Add support for EUPI

url_abuse_async.py

@@ -23,6 +23,7 @@ from pypdns import PyPDNS
 import bgpranking_web
 import urlquery
 from pypssl import PyPSSL
+from pyeupi import PyEUPI
 import requests
 from bs4 import BeautifulSoup
 
@@ -420,8 +421,8 @@ def pdnscircl(url, user, passwd, q):
     cached = _cache_get(q, 'pdns')
     if cached is not None:
         return cached
-    pdnscircl = PyPDNS(url, basic_auth=(user, passwd))
+    pdns = PyPDNS(url, basic_auth=(user, passwd))
-    response = pdnscircl.query(q)
+    response = pdns.query(q)
     all_uniq = []
     for e in reversed(response):
         host = e['rrname'].lower()
@@ -438,8 +439,8 @@ def psslcircl(url, user, passwd, q):
     cached = _cache_get(q, 'pssl')
     if cached is not None:
         return cached
-    psslcircl = PyPSSL(url, basic_auth=(user, passwd))
+    pssl = PyPSSL(url, basic_auth=(user, passwd))
-    response = psslcircl.query(q)
+    response = pssl.query(q)
     if response.get(q) is not None:
         certinfo = response.get(q)
         entries = {}
@@ -453,6 +454,19 @@ def psslcircl(url, user, passwd, q):
     return None
 
 
+def eupi(url, key, q):
+    cached = _cache_get(q, 'eupi')
+    if cached is not None:
+        return cached
+    eu = PyEUPI(key, url)
+    response = eu.search_url(q)
+    if response.get('results'):
+        r = response.get('results')[0]['tag_label']
+        _cache_set(q, r, 'eupi')
+        return r
+    return None
+
+
 def bgpranking(ip):
     cached = _cache_get(ip, 'bgp')
     if cached is not None:

web/__init__.py

@@ -25,7 +25,7 @@ except ImportError:
 from .proxied import ReverseProxied
 from url_abuse_async import is_valid_url, url_list, dns_resolve, phish_query, psslcircl, \
     vt_query_url, gsb_query, urlquery_query, sphinxsearch, whois, pdnscircl, bgpranking, \
-    cached, get_mail_sent, set_mail_sent, get_submissions
+    cached, get_mail_sent, set_mail_sent, get_submissions, eupi
 
 config_path = 'config.ini'
 
@@ -247,6 +247,17 @@ def create_app(configfile=None):
                            result_ttl=500)
         return u.get_id()
 
+    @app.route('/eupi', methods=['POST'])
+    def eu():
+        data = json.loads(request.data)
+        if not os.path.exists('eupi.key'):
+            return None
+        url = parser.get("EUPI", "url")
+        key = open('eupi.key', 'r').readline().strip()
+        query = data["query"]
+        u = q.enqueue_call(func=eupi, args=(url, key, query,), result_ttl=500)
+        return u.get_id()
+
     @app.route('/pdnscircl', methods=['POST'])
     def dnscircl():
         url = parser.get("PDNS_CIRCL", "url")

web/static/main.js

@@ -198,6 +198,30 @@
         };
     });
 
+    app.directive('uqEupi', function(globFct) {
+        return {
+            scope: {
+                      query: '=data',
+            },
+            link: function(scope, element, attrs) {
+                var get_response = function(jobID) {
+                  globFct.poller(jobID, function(data){
+                      scope.response = data;
+                      if(data === "clean"){
+                        scope.alert_val = "success";
+                      }
+                      else{
+                        ascope.alert_val = "danger";
+                      }
+                  });
+                };
+                globFct.query('eupi', {"query": scope.query}, get_response);
+            },
+        template: function(elem, attr){
+            return '<div ng-show="response" class="animate-show"><alert type="{{alert_val}}">Known as {{response}} by the European Union antiphishing initiative.</alert></div>';}
+        };
+    });
+
     app.directive('uqUrlquery', function(globFct) {
         return {
             scope: {

web/templates/url-report.html

@@ -6,6 +6,7 @@
     <uq-phishtank data="url"></uq-phishtank>
     <uq-virustotal data="url"></uq-virustotal>
     <uq-googlesafebrowsing data="url"></uq-googlesafebrowsing>
+    <uq-eupi data="url"></uq-eupi>
     <uq-urlquery data="url"></uq-urlquery>
     <uq-ticket data="url"></uq-ticket>
     <uq-whois data="url"></uq-whois><br>