def create_resource(user):
try:
resource_name = request.json["resource_name"].strip()
resource_type = request.json["resource_type"].lower()
resource_type = ResourceType.get_type_from_string(resource_type)
resource = Resources.get(resource_name, resource_type, get_by_name=True)
project = User(user).get_active_project()
project.add_resource(resource)
response = []
response.append(
{
"success_message": f"Added new resource: {resource_name}",
"new_resource": resource.to_JSON(),
"type": resource.get_type_value(),
}
)
resource.launch_plugins(project.get_id())
# Deal with the case of URL resources where we have the chance to add a Domain or IP
if resource.get_type() == ResourceType.URL:
ip_or_domain = urllib.parse.urlparse(resource_name).netloc
resource_type = ResourceType.validate_ip_or_domain(ip_or_domain)
if ip_or_domain:
resource = Resources.get(ip_or_domain, resource_type, get_by_name=True)
project.add_resource(resource)
response.append(
{
"success_message": f"Added new resource: {ip_or_domain}",
"new_resource": resource.to_JSON(),
"type": resource.get_type_value(),
}
)
resource.launch_plugins(project.get_id())
# TODO: Deal with the case of domain -> IP
# TODO: Deal with the case of emails -> domains -> IP
return jsonify(response)
except ResourceTypeException:
return jsonify({"error_message": "Trying to add an unkown resource type"}), 400
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Server error :("}), 400
def threatcrowd_task(plugin_name, project_id, resource_id, resource_type, target):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.IPv4:
query_result = threatcrowd_ip(target)
elif resource_type == ResourceType.DOMAIN:
query_result = threatcrowd_domain(target)
elif resource_type == ResourceType.EMAIL:
query_result = threatcrowd_email(target)
elif resource_type == ResourceType.HASH:
query_result = threatcrowd_hash(target)
else:
print("ThreatCrowd resource type does not found")
if not query_result:
return
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def basic_ip_task(plugin_name, project_id, resource_id, resource_type, ip):
query_result = {}
# PTR
try:
PTR_record = ptr(ip)
if PTR_record:
query_result["ptr"] = PTR_record
ASN_NET_record = asn(ip)
if "asn" in ASN_NET_record:
query_result["asn"] = ASN_NET_record["asn"]
if "network" in ASN_NET_record:
query_result["network"] = ASN_NET_record["network"]
# TODO: Probably, we can save some parameters here when object is instantiated
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def maltiverse_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.IPv4:
query_result = maltiverse_ip(target)
elif resource_type == ResourceType.DOMAIN:
query_result = maltiverse_domain(target)
elif resource_type == ResourceType.URL:
query_result = maltiverse_url(target)
elif resource_type == ResourceType.HASH:
query_result = maltiverse_hash(target)
else:
print("Maltiverse resource type does not found")
if not query_result:
return
print(query_result)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def get_resources(user):
resource_type_as_string = request.json["type"]
try:
resource_type = ResourceType(resource_type_as_string)
project = User(user).get_active_project()
resources = project.get_resources(resource_type)
results = []
for resource in resources:
results.append(Resources.get(resource, resource_type).to_JSON())
return jsonify(results)
except ValueError:
raise ResourceTypeException()
except ResourceTypeException:
return jsonify({"error_message": "Received an unknown type of resource"}), 400
except Exception as e:
print(f"Error getting resource list {e}")
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
return jsonify({"error_message": "Error getting resources"}), 400
def tag_to_resource(user):
try:
resource_id = bson.ObjectId(request.json["resource_id"])
resource_type_as_string = request.json["resource_type"]
tag = request.json["tag"]
resource_type = ResourceType(resource_type_as_string)
resource = Resources.get(resource_id, resource_type)
resource.manage_tag(tag)
return jsonify({"sucess_message": "ok"})
except Exception as e:
print(e)
return jsonify({"error_message": "Error getting global tags"}), 400
def virustotal_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
query_result = virustotal(target, resource_type)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def botscout_task(plugin_name, project_id, resource_id, resource_type, ip):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = botscout_ip(ip)
else:
print("BotScout resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def threatminer_task(plugin_name, project_id, resource_id, resource_type, domain):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = threatminer_domain(domain, "1")
else:
print("threatminer resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def phishtank_task(plugin_name, project_id, resource_id, resource_type, url):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.URL:
