FutureVuls APIサンプル#

FutureVuls API を利用する場合に、curl を使って FutureVuls API にアクセスする方法を紹介します。

各種一覧には、フィルタも用意されているため、フィルタを利用してのアクセスも可能です。

トークン表示

以下のサンプルコードにおいて、xxxxxxxxxxxxx にはAPIトークンの値が入ります。利用する際には適切に置き換えて実行してください。

脆弱性一覧取得#

$ curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/cves' | jq

{
  "paging": {
    "totalPage": 8,
    "offset": 0,
    "page": 1,
    "limit": 20,
    "totalCount": 158
  },
  "cves": [
    {
      "cveID": "CVE-2016-3191",
      "scoreV2s": {
      "jvn": 7.5,
      "nvd": 7.5
    },
    "scoreV3s": {
      "nvd": 9.8
    },
    "vectorV2s":
    ...
    ...

サーバ一覧取得#

$ curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/servers' | jq

{
  "paging": {
    "totalPage": 1,
    "offset": 0,
    "page": 1,
    "limit": 20,
    "totalCount": 2
  },
  "servers": [
    {
      "id": 21384,
      "serverUuid": "",
      "hostUuid": "",
      "serverName": "ip-192-168-0-188",
      "serverIpv4": "192.168.0.188",
      "platformName": "aws",
      "platformInstanceId": "",
      "serverroleId": 1522,
      "serverroleName": "default",
      "osFamily": "amazon",
      "osVersion": "2017.03",
      "needKernelRestart": false,
      "lastScannedAt": "2018-12-17T00:05:22.376924Z",
      "lastUploadedAt": "2018-12-17T00:05:28.254655Z",
      "tags": [
        {
          "id": 363,
          "name": "tag1"
        }
      ],
      "successScanCount": 12,
      "createdAt": "2018-11-22T07:16:35.665921Z",
      "updatedAt": "2018-12-17T00:05:28.289345Z"
    },
    {
      "id": 23772,
      "serverUuid": "",
      "hostUuid": "",
      "serverName": "dummy-server",
      "serverIpv4": "",
      "platformName": "",
      "platformInstanceId": "",
      "serverroleId": 1522,
      "serverroleName": "default",
      "osFamily": "pseudo",
      "osVersion": "unknown",
      "needKernelRestart": false,
      "lastScannedAt": "2018-12-16T22:06:16.629504Z",
      "lastUploadedAt": "2018-12-16T22:08:52.065021Z",
      "successScanCount": 14,
      "createdAt": "2018-12-03T07:34:01.676822Z",
      "updatedAt": "2018-12-16T22:08:52.071344Z"
    }
  ]
}

ペーストサーバ作成#

ペーストサーバの詳細は「スキャンのマニュアル」を参照してください。

また、ペーストスキャンの対応環境は以下を参照してください。

以下のパラメータをリクエストボディに指定する必要があります。パラメータの取得方法は以下を参照してください。

パラメータ	タイプ	Required
serverName	登録するサーバの名前	yes
osFamily	OSの種類	yes
osVersion	以下詳細	yes
kernelRelease	以下詳細	yes
kernelVersion	Windows, Debianのみ	ー
pkgPasteText	以下詳細	ー
windowsPkgPasteText	Windowsのみ	ー

ペーストサーバ作成 API に必要なコマンド

WindowsRed Hat Enterprise LinuxAmazonDebianUbuntuFedoraAlmaRockyOracleOpenSUSE、SLES、SLED

Info	Command
serverName	登録するサーバの名前
osFamily	windows
osVersion	""（空文字を指定する）
kernelRelease	（`Edition` から選択して入力する）
kernelVersion	`$CurrentVersion = (Get-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion"); @($CurrentVersion.CurrentMajorVersionNumber, $CurrentVersion.CurrentMinorVersionNumber, $CurrentVersion.CurrentBuildNumber, $CurrentVersion.UBR) -join '.'`
pkgPasteText	`(Get-Hotfix \| Select-Object -Property HotFixID \| % { If ($_ -match '(KB\d{6,7})') { $Matches[0] }}) -Join ','`
windowsPkgPasteText	`Get-Package \| Format-List -Property Name, Version, ProviderName`

