Add support for EUPI

2015-09-09 15:18:06 +02:00 · 2015-09-09 15:18:06 +02:00 · 8ecea977e8
parent 13cab6b621
commit 8ecea977e8
4 changed files with 55 additions and 5 deletions
--- a/url_abuse_async.py
+++ b/url_abuse_async.py
@ -23,6 +23,7 @@ from pypdns import PyPDNS
 import bgpranking_web
 import urlquery
 from pypssl import PyPSSL
+from pyeupi import PyEUPI
 import requests
 from bs4 import BeautifulSoup

@ -420,8 +421,8 @@ def pdnscircl(url, user, passwd, q):
    cached = _cache_get(q, 'pdns')
    if cached is not None:
        return cached
-    pdnscircl = PyPDNS(url, basic_auth=(user, passwd))
-    response = pdnscircl.query(q)
+    pdns = PyPDNS(url, basic_auth=(user, passwd))
+    response = pdns.query(q)
    all_uniq = []
    for e in reversed(response):
        host = e['rrname'].lower()
@ -438,8 +439,8 @@ def psslcircl(url, user, passwd, q):
    cached = _cache_get(q, 'pssl')
    if cached is not None:
        return cached
-    psslcircl = PyPSSL(url, basic_auth=(user, passwd))
-    response = psslcircl.query(q)
+    pssl = PyPSSL(url, basic_auth=(user, passwd))
+    response = pssl.query(q)
    if response.get(q) is not None:
        certinfo = response.get(q)
        entries = {}
@ -453,6 +454,19 @@ def psslcircl(url, user, passwd, q):
    return None


+def eupi(url, key, q):
+    cached = _cache_get(q, 'eupi')
+    if cached is not None:
+        return cached
+    eu = PyEUPI(key, url)
+    response = eu.search_url(q)
+    if response.get('results'):
+        r = response.get('results')[0]['tag_label']
+        _cache_set(q, r, 'eupi')
+        return r
+    return None
+
+
 def bgpranking(ip):
    cached = _cache_get(ip, 'bgp')
    if cached is not None:
--- a/web/init.py
+++ b/web/init.py
@ -25,7 +25,7 @@ except ImportError:
 from .proxied import ReverseProxied
 from url_abuse_async import is_valid_url, url_list, dns_resolve, phish_query, psslcircl, \
    vt_query_url, gsb_query, urlquery_query, sphinxsearch, whois, pdnscircl, bgpranking, \
-    cached, get_mail_sent, set_mail_sent, get_submissions
+    cached, get_mail_sent, set_mail_sent, get_submissions, eupi

 config_path = 'config.ini'

@ -247,6 +247,17 @@ def create_app(configfile=None):
                           result_ttl=500)
        return u.get_id()

+    @app.route('/eupi', methods=['POST'])
+    def eu():
+        data = json.loads(request.data)
+        if not os.path.exists('eupi.key'):
+            return None
+        url = parser.get("EUPI", "url")
+        key = open('eupi.key', 'r').readline().strip()
+        query = data["query"]
+        u = q.enqueue_call(func=eupi, args=(url, key, query,), result_ttl=500)
+        return u.get_id()
+
    @app.route('/pdnscircl', methods=['POST'])
    def dnscircl():
        url = parser.get("PDNS_CIRCL", "url")
--- a/web/static/main.js
+++ b/web/static/main.js
@ -198,6 +198,30 @@
        };
    });

+    app.directive('uqEupi', function(globFct) {
+        return {
+            scope: {
+                      query: '=data',
+            },
+            link: function(scope, element, attrs) {
+                var get_response = function(jobID) {
+                  globFct.poller(jobID, function(data){
+                      scope.response = data;
+                      if(data === "clean"){
+                        scope.alert_val = "success";
+                      }
+                      else{
+                        ascope.alert_val = "danger";
+                      }
+                  });
+                };
+                globFct.query('eupi', {"query": scope.query}, get_response);
+            },
+        template: function(elem, attr){
+            return '<div ng-show="response" class="animate-show"><alert type="{{alert_val}}">Known as {{response}} by the European Union antiphishing initiative.</alert></div>';}
+        };
+    });
+
    app.directive('uqUrlquery', function(globFct) {
        return {
            scope: {
--- a/web/templates/url-report.html
+++ b/web/templates/url-report.html
@ -6,6 +6,7 @@
    <uq-phishtank data="url"></uq-phishtank>
    <uq-virustotal data="url"></uq-virustotal>
    <uq-googlesafebrowsing data="url"></uq-googlesafebrowsing>
+    <uq-eupi data="url"></uq-eupi>
    <uq-urlquery data="url"></uq-urlquery>
    <uq-ticket data="url"></uq-ticket>
    <uq-whois data="url"></uq-whois><br>