From 5d1583d88b87f6c08b9a9b513d89d777c6fd0f57 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sun, 11 Nov 2018 15:49:14 +0100
Subject: [PATCH] chg: [onyphe] fix #252

---
 misp_modules/modules/expansion/onyphe.py      | 8 ++++----
 misp_modules/modules/expansion/onyphe_full.py | 4 ++--
 tests/bodyhashdd.json                         | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/misp_modules/modules/expansion/onyphe.py b/misp_modules/modules/expansion/onyphe.py
index 86abe7a..c9bca0e 100644
--- a/misp_modules/modules/expansion/onyphe.py
+++ b/misp_modules/modules/expansion/onyphe.py
@@ -65,16 +65,16 @@ def handle_expansion(api, ip, misperrors):
 
     for r in result['results']:
         if r['@category'] == 'pastries':
-            if r['@type'] == 'pastebin':
+            if r['source'] == 'pastebin':
                 urls_pasties.append('https://pastebin.com/raw/%s' % r['key'])
         elif r['@category'] == 'synscan':
             asn_list.append(r['asn'])
             os_target = r['os']
             if os_target != 'Unknown':
                 os_list.append(r['os'])
-        elif r['@category'] == 'resolver' and r['@type'] =='reverse':
+        elif r['@category'] == 'resolver' and r['type'] =='reverse':
             domains_resolver.append(r['reverse'])
-        elif r['@category'] == 'resolver' and r['@type'] =='forward':
+        elif r['@category'] == 'resolver' and r['type'] =='forward':
             domains_forward.append(r['forward'])
 
     result_filtered['results'].append({'types': ['url'], 'values': urls_pasties,
@@ -105,4 +105,4 @@ def introspection():
 
 def version():
     moduleinfo['config'] = moduleconfig
-    return moduleinfo
\ No newline at end of file
+    return moduleinfo
diff --git a/misp_modules/modules/expansion/onyphe_full.py b/misp_modules/modules/expansion/onyphe_full.py
index 7a05d12..3d6ef8e 100644
--- a/misp_modules/modules/expansion/onyphe_full.py
+++ b/misp_modules/modules/expansion/onyphe_full.py
@@ -315,7 +315,7 @@ def expand_pastries(api, misperror, **kwargs):
         status_ok = True
         for item in result['results']:
             if item['@category'] == 'pastries':
-                if item['@type'] == 'pastebin':
+                if item['source'] == 'pastebin':
                     urls_pasties.append('https://pastebin.com/raw/%s' % item['key'])
 
                     if 'domain' in item:
@@ -374,4 +374,4 @@ def introspection():
 
 def version():
     moduleinfo['config'] = moduleconfig
-    return moduleinfo
\ No newline at end of file
+    return moduleinfo
diff --git a/tests/bodyhashdd.json b/tests/bodyhashdd.json
index b6d256c..3bdfa82 100644
--- a/tests/bodyhashdd.json
+++ b/tests/bodyhashdd.json
@@ -1 +1 @@
-{"module": "hashdd", "md5": "838DE99E82C5B9753BAC96D82C1A8DCB"}
+{"module": "hashdd", "md5": "838DE99E82C5B9753BAC96D82C1A8DCC"}