Merge branch 'master' of github.com:MISP/misp-modules into documentation

2018-03-11 22:25:19 +01:00 · 2018-03-11 22:25:19 +01:00 · f9332c17ff
parent 68b20f2dd5 7a8aacb986
commit f9332c17ff
2 changed files with 28 additions and 19 deletions
--- a/misp_modules/modules/expansion/farsight_passivedns.py
+++ b/misp_modules/modules/expansion/farsight_passivedns.py
@ -1,5 +1,5 @@
 import json
-from ._dnsdb_query.dnsdb_query import DnsdbClient
+from ._dnsdb_query.dnsdb_query import DnsdbClient, QueryError


 misperrors = {'error': 'Error'}
@ -41,26 +41,35 @@ def handler(q=False):


 def lookup_name(client, name):
-    res = client.query_rrset(name)  # RRSET = entries in the left-hand side of the domain name related labels
-    for item in res:
-        if item.get('rrtype') in ['A', 'AAAA', 'CNAME']:
-            for i in item.get('rdata'):
-                yield(i.rstrip('.'))
-        if item.get('rrtype') in ['SOA']:
-            for i in item.get('rdata'):
-                # grab email field and replace first dot by @ to convert to an email address
-                yield(i.split(' ')[1].rstrip('.').replace('.', '@', 1))
-    # res = client.query_rdata_name(name)  # RDATA = entries on the right-hand side of the domain name related labels
-    # for item in res:
-    #     if item.get('rrtype') in ['A', 'AAAA', 'CNAME']:
-    #         yield(item.get('rrname').rstrip('.'))
+    try:
+        res = client.query_rrset(name)  # RRSET = entries in the left-hand side of the domain name related labels
+        for item in res:
+            if item.get('rrtype') in ['A', 'AAAA', 'CNAME']:
+                for i in item.get('rdata'):
+                    yield(i.rstrip('.'))
+            if item.get('rrtype') in ['SOA']:
+                for i in item.get('rdata'):
+                    # grab email field and replace first dot by @ to convert to an email address
+                    yield(i.split(' ')[1].rstrip('.').replace('.', '@', 1))
+    except QueryError as e:
+        pass
+
+    try:
+        res = client.query_rdata_name(name)  # RDATA = entries on the right-hand side of the domain name related labels
+        for item in res:
+            if item.get('rrtype') in ['A', 'AAAA', 'CNAME']:
+                yield(item.get('rrname').rstrip('.'))
+    except QueryError as e:
+        pass


 def lookup_ip(client, ip):
-    res = client.query_rdata_ip(ip)
-    for item in res:
-        print(item)
-        yield(item['rrname'].rstrip('.'))
+    try:
+        res = client.query_rdata_ip(ip)
+        for item in res:
+            yield(item['rrname'].rstrip('.'))
+    except QueryError as e:
+        pass


 def introspection():
--- a/misp_modules/modules/expansion/otx.py
+++ b/misp_modules/modules/expansion/otx.py
@ -45,7 +45,7 @@ def findAll(data, keys):
    return a

 def valid_email(email):
-    return bool(re.search(r"^[\w\.\+\-]+\@[\w]+\.[a-z]{2,3}$", email))
+    return bool(re.search(r"[a-zA-Z0-9!#$%&'*+\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+\/=?^_`{|}~-]+)*@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?", email))

 def handler(q=False):
    if q is False: