From ab14ec014471104074e209034bb37c8bf0881e7a Mon Sep 17 00:00:00 2001 From: Terrtia Date: Wed, 28 Apr 2021 15:28:13 +0200 Subject: [PATCH] chg: [tools extract_cryptocurrency] filter by correlation objects + errors messages --- bin/lib/Correlate_object.py | 13 ++++++++++++- bin/packages/Correlation.py | 9 ++++++--- tools/extract_cryptocurrency.py | 14 +++++++++++++- 3 files changed, 31 insertions(+), 5 deletions(-) diff --git a/bin/lib/Correlate_object.py b/bin/lib/Correlate_object.py index aa7ce61c..8bbc52e8 100755 --- a/bin/lib/Correlate_object.py +++ b/bin/lib/Correlate_object.py @@ -31,6 +31,12 @@ def is_valid_object_type(object_type): else: return False +def check_correlation_object(object): + if object in get_all_correlation_objects(): + return True + else: + return False + def is_valid_object_subtype(object_type, object_subtype): if object_type == 'pgp': return Pgp.pgp.is_valid_obj_subtype(object_subtype) @@ -462,7 +468,7 @@ def sanitise_correlation_names(correlation_names): def sanitise_correlation_objects(correlation_objects): ''' - correlation_objects ex = 'domain,decoded' + correlation_objects ex = 'domain,paste' ''' all_correlation_objects = get_all_correlation_objects() if correlation_objects is None: @@ -478,6 +484,11 @@ def sanitise_correlation_objects(correlation_objects): return all_correlation_objects ######## API EXPOSED ######## +def api_check_correlation_objects(l_object): + for object in l_object: + if not check_correlation_object(object): + return ({"error": f"Invalid Object: {object}"}, 400) + def sanitize_object_type(object_type): if not is_valid_object_type(object_type): return ({'status': 'error', 'reason': 'Incorrect object_type'}, 400) diff --git a/bin/packages/Correlation.py b/bin/packages/Correlation.py index bbb33cc6..463669ec 100755 --- a/bin/packages/Correlation.py +++ b/bin/packages/Correlation.py @@ -442,7 +442,10 @@ class Correlation(object): return True -######## API EXPOSED ######## + ######## API EXPOSED ######## + def api_check_objs_type(self, l_types): + for obj_type in l_types: + if not self.is_valid_obj_subtype(obj_type): + return ({"error": f"Invalid Type: {obj_type}"}, 400) - -######## ######## + ######## ######## diff --git a/tools/extract_cryptocurrency.py b/tools/extract_cryptocurrency.py index 01bfb58f..da5f4d00 100755 --- a/tools/extract_cryptocurrency.py +++ b/tools/extract_cryptocurrency.py @@ -39,7 +39,8 @@ def get_object_correlation_json(correlation_id, subtype, max_nodes): # ALL correlations correlation_names = Correlate_object.sanitise_correlation_names('') - correlation_objects = Correlate_object.sanitise_correlation_objects('') + #correlation_objects = Correlate_object.sanitise_correlation_objects('') + correlation_objects = ['domain'] res = Correlate_object.get_graph_node_object_correlation(object_type, correlation_id, mode, correlation_names, correlation_objects, requested_correl_type=subtype, @@ -53,6 +54,7 @@ if __name__ == '__main__': parser.add_argument('-a', '--address', help='Cryptocurrency addresses', type=str, dest='address', default=None, nargs="*") parser.add_argument('-p', '--page',help='page number, default=1' , type=int, default=1, dest='page') parser.add_argument('-n', '--nb',help='number of addresses by page, default=50' , type=int, default=50, dest='nb_elem') + parser.add_argument('-fo', '--filter_objects',help='filter correlation by object : domain, paste/item' , type=str, default=[], dest='objects', nargs="*") parser.add_argument('--node' ,help='correlation graph: max number of nodes, default=50' , type=int, default=50, dest='max_nodes') args = parser.parse_args() @@ -60,10 +62,20 @@ if __name__ == '__main__': if subtype is None: parser.print_help() sys.exit(0) + else: + res = Cryptocurrency.cryptocurrency.api_check_objs_type([args.type]) + if res: + print(json.dumps(res[0])) + sys.exit(0) page = sanitise_int(args.page, 1) nb_elem = sanitise_int(args.nb_elem, 50) max_nodes = sanitise_int(args.max_nodes, 300) + if args.objects: + res = Correlate_object.api_check_correlation_objects(args.objects) + if res: + print(json.dumps(res[0])) + sys.exit(0) dict_json = {} if args.address: