mirror of https://github.com/MISP/misp-modules
last commit for release
parent
88859a0ba7
commit
f2df6dc538
|
@ -72,69 +72,66 @@ def handler(q=False):
|
||||||
def handle_domain(api, domain, misperrors):
|
def handle_domain(api, domain, misperrors):
|
||||||
result_filtered = {"results": []}
|
result_filtered = {"results": []}
|
||||||
|
|
||||||
# r, status_ok = expand_domain_info(api, misperrors, domain)
|
r, status_ok = expand_domain_info(api, misperrors, domain)
|
||||||
# #
|
|
||||||
# if status_ok:
|
|
||||||
# if r:
|
|
||||||
# result_filtered['results'].extend(r)
|
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors['error'] + ' Error DNS result'
|
|
||||||
# return misperrors
|
|
||||||
#
|
|
||||||
# time.sleep(1)
|
|
||||||
# r, status_ok = expand_subdomains(api, domain)
|
|
||||||
#
|
|
||||||
# if status_ok:
|
|
||||||
# if r:
|
|
||||||
# result_filtered['results'].extend(r)
|
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors['error'] + ' Error subdomains result'
|
|
||||||
# return misperrors
|
|
||||||
#
|
|
||||||
# time.sleep(1)
|
|
||||||
# r, status_ok = expand_whois(api, domain)
|
|
||||||
#
|
|
||||||
# if status_ok:
|
|
||||||
# if r:
|
|
||||||
# result_filtered['results'].extend(r)
|
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors['error'] + ' Error whois result'
|
|
||||||
# return misperrors
|
|
||||||
#
|
|
||||||
# time.sleep(1)
|
|
||||||
# r, status_ok = expand_history_ipv4_ipv6(api, domain)
|
|
||||||
# #
|
|
||||||
#
|
|
||||||
# if status_ok:
|
|
||||||
# if r:
|
|
||||||
# result_filtered['results'].extend(r)
|
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors['error'] + ' Error history ipv4'
|
|
||||||
# return misperrors
|
|
||||||
#
|
|
||||||
# time.sleep(1)
|
|
||||||
#
|
|
||||||
# r, status_ok = expand_history_dns(api, domain)
|
|
||||||
#
|
|
||||||
# if status_ok:
|
|
||||||
# if r:
|
|
||||||
# result_filtered['results'].extend(r)
|
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors[
|
|
||||||
# 'error'] + ' Error in expand History DNS'
|
|
||||||
# return misperrors
|
|
||||||
|
|
||||||
# r, status_ok = expand_history_whois(api, domain)
|
if status_ok:
|
||||||
#
|
if r:
|
||||||
# if status_ok:
|
result_filtered['results'].extend(r)
|
||||||
# if r:
|
else:
|
||||||
#
|
misperrors['error'] = misperrors['error'] + ' Error DNS result'
|
||||||
# result_filtered['results'].extend(r)
|
return misperrors
|
||||||
# else:
|
|
||||||
# misperrors['error'] = misperrors['error'] + \
|
|
||||||
# ' Error in expand History Whois'
|
|
||||||
# return misperrors
|
|
||||||
|
|
||||||
|
time.sleep(1)
|
||||||
|
r, status_ok = expand_subdomains(api, domain)
|
||||||
|
|
||||||
|
if status_ok:
|
||||||
|
if r:
|
||||||
|
result_filtered['results'].extend(r)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = misperrors['error'] + ' Error subdomains result'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
time.sleep(1)
|
||||||
|
r, status_ok = expand_whois(api, domain)
|
||||||
|
|
||||||
|
if status_ok:
|
||||||
|
if r:
|
||||||
|
result_filtered['results'].extend(r)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = misperrors['error'] + ' Error whois result'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
time.sleep(1)
|
||||||
|
r, status_ok = expand_history_ipv4_ipv6(api, domain)
|
||||||
|
|
||||||
|
if status_ok:
|
||||||
|
if r:
|
||||||
|
result_filtered['results'].extend(r)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = misperrors['error'] + ' Error history ipv4'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
time.sleep(1)
|
||||||
|
|
||||||
|
r, status_ok = expand_history_dns(api, domain)
|
||||||
|
|
||||||
|
if status_ok:
|
||||||
|
if r:
|
||||||
|
result_filtered['results'].extend(r)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = misperrors[
|
||||||
|
