From e6bac113baaf27981aa431f1f9c218bda49d0e17 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 16:38:41 +0200 Subject: [PATCH 01/20] add onyphe module --- REQUIREMENTS | 1 + misp_modules/modules/expansion/onyphe.py | 65 ++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 misp_modules/modules/expansion/onyphe.py diff --git a/REQUIREMENTS b/REQUIREMENTS index 9e383d4..0a0c85a 100644 --- a/REQUIREMENTS +++ b/REQUIREMENTS @@ -14,6 +14,7 @@ asnhistory git+https://github.com/Rafiot/uwhoisd.git@testing#egg=uwhois&subdirectory=client git+https://github.com/MISP/MISP-STIX-Converter.git#egg=misp_stix_converter git+https://github.com/MISP/PyMISP.git#egg=pymisp +git+https://github.com/sebdraven/pyonyphe#egg=pyonyphe pillow pytesseract SPARQLWrapper diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py new file mode 100644 index 0000000..16a4e94 --- /dev/null +++ b/misp_modules/modules/expansion/onyphe.py @@ -0,0 +1,65 @@ +import json +# -*- coding: utf-8 -*- + +import json +try: + from onyphe import Onyphe +except ImportError: + print("pyonyphe module not installed.") + +misperrors = {'error': 'Error'} + +mispattributes = {'input': ['ip-src', 'ip-dst', 'hostname', 'domains'], 'output': ['freetext']} +# possible module-types: 'expansion', 'hover' or both +moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven', + 'description': 'Query on Onyphe', + 'module-type': ['expansion', 'hover']} + +# config fields that your code expects from the site admin +moduleconfig = ['apikey'] + + + +def handler(q=False): + if q is False: + return False + request = json.loads(q) + + if not request.get('config') and not (request['config'].get('apikey')): + misperrors['error'] = 'Onyphe authentication is missing' + return misperrors + + api = Onyphe(request['config'].get('apikey')) + + if not api: + misperrors['error'] = 'Onyphe Error instance api' + + ip = '' + if request.get('ip-src'): + ip = request['ip-src'] + elif request.get('ip-dst'): + ip = request['ip-dst'] + else: + misperrors['error'] = "Unsupported attributes type" + return misperrors + + return handle_expansion(api, ip, misperrors) + + +def handle_expansion(api, ip, misperrors): + result = api.ip(ip) + if result['status'] == 'nok': + misperrors['error'] = result['message'] + return misperrors + + return {'results': [{'types': mispattributes['output'], + 'values': json.dumps(result)}]} + + +def introspection(): + return mispattributes + + +def version(): + moduleinfo['config'] = moduleconfig + return moduleinfo \ No newline at end of file From 6eeca0fba1efda5605c8fabedc0c9cb2895c0229 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 17:53:50 +0200 Subject: [PATCH 02/20] add pastebin url imports --- .idea/vcs.xml | 6 ++++++ misp_modules/modules/expansion/onyphe.py | 16 +++++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 .idea/vcs.xml diff --git a/.idea/vcs.xml b/.idea/vcs.xml new file mode 100644 index 0000000..94a25f7 --- /dev/null +++ b/.idea/vcs.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 16a4e94..ace09ef 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -9,7 +9,7 @@ except ImportError: misperrors = {'error': 'Error'} -mispattributes = {'input': ['ip-src', 'ip-dst', 'hostname', 'domains'], 'output': ['freetext']} +mispattributes = {'input': ['ip-src', 'ip-dst', 'hostname', 'domains'], 'output': ['hostname', 'domain', 'ip-src', 'ip-dst','url']} # possible module-types: 'expansion', 'hover' or both moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven', 'description': 'Query on Onyphe', @@ -48,12 +48,22 @@ def handler(q=False): def handle_expansion(api, ip, misperrors): result = api.ip(ip) + if result['status'] == 'nok': misperrors['error'] = result['message'] return misperrors - return {'results': [{'types': mispattributes['output'], - 'values': json.dumps(result)}]} + categories = list(set([item['@category'] for item in result['results']])) + + result_filtered = [] + urls_pasties = [] + for r in result['results']: + if r['@category'] == 'pastries': + if r['@type'] == 'pastebin': + urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) + result_filtered.append({'type': ['url'], 'values': urls_pasties}) + + return result_filtered def introspection(): From f18f8fe05ac85b9d5c3ce312b5c43024ff9d5a3b Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 18:01:58 +0200 Subject: [PATCH 03/20] correct a bug --- misp_modules/modules/expansion/onyphe.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index ace09ef..ce68262 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -55,13 +55,13 @@ def handle_expansion(api, ip, misperrors): categories = list(set([item['@category'] for item in result['results']])) - result_filtered = [] + result_filtered = {"results": []} urls_pasties = [] for r in result['results']: if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) - result_filtered.append({'type': ['url'], 'values': urls_pasties}) + result_filtered['results'].append({'type': ['url'], 'values': urls_pasties}) return result_filtered From 3ec15358977ba79e6dae485da1811d02e8dc6ab1 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 18:09:59 +0200 Subject: [PATCH 04/20] correct key in map result --- misp_modules/modules/expansion/onyphe.