mirror of https://github.com/CIRCL/lookyloo
fixing mistakes
parent
88db208561
commit
65c855b95b
|
@ -766,13 +766,12 @@ class Lookyloo():
|
|||
def takedown_filtered(self, hostnode: HostNode) -> dict[str, Any] | None:
|
||||
config = configparser.ConfigParser()
|
||||
config.optionxform = str
|
||||
config.read('config/domain.ini')
|
||||
config.read('/home/amaraj/Stage/Workshop/domain.ini')
|
||||
#checking if domain should be ignored
|
||||
domains = config['domain']['ignore']
|
||||
pattern = r"(https?://)?(www\d?\.)?(?P<domain>[\w\.-]+\.\w+)(/\S*)?"
|
||||
match = re.match(pattern, hostnode.name)
|
||||
if match:
|
||||
if match.group("domain") in domains:
|
||||
if match and match.group("domain") in domains:
|
||||
return None
|
||||
result = self.takedown_details(hostnode)
|
||||
#ignoring mails
|
||||
|
@ -783,7 +782,7 @@ class Lookyloo():
|
|||
# ignoring mails
|
||||
is_valid = True
|
||||
for regex in ignorelist:
|
||||
if regex.strip() == '':
|
||||
if not regex.strip():
|
||||
continue
|
||||
match = re.search(regex.strip(), mail)
|
||||
if match:
|
||||
|
@ -804,11 +803,11 @@ class Lookyloo():
|
|||
|
||||
def get_filtered_emails(self, capture_uuid, detailed=False) -> set[str] | dict[str, str]:
|
||||
info = self.contacts(capture_uuid)
|
||||
if detailed:
|
||||
if detailed: #emails in a dict with their hostname as key
|
||||
final_mails = {}
|
||||
for i in info:
|
||||
final_mails[i['hostname']] = i['all_emails']
|
||||
else:
|
||||
else: #just all emails together
|
||||
final_mails = set()
|
||||
for i in info:
|
||||
for mail in i['all_emails']:
|
||||
|
@ -861,11 +860,11 @@ class Lookyloo():
|
|||
misp_url = occurrences[1]
|
||||
for element in occurrences[0]:
|
||||
for attribute in occurrences[0][element]:
|
||||
if isinstance(attribute, datetime):
|
||||
if attribute[0] == cache.url:
|
||||
now = datetime.now(timezone.utc)
|
||||
diff = now - attribute
|
||||
diff = now - attribute[1]
|
||||
if diff.days < 1: # MISP event should not be older than 24hours
|
||||
misp += str(attribute) + ': ' + misp_url + 'events/' + str(element) + '\n'
|
||||
misp += f"\n{attribute[1]:%a %m-%d-%y %I:%M%p(%z %Z)} : {misp_url}events/{element}"
|
||||
break # some events have more than just one timestamp, we just take the first one
|
||||
msg = EmailMessage()
|
||||
msg['From'] = email_config['from']
|
||||
|
@ -881,7 +880,7 @@ class Lookyloo():
|
|||
initial_url=initial_url,
|
||||
redirects=redirects,
|
||||
comment=comment if comment else '',
|
||||
misp='MISP occurrences from the last 24h: \n' + misp if misp else '',
|
||||
misp=f"MISP occurrences from the last 24h: {misp}" if misp else '',
|
||||
sender=msg['From'].addresses[0].display_name,
|
||||
)
|
||||
msg.set_content(body)
|
||||
|
|
|
@ -2,12 +2,13 @@
|
|||
|
||||
from __future__ import annotations
|
||||
|
||||
import datetime
|
||||
import re
|
||||
|
||||
from io import BytesIO
|
||||
from collections import defaultdict
|
||||
from collections.abc import Mapping
|
||||
from typing import Any, TYPE_CHECKING, Iterator
|
||||
from typing import Any, TYPE_CHECKING, Iterator, Literal
|
||||
|
||||
import requests
|
||||
from har2tree import HostNode, URLNode, Har2TreeError
|
||||
|
@ -270,9 +271,10 @@ class MISP(AbstractModule):
|
|||
to_return: dict[str, set[str]] = defaultdict(set)
|
||||
# NOTE: We have MISPAttribute in that list
|
||||
for a in attributes:
|
||||
to_return[a.event_id].add(a.value) # type: ignore[union-attr,index]
|
||||
if time:
|
||||
to_return[a.event_id].add(a.timestamp)
|
||||
to_return[a.event_id].add((a.value,a.timestamp))
|
||||
else:
|
||||
to_return[a.event_id].add(a.value) # type: ignore[union-attr,index]
|
||||
return to_return
|
||||
else:
|
||||
# The request returned an error
|
||||
|
|
|
@ -284,10 +284,10 @@ class TriggerModules(Resource): # type: ignore[misc]
|
|||
|
||||
@api.route('/json/<string:tree_uuid>/modules')
|
||||
@api.doc(description='Get responses from the 3rd party modules',
|
||||
params={'tree_uuid': 'The UUID of the capture'})
|
||||
params={'capture_uuid': 'The UUID of the capture'})
|
||||
class ModulesResponse(Resource): # type: ignore[misc]
|
||||
def get(self, tree_uuid: str) -> dict[str, Any]:
|
||||
return lookyloo.get_modules_responses(tree_uuid)
|
||||
def get(self, capture_uuid: str) -> dict[str, Any]:
|
||||
return lookyloo.get_modules_responses(capture_uuid)
|
||||
|
||||
|
||||
@api.route('/json/hash_info/<h>')
|
||||
|
|
Loading…
Reference in New Issue