diff --git a/lookyloo/lookyloo.py b/lookyloo/lookyloo.py index dfe7335..81fb843 100644 --- a/lookyloo/lookyloo.py +++ b/lookyloo/lookyloo.py @@ -52,7 +52,7 @@ from .helpers import (get_captures_dir, get_email_template, uniq_domains, ParsedUserAgent, load_cookies, UserAgents, get_useragent_for_requests) from .indexing import Indexing -from .modules import (MISPs, MISP, PhishingInitiative, UniversalWhois, +from .modules import (MISPs, PhishingInitiative, UniversalWhois, UrlScan, VirusTotal, Phishtank, Hashlookup, RiskIQ, RiskIQError, Pandora, URLhaus) @@ -1203,16 +1203,14 @@ class Lookyloo(): return [event] - def get_misp_instance(self, instance_name: Optional[str]=None) -> MISP: - if instance_name: - if misp := self.misps.get(instance_name): - return misp - self.logger.warning(f'Unable to connect to MISP Instance {instance_name}, falling back to default.') - - return self.misps.default_misp - def get_misp_occurrences(self, capture_uuid: str, /, *, instance_name: Optional[str]=None) -> Optional[Tuple[Dict[str, Set[str]], str]]: - misp = self.get_misp_instance(instance_name) + if instance_name is None: + misp = self.misps.default_misp + elif self.misps.get(instance_name) is not None: + misp = self.misps[instance_name] + else: + self.logger.warning(f'MISP instance "{instance_name}" does not exists.') + return None if not misp.available: return None diff --git a/website/web/genericapi.py b/website/web/genericapi.py index 1240495..fd92e55 100644 --- a/website/web/genericapi.py +++ b/website/web/genericapi.py @@ -192,8 +192,15 @@ class MISPPush(Resource): def get(self, capture_uuid: str, instance_name: Optional[str]=None): with_parents = True if request.args.get('with_parents') else False allow_duplicates = True if request.args.get('allow_duplicates') else False + + if instance_name is None: + misp = lookyloo.misps.default_misp + elif lookyloo.misps.get(instance_name) is not None: + misp = lookyloo.misps[instance_name] + else: + return {'error': f'MISP instance "{instance_name}" does not exists.'} + to_return: Dict = {} - misp = self.get_misp_instance(instance_name) if not misp.available: to_return['error'] = 'MISP module not available.' elif not misp.enable_push: @@ -209,7 +216,7 @@ class MISPPush(Resource): else: events_to_return = [] for e in new_events: - events_to_return.append(e.to_json(indent=2)) + events_to_return.append(json.loads(e.to_json())) return events_to_return return to_return @@ -219,9 +226,14 @@ class MISPPush(Resource): parameters: Dict = request.get_json(force=True) with_parents = True if parameters.get('with_parents') else False allow_duplicates = True if parameters.get('allow_duplicates') else False + if instance_name is None: + misp = lookyloo.misps.default_misp + elif lookyloo.misps.get(instance_name) is not None: + misp = lookyloo.misps[instance_name] + else: + return {'error': f'MISP instance "{instance_name}" does not exists.'} to_return: Dict = {} - misp = self.get_misp_instance(instance_name) if not misp.available: to_return['error'] = 'MISP module not available.' elif not misp.enable_push: @@ -237,7 +249,7 @@ class MISPPush(Resource): else: events_to_return = [] for e in new_events: - events_to_return.append(e.to_json(indent=2)) + events_to_return.append(json.loads(e.to_json())) return events_to_return return to_return