var profile ScanProfile
25	+	json.Unmarshal([]byte(dat), &profile)
26	+	if err != nil {
27	+	fmt.Println("JSON decode error!")
28	+	}
29	+
30	+	return profile
31	+	}

API/sirius-api.exe

Binary file.

■ ■ ■ ■ ■ ■

API/sirius-api.go

1	+	package main
2	+
3	+	import (
4	+	_ "encoding/json"
5	+	_ "errors"
6	+	"fmt"
7	+	"log"
8	+	_ "log"
9	+	_ "os"
10	+	_ "os/exec"
11	+
12	+	"net/http"
13	+
14	+	"github.com/gin-contrib/cors"
15	+	"github.com/gin-gonic/gin"
16	+
17	+	//Internal Libraries
18	+	APIHandler "github.com/0sm0s1z/Sirius-Scan/API"
19	+	agentsAPI "github.com/0sm0s1z/Sirius-Scan/API/agents"
20	+	dataAPI "github.com/0sm0s1z/Sirius-Scan/API/data"
21	+	scanAPI "github.com/0sm0s1z/Sirius-Scan/API/scan"
22	+	svdbAPI "github.com/0sm0s1z/Sirius-Scan/API/svdb"
23	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
24	+	//siriusNVD "github.com/0sm0s1z/Sirius-Scan/lib/nvd"
25	+	//3rd Party Dependencies
26	+	)
27	+
28	+	// host represents data about a target host.
29	+	type host struct {
30	+	ID string `json:"id"`
31	+	IP string `json:"ip"`
32	+	Hostname string `json:"hostname"`
33	+	OS string `json:"os"`
34	+	}
35	+
36	+	// SVDBEntry represents data about a target SVDBEntry.
37	+
38	+	func main() {
39	+	router := gin.Default()
40	+	router.Use(cors.New(cors.Config{
41	+	AllowOrigins: []string{"*"},
42	+	AllowMethods: []string{"POST", "PUT", "PATCH", "DELETE"},
43	+	AllowHeaders: []string{"Content-Type,access-control-allow-origin, access-control-allow-headers"},
44	+	}))
45	+
46	+	//Sirius Host API
47	+	router.GET("/api/get/hosts", getHosts)
48	+	router.POST("/api/get/host", APIHandler.GetHost)
49	+	router.POST("/api/add/host", addHost)
50	+	router.POST("/api/new/host", addHost)
51	+	router.POST("/api/update/host", APIHandler.UpdateHost)
52	+	//router.POST("/api/new/cve", hostAPI.AddCVE)
53	+	//router.POST("/api/new/cpe", hostAPI.AddCPE)
54	+
55	+	//SVDB APIs
56	+	router.POST("/api/svdb/new/vuln", svdbAPI.AddVuln)
57	+	router.POST("/api/svdb/add/vuln", svdbAPI.AddVuln)
58	+	router.POST("/api/svdb/update/vuln", svdbAPI.UpdateVuln)
59	+	//router.POST("/api/svdb/add/cve", svdbAPI.AddCVE)
60	+	router.POST("/api/svdb/get/finding", svdbAPI.GetFinding)
61	+	router.POST("/api/svdb/get/cpe", svdbAPI.GetCPE)
62	+
63	+	router.POST("/api/svdb/report/host", svdbAPI.VulnerabilityReport)
64	+	router.POST("/api/svdb/report/vulnerability", svdbAPI.FullVulnerabilityReport)
65	+
66	+	//Agent APIs
67	+	router.POST("/api/agent/check", agentsAPI.AgentCheck)
68	+	router.POST("/api/agent/report", agentsAPI.AgentReport)
69	+	router.POST("/api/agent/register", agentsAPI.AgentRegistration)
70	+	router.POST("/api/agent/task", agentsAPI.AgentTask)
71	+	router.POST("/api/agent/response", agentsAPI.AgentResponse)
72	+
73	+	//Data APIs
74	+	router.POST("/api/data/terminalhistory", dataAPI.TerminalHistory)
75	+	router.GET("/api/data/cpe_vendors", svdbAPI.GetCPEVendors)
76	+
77	+	//Scanner APIs
78	+	router.POST("/api/scan/new", scanAPI.NewScan)
79	+
80	+	router.Run(":8080")
81	+	}
82	+
83	+	// getHosts responds with the list of all hosts as JSON.
84	+	func getHosts(c *gin.Context) {
85	+	fmt.Println(c)
86	+	results := siriusDB.GetHosts()
87	+	c.IndentedJSON(http.StatusOK, results)
88	+	}
89	+
90	+	func addHost(c *gin.Context) {
91	+	var newHost siriusDB.SVDBHost
92	+
93	+	// Call BindJSON to bind the received JSON a local variable
94	+	if c.ShouldBind(&newHost) == nil {
95	+	log.Println("Adding Host...")
96	+	}
97	+
98	+	siriusDB.AddHost(newHost)
99	+	c.String(200, "Success")
100	+	}
101	+

■ ■ ■ ■ ■ ■

API/testdata

1	+	<?xml version="1.0" encoding="UTF-8"?>
2	+	<!DOCTYPE nmaprun>
3	+	<?xml-stylesheet href="file:///opt/homebrew/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
4	+	<!-- Nmap 7.92 scan initiated Thu Jan 13 17:24:57 2022 as: nmap -sV -O -oX testdata 192.168.86.33 -->
5	+	<nmaprun scanner="nmap" args="nmap -sV -O -oX testdata 192.168.86.33" start="1642116297" startstr="Thu Jan 13 17:24:57 2022" version="7.92" xmloutputversion="1.05">
6	+	<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
7	+	<verbose level="0"/>
8	+	<debugging level="0"/>
9	+	<hosthint><status state="up" reason="arp-response" reason_ttl="0"/>
10	+	<address addr="192.168.86.33" addrtype="ipv4"/>
11	+	<address addr="F8:FF:C2:0E:37:C4" addrtype="mac" vendor="Apple"/>
12	+	<hostnames>
13	+	</hostnames>
14	+	</hosthint>
15	+	<host starttime="1642116297" endtime="1642116311"><status state="up" reason="arp-response" reason_ttl="0"/>
16	+	<address addr="192.168.86.33" addrtype="ipv4"/>
17	+	<address addr="F8:FF:C2:0E:37:C4" addrtype="mac" vendor="Apple"/>
18	+	<hostnames>
19	+	<hostname name="sans-sec460.lan" type="PTR"/>
20	+	</hostnames>
21	+	<ports><extraports state="closed" count="994">
22	+	<extrareasons reason="reset" count="994" proto="tcp" ports="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79,81-85,88-90,99-100,106,109-111,113,119,125,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-444,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
23	+	</extraports>
24	+	<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="http" product="nginx" version="1.13.5" method="probed" conf="10"><cpe>cpe:/a:igor_sysoev:nginx:1.13.5</cpe></service></port>
25	+	<port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="msrpc" product="Microsoft Windows RPC" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
26	+	<port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="netbios-ssn" product="Microsoft Windows netbios-ssn" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
27	+	<port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="microsoft-ds" product="Microsoft Windows 7 - 10 microsoft-ds" extrainfo="workgroup: WORKGROUP" hostname="SANS-SEC460" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
28	+	<port protocol="tcp" portid="3389"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="ms-wbt-server" product="Microsoft Terminal Services" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
29	+	<port protocol="tcp" portid="5357"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="http" product="Microsoft HTTPAPI httpd" version="2.0" extrainfo="SSDP/UPnP" ostype="Windows" method="probed" conf="10"><cpe>cpe:/o:microsoft:windows</cpe></service></port>
30	+	</ports>
31	+	<os><portused state="open" proto="tcp" portid="80"/>
32	+	<portused state="closed" proto="tcp" portid="1"/>
33	+	<portused state="closed" proto="udp" portid="31453"/>
34	+	<osmatch name="Microsoft Windows 10 1507 - 1607" accuracy="100" line="69497">
35	+	<osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="10" accuracy="100"><cpe>cpe:/o:microsoft:windows_10</cpe></osclass>
36	+	</osmatch>
37	+	</os>
38	+	<uptime seconds="267213" lastboot="Mon Jan 10 15:11:38 2022"/>
39	+	<distance value="1"/>
40	+	<tcpsequence index="255" difficulty="Good luck!" values="97D1D20B,E1A58A75,1C165B0B,5761B430,865E6980,7D1316A6"/>
41	+	<ipidsequence class="Incremental" values="7951,7952,7953,7954,7955,7956"/>
42	+	<tcptssequence class="1000HZ" values="FED570D,FED5776,FED57DD,FED5846,FED58AD,FED5915"/>
43	+	<times srtt="7970" rttvar="2033" to="100000"/>
44	+	</host>
45	+	<runstats><finished time="1642116311" timestr="Thu Jan 13 17:25:11 2022" summary="Nmap done at Thu Jan 13 17:25:11 2022; 1 IP address (1 host up) scanned in 14.13 seconds" elapsed="14.13" exit="success"/><hosts up="1" down="0" total="1"/>
46	+	</runstats>
47	+	</nmaprun>
48	+

