Stiximport will now consume campaigns

Hannah Ward 2016-08-12 11:34:43 +01:00
parent 598a030962
commit faddf8378e
No known key found for this signature in database
GPG Key ID: BA89E572EE1B4C5F
1 changed files with 32 additions and 0 deletions

View File

@ -50,11 +50,43 @@ def handler(q=False):
if package.indicators:
for ind in package.indicators:
if package.exploit_targets:
for et in package.exploit_targets:
if package.campaigns:
for cpn in package.campaigns:
#Clean up results
#Don't send on anything that didn't have a value
r["results"] = [x for x in r["results"] if len(x["values"]) != 0]
return r
#Quick and dirty regex for IP addresses
ipre = re.compile("([0-9]{1,3}.){3}[0-9]{1,3}")
def buildCampaign(cpn):
Extract a campaign name
return {"values":[cpn.title], "types":["campaign-name"]}
def buildExploitTarget(et):
Extract CVEs from exploit targets
r = {"values":[], "types":["vulnerability"]}
if et.vulnerabilities:
for v in et.vulnerabilities:
if v.cve_id:
return r
def identifyHash(hsh):
What's that hash!?