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index ce68262..4542fc7 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -61,7 +61,7 @@ def handle_expansion(api, ip, misperrors): if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) - result_filtered['results'].append({'type': ['url'], 'values': urls_pasties}) + result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) return result_filtered From cad35b5332d083004b90f103796bc2ceda7d7660 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 18:11:04 +0200 Subject: [PATCH 05/20] error indentation --- misp_modules/modules/expansion/onyphe.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 4542fc7..b42c86b 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -61,7 +61,7 @@ def handle_expansion(api, ip, misperrors): if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) - result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) + result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) return result_filtered From 04032d110c2803ba22d81c4950c574632f2cf09c Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Fri, 8 Jun 2018 18:31:08 +0200 Subject: [PATCH 06/20] add as number with onyphe --- misp_modules/modules/expansion/onyphe.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index b42c86b..854fc87 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -55,14 +55,17 @@ def handle_expansion(api, ip, misperrors): categories = list(set([item['@category'] for item in result['results']])) - result_filtered = {"results": []} + result_filtered = {"results": []} urls_pasties = [] + asn_list = [] for r in result['results']: if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) + elif r['@category'] == 'synscan': + ans_list = r['asn'] result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) - + result_filtered['results'].append({'types': ['AS'], 'values': asn_list}) return result_filtered From 735e6260588bce574dad615c597bba2ff97a017e Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 10:41:05 +0200 Subject: [PATCH 07/20] add as number with onyphe --- misp_modules/modules/expansion/onyphe.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 854fc87..53f0eba 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -63,9 +63,9 @@ def handle_expansion(api, ip, misperrors): if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) elif r['@category'] == 'synscan': - ans_list = r['asn'] + asn_list.append(r['asn']) result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) - result_filtered['results'].append({'types': ['AS'], 'values': asn_list}) + result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list))}) return result_filtered From ef035d051bb5002693838ea04849ada8710d468d Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 10:54:06 +0200 Subject: [PATCH 08/20] add category --- misp_modules/modules/expansion/onyphe.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 53f0eba..2a0b913 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -64,7 +64,8 @@ def handle_expansion(api, ip, misperrors): urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) elif r['@category'] == 'synscan': asn_list.append(r['asn']) - result_filtered['results'].append({'types': ['url'], 'values': urls_pasties}) + result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, + 'category': 'External analysis'}) result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list))}) return result_filtered From 0a543ca0d52515f0e9b5b12a2ae1231772ad46a1 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 10:55:44 +0200 Subject: [PATCH 09/20] change type --- misp_modules/modules/expansion/onyphe.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 2a0b913..33aa69d 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -65,7 +65,7 @@ def handle_expansion(api, ip, misperrors): elif r['@category'] == 'synscan': asn_list.append(r['asn']) result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, - 'category': 'External analysis'}) + 'category': ['External analysis']}) result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list))}) return result_filtered From f069cd9bf47cbb16a53ca9bfa01c70fbe7bbe514 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 10:56:40 +0200 Subject: [PATCH 10/20] change keys --- misp_modules/modules/expansion/onyphe.