chg: [onyphe] fix #252

misp_modules/modules/expansion/onyphe.py

@@ -65,16 +65,16 @@ def handle_expansion(api, ip, misperrors):
 
     for r in result['results']:
         if r['@category'] == 'pastries':
-            if r['@type'] == 'pastebin':
+            if r['source'] == 'pastebin':
                 urls_pasties.append('https://pastebin.com/raw/%s' % r['key'])
         elif r['@category'] == 'synscan':
             asn_list.append(r['asn'])
             os_target = r['os']
             if os_target != 'Unknown':
                 os_list.append(r['os'])
-        elif r['@category'] == 'resolver' and r['@type'] =='reverse':
+        elif r['@category'] == 'resolver' and r['type'] =='reverse':
             domains_resolver.append(r['reverse'])
-        elif r['@category'] == 'resolver' and r['@type'] =='forward':
+        elif r['@category'] == 'resolver' and r['type'] =='forward':
             domains_forward.append(r['forward'])
 
     result_filtered['results'].append({'types': ['url'], 'values': urls_pasties,

misp_modules/modules/expansion/onyphe_full.py

@@ -315,7 +315,7 @@ def expand_pastries(api, misperror, **kwargs):
         status_ok = True
         for item in result['results']:
             if item['@category'] == 'pastries':
-                if item['@type'] == 'pastebin':
+                if item['source'] == 'pastebin':
                     urls_pasties.append('https://pastebin.com/raw/%s' % item['key'])
 
                     if 'domain' in item:

tests/bodyhashdd.json

@@ -1 +1 @@
-{"module": "hashdd", "md5": "838DE99E82C5B9753BAC96D82C1A8DCB"}
+{"module": "hashdd", "md5": "838DE99E82C5B9753BAC96D82C1A8DCC"}