Edition（クリックで表示/非表示）

name
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for HoloLens
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for HoloLens
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for HoloLens
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for HoloLens
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 21H2 for ARM64-based Systems
Windows 11 Version 21H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows Server 2016
Windows Server 2016 for x64-based Systems
Windows Server 2016 for x64-based Systems (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2022 (Server Core installation)

Info	Command
serverName	登録するサーバの名前
osFamily	redhat
osVersion	`awk '{print $6}' /etc/redhat-release`
kernelRelease	`uname -r`
kernelVersion	`cat /etc/redhat-release`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	amazon
osVersion	`awk '{if ($0 ~ /Amazon Linux release (2022\\|2023)/) print $4; else if ($0 ~ /Amazon Linux release 2/) printf("%s %s\n",$4, $5); else if ($0 ~ /Amazon Linux 2/) for (i=3; i<=NF; i++) printf("%s ", $i); else if (NF==5) print $5}' /etc/system-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{MODULARITYLABEL} %{SOURCERPM}\n"`
pkgPasteText if version is 2	`repoquery --all --pkgnarrow=installed --qf="%{NAME} %{EPOCH} %{VERSION} %{RELEASE} %{ARCH} %{UI_FROM_REPO} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	debian
osVersion	`cat /etc/debian_version`
kernelRelease	`uname -r`
kernelVersion	`dpkg-query -W -f="\${Version}\n" linux-image-$(uname -r)`
pkgPasteText	`dpkg-query -W -f="\${binary:Package},\${db:Status-Abbrev},\${Version},\${source:Package},\${source:Version}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	ubuntu
osVersion	`lsb_release -sr \\| awk '{print $1}'`
kernelRelease	`uname -r`
pkgPasteText	`dpkg-query -W -f="\${binary:Package},\${db:Status-Abbrev},\${Version},\${source:Package},\${source:Version}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	fedra
osVersion	`awk '{print $3}' /etc/fedora-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	alma
osVersion	`awk '{print $3}' /etc/redhat-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	rocky
osVersion	`awk '{print $4}' /etc/redhat-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	oracle
osVersion	`awk '{print $5}' /etc/oracle-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Info	Command
serverName	登録するサーバの名前
osFamily	・opensuse ・opensuse.leap ・suse.linux.enterprise.server ・suse.linux.enterprise.desktop
osVersion	`grep -oP '(?<=VERSION_ID=").+(?=")' /etc/os-release`
kernelRelease	`uname -r`
pkgPasteText	`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{SOURCERPM}\\\n"`

Ubuntuサーバの登録#

$ curl -s -X POST 'https://rest.vuls.biz/v1/server/paste' \
  -H 'Content-Type: application/json' \
  -H 'accept: application/json' \
  -H 'Authorization:xxxxxxxxxxxxx' \
  -d '{
    "serverName":"vuls-paste-server-ubuntu",
    "osFamily":"ubuntu",
    "kernelRelease":"5.15.133.1",
    "osVersion":"22.04",
    "pkgPasteText":"hostname,ii ,3.23ubuntu2,,3.23ubuntu2\n dpkg,ii ,1.21.1ubuntu2.3,,1.21.1ubuntu2.3\n grep,ii ,3.7-1build1,,3.7-1build1"
  }'

Windowsサーバの登録#

$ curl -s -X POST 'https://rest.vuls.biz/v1/server/paste' \
  -H 'Content-Type: application/json' \
  -H 'accept: application/json' \
  -H 'Authorization:xxxxxxxxxxxxx' \
  -d '{
    "serverName":"vuls-paste-server-windows",
    "osFamily":"windows",
    "osVersion": "",
    "kernelRelease": "Windows Server 2022",
    "kernelVersion":"10.0.19045.4412",
    "pkgPasteText":"KB5036608,KB5012170,KB5015684,KB5037768,KB5014032,KB5020372",
    "windowsPkgPasteText":"Name    :Docker Desktop\nVersion : 4.25.1\nProviderName : Programs\nName    : Everything 1.4.1.1022 (x64)\nVersion : 1.4.1.1022\nProviderName : Programs\nName    : Git\nVersion : 2.37.0\nProviderName : Programs"
  }'