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 33aa69d..9f4f942 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -65,7 +65,7 @@ def handle_expansion(api, ip, misperrors): elif r['@category'] == 'synscan': asn_list.append(r['asn']) result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, - 'category': ['External analysis']}) + 'categories': ['External analysis']}) result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list))}) return result_filtered From 7580c63433f1b79a5146ff6e1d333a1c73900f55 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 10:59:06 +0200 Subject: [PATCH 11/20] add category for AS number --- misp_modules/modules/expansion/onyphe.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 9f4f942..ea59ea2 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -66,7 +66,8 @@ def handle_expansion(api, ip, misperrors): asn_list.append(r['asn']) result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, 'categories': ['External analysis']}) - result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list))}) + result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list)), + 'categories': ['Network activity']}) return result_filtered From 2e0e63fad60050e163ad0e6aa898e775fab04d84 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 11:25:17 +0200 Subject: [PATCH 12/20] add targeting os --- misp_modules/modules/expansion/onyphe.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index ea59ea2..30bb179 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -58,16 +58,22 @@ def handle_expansion(api, ip, misperrors): result_filtered = {"results": []} urls_pasties = [] asn_list = [] + os_list = [] for r in result['results']: if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) elif r['@category'] == 'synscan': asn_list.append(r['asn']) + os_list.append(r['os']) result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, 'categories': ['External analysis']}) result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list)), 'categories': ['Network activity']}) + + result_filtered['results'].append({'types': ['target-machine'], + 'values': list(set(os_list)), + 'categories': ['Targeting data']}) return result_filtered From d9ee5286e3134a71a1e2f19f24c01fe4c30bdf6a Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 11:59:00 +0200 Subject: [PATCH 13/20] add domains --- misp_modules/modules/expansion/onyphe.py | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 30bb179..ac127ab 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -59,21 +59,41 @@ def handle_expansion(api, ip, misperrors): urls_pasties = [] asn_list = [] os_list = [] + domains_resolver = [] + domains_forward = [] for r in result['results']: if r['@category'] == 'pastries': if r['@type'] == 'pastebin': urls_pasties.append('https://pastebin.com/raw/%s' % r['key']) elif r['@category'] == 'synscan': asn_list.append(r['asn']) - os_list.append(r['os']) + os_target = r['os'] + if os_target != 'Unknown': + os_list.append(r['os']) + elif r['@category'] == 'resolver' and r['@type'] =='reverse': + domains_resolver.append(r['reverse']) + elif r['@category'] == 'resolver' and r['@type'] =='forward': + domains_forward.append(r['forward']) + result_filtered['results'].append({'types': ['url'], 'values': urls_pasties, 'categories': ['External analysis']}) + result_filtered['results'].append({'types': ['AS'], 'values': list(set(asn_list)), 'categories': ['Network activity']}) result_filtered['results'].append({'types': ['target-machine'], 'values': list(set(os_list)), 'categories': ['Targeting data']}) + + result_filtered['results'].append({'types': ['domains'], + 'values': list(set(domains_resolver)), + 'categories': ['Network activity'], + 'comments': ['resolver to %s' % ip]}) + + result_filtered['results'].append({'types': ['domains'], + 'values': list(set(domains_resolver)), + 'categories': ['Network activity'], + 'comments': ['forward to %s' % ip]}) return result_filtered From 59b49f9d20c0e7cd02e7a7df747a7a0ca2332d7f Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 12:00:46 +0200 Subject: [PATCH 14/20] add domains forward --- misp_modules/modules/expansion/onyphe.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index ac127ab..cb4a443 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -91,7 +91,7 @@ def handle_expansion(api, ip, misperrors): 'comments': ['resolver to %s' % ip]}) result_filtered['results'].append({'types': ['domains'], - 'values': list(set(domains_resolver)), + 'values': list(set(domains_forward)), 'categories': ['Network activity'], 'comments': ['forward to %s' % ip]}) return result_filtered From e0631c9651ed5bcb31ad6af9529dea53119b1d56 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 12:02:34 +0200 Subject: [PATCH 15/20] correct typo --- misp_modules/modules/expansion/onyphe.