From 8ecea977e8f5da02346512fb6aa88a81d1b30b04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 9 Sep 2015 15:18:06 +0200 Subject: [PATCH] Add support for EUPI --- url_abuse_async.py | 22 ++++++++++++++++++---- web/__init__.py | 13 ++++++++++++- web/static/main.js | 24 ++++++++++++++++++++++++ web/templates/url-report.html | 1 + 4 files changed, 55 insertions(+), 5 deletions(-) diff --git a/url_abuse_async.py b/url_abuse_async.py index 5822a1b..24cba91 100644 --- a/url_abuse_async.py +++ b/url_abuse_async.py @@ -23,6 +23,7 @@ from pypdns import PyPDNS import bgpranking_web import urlquery from pypssl import PyPSSL +from pyeupi import PyEUPI import requests from bs4 import BeautifulSoup @@ -420,8 +421,8 @@ def pdnscircl(url, user, passwd, q): cached = _cache_get(q, 'pdns') if cached is not None: return cached - pdnscircl = PyPDNS(url, basic_auth=(user, passwd)) - response = pdnscircl.query(q) + pdns = PyPDNS(url, basic_auth=(user, passwd)) + response = pdns.query(q) all_uniq = [] for e in reversed(response): host = e['rrname'].lower() @@ -438,8 +439,8 @@ def psslcircl(url, user, passwd, q): cached = _cache_get(q, 'pssl') if cached is not None: return cached - psslcircl = PyPSSL(url, basic_auth=(user, passwd)) - response = psslcircl.query(q) + pssl = PyPSSL(url, basic_auth=(user, passwd)) + response = pssl.query(q) if response.get(q) is not None: certinfo = response.get(q) entries = {} @@ -453,6 +454,19 @@ def psslcircl(url, user, passwd, q): return None +def eupi(url, key, q): + cached = _cache_get(q, 'eupi') + if cached is not None: + return cached + eu = PyEUPI(key, url) + response = eu.search_url(q) + if response.get('results'): + r = response.get('results')[0]['tag_label'] + _cache_set(q, r, 'eupi') + return r + return None + + def bgpranking(ip): cached = _cache_get(ip, 'bgp') if cached is not None: diff --git a/web/__init__.py b/web/__init__.py index a2b65f3..e0cce8a 100644 --- a/web/__init__.py +++ b/web/__init__.py @@ -25,7 +25,7 @@ except ImportError: from .proxied import ReverseProxied from url_abuse_async import is_valid_url, url_list, dns_resolve, phish_query, psslcircl, \ vt_query_url, gsb_query, urlquery_query, sphinxsearch, whois, pdnscircl, bgpranking, \ - cached, get_mail_sent, set_mail_sent, get_submissions + cached, get_mail_sent, set_mail_sent, get_submissions, eupi config_path = 'config.ini' @@ -247,6 +247,17 @@ def create_app(configfile=None): result_ttl=500) return u.get_id() + @app.route('/eupi', methods=['POST']) + def eu(): + data = json.loads(request.data) + if not os.path.exists('eupi.key'): + return None + url = parser.get("EUPI", "url") + key = open('eupi.key', 'r').readline().strip() + query = data["query"] + u = q.enqueue_call(func=eupi, args=(url, key, query,), result_ttl=500) + return u.get_id() + @app.route('/pdnscircl', methods=['POST']) def dnscircl(): url = parser.get("PDNS_CIRCL", "url") diff --git a/web/static/main.js b/web/static/main.js index eb6fb3c..3ed1e45 100644 --- a/web/static/main.js +++ b/web/static/main.js @@ -198,6 +198,30 @@ }; }); + app.directive('uqEupi', function(globFct) { + return { + scope: { + query: '=data', + }, + link: function(scope, element, attrs) { + var get_response = function(jobID) { + globFct.poller(jobID, function(data){ + scope.response = data; + if(data === "clean"){ + scope.alert_val = "success"; + } + else{ + ascope.alert_val = "danger"; + } + }); + }; + globFct.query('eupi', {"query": scope.query}, get_response); + }, + template: function(elem, attr){ + return '
Known as {{response}} by the European Union antiphishing initiative.
';} + }; + }); + app.directive('uqUrlquery', function(globFct) { return { scope: { diff --git a/web/templates/url-report.html b/web/templates/url-report.html index 9728ef2..10fdfb9 100644 --- a/web/templates/url-report.html +++ b/web/templates/url-report.html @@ -6,6 +6,7 @@ +