■ ■ ■ ■ ■ ■

API/tmp/build-errors.log

1

+

exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 1exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2signal: trace/BPT trapexit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 1exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 1exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2exit status 2

API/tmp/sirius-api

Binary file.

■ ■ ■ ■ ■ ■

API/utils/go.mod

1	+	module github.com/0sm0s1z/Sirius-Scan/utils
2	+
3	+	go 1.17
4	+

■ ■ ■ ■ ■ ■

API/utils/vulnerability.go

1	+	package utils
2	+
3	+	import (
4	+	"fmt"
5	+	"http"
6	+	"encoding/json"
7	+
8	+	//Internal Libraries
9	+	siriusDB "github.com/0sm0s1z/Sirius-Scan/lib/db"
10	+	)
11	+
12	+	main() {
13	+	var newVuln siriusDB.SVDBEntry
14	+
15	+	newVuln.Tags = "kev"
16	+
17	+	b, err := json.Marshal(newVuln)
18	+	if err != nil {
19	+	fmt.Println(err)
20	+	return
21	+	}
22	+	fmt.Println(string(b))
23	+
24	+	//Sirius Status/Check/Tasking
25	+	//Remove API server hardcoding later
26	+	resp, err := http.Post("http://localhost:8080/api/agent/check", "application/json", bytes.NewBuffer(b))
27	+	}
28	+
29	+

■ ■ ■ ■ ■ ■

node_modules/.bin/loose-envify

1

+

../loose-envify/cli.js

■ ■ ■ ■ ■ ■

node_modules/.yarn-integrity

1	+	{
2	+	"systemParams": "darwin-arm64-93",
3	+	"modulesFolders": [
4	+	"node_modules"
5	+	],
6	+	"flags": [],
7	+	"linkedModules": [],
8	+	"topLevelPatterns": [
9	+	"rsuite@^5.27.0"
10	+	],
11	+	"lockfileEntries": {
12	+	"@babel/runtime@^7.0.0": "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b",
13	+	"@babel/runtime@^7.12.5": "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b",
14	+	"@babel/runtime@^7.16.0": "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b",
15	+	"@babel/runtime@^7.20.0": "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b",
16	+	"@babel/runtime@^7.20.1": "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b",
17	+	"@juggle/resize-observer@^3.3.1": "https://registry.yarnpkg.com/@juggle/resize-observer/-/resize-observer-3.4.0.tgz#08d6c5e20cf7e4cc02fd181c4b0c225cd31dbb60",
18	+	"@juggle/resize-observer@^3.4.0": "https://registry.yarnpkg.com/@juggle/resize-observer/-/resize-observer-3.4.0.tgz#08d6c5e20cf7e4cc02fd181c4b0c225cd31dbb60",
19	+	"@rsuite/icon-font@^4.0.0": "https://registry.yarnpkg.com/@rsuite/icon-font/-/icon-font-4.0.0.tgz#c4a772af5020bb3bbf74761879f80da23e914123",
20	+	"@rsuite/icons@^1.0.0": "https://registry.yarnpkg.com/@rsuite/icons/-/icons-1.0.2.tgz#1b53f6e5dc1dabec7a40ac5773ecc2172f05d09e",
21	+	"@rsuite/icons@^1.0.2": "https://registry.yarnpkg.com/@rsuite/icons/-/icons-1.0.2.tgz#1b53f6e5dc1dabec7a40ac5773ecc2172f05d09e",
22	+	"@types/chai@^4.3.3": "https://registry.yarnpkg.com/@types/chai/-/chai-4.3.4.tgz#e913e8175db8307d78b4e8fa690408ba6b65dee4",
23	+	"@types/lodash@^4.14.184": "https://registry.yarnpkg.com/@types/lodash/-/lodash-4.14.191.tgz#09511e7f7cba275acd8b419ddac8da9a6a79e2fa",
24	+	"@types/prop-types@*": "https://registry.yarnpkg.com/@types/prop-types/-/prop-types-15.7.5.tgz#5f19d2b85a98e9558036f6a3cacc8819420f05cf",
25	+	"@types/prop-types@^15.7.5": "https://registry.yarnpkg.com/@types/prop-types/-/prop-types-15.7.5.tgz#5f19d2b85a98e9558036f6a3cacc8819420f05cf",
26	+	"@types/react-window@^1.8.5": "https://registry.yarnpkg.com/@types/react-window/-/react-window-1.8.5.tgz#285fcc5cea703eef78d90f499e1457e9b5c02fc1",
27	+	"@types/react@*": "https://registry.yarnpkg.com/@types/react/-/react-18.0.28.tgz#accaeb8b86f4908057ad629a26635fe641480065",
28	+	"@types/scheduler@*": "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39",
29	+	"classnames@^2.2.5": "https://registry.yarnpkg.com/classnames/-/classnames-2.3.2.tgz#351d813bf0137fcc6a76a16b88208d2560a0d924",
30	+	"classnames@^2.3.1": "https://registry.yarnpkg.com/classnames/-/classnames-2.3.2.tgz#351d813bf0137fcc6a76a16b88208d2560a0d924",
31	+	"csstype@^3.0.2": "https://registry.yarnpkg.com/csstype/-/csstype-3.1.1.tgz#841b532c45c758ee546a11d5bd7b7b473c8c30b9",
32	+	"date-fns@^2.29.3": "https://registry.yarnpkg.com/date-fns/-/date-fns-2.29.3.tgz#27402d2fc67eb442b511b70bbdf98e6411cd68a8",
33	+	"dom-lib@^3.1.3": "https://registry.yarnpkg.com/dom-lib/-/dom-lib-3.1.6.tgz#4e69d6d033dc75491ed0513d2c32d0742b1721e2",
34	+	"insert-css@^2.0.0": "https://registry.yarnpkg.com/insert-css/-/insert-css-2.0.0.tgz#eb5d1097b7542f4c79ea3060d3aee07d053880f4",
35	+	"js-tokens@^3.0.0 \|\| ^4.0.0": "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499",
36	+	"lodash@^4.17.11": "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c",
37	+	"lodash@^4.17.20": "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c",
38	+	"lodash@^4.17.21": "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c",
39	+	"loose-envify@^1.4.0": "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf",
40	+	"memoize-one@>=3.1.1 <6": "https://registry.yarnpkg.com/memoize-one/-/memoize-one-5.2.1.tgz#8337aa3c4335581839ec01c3d594090cebe8f00e",
41	+	"object-assign@^4.1.1": "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863",
42	+	"prop-types@^15.8.1": "https://registry.yarnpkg.com/prop-types/-/prop-types-15.8.1.tgz#67d87bf1a694f48435cf332c24af10214a3140b5",
43	+	"react-is@^16.13.1": "https://registry.yarnpkg.com/react-is/-/react-is-16.13.1.tgz#789729a4dc36de2999dc156dd6c1d9c18cea56a4",
44	+	"react-is@^17.0.2": "https://registry.yarnpkg.com/react-is/-/react-is-17.0.2.tgz#e691d4a8e9c789365655539ab372762b0efb54f0",
45	+	"react-window@^1.8.8": "https://registry.yarnpkg.com/react-window/-/react-window-1.8.8.tgz#1b52919f009ddf91970cbdb2050a6c7be44df243",
46	+	"regenerator-runtime@^0.13.11": "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.11.tgz#f6dca3e7ceec20590d07ada785636a90cdca17f9",
47	+	"rsuite-table@^5.8.2": "https://registry.yarnpkg.com/rsuite-table/-/rsuite-table-5.8.2.tgz#3ddfbcd8fc99e0653a81484fe33b13fc7a1e843b",
48	+	"rsuite@^5.27.0": "https://registry.yarnpkg.com/rsuite/-/rsuite-5.27.0.tgz#36099e4b055393d36d69fe1303b76c42a96530d0",
49	+	"schema-typed@^2.0.3": "https://registry.yarnpkg.com/schema-typed/-/schema-typed-2.0.3.tgz#bfd84b31fbb2d13e748736637281032d8bcb2be8"
50	+	},
51	+	"files": [],
52	+	"artifacts": {}
53	+	}

