コード例 #1
0
def get_urlscan_details(url_body):
    try:
        jsonschema.validate(url_body, details_url_schema)
    except jsonschema.exceptions.ValidationError as exc:
        raise BadRequest(exc.message)

    URL = url_body.get('url')
    historic_search, when_performed = urlscan.search_newest(URL)
    found = False
    if when_performed and when_performed > datetime.utcnow() - timedelta(days=Const.DAY):
        results = urlscan.results(historic_search.get('_id'))
        if results:
            found = True

    if not found:
        try:
            url_id = urlscan.submit(URL)
        except urlscan.ApiKeyException as exc:
            raise Unauthorized(exc.message)
        except urlscan.UrlscanException as exc:
            raise BadRequest(exc.message)

        results = urlscan.results(url_id, wait_time=60)
        if not results:
            return _no_data_response()

    response_text = {
        "details": results
    }
    return Response(json.dumps(
            response_text,
            default=_default_json_model
            ), 200, mimetype="application/json")
コード例 #2
0
def verify_urlscan(URL, passive=False, urlscan_wait_time=Const.URLSCAN_WAIT_SECONDS):
    historic_search, when_performed = urlscan.search_newest(URL)

    if passive and when_performed and when_performed > datetime.utcnow() - timedelta(days=3 * Const.DAY):
        results = urlscan.results(historic_search.get('_id'))
        if results and results.get('malicious'):
            return True, Const.URLSCAN_FINISHED_MESSAGE
        else:
            return False, Const.URLSCAN_FINISHED_MESSAGE
    elif not passive:
        log.debug('[URL_VERIFY] Force scanning URL')
        try:
            url_id = urlscan.submit(URL)
        except urlscan.UrlscanException:
            return False, Const.URLSCAN_NOT_FINISHED_ERROR
        results = urlscan.results(url_id, wait_time=urlscan_wait_time)
        if results:
            if results.get('malicious'):
                return True, Const.URLSCAN_FINISHED_MESSAGE
            else:
                return False, Const.URLSCAN_FINISHED_MESSAGE
        else:
            return False, Const.URLSCAN_NOT_FINISHED_ERROR
    else:
        return False, Const.URLSCAN_NOT_FINISHED_ERROR
コード例 #3
0
def urlscan_data():
    search_url = "example.com"
    wait(5)
    info("Requested url - {}".format(search_url))
    uid = submit(search_url)
    info("Submited search with id {}".format(uid), pre=True)
    r = results(uid, wait_time=120)
    newest = search_newest(search_url)
    yield search_url, uid, r, newest
コード例 #4
0
 def test_results_invalid_uid(self):
     uid = token_hex(25)
     info("Requested id: {}".format(uid))
     r = results(uid, wait_time=10)
     assert_none(r, "Check if returned search data is None")
コード例 #5
0
 def test_results(self, urlscan_data):
     uid = urlscan_data[1]
     info("Requested id: {}".format(uid))
     r = results(uid, wait_time=10)
     assert_type(r, dict, "Check if returned search data is valid dict")
     assert_not_empty(r, "Check if returned search data is not empty")