CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: return error message if urlscan isn't able to run the capture.

pull/263/head
Raphaël Vinot 2021-09-17 09:51:52 +02:00
parent 963af434dd
commit e7d9c1cb1a
3 changed files with 30 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lookyloo/modules/urlscan.py
View File

@ -101,6 +101,9 @@ class UrlScan():
# default to key config on urlscan.io website
pass
response = self.client.post('https://urlscan.io/api/v1/scan/', json=data)
if response.status_code == 400:
# Error, but we have details in the response
return response.json()
response.raise_for_status()
return response.json()
@ -139,6 +142,8 @@ class UrlScan():
visibility)
except requests.exceptions.HTTPError as e:
return {'error': e}
if 'status' in response and response['status'] == 400:
response = {'error': response}
with urlscan_file_submit.open('w') as _f:
json.dump(response, _f)
return response

32
website/web/__init__.py
View File

@ -406,20 +406,26 @@ def modules(tree_uuid: str):
urlscan_to_display: Dict = {}
if 'urlscan' in modules_responses:
urlscan = modules_responses.pop('urlscan')
urlscan_to_display = {'permaurl': '', 'malicious': False, 'tags': []}
if urlscan['submission'] and urlscan['submission'].get('result'):
urlscan_to_display['permaurl'] = urlscan['submission']['result']
if urlscan['result']:
# We have a result available, get the verdicts
if (urlscan['result'].get('verdicts')
and urlscan['result']['verdicts'].get('overall')):
if urlscan['result']['verdicts']['overall'].get('malicious') is not None:
urlscan_to_display['malicious'] = urlscan['result']['verdicts']['overall']['malicious']
if urlscan['result']['verdicts']['overall'].get('tags'):
urlscan_to_display['tags'] = urlscan['result']['verdicts']['overall']['tags']
if 'error' in urlscan['submission']:
if 'description' in urlscan['submission']['error']:
urlscan_to_display = {'error_message': urlscan['submission']['error']['description']}
else:
urlscan_to_display = {'error_message': urlscan['submission']['error']}
else:
# unable to run the query, probably an invalid key
pass
urlscan_to_display = {'permaurl': '', 'malicious': False, 'tags': []}
if urlscan['submission'] and urlscan['submission'].get('result'):
urlscan_to_display['permaurl'] = urlscan['submission']['result']
if urlscan['result']:
# We have a result available, get the verdicts
if (urlscan['result'].get('verdicts')
and urlscan['result']['verdicts'].get('overall')):
if urlscan['result']['verdicts']['overall'].get('malicious') is not None:
urlscan_to_display['malicious'] = urlscan['result']['verdicts']['overall']['malicious']
if urlscan['result']['verdicts']['overall'].get('tags'):
urlscan_to_display['tags'] = urlscan['result']['verdicts']['overall']['tags']
else:
# unable to run the query, probably an invalid key
pass
return render_template('modules.html', uuid=tree_uuid, vt=vt_short_result,
pi=pi_short_result, urlscan=urlscan_to_display,
phishtank=phishtank_short_result)

7
website/web/templates/modules.html
View File

@ -1,11 +1,12 @@
{% from "macros.html" import shorten_string %}
<div>
{% if urlscan and urlscan.get('permaurl') %}
{% if urlscan %}
<hr>
<center>
<h1 class="display-4">urlscan.io</h1>
<div>
{% if urlscan.get('permaurl') %}
<p>A scan was triggered for this capture,
<a href="{{ urlscan['permaurl'] }}">click to view it</a> on urlscan.io.</p>
{% if urlscan['malicious']%}
@ -15,6 +16,10 @@
<p>It is tagged as {{ ','.join(urlscan['tags']) }}.</p>
{% endif%}
{% elif urlscan.get('error_message') %}
<p> Unable to trigger the scan, urlscan.io returned the following message:</p>
<p class="font-italic">{{ urlscan.get('error_message') }}</p>
{% endif%}
</div>
</center>
{% endif%}