query_result = phishtank_check(url)
else:
print("phishtank resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def geoip_task(plugin_name, project_id, resource_id, resource_type, ip):
try:
query_result = geoip(ip)
if not query_result:
return
# TODO: See if ResourceType.__str__ can be use for serialization
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def get_plugins(user):
try:
resource_id = bson.ObjectId(request.json["resource_id"])
project_id = bson.ObjectId(request.json["project_id"])
resource_type_as_string = request.json["resource_type"]
project = User(user).get_active_project()
resource_type = ResourceType(resource_type_as_string)
resource = Resources.get(resource_id, resource_type)
plugin_list = resource.get_plugins(project_id)
return json.dumps(plugin_list, default=str)
except Exception as e:
print(e)
return jsonify(
{"error_message": "Error unlinking resource from project"}), 400
def whois_task(plugin_name, project_id, resource_id, resource_type, domain):
try:
query_result = json.loads(str(whois.whois(domain)))
resource_type = ResourceType(resource_type)
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except whois.parser.PywhoisError:
print(f"Domain {domain} does not exists")
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def launch_plugin(user):
try:
resource_id = bson.ObjectId(request.json["resource_id"])
resource_type_as_string = request.json["resource_type"]
plugin_name = request.json["plugin_name"]
project = User(user).get_active_project()
resource_type = ResourceType(resource_type_as_string)
resource = Resources.get(resource_id, resource_type)
resource.launch_plugin(project.get_id(), plugin_name)
return jsonify({"sucess_message": "ok"})
except Exception as e:
print(e)
return jsonify(
{"error_message": "Error unlinking resource from project"}), 400
def puslsedive_task(
plugin_name, project_id, resource_id, resource_type, domain_or_hash
):
try:
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN or resource_type == ResourceType.HASH:
query_result = pulsedive_get_ioc_byvalue(domain_or_hash)
else:
print("PulseDive resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def dns_task(plugin_name, project_id, resource_id, resource_type, domain):
query_result = {}
# PTR
try:
dns_results = dns(domain)
query_result = dns_results
# TODO: Probably, we can save some parameters here when object is instantiated
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def get_resource(user):
"""
Return a resource doc
"""
resource_type_as_string = request.json["resource_type"]
resource_id = request.json["resource_id"]
try:
resource_type = ResourceType(resource_type_as_string)
resource = Resources.get(resource_id, resource_type)
return jsonify(resource.to_JSON())
except ValueError:
raise ResourceTypeException()
except ResourceTypeException:
return jsonify({"error_message": "Received an unknown type of resource"}), 400
except Exception as e:
print(f"Error getting ip list {e}")
return jsonify({"error_message": "Error getting resources"}), 400
def pastebin_task(
plugin_name, project_id, resource_id, resource_type, target, search_engine
):
try:
# We use "googlesearch" subtask to gather results as pastebin.com does not
# have a in-search engine
query_result = restricted_googlesearch(search_engine, target)
# Now, process google results and get the pastes and metadata
if query_result:
query_result = pastebin(query_result)
resource_type = ResourceType(resource_type)
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def hunterio_task(plugin_name, project_id, resource_id, resource_type, target):
try:
query_result = None
resource_type = ResourceType(resource_type)
if resource_type == ResourceType.DOMAIN:
query_result = hunterio_domain(target)
elif resource_type == ResourceType.EMAIL:
query_result = hunterio_email(target)
else:
print("Hunter.io resource type does not found")
# TODO: See if ResourceType.__str__ can be use for serialization
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
def otx_task(plugin_name, project_id, resource_id, resource_type, target):
try:
resource_type = ResourceType(resource_type)
# Check 2nd parameter if it's sent through view (frontend)
if resource_type == ResourceType.IPv4:
query_result = otx_iocs_ipv4(target, "general")
elif resource_type == ResourceType.DOMAIN:
query_result = otx_iocs_hostname(target, "general")
elif resource_type == ResourceType.URL:
query_result = otx_iocs_url(target, "general")
elif resource_type == ResourceType.HASH:
query_result = otx_iocs_file(target, "analysis")
else:
print("OTX resource type does not found")
resource = Resources.get(resource_id, resource_type)
resource.set_plugin_results(
plugin_name, project_id, resource_id, resource_type, query_result
)
except Exception as e:
tb1 = traceback.TracebackException.from_exception(e)
print("".join(tb1.format()))
