Exemple #1
0
def objectsummary(uid):
    try:
        row = Indicator.query.filter_by(object=uid).first()
        newdict = helpers.row_to_dict(row)
        settings = Setting.query.filter_by(_id=1).first()
        taglist = row.tags.split(",")

        temprel = {}
        if row.relationships:
            rellist = row.relationships.split(",")
            for rel in rellist:
                row = Indicator.query.filter_by(object=rel).first()
                temprel[row.object] = row.type

        reldata = len(temprel)
        jsonvt = ""
        whoisdata = ""
        odnsdata = ""
        circldata = ""
        circlssl = ""
        pt_pdns_data = ""
        pt_whois_data = ""
        pt_pssl_data = ""
        pt_host_attr_data = ""
        farsightdata = ""
        shodandata = ""
        # Run ipwhois or domainwhois based on the type of indicator
        if str(row.type) == "IPv4" or str(row.type) == "IPv6":
            if settings.vtinfo == "on":
                jsonvt = virustotal.vt_ipv4_lookup(str(row.object))
            if settings.whoisinfo == "on":
                whoisdata = whoisinfo.ipwhois(str(row.object))
            if settings.odnsinfo == "on":
                odnsdata = opendns.ip_investigate(str(row.object))
            if settings.circlinfo == "on":
                circldata = circl.circlquery(str(row.object))
            if settings.circlssl == "on":
                circlssl = circl.circlssl(str(row.object))
            if settings.pt_pdns == "on":
                pt_pdns_data = passivetotal.pt_lookup('dns', str(row.object))
            if settings.pt_whois == "on":
                pt_whois_data = passivetotal.pt_lookup('whois', str(row.object))
            if settings.pt_pssl == "on":
                pt_pssl_data = passivetotal.pt_lookup('ssl', str(row.object))
            if settings.pt_host_attr == "on":
                pt_host_attr_data = passivetotal.pt_lookup('attributes', str(row.object))
            if settings.farsightinfo == "on":
                farsightdata = farsight.farsightip(str(row.object))
            if settings.shodaninfo == "on":
                shodandata = shodan.shodan(str(row.object))

        elif str(row.type) == "Domain":
            if settings.whoisinfo == "on":
                whoisdata = whoisinfo.domainwhois(str(row.object))
            if settings.vtinfo == "on":
                jsonvt = virustotal.vt_domain_lookup(str(row.object))
            if settings.odnsinfo == "on":
                odnsdata = opendns.domains_investigate(str(row.object))
            if settings.circlinfo == "on":
                circldata = circl.circlquery(str(row.object))
            if settings.pt_pdns == "on":
                pt_pdns_data = passivetotal.pt_lookup('dns', str(row.object))
            if settings.pt_whois == "on":
                pt_whois_data = passivetotal.pt_lookup('whois', str(row.object))
            if settings.pt_pssl == "on":
                pt_pssl_data = passivetotal.pt_lookup('ssl', str(row.object))
            if settings.pt_host_attr == "on":
                pt_host_attr_data = passivetotal.pt_lookup('attributes', str(row.object))
            if settings.farsightinfo == "on":
                farsightdata = farsight.farsightdomain(str(row.object))
            if settings.shodaninfo == "on":
                shodandata = shodan.shodan(str(row.object))

        if settings.whoisinfo == "on":
            if str(row.type) == "Domain":
                address = str(whoisdata['city']) + ", " + str(whoisdata['country'])
            else:
                address = str(whoisdata['nets'][0]['city']) + ", " + str(
                    whoisdata['nets'][0]['country'])
        else:
            address = "Information about " + str(row.object)
        return render_template('networkobject.html', records=newdict, jsonvt=jsonvt, whoisdata=whoisdata,
                               odnsdata=odnsdata, settingsvars=settings, address=address,
                               temprel=temprel, circldata=circldata, circlssl=circlssl, reldata=reldata,
                               taglist=taglist, farsightdata=farsightdata, shodandata=shodandata,
                               pt_pdns_data=pt_pdns_data, pt_whois_data=pt_whois_data, pt_pssl_data=pt_pssl_data,
                               pt_host_attr_data=pt_host_attr_data)
    except Exception as e:
        return render_template('error.html', error=e)
Exemple #2
0
def objectsummary(uid):
    try:
        row = Indicator.query.filter_by(object=uid).first()
        newdict = helpers.row_to_dict(row)
        settings = Setting.query.filter_by(_id=1).first()
        taglist = row.tags.split(",")

