{
"127.0.0.1":{
"addresses":{
"ipv4":"127.0.0.1"
},
"hostnames":[
{
"name":"localhost",
"type":"PTR"
}
],
"status":{
"reason":"conn-refused",
"state":"up"
},
"tcp":{
"5000":{
"conf":"10",
"cpe":"cpe:/a:python:python:3.9.2",
"extrainfo":"Python 3.9.2",
"name":"http",
"product":"Werkzeug httpd",
"reason":"syn-ack",
"script":{
"vulners":"n cpe:/a:python:python:3.9.2: n tCVE-2021-29921t7.5thttps://vulners.com/cve/CVE-2021-29921n tCVE-2021-23336t4.0thttps://vulners.com/cve/CVE-2021-23336n tMSF:ILITIES/DEBIAN-CVE-2021-3426/t2.7thttps://vulners.com/metasploit/MSF:ILITIES/DEBIAN-CVE-2021-3426/t*EXPLOIT*n tCVE-2021-3426t2.7thttps://vulners.com/cve/CVE-2021-3426"
},
"state":"open",
"version":"1.0.1"
},
"6000":{
"conf":"10",
"cpe":"cpe:/a:python:python:3.9.2",
"extrainfo":"Python 3.9.2",
"name":"http",
"product":"Werkzeug httpd",
"reason":"syn-ack",
"script":{
"vulners":"n cpe:/a:python:python:3.9.2: n tCVE-2021-29921t7.5thttps://vulners.com/cve/CVE-2021-29921n tCVE-2021-23336t4.0thttps://vulners.com/cve/CVE-2021-23336n tMSF:ILITIES/DEBIAN-CVE-2021-3426/t2.7thttps://vulners.com/metasploit/MSF:ILITIES/DEBIAN-CVE-2021-3426/t*EXPLOIT*n tCVE-2021-3426t2.7thttps://vulners.com/cve/CVE-2021-3426"
},
"state":"open",
"version":"1.0.1"
}
},
"vendor":{
}
}
}
I want to extract "vulners" value here i tried this –
results = []
for x in collection.find({},{"scan": 1, "_id": 0 }):
results.append(json.loads(json_util.dumps(x)))
portnumber = []
datay = []
datapro = []
for result in results:
ips = result['scan']
for ip in ips:
ports = result['scan'][ip]['tcp']
ipdomain = result['scan'][ip]['hostnames']
for ip2 in ipdomain:
ip3 = ip2['name']
for port in ports:
portnumber.append(port)
datax = ports[port]['script']
datay.append(datax)
datapro2 = ports[port]['product']
datapro.append(datapro2)
date = datetime.datetime.now()
date_now = date.strftime("%x, %X")
pass_json_var = {'domain': ip3, 'ports': portnumber, 'product': datapro, 'vulnerabilities': datay, "date": date_now}
if isinstance(pass_json_var, list):
domaindata.insert_many(pass_json_var)
else:
domaindata.insert_one(pass_json_var)
Ok so here if the "results" output gives me one "vulners" value then it works fine but when it’s multiple ports with vulners values it doesn’t work!
How can i access the ‘vulners’ value? Hoping for someone to guide me also a bit, Please try to give a solution which is dynamic
Thanks a lot!
3
Answers
Model based approach
this approach is based on a model of your data you want to parse. From my point of view this is more work in the beginning. With the advantage, that you will have clean error messages and you can control the behaviour by adapting your data model.
3.1 this should give you the expected result
3.2 this should throw an exception
Search data with jsonpath
should return all objects with the name vulners
Update:
So this is the solution! i had to iterate over script and then access vulner!