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/LICENSE

1	+	MIT License
2	+
3	+	Copyright (c) 2014-present Sebastian McKenzie and other contributors
4	+
5	+	Permission is hereby granted, free of charge, to any person obtaining
6	+	a copy of this software and associated documentation files (the
7	+	"Software"), to deal in the Software without restriction, including
8	+	without limitation the rights to use, copy, modify, merge, publish,
9	+	distribute, sublicense, and/or sell copies of the Software, and to
10	+	permit persons to whom the Software is furnished to do so, subject to
11	+	the following conditions:
12	+
13	+	The above copyright notice and this permission notice shall be
14	+	included in all copies or substantial portions of the Software.
15	+
16	+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17	+	EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18	+	MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19	+	NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20	+	LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21	+	OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22	+	WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23	+

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/README.md

1	+	# @babel/runtime
2	+
3	+	> babel's modular runtime helpers
4	+
5	+	See our website [@babel/runtime](https://babeljs.io/docs/en/babel-runtime) for more information.
6	+
7	+	## Install
8	+
9	+	Using npm:
10	+
11	+	```sh
12	+	npm install --save @babel/runtime
13	+	```
14	+
15	+	or using yarn:
16	+
17	+	```sh
18	+	yarn add @babel/runtime
19	+	```
20	+

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/AsyncGenerator.js

1	+	var OverloadYield = require("./OverloadYield.js");
2	+	function AsyncGenerator(gen) {
3	+	var front, back;
4	+	function resume(key, arg) {
5	+	try {
6	+	var result = gen[key](arg),
7	+	value = result.value,
8	+	overloaded = value instanceof OverloadYield;
9	+	Promise.resolve(overloaded ? value.v : value).then(function (arg) {
10	+	if (overloaded) {
11	+	var nextKey = "return" === key ? "return" : "next";
12	+	if (!value.k \|\| arg.done) return resume(nextKey, arg);
13	+	arg = gen[nextKey](arg).value;
14	+	}
15	+	settle(result.done ? "return" : "normal", arg);
16	+	}, function (err) {
17	+	resume("throw", err);
18	+	});
19	+	} catch (err) {
20	+	settle("throw", err);
21	+	}
22	+	}
23	+	function settle(type, value) {
24	+	switch (type) {
25	+	case "return":
26	+	front.resolve({
27	+	value: value,
28	+	done: !0
29	+	});
30	+	break;
31	+	case "throw":
32	+	front.reject(value);
33	+	break;
34	+	default:
35	+	front.resolve({
36	+	value: value,
37	+	done: !1
38	+	});
39	+	}
40	+	(front = front.next) ? resume(front.key, front.arg) : back = null;
41	+	}
42	+	this._invoke = function (key, arg) {
43	+	return new Promise(function (resolve, reject) {
44	+	var request = {
45	+	key: key,
46	+	arg: arg,
47	+	resolve: resolve,
48	+	reject: reject,
49	+	next: null
50	+	};
51	+	back ? back = back.next = request : (front = back = request, resume(key, arg));
52	+	});
53	+	}, "function" != typeof gen["return"] && (this["return"] = void 0);
54	+	}
55	+	AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator \|\| "@@asyncIterator"] = function () {
56	+	return this;
57	+	}, AsyncGenerator.prototype.next = function (arg) {
58	+	return this._invoke("next", arg);
59	+	}, AsyncGenerator.prototype["throw"] = function (arg) {
60	+	return this._invoke("throw", arg);
61	+	}, AsyncGenerator.prototype["return"] = function (arg) {
62	+	return this._invoke("return", arg);
63	+	};
64	+	module.exports = AsyncGenerator, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/AwaitValue.js

1	+	function _AwaitValue(value) {
2	+	this.wrapped = value;
3	+	}
4	+	module.exports = _AwaitValue, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/OverloadYield.js

1	+	function _OverloadYield(value, kind) {
2	+	this.v = value, this.k = kind;
3	+	}
4	+	module.exports = _OverloadYield, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/applyDecoratedDescriptor.js