        temprel = {}
        if row.relationships:
            rellist = row.relationships.split(",")
            for rel in rellist:
                row = Indicator.query.filter_by(object=rel).first()
                temprel[row.object] = row.type

        reldata = len(temprel)
        jsonvt = ""
        whoisdata = ""
        odnsdata = ""
        circldata = ""
        circlssl = ""
        pt_pdns_data = ""
        pt_whois_data = ""
        pt_pssl_data = ""
        pt_host_attr_data = ""
        farsightdata = ""
        shodandata = ""
        # Run ipwhois or domainwhois based on the type of indicator
        if str(row.type) == "IPv4" or str(row.type) == "IPv6":
            if settings.vtinfo == "on":
                jsonvt = virustotal.vt_ipv4_lookup(str(row.object))
            if settings.whoisinfo == "on":
                whoisdata = whoisinfo.ipwhois(str(row.object))
            if settings.odnsinfo == "on":
                odnsdata = opendns.ip_investigate(str(row.object))
            if settings.circlinfo == "on":
                circldata = circl.circlquery(str(row.object))
            if settings.circlssl == "on":
                circlssl = circl.circlssl(str(row.object))
            if settings.pt_pdns == "on":
                pt_pdns_data = passivetotal.pt_lookup('dns', str(row.object))
            if settings.pt_whois == "on":
                pt_whois_data = passivetotal.pt_lookup('whois', str(row.object))
            if settings.pt_pssl == "on":
                pt_pssl_data = passivetotal.pt_lookup('ssl', str(row.object))
            if settings.pt_host_attr == "on":
                pt_host_attr_data = passivetotal.pt_lookup('attributes', str(row.object))
            if settings.farsightinfo == "on":
                farsightdata = farsight.farsightip(str(row.object))
            if settings.shodaninfo == "on":
                shodandata = shodan.shodan(str(row.object))

        elif str(row.type) == "Domain":
            if settings.whoisinfo == "on":
                whoisdata = whoisinfo.domainwhois(str(row.object))
            if settings.vtinfo == "on":
                jsonvt = virustotal.vt_domain_lookup(str(row.object))
            if settings.odnsinfo == "on":
                odnsdata = opendns.domains_investigate(str(row.object))
            if settings.circlinfo == "on":
                circldata = circl.circlquery(str(row.object))
            if settings.pt_pdns == "on":
                pt_pdns_data = passivetotal.pt_lookup('dns', str(row.object))
            if settings.pt_whois == "on":
                pt_whois_data = passivetotal.pt_lookup('whois', str(row.object))
            if settings.pt_pssl == "on":
                pt_pssl_data = passivetotal.pt_lookup('ssl', str(row.object))
            if settings.pt_host_attr == "on":
                pt_host_attr_data = passivetotal.pt_lookup('attributes', str(row.object))
            if settings.farsightinfo == "on":
                farsightdata = farsight.farsightdomain(str(row.object))
            if settings.shodaninfo == "on":
                shodandata = shodan.shodan(str(row.object))

        if settings.whoisinfo == "on":
            if str(row.type) == "Domain":
                address = str(whoisdata['city']) + ", " + str(whoisdata['country'])
            else:
                address = str(whoisdata['nets'][0]['city']) + ", " + str(
                    whoisdata['nets'][0]['country'])
        else:
            address = "Information about " + str(row.object)
        return render_template('networkobject.html', records=newdict, jsonvt=jsonvt, whoisdata=whoisdata,
                               odnsdata=odnsdata, settingsvars=settings, address=address,
                               temprel=temprel, circldata=circldata, circlssl=circlssl, reldata=reldata,
                               taglist=taglist, farsightdata=farsightdata, shodandata=shodandata,
                               pt_pdns_data=pt_pdns_data, pt_whois_data=pt_whois_data, pt_pssl_data=pt_pssl_data,
                               pt_host_attr_data=pt_host_attr_data)
    except Exception as e:
        return render_template('error.html', error=e)