integrate cveXplore settings

helpers/helpers_emba_defaults.sh

@@ -121,8 +121,12 @@ set_defaults() {
   export UNBLOB=1 # additional extraction with unblob - https://github.com/onekey-sec/unblob
                   # currently the extracted results are not further used. The current implementation
                   # is for evaluation purposes
+
   export CVE_BLACKLIST="${CONFIG_DIR}"/cve-blacklist.txt  # include the blacklisted CVE values to this file
   export CVE_WHITELIST="${CONFIG_DIR}"/cve-whitelist.txt  # include the whitelisted CVE values to this file
+  export MONGODB_HOST="172.36.0.1"  # cveXplore mondodb host
+  # export MONGODB_PORT=27017  # cveXplore mondodb port
+
   export MODULE_BLACKLIST=()
   if [[ -f "${CONFIG_DIR}"/module_blacklist.txt ]]; then
     readarray -t MODULE_BLACKLIST < "${CONFIG_DIR}"/module_blacklist.txt

helpers/helpers_emba_dependency_check.sh

@@ -71,17 +71,17 @@ check_dep_port()
 check_docker_env() {
   TOOL_NAME="MongoDB"
   print_output "    ""${TOOL_NAME}"" - \\c" "no_log"
-  if ! grep -q "bindIp: 172.36.0.1" /etc/mongod.conf; then
+  if ! grep -q "bindIp: ${MONGODB_HOST}" /etc/mongod.conf; then
     echo -e "${RED}""not ok""${NC}"
     echo -e "${RED}""    Wrong ""mongodb config"" - check your installation""${NC}"
-    echo -e "${RED}""    RE-run installation - bindIp should be set to 172.36.0.1""${NC}"
+    echo -e "${RED}""    RE-run installation - bindIp should be set to ${MONGODB_HOST}""${NC}"
     DEP_ERROR=1
   else
     echo -e "${GREEN}""ok""${NC}"
   fi
   TOOL_NAME="Docker Interface"
   print_output "    ""${TOOL_NAME}"" -""${RED}"" \\c" "no_log"
-  if ! ip a show emba_runs | grep -q "172.36.0.1" ; then
+  if ! ip a show emba_runs | grep -q "${MONGODB_HOST}" ; then
     echo -e "${RED}""    Missing ""Docker-Interface"" - check your installation""${NC}"
     if [[ "${WSL}" -eq 1 ]]; then
       echo -e "${RED}""    Is dockerd running (e.g., sudo dockerd --iptables=false &)""${NC}"
@@ -91,7 +91,7 @@ check_docker_env() {
         echo -e "${ORANGE}""    Trying to auto-maintain the docker interface ...""${NC}"
         systemctl restart NetworkManager docker
       fi
-      if ! ip a show emba_runs | grep -q "172.36.0.1" ; then
+      if ! ip a show emba_runs | grep -q "${MONGODB_HOST}" ; then
         echo -e "${RED}""    Use  \$systemctl restart NetworkManager docker or reset the docker interface manually (\$ docker network rm emba_runs)""${NC}"
         DEP_ERROR=1
       else
@@ -105,7 +105,7 @@ check_docker_env() {
 }
 
 check_nw_interface() {
-  if ! ip a show emba_runs | grep -q "172.36.0.1" ; then
+  if ! ip a show emba_runs | grep -q "${MONGODB_HOST}" ; then
     echo -e "${RED}""    Network interface not available"" - trying to restart now""${NC}"
     systemctl restart NetworkManager docker
     echo -e "${GREEN}""    docker-networks restarted""${NC}"

installer.sh

@@ -55,6 +55,9 @@ export UBUNTU_OS=0
 export WSL=0
 export GH_ACTION=0
 export SSL_REPOS=0
+# cve_search
+export MONGODB_HOST="172.36.0.1"
+# export MONGODB_PORT=27017
 
 ## Color definition
 export RED="\033[0;31m"

installer/IF20_cve_search.sh

@@ -78,12 +78,12 @@ IF20_cve_search() {
       pip_install "dnspython==2.2.1"
       pip_install "Werkzeug"
       pip_install "python-dateutil"
-      pip_install "CveXplore==0.3.14"
+      pip_install "CveXplore==0.3.15"
 
       REDIS_PW="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13 || true)"
 
       echo -e "[*] Setting up CVE-search environment - ./external/cve-search/etc/configuration.ini"
-      sed -zE 's/localhost([^\n]*\n[^\n]*27017)/172.36.0.1\1/' ./etc/configuration.ini.sample | tee ./etc/configuration.ini &>/dev/null
+      sed -zE "s/localhost([^\n]*\n[^\n]*27017)/${MONGODB_HOST}\1/" ./etc/configuration.ini.sample | tee ./etc/configuration.ini &>/dev/null
       # we do not use the web server. In case someone enables it we have a good default configuration in place:
       sed -i "s/^Debug:\ True/Debug:\ False/g" ./etc/configuration.ini
       sed -i "s/^LoginRequired:\ False/LoginRequired:\ True/g" ./etc/configuration.ini
@@ -150,7 +150,7 @@ IF20_cve_search() {
           if ! [[ -f /etc/mongod.conf ]]; then
             echo "Could not install EMBA component mongod - missing mongod.conf file" && exit 1
           fi
-          sed -i 's/bindIp\:\ 127.0.0.1/bindIp\:\ 172.36.0.1/g' /etc/mongod.conf
+          sed -i "s/bindIp\:\ 127.0.0.1/bindIp\:\ ${MONGODB_HOST}/g" /etc/mongod.conf
 
           if [[ "${WSL}" -eq 0 ]]; then
             systemctl daemon-reload

installer/R00_emba_remove.sh

@@ -52,7 +52,7 @@ R00_emba_remove() {
   fi
   if [[ -f /etc/mongod.conf ]]; then
     echo -e "\\n""${ORANGE}""Removing EMBAs mongod configuration""${NC}"
-    sed -i 's/bindIp\:\ 172.36.0.1/bindIp\:\ 127.0.0.1/g' /etc/mongod.conf    # inverse of IF20 line 118
+    sed -i "s/bindIp\:\ ${MONGODB_HOST}/bindIp\:\ 127.0.0.1/g" /etc/mongod.conf    # inverse of IF20 line 118
   fi
   if [[ -f /etc/apt/sources.list.d/mongodb-org-4.4.list ]]; then
     echo -e "\\n""${ORANGE}""Removing mongod sources.list configuration""${NC}"