This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var vul = '7e4e6fb5879c99102d0b422e0ebb352d';//Sys id of a Third-Party item | |
| var ci = 'fbb85b1d475c191077f53008946d4336';//ip-ac0a0411.secops.com | |
| var vi = new GlideRecord('sn_vul_vulnerable_item'); | |
| vi.initilize(); | |
| vi.setValue('vulnerability', vul); | |
| vi.setValue('cmdb_ci', ci); | |
| vi.setValue('source', 'Script'); | |
| vi.insert(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Make this part of a Scripted REST API for ServiceNow | |
| As of 2022 SN does not enforce an oAuth connection so you need to check for it. | |
| */ | |
| validateOAuth: function(request) { | |
| try { | |
| var authReturn = ''; | |
| var authHeader = request.headers.authorization; | |
| if (authHeader.indexOf("Basic") > -1) { | |
| authReturn = '401-001'; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Source: | |
| https://community.servicenow.com/community?id=community_article&sys_id=0eb79438db0e93804fc2f4621f961918 | |
| */ | |
| var gdt = new Date(); | |
| var gdtString = gdt.toString().replace(/ /g,'_').replace(/:/g,'_'); | |
| var timeZone = gdtString.replace(/.*[(](.*)[)].*/,'$1'); | |
| var dateFinal = gdtString.slice(0,25) + timeZone; | |
| gs.addInfoMessage('System Property glide.lastplugin updated. ' + |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Client Side | |
| UI Action | |
| Client = checked | |
| Action name = your_choice | |
| OnClick = onClickFormButton() | |
| */ | |
| function onClickFormButton() { | |
| g_form.clearMessages(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var re_run_arr = []; | |
| var re_run_str = ''; | |
| var di = new GlideRecord('sn_sec_cmn_src_ci'); | |
| di.addEncodedQuery('number=SDI000000001318');//Identify Items to re run the rules | |
| di.query(); | |
| while(di.next()){ | |
| re_run_arr.push(di.getUniqueValue());//Collect an Array of sys_id | |
| } | |
| re_run_str = re_run_arr.join(); | |
| new sn_sec_cmn.CILookupUtil().reRunCILookupRules(re_run_str);//Re run the rules |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function runTransformScript(source, map, log, target /*undefined onStart*/ ) { | |
| /* | |
| Test and Reject | |
| Required Incomming Fields: | |
| internal_ip_address | |
| source | |
| cve | |
| Recommened Fields: | |
| server |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| sn_cmdb_ci_class_chris_one.list | |
| u_password | |
| Field Type: 'Password(2 Way Encrypted)' | |
| Built an run in a scope | |
| */ | |
| var pw = 'hell0_World!'; | |
| var gr = new GlideRecord('sn_cmdb_ci_class_chris_one'); | |
| gr.get('731b72d447c2c51077f53008946d4324'); | |
| gs.info("***CM setting password: " + pw); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Sample script to find Discovered Items that are not referenced by a Vulnerable Item | |
| A VI has a Reference to a DI | |
| */ | |
| var DI_TABLE = 'sn_sec_cmn_src_ci'; | |
| var VIT_TABLE = 'sn_vul_vulnerable_item'; | |
| var found = false; | |
| var count = 0; | |
| var grVI = new GlideRecord(VIT_TABLE); | |
| //GlideRecord is just fine, I was testing PageGlideRecord at the same time |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Work out your script before using.... | |
| //A 'pageSize' of 5000 is inherited from PageGlideRecord | |
| var count = 0; | |
| var table = 'sn_vul_vulnerable_item'; | |
| var viGR = new sn_vul.PagedGlideRecord(table); | |
| viGR.setSortField("sys_id");//Sort Field is manadatory! | |
| //viGR.query(); <-- You would think... but DO NOT use this. | |
| while(viGR.next()){ | |
| gs.info(viGR.gr.getValue('number'));//NOTE the dotwalk .gr. | |
| count++; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Typical CVE-yyyy-xxxx | |
| Empty Placeholder CVE-9999-00001 | |
| -- Start with an existing record as a default record for incomming data with missing CVE | |
| --i.e. if the incoming data is missing a custom CVE use the placeholder record | |
| -- Each VIT needs a Vulnerability. This is for external pentest teams whos data we are turning into VITs, but there is no 'pentest' library | |
| -- Build a library on the fly | |
| */ | |
| var MAX_CVE_DIGITS = 5; |