Lockファイル追加#

パラメータ	説明	備考
serverID	Lockファイルを追加するサーバのID	serverIDの取得方法
path	Lockファイルのパスとファイル名	サポートされているLockファイル
fileContent	Lockファイルの内容

curl -s -X POST -H 'Content-Type: application/json' -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/lockfile' -d '{ "serverID": 192730, "path": "/REST_API/go.sum", "fileContent": "github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=\n github.com/go-gitea/gitea v1.2.3 h1:L0SC8kIr3+UnxNAte9M9bmdQ8Bdrc6I5b4Zuz/T+NCw=\n github.com/go-gitea/gitea v1.2.3/go.mod h1:g8iUbfFNyuJp8u7GsSggxI8NQyuxeGTyqxogl3imbQM=\n github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=\n github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=\n golang.org/x/crypto v0.0.0-20180820150726-614d502a4dac/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=\n golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=\n golang.org/x/crypto v0.0.0-20190122013713-64072686203f/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=\n golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=\n golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M=\n golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=\n golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=\n golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=\n golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20190927123631-a832865fa7ad/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=\n golang.org/x/crypto v0.0.0-20191119213627-4f8c1d86b1ba h1:9bFeDpN3gTqNanMVqNcoR/pJQuP5uroC3t1D7eXozTE=\n golang.org/x/crypto v0.0.0-20191119213627-4f8c1d86b1ba/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=\n gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=\n gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=\n gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=\n gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=\n"}'

タスク一覧取得#

$ curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/tasks?filterStatus=new&&filterStatus=investigating&&filterStatus=ongoing&&filterStatus=workaround&&filterStatus=patch_applied' | jq

{
  "paging": {
    "totalPage": 8,
    "offset": 0,
    "page": 1,
    "limit": 20,
    "totalCount": 157
  },
  "tasks": [
    {
      "id": 1331193,
      "cveID": "CVE-2014-9402",
      "serverID": 21384,
      "serverUuid": "",
      "serverName": "ip-192-168-0-188",
      "serverTags": [
        "tag1"
      ],
      "osFamily": "amazon",
      "osVersion": "2017.03",
      "roleID": 1522,
      "roleName": "default",
      "hasExploit": false,
      "hasMitigation": false,
      "hasWorkaround": false,
      "pkgCpeNames": [
        "glibc",
        "glibc-common",
        "glibc-devel",
        "glibc-headers"
      ],
      "pkgNotFixedYet": false,
      "applyingPatchOn": "1970-01-01T00:00:00Z",
      "status": "new",
      "priority": "none",
      "ignore": false,
      "detectionTools": [
        {
          "name": "vuls"
        }
      ],
      "advisoryIDs": [
        "ALAS-2018-1017"
      ],
      "createdAt": "2018-11-22T07:16:39.677041Z",
      "updatedAt": "2018-12-17T00:05:28.289345Z"
    },
    {
      "id": 1331194,
      "cveID": "CVE-2015-5180",
      "serverID": 21384,
      "serverUuid": "",
      "serverName": "ip-192-168-0-188",
      "serverTags": [
        "tag1"
      ],
      "osFamily": "amazon",
      "osVersion": "2017.03",
      "roleID": 1522,"
      ...
      ...

タスク一覧APIで取得できるステータス

タスク一覧の取得 API は、デフォルトでは status=["new", "investigation", "ongoing"] のみを取得します。すべてのステータスを取得するには、filterStatus ですべてのステータスを指定する必要があります。

Available values : new, investigating, ongoing, defer, not_affected, risk_accepted, workaround, patch_applied
Default value : List [ "new", "investigating", "ongoing" ]

パラメータを用いたフィルタ#

タスクの作成された日（初回検知日時）でフィルタする場合を紹介します。

日付フィルタなし#

curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/tasks?limit=1000'

日本時間の2024年5月17日以降に作成されたタスクの取得#

curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/tasks?limit=1000&filterNewedAtAfter=2024-05-16T15:00:00Z'

# ex. タスク数をカウントしたい場合
curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/tasks?limit=1000&filterNewedAtAfter=2024-05-16T15:00:00Z' | jq .tasks[].newedAt | wc -l

日本時間の2024年5月17日から2024年5月23日の間に作成されたタスクの取得#

curl -s -H 'accept: application/json' -H 'Authorization:xxxxxxxxxxxxx' 'https://rest.vuls.biz/v1/tasks?limit=1000&filterNewedAtAfter=2024-05-16T00:00:00Z&filterNewedAtBefore=2024-05-22T15:00:00Z'