diff --git a/app/controllers/inthewild_cve_exploits_controller.rb b/app/controllers/inthewild_cve_exploits_controller.rb
new file mode 100644
index 0000000..6ed6ef4
--- /dev/null
+++ b/app/controllers/inthewild_cve_exploits_controller.rb
@@ -0,0 +1,10 @@
+class InthewildCveExploitsController < ApplicationController
+ def index
+ @cves = InthewildCveExploit.all
+ end
+
+ def show
+ @cve = InthewildCveExploit.find_by(:id => params[:cve_id])
+ render json: @poc.to_json
+ end
+end
diff --git a/app/models/inthewild_cve_exploit.rb b/app/models/inthewild_cve_exploit.rb
new file mode 100644
index 0000000..6f060bd
--- /dev/null
+++ b/app/models/inthewild_cve_exploit.rb
@@ -0,0 +1,2 @@
+class InthewildCveExploit < ActiveRecord::Base
+end
diff --git a/app/views/inthewild_cve_exploits/index.html.erb b/app/views/inthewild_cve_exploits/index.html.erb
new file mode 100644
index 0000000..3aa41fe
--- /dev/null
+++ b/app/views/inthewild_cve_exploits/index.html.erb
@@ -0,0 +1,2 @@
+InthewildCveExploits#index
+
diff --git a/app/views/inthewild_cve_exploits/show.html.erb b/app/views/inthewild_cve_exploits/show.html.erb
new file mode 100644
index 0000000..cebbbaf
--- /dev/null
+++ b/app/views/inthewild_cve_exploits/show.html.erb
@@ -0,0 +1,2 @@
+ @cves
+
diff --git a/config/routes.rb b/config/routes.rb
index cd68446..f29951e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -10,4 +10,6 @@ Rails.application.routes.draw do
get "/github_pocs", to: "github_pocs#index"
get "/github_pocs/:id", to: "github_pocs#show"
get "/github_pocs/cve/:cve_id", to: "github_pocs#show_for_cve"
+
+ get "inthewild/cve/:cve_id", to: "inthewild_exploitations#show"
end
diff --git a/db/migrate/20220406064613_inthewild_cve_exploits.rb b/db/migrate/20220406064613_inthewild_cve_exploits.rb
new file mode 100644
index 0000000..773f13e
--- /dev/null
+++ b/db/migrate/20220406064613_inthewild_cve_exploits.rb
@@ -0,0 +1,8 @@
+class InthewildCveExploits < ActiveRecord::Migration[7.0]
+ def change
+ create_table :inthewild_cve_exploits do |t|
+ t.string :cve_id
+ t.date :earliest_report
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index c264dfa..8a6816a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[7.0].define(version: 2022_04_04_150811) do
+ActiveRecord::Schema[7.0].define(version: 2022_04_06_064613) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@@ -39,4 +39,34 @@ ActiveRecord::Schema[7.0].define(version: 2022_04_04_150811) do
t.index ["cve_id"], name: "index_cves_on_cve_id", unique: true
end
+ create_table "github_pocs", force: :cascade do |t|
+ t.integer "github_poc_id"
+ t.string "cve_id", default: "None"
+ t.string "name"
+ t.string "full_name"
+ t.jsonb "owner"
+ t.string "html_url"
+ t.string "description"
+ t.boolean "fork"
+ t.date "created_at"
+ t.date "updated_at"
+ t.date "pushed_at"
+ t.integer "stargazers_count"
+ t.integer "watchers_count"
+ t.integer "forks_count"
+ t.boolean "allow_forking"
+ t.boolean "is_template"
+ t.string "topics", array: true
+ t.string "visibility"
+ t.integer "forks"
+ t.integer "watchers"
+ t.integer "score"
+ t.index ["github_poc_id"], name: "index_github_pocs_on_github_poc_id", unique: true
+ end
+
+ create_table "inthewild_cve_exploits", force: :cascade do |t|
+ t.string "cve_id"
+ t.date "earliest_report"
+ end
+
end
diff --git a/db/seeds.rb b/db/seeds.rb
index d93bb35..16931cd 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -8,8 +8,37 @@
require '/data_importer/lib/cpe_importer.rb'
require '/data_importer/lib/cve_list_importer.rb'
+require '/data_importer/lib/poc_in_github_importer.rb'
+require '/data_importer/lib/inthewild_cve_exploit_importer.rb'
-# this should get any new Cves and create them in the db
-CveListImporter.new.import
-# this should recreate CPE data
-CpeImporter.download_and_import
\ No newline at end of file
+def line_sep
+ puts '----------' * 12
+end
+
+def perform
+ import_cves
+ import_github_pocs
+ import_cpes
+end
+
+def import_cves
+ line_sep
+ CveListImporter.new.import
+end
+
+def import_cpes
+ line_sep
+ CpeImporter.download_and_import
+end
+
+def import_github_pocs
+ line_sep
+ PocInGithubImporter.new.import
+end
+
+def import_inthewild_cve_exploits
+ line_sep
+ InthewildCveExploitImporter.new.import
+end
+
+import_inthewild_cve_exploits
\ No newline at end of file
diff --git a/lib/cpe_importer.rb b/lib/cpe_importer.rb
index 2b81adc..1428dd0 100644
--- a/lib/cpe_importer.rb
+++ b/lib/cpe_importer.rb
@@ -2,7 +2,6 @@
require 'bulk_insert'
require 'nokogiri'
-require 'net/http'
# use this to import CPE data into postgres database
class CpeImporter
diff --git a/lib/cve_list_importer.rb b/lib/cve_list_importer.rb
index 8c27811..f9cc64f 100644
--- a/lib/cve_list_importer.rb
+++ b/lib/cve_list_importer.rb
@@ -72,6 +72,7 @@ class CveListImporter
git_clone_repo
end
+ puts "Now starting import for CveList."
(1999..Date.today.year).map do |year|
cves_from_json = cves_for_year(year)
diff --git a/lib/inthewild_cve_exploit_importer.rb b/lib/inthewild_cve_exploit_importer.rb
new file mode 100644
index 0000000..e126c6c
--- /dev/null
+++ b/lib/inthewild_cve_exploit_importer.rb
@@ -0,0 +1,47 @@
+require 'bulk_insert'
+require 'json'
+
+class InthewildCveExploitImporter
+ attr_accessor :url
+ def initialize
+ @url = 'https://inthewild.io/api/exploited'
+ end
+
+ def get_exploit_feed
+ r = RestClient::Request.execute(
+ :method => :get,
+ :url => url,
+ :headers => {"Content-type": "application/json"}
+ )
+ if r.code == 200
+ JSON.parse(r.body)
+ else
+ puts "HTTP Code #{r.code}"
+ end
+ end
+
+ def cve_attrs_from_item(json)
+ cve_attrs = {}
+ cve_attrs[:cve_id] = json['id']
+ cve_attrs[:earliest_report] = json['earliestReport']
+ cve_attrs
+ end
+
+ def bulk_insert(cves)
+ InthewildCveExploit.bulk_insert do |worker|
+ cves.each do |attrs|
+ worker.add(attrs)
+ end
+ end
+ end
+
+ def import
+ feed = get_exploit_feed
+ puts "Now importing InthewildCveExploits."
+ cves = feed.map do |cve_entry|
+ cve_attrs_from_item(cve_entry)
+ end
+
+ bulk_insert(cves)
+ end
+end
\ No newline at end of file