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index cb4a443..7cd249d 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -85,12 +85,12 @@ def handle_expansion(api, ip, misperrors): 'values': list(set(os_list)), 'categories': ['Targeting data']}) - result_filtered['results'].append({'types': ['domains'], + result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_resolver)), 'categories': ['Network activity'], 'comments': ['resolver to %s' % ip]}) - result_filtered['results'].append({'types': ['domains'], + result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_forward)), 'categories': ['Network activity'], 'comments': ['forward to %s' % ip]}) From 43402fde26b4ccc6ac576691d36f60c8a5a9909a Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 12:28:40 +0200 Subject: [PATCH 16/20] correct typo --- misp_modules/modules/expansion/onyphe.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 7cd249d..c99de19 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -88,12 +88,12 @@ def handle_expansion(api, ip, misperrors): result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_resolver)), 'categories': ['Network activity'], - 'comments': ['resolver to %s' % ip]}) + 'comment': ['resolver to %s' % ip]}) result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_forward)), 'categories': ['Network activity'], - 'comments': ['forward to %s' % ip]}) + 'comment': ['forward to %s' % ip]}) return result_filtered From f6b8655f64e8d0a2e1200e3b1f44c590ccb70f34 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 12:29:51 +0200 Subject: [PATCH 17/20] correct type of comments --- misp_modules/modules/expansion/onyphe.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index c99de19..9dad860 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -88,12 +88,12 @@ def handle_expansion(api, ip, misperrors): result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_resolver)), 'categories': ['Network activity'], - 'comment': ['resolver to %s' % ip]}) + 'comment': 'resolver to %s' % ip }) result_filtered['results'].append({'types': ['domain'], 'values': list(set(domains_forward)), 'categories': ['Network activity'], - 'comment': ['forward to %s' % ip]}) + 'comment': 'forward to %s' % ip}) return result_filtered From 755d907580d0f4462445af673cc20d385bccd096 Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 13:21:21 +0200 Subject: [PATCH 18/20] pep 8 compliant --- misp_modules/modules/expansion/onyphe.py | 1 + 1 file changed, 1 insertion(+) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 9dad860..7494867 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -61,6 +61,7 @@ def handle_expansion(api, ip, misperrors): os_list = [] domains_resolver = [] domains_forward = [] + for r in result['results']: if r['@category'] == 'pastries': if r['@type'] == 'pastebin': From 14695bbeb9ba7fce9f8495aadedfc0b7386d28ed Mon Sep 17 00:00:00 2001 From: Sebdraven Date: Mon, 11 Jun 2018 13:34:45 +0200 Subject: [PATCH 19/20] correct codecov --- misp_modules/modules/expansion/onyphe.py | 39 ++++++++++++------------ 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py index 7494867..86abe7a 100644 --- a/misp_modules/modules/expansion/onyphe.py +++ b/misp_modules/modules/expansion/onyphe.py @@ -19,31 +19,32 @@ moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven', moduleconfig = ['apikey'] - def handler(q=False): - if q is False: - return False - request = json.loads(q) + if q: - if not request.get('config') and not (request['config'].get('apikey')): - misperrors['error'] = 'Onyphe authentication is missing' - return misperrors + request = json.loads(q) - api = Onyphe(request['config'].get('apikey')) + if not request.get('config') and not (request['config'].get('apikey')): + misperrors['error'] = 'Onyphe authentication is missing' + return misperrors - if not api: - misperrors['error'] = 'Onyphe Error instance api' + api = Onyphe(request['config'].get('apikey')) - ip = '' - if request.get('ip-src'): - ip = request['ip-src'] - elif request.get('ip-dst'): - ip = request['ip-dst'] + if not api: + misperrors['error'] = 'Onyphe Error instance api' + + ip = '' + if request.get('ip-src'): + ip = request['ip-src'] + elif request.get('ip-dst'): + ip = request['ip-dst'] + else: + misperrors['error'] = "Unsupported attributes type" + return misperrors + + return handle_expansion(api, ip, misperrors) else: - misperrors['error'] = "Unsupported attributes type" - return misperrors - - return handle_expansion(api, ip, misperrors) + return False def handle_expansion(api, ip, misperrors): From a6717b53eff6ed2b076e90a3a5258eb934b7f17e Mon Sep 17 00:00:00 2001 From: sebdraven Date: Mon, 11 Jun 2018 13:56:37 +0200 Subject: [PATCH 20/20] Delete vcs.xml --- .idea/vcs.xml | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 .idea/vcs.xml diff --git a/.idea/vcs.xml b/.idea/vcs.xml deleted file mode 100644 index 94a25f7..0000000 --- a/.idea/vcs.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file