1	+	function _applyDecoratedDescriptor(target, property, decorators, descriptor, context) {
2	+	var desc = {};
3	+	Object.keys(descriptor).forEach(function (key) {
4	+	desc[key] = descriptor[key];
5	+	});
6	+	desc.enumerable = !!desc.enumerable;
7	+	desc.configurable = !!desc.configurable;
8	+	if ('value' in desc \|\| desc.initializer) {
9	+	desc.writable = true;
10	+	}
11	+	desc = decorators.slice().reverse().reduce(function (desc, decorator) {
12	+	return decorator(target, property, desc) \|\| desc;
13	+	}, desc);
14	+	if (context && desc.initializer !== void 0) {
15	+	desc.value = desc.initializer ? desc.initializer.call(context) : void 0;
16	+	desc.initializer = undefined;
17	+	}
18	+	if (desc.initializer === void 0) {
19	+	Object.defineProperty(target, property, desc);
20	+	desc = null;
21	+	}
22	+	return desc;
23	+	}
24	+	module.exports = _applyDecoratedDescriptor, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/applyDecs.js

1	+	var _typeof = require("./typeof.js")["default"];
2	+	function old_createMetadataMethodsForProperty(metadataMap, kind, property, decoratorFinishedRef) {
3	+	return {
4	+	getMetadata: function getMetadata(key) {
5	+	old_assertNotFinished(decoratorFinishedRef, "getMetadata"), old_assertMetadataKey(key);
6	+	var metadataForKey = metadataMap[key];
7	+	if (void 0 !== metadataForKey) if (1 === kind) {
8	+	var pub = metadataForKey["public"];
9	+	if (void 0 !== pub) return pub[property];
10	+	} else if (2 === kind) {
11	+	var priv = metadataForKey["private"];
12	+	if (void 0 !== priv) return priv.get(property);
13	+	} else if (Object.hasOwnProperty.call(metadataForKey, "constructor")) return metadataForKey.constructor;
14	+	},
15	+	setMetadata: function setMetadata(key, value) {
16	+	old_assertNotFinished(decoratorFinishedRef, "setMetadata"), old_assertMetadataKey(key);
17	+	var metadataForKey = metadataMap[key];
18	+	if (void 0 === metadataForKey && (metadataForKey = metadataMap[key] = {}), 1 === kind) {
19	+	var pub = metadataForKey["public"];
20	+	void 0 === pub && (pub = metadataForKey["public"] = {}), pub[property] = value;
21	+	} else if (2 === kind) {
22	+	var priv = metadataForKey.priv;
23	+	void 0 === priv && (priv = metadataForKey["private"] = new Map()), priv.set(property, value);
24	+	} else metadataForKey.constructor = value;
25	+	}
26	+	};
27	+	}
28	+	function old_convertMetadataMapToFinal(obj, metadataMap) {
29	+	var parentMetadataMap = obj[Symbol.metadata \|\| Symbol["for"]("Symbol.metadata")],
30	+	metadataKeys = Object.getOwnPropertySymbols(metadataMap);
31	+	if (0 !== metadataKeys.length) {
32	+	for (var i = 0; i < metadataKeys.length; i++) {
33	+	var key = metadataKeys[i],
34	+	metaForKey = metadataMap[key],
35	+	parentMetaForKey = parentMetadataMap ? parentMetadataMap[key] : null,
36	+	pub = metaForKey["public"],
37	+	parentPub = parentMetaForKey ? parentMetaForKey["public"] : null;
38	+	pub && parentPub && Object.setPrototypeOf(pub, parentPub);
39	+	var priv = metaForKey["private"];
40	+	if (priv) {
41	+	var privArr = Array.from(priv.values()),
42	+	parentPriv = parentMetaForKey ? parentMetaForKey["private"] : null;
43	+	parentPriv && (privArr = privArr.concat(parentPriv)), metaForKey["private"] = privArr;
44	+	}
45	+	parentMetaForKey && Object.setPrototypeOf(metaForKey, parentMetaForKey);
46	+	}
47	+	parentMetadataMap && Object.setPrototypeOf(metadataMap, parentMetadataMap), obj[Symbol.metadata \|\| Symbol["for"]("Symbol.metadata")] = metadataMap;
48	+	}
49	+	}
50	+	function old_createAddInitializerMethod(initializers, decoratorFinishedRef) {
51	+	return function (initializer) {
52	+	old_assertNotFinished(decoratorFinishedRef, "addInitializer"), old_assertCallable(initializer, "An initializer"), initializers.push(initializer);
53	+	};
54	+	}
55	+	function old_memberDec(dec, name, desc, metadataMap, initializers, kind, isStatic, isPrivate, value) {
56	+	var kindStr;
57	+	switch (kind) {
58	+	case 1:
59	+	kindStr = "accessor";
60	+	break;
61	+	case 2:
62	+	kindStr = "method";
63	+	break;
64	+	case 3:
65	+	kindStr = "getter";
66	+	break;
67	+	case 4:
68	+	kindStr = "setter";
69	+	break;
70	+	default:
71	+	kindStr = "field";
72	+	}
73	+	var metadataKind,
74	+	metadataName,
75	+	ctx = {
76	+	kind: kindStr,
77	+	name: isPrivate ? "#" + name : name,
78	+	isStatic: isStatic,
79	+	isPrivate: isPrivate
80	+	},
81	+	decoratorFinishedRef = {
82	+	v: !1
83	+	};
84	+	if (0 !== kind && (ctx.addInitializer = old_createAddInitializerMethod(initializers, decoratorFinishedRef)), isPrivate) {
85	+	metadataKind = 2, metadataName = Symbol(name);
86	+	var access = {};
87	+	0 === kind ? (access.get = desc.get, access.set = desc.set) : 2 === kind ? access.get = function () {
88	+	return desc.value;
89	+	} : (1 !== kind && 3 !== kind \|\| (access.get = function () {
90	+	return desc.get.call(this);
91	+	}), 1 !== kind && 4 !== kind \|\| (access.set = function (v) {
92	+	desc.set.call(this, v);
93	+	})), ctx.access = access;
94	+	} else metadataKind = 1, metadataName = name;
95	+	try {
96	+	return dec(value, Object.assign(ctx, old_createMetadataMethodsForProperty(metadataMap, metadataKind, metadataName, decoratorFinishedRef)));
97	+	} finally {
98	+	decoratorFinishedRef.v = !0;
99	+	}
100	+	}
101	+	function old_assertNotFinished(decoratorFinishedRef, fnName) {
102	+	if (decoratorFinishedRef.v) throw new Error("attempted to call " + fnName + " after decoration was finished");
103	+	}
104	+	function old_assertMetadataKey(key) {
105	+	if ("symbol" != _typeof(key)) throw new TypeError("Metadata keys must be symbols, received: " + key);
106	+	}
107	+	function old_assertCallable(fn, hint) {
108	+	if ("function" != typeof fn) throw new TypeError(hint + " must be a function");
109	+	}
110	+	function old_assertValidReturnValue(kind, value) {
111	+	var type = _typeof(value);
112	+	if (1 === kind) {
113	+	if ("object" !== type \|\| null === value) throw new TypeError("accessor decorators must return an object with get, set, or init properties or void 0");
114	+	void 0 !== value.get && old_assertCallable(value.get, "accessor.get"), void 0 !== value.set && old_assertCallable(value.set, "accessor.set"), void 0 !== value.init && old_assertCallable(value.init, "accessor.init"), void 0 !== value.initializer && old_assertCallable(value.initializer, "accessor.initializer");
115	+	} else if ("function" !== type) {
116	+	var hint;
117	+	throw hint = 0 === kind ? "field" : 10 === kind ? "class" : "method", new TypeError(hint + " decorators must return a function or void 0");
118	+	}
119	+	}
120	+	function old_getInit(desc) {
