mirror of https://github.com/MISP/misp-modules
initial version of OCR expansion module
parent
e893a17583
commit
7171c8ce92
|
@ -8,4 +8,5 @@ __all__ = ['cuckoo_submit', 'vmray_submit', 'bgpranking', 'circl_passivedns', 'c
|
||||||
'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl',
|
'yara_syntax_validator', 'hashdd', 'onyphe', 'onyphe_full', 'rbl',
|
||||||
'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator',
|
'xforceexchange', 'sigma_syntax_validator', 'stix2_pattern_syntax_validator',
|
||||||
'sigma_queries', 'dbl_spamhaus', 'vulners', 'yara_query', 'macaddress_io',
|
'sigma_queries', 'dbl_spamhaus', 'vulners', 'yara_query', 'macaddress_io',
|
||||||
'intel471', 'backscatter_io', 'btc_scam_check', 'hibp', 'greynoise', 'macvendors', 'qrcode']
|
'intel471', 'backscatter_io', 'btc_scam_check', 'hibp', 'greynoise', 'macvendors',
|
||||||
|
'qrcode', 'ocr']
|
||||||
|
|
|
@ -0,0 +1,51 @@
|
||||||
|
import json
|
||||||
|
import re
|
||||||
|
import binascii
|
||||||
|
import cv2
|
||||||
|
import np
|
||||||
|
import pytesseract
|
||||||
|
|
||||||
|
misperrors = {'error': 'Error'}
|
||||||
|
mispattributes = {'input': ['attachment'],
|
||||||
|
'output': ['freetext', 'text']}
|
||||||
|
moduleinfo = {'version': '0.1', 'author': 'Sascha Rommelfangen',
|
||||||
|
'description': 'OCR decoder',
|
||||||
|
'module-type': ['expansion']}
|
||||||
|
|
||||||
|
moduleconfig = []
|
||||||
|
|
||||||
|
|
||||||
|
def handler(q=False):
|
||||||
|
if q is False:
|
||||||
|
return False
|
||||||
|
q = json.loads(q)
|
||||||
|
filename = q['attachment']
|
||||||
|
try:
|
||||||
|
img_array = np.frombuffer(binascii.a2b_base64(q['data']), np.uint8)
|
||||||
|
except Exception as e:
|
||||||
|
print(e)
|
||||||
|
err = "Couldn't fetch attachment (JSON 'data' is empty). Are you using the 'Query enrichment' action?"
|
||||||
|
misperrors['error'] = err
|
||||||
|
print(err)
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
image = img_array
|
||||||
|
image = cv2.imdecode(img_array, cv2.IMREAD_COLOR)
|
||||||
|
try:
|
||||||
|
decoded = pytesseract.image_to_string(image)
|
||||||
|
return {'results': [{'types': ['freetext'], 'values': decoded, 'comment': "OCR from file " + filename},
|
||||||
|
{'types': ['text'], 'values': decoded, 'comment': "ORC from file " + filename}]}
|
||||||
|
except Exception as e:
|
||||||
|
print(e)
|
||||||
|
err = "Couldn't analyze file type. Only images are supported right now."
|
||||||
|
misperrors['error'] = err
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
|
||||||
|
def introspection():
|
||||||
|
return mispattributes
|
||||||
|
|
||||||
|
|
||||||
|
def version():
|
||||||
|
moduleinfo['config'] = moduleconfig
|
||||||
|
return moduleinfo
|
Loading…
Reference in New Issue