mirror of https://github.com/MISP/misp-modules
add pastebin url imports
parent
e6bac113ba
commit
6eeca0fba1
|
@ -0,0 +1,6 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<project version="4">
|
||||||
|
<component name="VcsDirectoryMappings">
|
||||||
|
<mapping directory="$PROJECT_DIR$" vcs="Git" />
|
||||||
|
</component>
|
||||||
|
</project>
|
|
@ -9,7 +9,7 @@ except ImportError:
|
||||||
|
|
||||||
misperrors = {'error': 'Error'}
|
misperrors = {'error': 'Error'}
|
||||||
|
|
||||||
mispattributes = {'input': ['ip-src', 'ip-dst', 'hostname', 'domains'], 'output': ['freetext']}
|
mispattributes = {'input': ['ip-src', 'ip-dst', 'hostname', 'domains'], 'output': ['hostname', 'domain', 'ip-src', 'ip-dst','url']}
|
||||||
# possible module-types: 'expansion', 'hover' or both
|
# possible module-types: 'expansion', 'hover' or both
|
||||||
moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven',
|
moduleinfo = {'version': '1', 'author': 'Sebastien Larinier @sebdraven',
|
||||||
'description': 'Query on Onyphe',
|
'description': 'Query on Onyphe',
|
||||||
|
@ -48,12 +48,22 @@ def handler(q=False):
|
||||||
|
|
||||||
def handle_expansion(api, ip, misperrors):
|
def handle_expansion(api, ip, misperrors):
|
||||||
result = api.ip(ip)
|
result = api.ip(ip)
|
||||||
|
|
||||||
if result['status'] == 'nok':
|
if result['status'] == 'nok':
|
||||||
misperrors['error'] = result['message']
|
misperrors['error'] = result['message']
|
||||||
return misperrors
|
return misperrors
|
||||||
|
|
||||||
return {'results': [{'types': mispattributes['output'],
|
categories = list(set([item['@category'] for item in result['results']]))
|
||||||
'values': json.dumps(result)}]}
|
|
||||||
|
result_filtered = []
|
||||||
|
urls_pasties = []
|
||||||
|
for r in result['results']:
|
||||||
|
if r['@category'] == 'pastries':
|
||||||
|
if r['@type'] == 'pastebin':
|
||||||
|
urls_pasties.append('https://pastebin.com/raw/%s' % r['key'])
|
||||||
|
result_filtered.append({'type': ['url'], 'values': urls_pasties})
|
||||||
|
|
||||||
|
return result_filtered
|
||||||
|
|
||||||
|
|
||||||
def introspection():
|
def introspection():
|
||||||
|
|
Loading…
Reference in New Issue