MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-modules/misp_modules/modules/expansion/btc_scam_check.py

45 lines
1.2 KiB
Python
Raw Blame History

import json
import sys
try:
from dns.resolver import Resolver, NXDOMAIN
from dns.name import LabelTooLong
resolver = Resolver()
resolver.timeout = 1
resolver.lifetime = 1
except ImportError:
sys.exit("dnspython3 in missing. use 'pip install dnspython3' to install it.")
misperrors = {'error': 'Error'}
mispattributes = {'input': ['btc'], 'output': ['text']}
moduleinfo = {'version': '0.1', 'author': 'Christian Studer',
'description': 'Checks if a BTC address has been abused.',
'module-type': ['hover']}
moduleconfig = []
url = 'bl.btcblack.it'
def handler(q=False):
if q is False:
return False
request = json.loads(q)
btc = request['btc']
query = f"{btc}.{url}"
try:
result = ' - '.join([str(r) for r in resolver.query(query, 'TXT')])[1:-1]
except NXDOMAIN:
result = f"{btc} is not known as a scam address."
except LabelTooLong:
result = f"{btc} is probably not a valid BTC address."
return {'results': [{'types': mispattributes['output'], 'values': result}]}
def introspection():
return mispattributes
def version():
moduleinfo['config'] = moduleconfig
return moduleinfo
Reference in New Issue View Git Blame Copy Permalink