121	+	var initializer;
122	+	return null == (initializer = desc.init) && (initializer = desc.initializer) && "undefined" != typeof console && console.warn(".initializer has been renamed to .init as of March 2022"), initializer;
123	+	}
124	+	function old_applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, metadataMap, initializers) {
125	+	var desc,
126	+	initializer,
127	+	value,
128	+	newValue,
129	+	get,
130	+	set,
131	+	decs = decInfo[0];
132	+	if (isPrivate ? desc = 0 === kind \|\| 1 === kind ? {
133	+	get: decInfo[3],
134	+	set: decInfo[4]
135	+	} : 3 === kind ? {
136	+	get: decInfo[3]
137	+	} : 4 === kind ? {
138	+	set: decInfo[3]
139	+	} : {
140	+	value: decInfo[3]
141	+	} : 0 !== kind && (desc = Object.getOwnPropertyDescriptor(base, name)), 1 === kind ? value = {
142	+	get: desc.get,
143	+	set: desc.set
144	+	} : 2 === kind ? value = desc.value : 3 === kind ? value = desc.get : 4 === kind && (value = desc.set), "function" == typeof decs) void 0 !== (newValue = old_memberDec(decs, name, desc, metadataMap, initializers, kind, isStatic, isPrivate, value)) && (old_assertValidReturnValue(kind, newValue), 0 === kind ? initializer = newValue : 1 === kind ? (initializer = old_getInit(newValue), get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
145	+	get: get,
146	+	set: set
147	+	}) : value = newValue);else for (var i = decs.length - 1; i >= 0; i--) {
148	+	var newInit;
149	+	if (void 0 !== (newValue = old_memberDec(decs[i], name, desc, metadataMap, initializers, kind, isStatic, isPrivate, value))) old_assertValidReturnValue(kind, newValue), 0 === kind ? newInit = newValue : 1 === kind ? (newInit = old_getInit(newValue), get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
150	+	get: get,
151	+	set: set
152	+	}) : value = newValue, void 0 !== newInit && (void 0 === initializer ? initializer = newInit : "function" == typeof initializer ? initializer = [initializer, newInit] : initializer.push(newInit));
153	+	}
154	+	if (0 === kind \|\| 1 === kind) {
155	+	if (void 0 === initializer) initializer = function initializer(instance, init) {
156	+	return init;
157	+	};else if ("function" != typeof initializer) {
158	+	var ownInitializers = initializer;
159	+	initializer = function initializer(instance, init) {
160	+	for (var value = init, i = 0; i < ownInitializers.length; i++) value = ownInitializers[i].call(instance, value);
161	+	return value;
162	+	};
163	+	} else {
164	+	var originalInitializer = initializer;
165	+	initializer = function initializer(instance, init) {
166	+	return originalInitializer.call(instance, init);
167	+	};
168	+	}
169	+	ret.push(initializer);
170	+	}
171	+	0 !== kind && (1 === kind ? (desc.get = value.get, desc.set = value.set) : 2 === kind ? desc.value = value : 3 === kind ? desc.get = value : 4 === kind && (desc.set = value), isPrivate ? 1 === kind ? (ret.push(function (instance, args) {
172	+	return value.get.call(instance, args);
173	+	}), ret.push(function (instance, args) {
174	+	return value.set.call(instance, args);
175	+	})) : 2 === kind ? ret.push(value) : ret.push(function (instance, args) {
176	+	return value.call(instance, args);
177	+	}) : Object.defineProperty(base, name, desc));
178	+	}
179	+	function old_applyMemberDecs(ret, Class, protoMetadataMap, staticMetadataMap, decInfos) {
180	+	for (var protoInitializers, staticInitializers, existingProtoNonFields = new Map(), existingStaticNonFields = new Map(), i = 0; i < decInfos.length; i++) {
181	+	var decInfo = decInfos[i];
182	+	if (Array.isArray(decInfo)) {
183	+	var base,
184	+	metadataMap,
185	+	initializers,
186	+	kind = decInfo[1],
187	+	name = decInfo[2],
188	+	isPrivate = decInfo.length > 3,
189	+	isStatic = kind >= 5;
190	+	if (isStatic ? (base = Class, metadataMap = staticMetadataMap, 0 !== (kind -= 5) && (initializers = staticInitializers = staticInitializers \|\| [])) : (base = Class.prototype, metadataMap = protoMetadataMap, 0 !== kind && (initializers = protoInitializers = protoInitializers \|\| [])), 0 !== kind && !isPrivate) {
191	+	var existingNonFields = isStatic ? existingStaticNonFields : existingProtoNonFields,
192	+	existingKind = existingNonFields.get(name) \|\| 0;
193	+	if (!0 === existingKind \|\| 3 === existingKind && 4 !== kind \|\| 4 === existingKind && 3 !== kind) throw new Error("Attempted to decorate a public method/accessor that has the same name as a previously decorated public method/accessor. This is not currently supported by the decorators plugin. Property name was: " + name);
194	+	!existingKind && kind > 2 ? existingNonFields.set(name, kind) : existingNonFields.set(name, !0);
195	+	}
196	+	old_applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, metadataMap, initializers);
197	+	}
198	+	}
199	+	old_pushInitializers(ret, protoInitializers), old_pushInitializers(ret, staticInitializers);
200	+	}
201	+	function old_pushInitializers(ret, initializers) {
202	+	initializers && ret.push(function (instance) {
203	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(instance);
204	+	return instance;
205	+	});
206	+	}
207	+	function old_applyClassDecs(ret, targetClass, metadataMap, classDecs) {
208	+	if (classDecs.length > 0) {
209	+	for (var initializers = [], newClass = targetClass, name = targetClass.name, i = classDecs.length - 1; i >= 0; i--) {
210	+	var decoratorFinishedRef = {
211	+	v: !1
212	+	};
213	+	try {
214	+	var ctx = Object.assign({
215	+	kind: "class",
216	+	name: name,
217	+	addInitializer: old_createAddInitializerMethod(initializers, decoratorFinishedRef)
218	+	}, old_createMetadataMethodsForProperty(metadataMap, 0, name, decoratorFinishedRef)),
219	+	nextNewClass = classDecs[i](newClass, ctx);
220	+	} finally {
221	+	decoratorFinishedRef.v = !0;
222	+	}
223	+	void 0 !== nextNewClass && (old_assertValidReturnValue(10, nextNewClass), newClass = nextNewClass);
224	+	}
225	+	ret.push(newClass, function () {
226	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(newClass);
227	+	});
228	+	}
229	+	}
230	+	function applyDecs(targetClass, memberDecs, classDecs) {
231	+	var ret = [],
232	+	staticMetadataMap = {},
233	+	protoMetadataMap = {};
234	+	return old_applyMemberDecs(ret, targetClass, protoMetadataMap, staticMetadataMap, memberDecs), old_convertMetadataMapToFinal(targetClass.prototype, protoMetadataMap), old_applyClassDecs(ret, targetClass, staticMetadataMap, classDecs), old_convertMetadataMapToFinal(targetClass, staticMetadataMap), ret;
235	+	}
236	+	module.exports = applyDecs, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/applyDecs2203.js

