New vulnersBot for Telegram with advanced searches and subscriptions

Vulners.com team have recently presented a new version of vulnerability intelligence bot for Telegram messenger. Now you can search for vulnerabilities and other security content by talking with bot.

Searches

For example, I’ve heard about new critical vulnerability in Samba called SambaCry by analogy with famous WannaCry. Let’s see what Vulners knows about it.

SambaCry Vulners Bot Search

Ok, I see it has id CVE-2017-7494. Do we have exploits related to this vulnerability?
cvelist:CVE-2017-7494 AND bulletinFamily:”exploit”

Exploit search

Even in Metasploit! Seems to be critical. Do we already have patches for CentOS 6 and 7?
cvelist:CVE-2017-7494 AND type:centos

Centos patches

Yep, we can now make a task to IT department to update it.

NB: Did you know that critical patches for CentOS 5 were available till the March 31 2017? CentOS 5 is officially dead and if you still use it you should migrate to supported distribution ASAP.

Can we already detect this vulnerability using vulnerability scanners?
cvelist:CVE-2017-7494 AND bulletinFamily:”scanner” AND title:CentOS

Nessus plugins

Two authenticated checks for Nessus. Not bad. If you have configured regular vulnerability scans of your infrastructure, you can get the list of vulnerable hosts from the existing scan results. Or you can perform a new scan task with only this two active plugins in the scan policy.

Subscriptions

However, this vulnerability is interesting and I would like to get new information about it as soon as it will be available in Vulners. I want to subscribe to cvelist:CVE-2017-7494 OR SambaCry. Checking the request:

CVE or SambaCry

And making a new subscription. Available commands:

vulnersBot commands

I choose /subscription

Subscription menu

“Add new subscription”:

New subscription custom query

“Custom query”:

Query input

Subscription delivery format. I choose “Text”:

How often I would like to receive messages. “As soon as possible”:

Subscription interval

Approve the subscription:

If the subscription is correct

subsription created

When Vulners will get a new object matched by this query, vulnersBot will send me a notification like this one:

Vulners notification

And if I would like to delete this subscription, I will write /subscription and choose “Edit current subscription”. Bot will show me my current subscriptions:

Manage subscriptions

Each of them I can Activate, Deactivate or Delete:

Subscription actions

As you can see, I have also a subscription “Blogs review”. It’s one of the standard templates that you can choose in vulnersBot. It is the same as bulletinFamily:blog

Vulners aggregates posts from 13 “blog” sources right now. This list includes top Vulnerability Management vendors Qualys and Rapid7, and WAF vendors Akamai, Imperva, Wallarm, well-known media and independent security bloggers. So if some really critical vulnerability will appear, I will easily get actual information from them.

Vulners blogs

This templates are currently available in “subscription marketplace” :

  • Security news
  • Exploit updates
  • Blogs review
  • Bugbounty
  • Linux vulnerabilities
  • Scanners plugins updates
  • CVE

Thanks for your attention! If you find a bug in vulnersBot please write an email to isox@vulners.com or telegram user @isox_xx

One thought on “New vulnersBot for Telegram with advanced searches and subscriptions

  1. Pingback: PHDays VII: To Vulnerability Database and beyond | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *