def _handle_lookup_url(self, param):
action_result = ActionResult(dict(param))
self.add_action_result(action_result)
# check for required input param
url = param["url"]
# build full REST endpoint with Auth signature
# make GET request to CTIX OpenAPI
try:
endpoint = "/search/?Expires={}&AccessID={}&Signature={}&url={}".format(
self._expires, self._access_id,
self._generate_signature(self._access_id, self._secret_key,
self._expires), url)
status_code, response = self._make_request(
"GET", "{}{}".format(self._baseurl, endpoint), self._verify,
action_result)
except Exception as e:
err_msg = self._get_error_message_from_exception(e)
self.save_progress(CYWARE_GET_REQ_FAILED.format(err_msg))
return action_result.set_status(
phantom.APP_ERROR, "URL Lookup failed. {}".format(err_msg))
if phantom.is_fail(status_code):
return action_result.get_status()
# check response status_code
if status_code == 200:
try:
if isinstance(response, list):
response = response[0]
if not isinstance(response, dict):
return action_result.set_status(
phantom.APP_ERROR, CYWARE_RESP_FROM_SERVER_NOT_JSON)
# commit action_result
action_result.set_summary({"message": response['message']})
action_result.add_data(response)
self.save_progress(phantom.APP_SUCCESS,
"URL Lookup Successful")
return action_result.set_status(phantom.APP_SUCCESS,
"URL Lookup Successful")
except Exception as e:
err_msg = self._get_error_message_from_exception(e)
self.save_progress(
CYWARE_ADDING_RESP_DATA_TO_ACTION_RESULT_FAILED.format(
err_msg))
return action_result.set_status(
phantom.APP_ERROR,
CYWARE_ADDING_RESP_DATA_TO_ACTION_RESULT_FAILED.format(
err_msg))
else:
self.save_progress(
CYWARE_GET_REQ_FAILED_WITH_NON_200_STATUS.format(status_code))
return action_result.set_status(
phantom.APP_ERROR,
CYWARE_GET_REQ_FAILED_WITH_NON_200_STATUS.format(status_code))
def _convert_dict_to_results(input_results):
import phantom.app as phantom
from phantom.action_result import ActionResult
action_results = []
for i, item in enumerate(input_results):
r = ActionResult()
setattr(r, '_ActionResult__status_code', item['status'] == phantom.APP_SUCCESS_STR and phantom.APP_SUCCESS or phantom.APP_ERROR)
setattr(r, '_ActionResult__status_message', item['message'])
r.get_data().extend(item['data'])
r.set_summary(item['summary'])
r.set_param(item['parameter'])
r.offset = i
action_results.append(r)
return action_results
def _lookup_ip(self, param):
action_result = ActionResult(dict(param))
self.add_action_result(action_result)
ip = param.get('ip')
port = int(param.get('port', 137))
timeout = int(param.get('timeout', 30))
if not ip:
return action_result.set_status(phantom.APP_ERROR, "IP must be provided.")
nb = NetBIOS()
hosts = nb.queryIPForName(ip, port, timeout)
if hosts is None:
return action_result.set_status(phantom.APP_ERROR, "Request timed out.")
if hosts:
action_result.set_summary({"hosts": len(hosts)})
action_result.add_data({"hostnames": hosts})
return action_result.set_status(phantom.APP_SUCCESS)
else:
return action_result.set_status(phantom.APP_ERROR, "Lookup failed.")