1	+	var _typeof = require("./typeof.js")["default"];
2	+	function applyDecs2203Factory() {
3	+	function createAddInitializerMethod(initializers, decoratorFinishedRef) {
4	+	return function (initializer) {
5	+	!function (decoratorFinishedRef, fnName) {
6	+	if (decoratorFinishedRef.v) throw new Error("attempted to call " + fnName + " after decoration was finished");
7	+	}(decoratorFinishedRef, "addInitializer"), assertCallable(initializer, "An initializer"), initializers.push(initializer);
8	+	};
9	+	}
10	+	function memberDec(dec, name, desc, initializers, kind, isStatic, isPrivate, value) {
11	+	var kindStr;
12	+	switch (kind) {
13	+	case 1:
14	+	kindStr = "accessor";
15	+	break;
16	+	case 2:
17	+	kindStr = "method";
18	+	break;
19	+	case 3:
20	+	kindStr = "getter";
21	+	break;
22	+	case 4:
23	+	kindStr = "setter";
24	+	break;
25	+	default:
26	+	kindStr = "field";
27	+	}
28	+	var get,
29	+	set,
30	+	ctx = {
31	+	kind: kindStr,
32	+	name: isPrivate ? "#" + name : name,
33	+	"static": isStatic,
34	+	"private": isPrivate
35	+	},
36	+	decoratorFinishedRef = {
37	+	v: !1
38	+	};
39	+	0 !== kind && (ctx.addInitializer = createAddInitializerMethod(initializers, decoratorFinishedRef)), 0 === kind ? isPrivate ? (get = desc.get, set = desc.set) : (get = function get() {
40	+	return this[name];
41	+	}, set = function set(v) {
42	+	this[name] = v;
43	+	}) : 2 === kind ? get = function get() {
44	+	return desc.value;
45	+	} : (1 !== kind && 3 !== kind \|\| (get = function get() {
46	+	return desc.get.call(this);
47	+	}), 1 !== kind && 4 !== kind \|\| (set = function set(v) {
48	+	desc.set.call(this, v);
49	+	})), ctx.access = get && set ? {
50	+	get: get,
51	+	set: set
52	+	} : get ? {
53	+	get: get
54	+	} : {
55	+	set: set
56	+	};
57	+	try {
58	+	return dec(value, ctx);
59	+	} finally {
60	+	decoratorFinishedRef.v = !0;
61	+	}
62	+	}
63	+	function assertCallable(fn, hint) {
64	+	if ("function" != typeof fn) throw new TypeError(hint + " must be a function");
65	+	}
66	+	function assertValidReturnValue(kind, value) {
67	+	var type = _typeof(value);
68	+	if (1 === kind) {
69	+	if ("object" !== type \|\| null === value) throw new TypeError("accessor decorators must return an object with get, set, or init properties or void 0");
70	+	void 0 !== value.get && assertCallable(value.get, "accessor.get"), void 0 !== value.set && assertCallable(value.set, "accessor.set"), void 0 !== value.init && assertCallable(value.init, "accessor.init");
71	+	} else if ("function" !== type) {
72	+	var hint;
73	+	throw hint = 0 === kind ? "field" : 10 === kind ? "class" : "method", new TypeError(hint + " decorators must return a function or void 0");
74	+	}
75	+	}
76	+	function applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, initializers) {
77	+	var desc,
78	+	init,
79	+	value,
80	+	newValue,
81	+	get,
82	+	set,
83	+	decs = decInfo[0];
84	+	if (isPrivate ? desc = 0 === kind \|\| 1 === kind ? {
85	+	get: decInfo[3],
86	+	set: decInfo[4]
87	+	} : 3 === kind ? {
88	+	get: decInfo[3]
89	+	} : 4 === kind ? {
90	+	set: decInfo[3]
91	+	} : {
92	+	value: decInfo[3]
93	+	} : 0 !== kind && (desc = Object.getOwnPropertyDescriptor(base, name)), 1 === kind ? value = {
94	+	get: desc.get,
95	+	set: desc.set
96	+	} : 2 === kind ? value = desc.value : 3 === kind ? value = desc.get : 4 === kind && (value = desc.set), "function" == typeof decs) void 0 !== (newValue = memberDec(decs, name, desc, initializers, kind, isStatic, isPrivate, value)) && (assertValidReturnValue(kind, newValue), 0 === kind ? init = newValue : 1 === kind ? (init = newValue.init, get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
97	+	get: get,
98	+	set: set
99	+	}) : value = newValue);else for (var i = decs.length - 1; i >= 0; i--) {
100	+	var newInit;
101	+	if (void 0 !== (newValue = memberDec(decs[i], name, desc, initializers, kind, isStatic, isPrivate, value))) assertValidReturnValue(kind, newValue), 0 === kind ? newInit = newValue : 1 === kind ? (newInit = newValue.init, get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
102	+	get: get,
103	+	set: set
104	+	}) : value = newValue, void 0 !== newInit && (void 0 === init ? init = newInit : "function" == typeof init ? init = [init, newInit] : init.push(newInit));
105	+	}
106	+	if (0 === kind \|\| 1 === kind) {
107	+	if (void 0 === init) init = function init(instance, _init) {
108	+	return _init;
109	+	};else if ("function" != typeof init) {
110	+	var ownInitializers = init;
111	+	init = function init(instance, _init2) {
112	+	for (var value = _init2, i = 0; i < ownInitializers.length; i++) value = ownInitializers[i].call(instance, value);
113	+	return value;
114	+	};
115	+	} else {
116	+	var originalInitializer = init;
117	+	init = function init(instance, _init3) {
118	+	return originalInitializer.call(instance, _init3);
119	+	};
120	+	}
121	+	ret.push(init);
122	+	}
123	+	0 !== kind && (1 === kind ? (desc.get = value.get, desc.set = value.set) : 2 === kind ? desc.value = value : 3 === kind ? desc.get = value : 4 === kind && (desc.set = value), isPrivate ? 1 === kind ? (ret.push(function (instance, args) {
124	+	return value.get.call(instance, args);
125	+	}), ret.push(function (instance, args) {
126	+	return value.set.call(instance, args);
127	+	})) : 2 === kind ? ret.push(value) : ret.push(function (instance, args) {
128	+	return value.call(instance, args);
129	+	}) : Object.defineProperty(base, name, desc));
130	+	}
131	+	function pushInitializers(ret, initializers) {
132	+	initializers && ret.push(function (instance) {
133	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(instance);
134	+	return instance;
135	+	});
136	+	}
137	+	return function (targetClass, memberDecs, classDecs) {
138	+	var ret = [];
139	+	return function (ret, Class, decInfos) {
140	+	for (var protoInitializers, staticInitializers, existingProtoNonFields = new Map(), existingStaticNonFields = new Map(), i = 0; i < decInfos.length; i++) {
141	+	var decInfo = decInfos[i];
142	+	if (Array.isArray(decInfo)) {
143	+	var base,
144	+	initializers,
145	+	kind = decInfo[1],
146	+	name = decInfo[2],
147	+	isPrivate = decInfo.length > 3,
148	+	isStatic = kind >= 5;
149	+	if (isStatic ? (base = Class, 0 != (kind -= 5) && (initializers = staticInitializers = staticInitializers \|\| [])) : (base = Class.prototype, 0 !== kind && (initializers = protoInitializers = protoInitializers \|\| [])), 0 !== kind && !isPrivate) {
150	+	var existingNonFields = isStatic ? existingStaticNonFields : existingProtoNonFields,
151	+	existingKind = existingNonFields.get(name) \|\| 0;
152	+	if (!0 === existingKind \|\| 3 === existingKind && 4 !== kind \|\| 4 === existingKind && 3 !== kind) throw new Error("Attempted to decorate a public method/accessor that has the same name as a previously decorated public method/accessor. This is not currently supported by the decorators plugin. Property name was: " + name);
153	+	!existingKind && kind > 2 ? existingNonFields.set(name, kind) : existingNonFields.set(name, !0);
154	+	}
155	+	applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, initializers);
156	+	}
157	+	}
158	+	pushInitializers(ret, protoInitializers), pushInitializers(ret, staticInitializers);
159	+	}(ret, targetClass, memberDecs), function (ret, targetClass, classDecs) {
160	+	if (classDecs.length > 0) {
161	+	for (var initializers = [], newClass = targetClass, name = targetClass.name, i = classDecs.length - 1; i >= 0; i--) {
162	+	var decoratorFinishedRef = {
163	+	v: !1
164	+	};
165	+	try {
166	+	var nextNewClass = classDecs[i](newClass, {
167	+	kind: "class",
168	+	name: name,
169	+	addInitializer: createAddInitializerMethod(initializers, decoratorFinishedRef)
170	+	});
171	+	} finally {
172	+	decoratorFinishedRef.v = !0;
173	+	}
174	+	void 0 !== nextNewClass && (assertValidReturnValue(10, nextNewClass), newClass = nextNewClass);
175	+	}
176	+	ret.push(newClass, function () {
177	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(newClass);
178	+	});
179	+	}
180	+	}(ret, targetClass, classDecs), ret;
181	+	};
182	+	}
183	+	var applyDecs2203Impl;
184	+	function applyDecs2203(targetClass, memberDecs, classDecs) {
185	+	return (applyDecs2203Impl = applyDecs2203Impl \|\| applyDecs2203Factory())(targetClass, memberDecs, classDecs);
186	+	}
187	+	module.exports = applyDecs2203, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/applyDecs2203R.js

