CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

Concatenate the whois-lookups\n when contact_email_only is false the abuse-c-lookup is added to the initial lookup

pull/904/head
AntoniaBK 2024-04-08 10:59:10 +02:00
parent 8df581c957
commit e8492cc96f
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lookyloo/modules/uwhois.py
View File

@ -90,11 +90,16 @@ class UniversalWhois(AbstractModule):
if not data: if not data:
break break
bytes_whois += data bytes_whois += data
#if an abuse-c-Object is found in the whois entry, the result of its lookup will be returned
#if an abuse-c-Object is found in the whois entry, it will take precedence
abuse_c = re.search(rb'abuse-c:\s+(.*)\s', bytes_whois) abuse_c = re.search(rb'abuse-c:\s+(.*)\s', bytes_whois)
if abuse_c is not None: if abuse_c:
return self.whois(abuse_c.group(1).decode(), contact_email_only) abuse_c_query = self.whois(abuse_c.group(1).decode(), contact_email_only)
if contact_email_only:
return abuse_c_query
else:
return bytes_whois.decode() + abuse_c_query
if not contact_email_only: if not contact_email_only:
return bytes_whois.decode() return bytes_whois.decode()
emails = list(set(re.findall(EMAIL_REGEX, bytes_whois))) emails = list(set(re.findall(EMAIL_REGEX, bytes_whois)))