'error'] + ' Error in expand History DNS'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
|
r, status_ok = expand_history_whois(api, domain)
|
||||||
|
|
||||||
|
if status_ok:
|
||||||
|
if r:
|
||||||
|
result_filtered['results'].extend(r)
|
||||||
|
else:
|
||||||
|
misperrors['error'] = misperrors['error'] + \
|
||||||
|
' Error in expand History Whois'
|
||||||
|
return misperrors
|
||||||
|
|
||||||
return result_filtered
|
return result_filtered
|
||||||
|
|
||||||
|
@ -151,17 +148,6 @@ def handle_ip(api, ip, misperrors):
|
||||||
misperrors['error'] += ' Error in expand searching domain'
|
misperrors['error'] += ' Error in expand searching domain'
|
||||||
return misperrors
|
return misperrors
|
||||||
|
|
||||||
time.sleep(1)
|
|
||||||
|
|
||||||
r, status_ok = expand_search_stats(api, ip, misperrors)
|
|
||||||
|
|
||||||
if status_ok:
|
|
||||||
if r:
|
|
||||||
result_filtered['results'].extend(r)
|
|
||||||
else:
|
|
||||||
misperrors['error'] += ' Error in expand searching stats'
|
|
||||||
return misperrors
|
|
||||||
|
|
||||||
return result_filtered
|
return result_filtered
|
||||||
|
|
||||||
|
|
||||||
|
@ -274,7 +260,8 @@ def expand_subdomains(api, domain):
|
||||||
|
|
||||||
)
|
)
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e
|
misperrors['error'] = e.value
|
||||||
|
return [], False
|
||||||
|
|
||||||
return r, status_ok
|
return r, status_ok
|
||||||
|
|
||||||
|
@ -347,8 +334,8 @@ def expand_whois(api, domain):
|
||||||
)
|
)
|
||||||
|
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e
|
misperrors['error'] = e.value
|
||||||
print(e)
|
return [], False
|
||||||
|
|
||||||
return r, status_ok
|
return r, status_ok
|
||||||
|
|
||||||
|
@ -372,7 +359,7 @@ def expand_history_ipv4_ipv6(api, domain):
|
||||||
r.extend(__history_ip(results, domain, type_ip='ipv6'))
|
r.extend(__history_ip(results, domain, type_ip='ipv6'))
|
||||||
|
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e
|
misperrors['error'] = e.value
|
||||||
return [], False
|
return [], False
|
||||||
|
|
||||||
return r, status_ok
|
return r, status_ok
|
||||||
|
@ -404,7 +391,7 @@ def expand_history_dns(api, domain):
|
||||||
r.extend(__history_dns(results, domain, 'host', 'mx'))
|
r.extend(__history_dns(results, domain, 'host', 'mx'))
|
||||||
|
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e
|
misperrors['error'] = e.value
|
||||||
return [], False
|
return [], False
|
||||||
|
|
||||||
status_ok = True
|
status_ok = True
|
||||||
|
@ -462,7 +449,7 @@ def expand_history_whois(api, domain):
|
||||||
)
|
)
|
||||||
|
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e
|
misperrors['error'] = e.value
|
||||||
return [], False
|
return [], False
|
||||||
status_ok = True
|
status_ok = True
|
||||||
|
|
||||||
|
@ -548,30 +535,6 @@ def expand_searching_domain(api, ip):
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
status_ok = True
|
status_ok = True
|
||||||
except APIError as e:
|
|
||||||
misperrors['error'] = e
|
|
||||||
return [], False
|
|
||||||
|
|
||||||
return r, status_ok
|
|
||||||
|
|
||||||
|
|
||||||
def expand_search_stats(api, ip, misperror):
|
|
||||||
r = []
|
|
||||||
status_ok = False
|
|
||||||
|
|
||||||
try:
|
|
||||||
result = api.search_stats(ipv4=ip)
|
|
||||||
if result and 'top_organizations' in result:
|
|
||||||
comment = ''
|
|
||||||
for reg in result['top_organizations']:
|
|
||||||
comment += 'Organization %s used %s count: %s' % (reg['key'],
|
|
||||||
ip,
|
|
||||||
reg['count'])
|
|
||||||
r.append({'types': ['comment'],
|
|
||||||
'categories': ['Other'],
|
|
||||||
'values': comment,
|
|
||||||
})
|
|
||||||
status_ok = True
|
|
||||||
except APIError as e:
|
except APIError as e:
|
||||||
misperrors['error'] = e.value
|
misperrors['error'] = e.value
|
||||||
return [], False
|
return [], False
|
||||||
|
|
Loading…
Reference in New Issue