1	+	var _typeof = require("./typeof.js")["default"];
2	+	function createAddInitializerMethod(initializers, decoratorFinishedRef) {
3	+	return function (initializer) {
4	+	assertNotFinished(decoratorFinishedRef, "addInitializer"), assertCallable(initializer, "An initializer"), initializers.push(initializer);
5	+	};
6	+	}
7	+	function memberDec(dec, name, desc, initializers, kind, isStatic, isPrivate, value) {
8	+	var kindStr;
9	+	switch (kind) {
10	+	case 1:
11	+	kindStr = "accessor";
12	+	break;
13	+	case 2:
14	+	kindStr = "method";
15	+	break;
16	+	case 3:
17	+	kindStr = "getter";
18	+	break;
19	+	case 4:
20	+	kindStr = "setter";
21	+	break;
22	+	default:
23	+	kindStr = "field";
24	+	}
25	+	var get,
26	+	set,
27	+	ctx = {
28	+	kind: kindStr,
29	+	name: isPrivate ? "#" + name : name,
30	+	"static": isStatic,
31	+	"private": isPrivate
32	+	},
33	+	decoratorFinishedRef = {
34	+	v: !1
35	+	};
36	+	0 !== kind && (ctx.addInitializer = createAddInitializerMethod(initializers, decoratorFinishedRef)), 0 === kind ? isPrivate ? (get = desc.get, set = desc.set) : (get = function get() {
37	+	return this[name];
38	+	}, set = function set(v) {
39	+	this[name] = v;
40	+	}) : 2 === kind ? get = function get() {
41	+	return desc.value;
42	+	} : (1 !== kind && 3 !== kind \|\| (get = function get() {
43	+	return desc.get.call(this);
44	+	}), 1 !== kind && 4 !== kind \|\| (set = function set(v) {
45	+	desc.set.call(this, v);
46	+	})), ctx.access = get && set ? {
47	+	get: get,
48	+	set: set
49	+	} : get ? {
50	+	get: get
51	+	} : {
52	+	set: set
53	+	};
54	+	try {
55	+	return dec(value, ctx);
56	+	} finally {
57	+	decoratorFinishedRef.v = !0;
58	+	}
59	+	}
60	+	function assertNotFinished(decoratorFinishedRef, fnName) {
61	+	if (decoratorFinishedRef.v) throw new Error("attempted to call " + fnName + " after decoration was finished");
62	+	}
63	+	function assertCallable(fn, hint) {
64	+	if ("function" != typeof fn) throw new TypeError(hint + " must be a function");
65	+	}
66	+	function assertValidReturnValue(kind, value) {
67	+	var type = _typeof(value);
68	+	if (1 === kind) {
69	+	if ("object" !== type \|\| null === value) throw new TypeError("accessor decorators must return an object with get, set, or init properties or void 0");
70	+	void 0 !== value.get && assertCallable(value.get, "accessor.get"), void 0 !== value.set && assertCallable(value.set, "accessor.set"), void 0 !== value.init && assertCallable(value.init, "accessor.init");
71	+	} else if ("function" !== type) {
72	+	var hint;
73	+	throw hint = 0 === kind ? "field" : 10 === kind ? "class" : "method", new TypeError(hint + " decorators must return a function or void 0");
74	+	}
75	+	}
76	+	function applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, initializers) {
77	+	var desc,
78	+	init,
79	+	value,
80	+	newValue,
81	+	get,
82	+	set,
83	+	decs = decInfo[0];
84	+	if (isPrivate ? desc = 0 === kind \|\| 1 === kind ? {
85	+	get: decInfo[3],
86	+	set: decInfo[4]
87	+	} : 3 === kind ? {
88	+	get: decInfo[3]
89	+	} : 4 === kind ? {
90	+	set: decInfo[3]
91	+	} : {
92	+	value: decInfo[3]
93	+	} : 0 !== kind && (desc = Object.getOwnPropertyDescriptor(base, name)), 1 === kind ? value = {
94	+	get: desc.get,
95	+	set: desc.set
96	+	} : 2 === kind ? value = desc.value : 3 === kind ? value = desc.get : 4 === kind && (value = desc.set), "function" == typeof decs) void 0 !== (newValue = memberDec(decs, name, desc, initializers, kind, isStatic, isPrivate, value)) && (assertValidReturnValue(kind, newValue), 0 === kind ? init = newValue : 1 === kind ? (init = newValue.init, get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
97	+	get: get,
98	+	set: set
99	+	}) : value = newValue);else for (var i = decs.length - 1; i >= 0; i--) {
100	+	var newInit;
101	+	if (void 0 !== (newValue = memberDec(decs[i], name, desc, initializers, kind, isStatic, isPrivate, value))) assertValidReturnValue(kind, newValue), 0 === kind ? newInit = newValue : 1 === kind ? (newInit = newValue.init, get = newValue.get \|\| value.get, set = newValue.set \|\| value.set, value = {
102	+	get: get,
103	+	set: set
104	+	}) : value = newValue, void 0 !== newInit && (void 0 === init ? init = newInit : "function" == typeof init ? init = [init, newInit] : init.push(newInit));
105	+	}
106	+	if (0 === kind \|\| 1 === kind) {
107	+	if (void 0 === init) init = function init(instance, _init) {
108	+	return _init;
109	+	};else if ("function" != typeof init) {
110	+	var ownInitializers = init;
111	+	init = function init(instance, _init2) {
112	+	for (var value = _init2, i = 0; i < ownInitializers.length; i++) value = ownInitializers[i].call(instance, value);
113	+	return value;
114	+	};
115	+	} else {
116	+	var originalInitializer = init;
117	+	init = function init(instance, _init3) {
118	+	return originalInitializer.call(instance, _init3);
119	+	};
120	+	}
121	+	ret.push(init);
122	+	}
123	+	0 !== kind && (1 === kind ? (desc.get = value.get, desc.set = value.set) : 2 === kind ? desc.value = value : 3 === kind ? desc.get = value : 4 === kind && (desc.set = value), isPrivate ? 1 === kind ? (ret.push(function (instance, args) {
124	+	return value.get.call(instance, args);
125	+	}), ret.push(function (instance, args) {
126	+	return value.set.call(instance, args);
127	+	})) : 2 === kind ? ret.push(value) : ret.push(function (instance, args) {
128	+	return value.call(instance, args);
129	+	}) : Object.defineProperty(base, name, desc));
130	+	}
131	+	function applyMemberDecs(Class, decInfos) {
132	+	for (var protoInitializers, staticInitializers, ret = [], existingProtoNonFields = new Map(), existingStaticNonFields = new Map(), i = 0; i < decInfos.length; i++) {
133	+	var decInfo = decInfos[i];
134	+	if (Array.isArray(decInfo)) {
135	+	var base,
136	+	initializers,
137	+	kind = decInfo[1],
138	+	name = decInfo[2],
139	+	isPrivate = decInfo.length > 3,
140	+	isStatic = kind >= 5;
141	+	if (isStatic ? (base = Class, 0 !== (kind -= 5) && (initializers = staticInitializers = staticInitializers \|\| [])) : (base = Class.prototype, 0 !== kind && (initializers = protoInitializers = protoInitializers \|\| [])), 0 !== kind && !isPrivate) {
142	+	var existingNonFields = isStatic ? existingStaticNonFields : existingProtoNonFields,
143	+	existingKind = existingNonFields.get(name) \|\| 0;
144	+	if (!0 === existingKind \|\| 3 === existingKind && 4 !== kind \|\| 4 === existingKind && 3 !== kind) throw new Error("Attempted to decorate a public method/accessor that has the same name as a previously decorated public method/accessor. This is not currently supported by the decorators plugin. Property name was: " + name);
145	+	!existingKind && kind > 2 ? existingNonFields.set(name, kind) : existingNonFields.set(name, !0);
146	+	}
147	+	applyMemberDec(ret, base, decInfo, name, kind, isStatic, isPrivate, initializers);
148	+	}
149	+	}
150	+	return pushInitializers(ret, protoInitializers), pushInitializers(ret, staticInitializers), ret;
151	+	}
152	+	function pushInitializers(ret, initializers) {
153	+	initializers && ret.push(function (instance) {
154	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(instance);
155	+	return instance;
156	+	});
157	+	}
158	+	function applyClassDecs(targetClass, classDecs) {
159	+	if (classDecs.length > 0) {
160	+	for (var initializers = [], newClass = targetClass, name = targetClass.name, i = classDecs.length - 1; i >= 0; i--) {
161	+	var decoratorFinishedRef = {
162	+	v: !1
163	+	};
164	+	try {
165	+	var nextNewClass = classDecs[i](newClass, {
166	+	kind: "class",
167	+	name: name,
168	+	addInitializer: createAddInitializerMethod(initializers, decoratorFinishedRef)
169	+	});
170	+	} finally {
171	+	decoratorFinishedRef.v = !0;
172	+	}
173	+	void 0 !== nextNewClass && (assertValidReturnValue(10, nextNewClass), newClass = nextNewClass);
174	+	}
175	+	return [newClass, function () {
176	+	for (var i = 0; i < initializers.length; i++) initializers[i].call(newClass);
177	+	}];
178	+	}
179	+	}
180	+	function applyDecs2203R(targetClass, memberDecs, classDecs) {
181	+	return {
182	+	e: applyMemberDecs(targetClass, memberDecs),
183	+	get c() {
184	+	return applyClassDecs(targetClass, classDecs);
185	+	}
186	+	};
187	+	}
188	+	module.exports = applyDecs2203R, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/arrayLikeToArray.js

