MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: Quick fix on siblings & url parsing

pull/322/head
chrisr3d 2019-07-22 09:16:04 +02:00
parent 9aa721bc37
commit 729c86c336
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
misp_modules/modules/expansion/virustotal_public.py
View File

@ -29,9 +29,10 @@ class VirusTotalParser():
def parse_urls(self, query_result):
for feature in ('detected_urls', 'undetected_urls'):
for url in query_result[feature]:
value = url['url'] if isinstance(url, dict) else url
self.misp_event.add_attribute('url', value)
if feature in query_result:
for url in query_result[feature]:
value = url['url'] if isinstance(url, dict) else url
self.misp_event.add_attribute('url', value)
def parse_resolutions(self, resolutions, subdomains=None, uuids=None):
domain_ip_object = MISPObject('domain-ip')
@ -87,9 +88,9 @@ class DomainQuery(VirusTotalParser):
self.parse_resolutions(query_result['resolutions'], query_result['subdomains'], siblings)
self.parse_urls(query_result)
def parse_siblings(domain):
def parse_siblings(self, domain):
attribute = MISPAttribute()
attribute.from_dict(dict(type='domain', value=domain))
attribute.from_dict(**dict(type='domain', value=domain))
self.misp_event.add_attribute(**attribute)
return attribute.uuid