mirror of https://github.com/MISP/misp-modules
commit
6c0e905737
|
@ -50,8 +50,9 @@ for module in os.listdir(modulesdir):
|
||||||
moduletype = os.path.split(modulesdir)[1]
|
moduletype = os.path.split(modulesdir)[1]
|
||||||
modules.append(modulename)
|
modules.append(modulename)
|
||||||
log.info('MISP modules {0} imported'.format(modulename))
|
log.info('MISP modules {0} imported'.format(modulename))
|
||||||
mhandlers[modulename] = importlib.import_module('modules.expansion.'+modulename)
|
mhandlers[modulename] = importlib.import_module('modules.expansion.' + modulename)
|
||||||
mhandlers['type:'+modulename]= moduletype
|
mhandlers['type:' + modulename] = moduletype
|
||||||
|
|
||||||
|
|
||||||
class ListModules(tornado.web.RequestHandler):
|
class ListModules(tornado.web.RequestHandler):
|
||||||
def get(self):
|
def get(self):
|
||||||
|
@ -59,23 +60,24 @@ class ListModules(tornado.web.RequestHandler):
|
||||||
for module in modules:
|
for module in modules:
|
||||||
x = {}
|
x = {}
|
||||||
x['name'] = module
|
x['name'] = module
|
||||||
x['type'] = mhandlers['type:'+module]
|
x['type'] = mhandlers['type:' + module]
|
||||||
x['mispattributes'] = mhandlers[module].introspection()
|
x['mispattributes'] = mhandlers[module].introspection()
|
||||||
x['version'] = mhandlers[module].version()
|
x['version'] = mhandlers[module].version()
|
||||||
ret.append(x)
|
ret.append(x)
|
||||||
log.debug('MISP ListModules request')
|
log.debug('MISP ListModules request')
|
||||||
self.write(json.dumps(ret))
|
self.write(json.dumps(ret))
|
||||||
|
|
||||||
|
|
||||||
class QueryModule(tornado.web.RequestHandler):
|
class QueryModule(tornado.web.RequestHandler):
|
||||||
def post(self):
|
def post(self):
|
||||||
jsonpayload = self.request.body.decode('utf-8')
|
jsonpayload = self.request.body.decode('utf-8')
|
||||||
x=json.loads(jsonpayload)
|
x = json.loads(jsonpayload)
|
||||||
log.debug('MISP QueryModule request {0}'.format(jsonpayload))
|
log.debug('MISP QueryModule request {0}'.format(jsonpayload))
|
||||||
ret = mhandlers[x['module']].handler(q=jsonpayload)
|
ret = mhandlers[x['module']].handler(q=jsonpayload)
|
||||||
self.write(json.dumps(ret))
|
self.write(json.dumps(ret))
|
||||||
|
|
||||||
|
|
||||||
service = [(r'/modules',ListModules), (r'/query',QueryModule)]
|
service = [(r'/modules', ListModules), (r'/query', QueryModule)]
|
||||||
|
|
||||||
application = tornado.web.Application(service)
|
application = tornado.web.Application(service)
|
||||||
log.info('MISP modules server started on TCP port {0}'.format(port))
|
log.info('MISP modules server started on TCP port {0}'.format(port))
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
import json
|
import json
|
||||||
import dns.resolver
|
import dns.resolver
|
||||||
|
|
||||||
mispattributes = {'input':['hostname', 'domain'], 'output':['ip-src', 'ip-dst']}
|
mispattributes = {'input': ['hostname', 'domain'], 'output': ['ip-src', 'ip-dst']}
|
||||||
moduleinfo = "0.1"
|
moduleinfo = "0.1"
|
||||||
|
|
||||||
|
|
||||||
def handler(q=False):
|
def handler(q=False):
|
||||||
if q is False:
|
if q is False:
|
||||||
return False
|
return False
|
||||||
|
@ -22,11 +23,13 @@ def handler(q=False):
|
||||||
return False
|
return False
|
||||||
except dns.exception.Timeout:
|
except dns.exception.Timeout:
|
||||||
return False
|
return False
|
||||||
r = {'results':[{'types':mispattributes['output'], 'values':[str(answer[0])]}]}
|
r = {'results': [{'types': mispattributes['output'], 'values':[str(answer[0])]}]}
|
||||||
return r
|
return r
|
||||||
|
|
||||||
def introspection():
|
|
||||||
|
|
||||||
|
def introspection():
|
||||||
return mispattributes
|
return mispattributes
|
||||||
|
|
||||||
|
|
||||||
def version():
|
def version():
|
||||||
return moduleinfo
|
return moduleinfo
|
||||||
|
|
Loading…
Reference in New Issue