1	+	function _arrayLikeToArray(arr, len) {
2	+	if (len == null \|\| len > arr.length) len = arr.length;
3	+	for (var i = 0, arr2 = new Array(len); i < len; i++) arr2[i] = arr[i];
4	+	return arr2;
5	+	}
6	+	module.exports = _arrayLikeToArray, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/arrayWithHoles.js

1	+	function _arrayWithHoles(arr) {
2	+	if (Array.isArray(arr)) return arr;
3	+	}
4	+	module.exports = _arrayWithHoles, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/arrayWithoutHoles.js

1	+	var arrayLikeToArray = require("./arrayLikeToArray.js");
2	+	function _arrayWithoutHoles(arr) {
3	+	if (Array.isArray(arr)) return arrayLikeToArray(arr);
4	+	}
5	+	module.exports = _arrayWithoutHoles, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/assertThisInitialized.js

1	+	function _assertThisInitialized(self) {
2	+	if (self === void 0) {
3	+	throw new ReferenceError("this hasn't been initialised - super() hasn't been called");
4	+	}
5	+	return self;
6	+	}
7	+	module.exports = _assertThisInitialized, module.exports.__esModule = true, module.exports["default"] = module.exports;

■ ■ ■ ■ ■ ■

node_modules/@babel/runtime/helpers/asyncGeneratorDelegate.js

1	+	var OverloadYield = require("./OverloadYield.js");
2	+	function _asyncGeneratorDelegate(inner) {
3	+	var iter = {},
4	+	waiting = !1;
5	+	function pump(key, value) {
6	+	return waiting = !0, value = new Promise(function (resolve) {
7	+	resolve(inner[key](value));
8	+	}), {
9	+	done: !1,
10	+	value: new OverloadYield(value, 1)
11	+	};
12	+	}
13	+	return iter["undefined" != typeof Symbol && Symbol.iterator \|\| "@@iterator"] = function () {
14	+	return this;
15	+	}, iter.next = function (value) {
16	+	return waiting ? (waiting = !1, value) : pump("next", value);
17	+	}, "function" == typeof inner["throw"] && (iter["throw"] = function (value) {
18	+	if (waiting) throw waiting = !1, value;
19	+	return pump("throw", value);
20	+	}), "function" == typeof inner["return"] && (iter["return"] = function (value) {
21	+	return waiting ? (waiting = !1, value) : pump("return", value);
22	+	}), iter;
23	+	}
24	+	module.exports = _asyncGeneratorDelegate, module.exports.__esModule = true, module.exports["default"] = module.exports;

0.0.2-prealpha API integration