def test_no_functions_throw_exceptions(self):
try:
dshield.backscatter()
dshield.handler()
dshield.infocon()
dshield.ip('8.8.8.8')
dshield.port(80)
dshield.portdate(80)
dshield.topports()
dshield.topips()
dshield.sources()
dshield.porthistory(80)
dshield.asnum(1)
dshield.dailysummary()
dshield.daily404summary(datetime.date(2011, 12, 1))
dshield.daily404detail(datetime.date(2011, 12, 1))
dshield.glossary()
dshield.webhoneypotsummary(datetime.date(2011, 12, 1))
dshield.webhoneypotbytype(datetime.date(2011, 12, 1))
except requests.RequestException:
# don't care about network errors
pass
except Exception:
# anything else is a fail
self.assertTrue(False)
def test_no_functions_throw_exceptions(self):
try:
dshield.backscatter()
dshield.handler()
dshield.infocon()
dshield.ip('8.8.8.8')
dshield.port(80)
dshield.portdate(80)
dshield.topports()
dshield.topips()
dshield.sources()
dshield.porthistory(80)
dshield.asnum(1)
dshield.dailysummary()
dshield.daily404summary(datetime.date(2011, 12, 1))
dshield.daily404detail(datetime.date(2011, 12, 1))
dshield.glossary()
dshield.webhoneypotsummary(datetime.date(2011, 12, 1))
dshield.webhoneypotbytype(datetime.date(2011, 12, 1))
except requests.RequestException:
# don't care about network errors
pass
except Exception:
# anything else is a fail
self.assertTrue(False)
def test_ip(self):
responses.add(responses.GET, 'https://dshield.org/api/ip/4.4.4.4?json',
body='{"ip":{"test":"unknown"}}',
match_querystring=True, content_type='text/json')
responses.add(responses.GET, 'https://dshield.org/api/ip/badip?json',
body='{"error":"bad IP address"}', status=200,
match_querystring=True, content_type='text/json')
self.assertEquals(dshield.ip('4.4.4.4'), {'ip': {'test': 'unknown'}})
self.assertEquals(dshield.ip('4.4.4.4', dshield.JSON), '{"ip":{"test":"unknown"}}')
self.assertRaises(dshield.Error, dshield.ip, 'badip')
def test_ip(self):
responses.add(responses.GET,
'https://dshield.org/api/ip/4.4.4.4?json',
body='{"ip":{"test":"unknown"}}',
match_querystring=True,
content_type='text/json')
responses.add(responses.GET,
'https://dshield.org/api/ip/badip?json',
body='{"error":"bad IP address"}',
status=200,
match_querystring=True,
content_type='text/json')
self.assertEquals(dshield.ip('4.4.4.4'), {'ip': {'test': 'unknown'}})
self.assertEquals(dshield.ip('4.4.4.4', dshield.JSON),
'{"ip":{"test":"unknown"}}')
self.assertRaises(dshield.Error, dshield.ip, 'badip')
def add_row(self, host, inputrow):
try:
iscdata = dshield.ip(host)['ip']
iscurl = 'https://isc.sans.edu/ipinfo.html?ip={}'.format(host)
except dshield.Error:
iscdata = {}
iscurl = "Bad IP"
isccount = iscdata.get('count', '')
isccomment = iscdata.get('comment', '')
iscupdated = iscdata.get('updated', '')
iscthreatfeeds = '; '.join(iscdata.get('threatfeeds', {}).keys())
iscnetwork = iscdata.get('network', '')
iscattacks = iscdata.get('attacks', '')
iscmaxdate = iscdata.get('maxdate', '')
iscascountry = iscdata.get('ascountry', '')
iscnumber = iscdata.get('number', '')
iscassize = iscdata.get('assize', '')
iscmaxrisk = iscdata.get('maxrisk', '')
iscas = iscdata.get('as', '')
iscasabusecontact = iscdata.get('asabusecontact', '')
iscasname = iscdata.get('asname', '')
iscdataalexa = iscdata.get('alexa', {})
iscalexadomains = iscdataalexa.get('domains', '')
iscalexalastrank = iscdataalexa.get('lastrank', '')
iscalexahostname = iscdataalexa.get('hostname', '')
iscalexalastseen = iscdataalexa.get('lastseen', '')
iscalexafirstseen = iscdataalexa.get('firstseen', '')
iscmindate = iscdata.get('mindate', '')
inputrow.append(iscurl)
inputrow.append(isccount)
inputrow.append(isccomment)
inputrow.append(iscupdated)
inputrow.append(iscthreatfeeds)
inputrow.append(iscnetwork)
inputrow.append(iscattacks)
inputrow.append(iscmindate)
inputrow.append(iscmaxdate)
inputrow.append(iscnumber)
inputrow.append(iscmaxrisk)
inputrow.append(iscas)
inputrow.append(iscasname)
inputrow.append(iscassize)
inputrow.append(iscascountry)
inputrow.append(iscasabusecontact)
inputrow.append(iscalexadomains)
inputrow.append(iscalexalastrank)
inputrow.append(iscalexahostname)
inputrow.append(iscalexafirstseen)
inputrow.append(iscalexalastseen)
def run(self):
try:
data = dshield.ip(self.artifact['name'])
if isinstance(data, dict):
if 'ip' in data.keys():
self.artifact['data']['sans'] = data['ip']
if data['ip']['hostname'] != '':
self.artifact['children'].append({
'name': data['ip']['hostname'],
'type': 'host',
'source': 'SANS ISC',
'subtype': 'fqdn'
})
except:
pass
def run(self):
try:
data = dshield.ip(self.artifact['name'])
if isinstance(data, dict):
if 'ip' in data.keys():
self.artifact['data']['sans'] = data['ip']
if data['ip']['hostname'] != '':
self.artifact['children'].append({
'name':
data['ip']['hostname'],
'type':
'host',
'source':
'SANS ISC',
'subtype':
'fqdn'
})
except:
pass
def run(self):
try:
data = dshield.ip(self.artifact['name'])
if isinstance(data, dict):
if 'ip' in data.keys():
self.artifact['data']['sans'] = data['ip']
if data['ip']['hostname'] != '':
self.artifact['children'].append({
'name':
data['ip']['hostname'],
'type':
'host',
'source':
'SANS ISC',
'subtype':
'fqdn'
})
except Exception as err:
warning('Caught exception in module (%s)' % str(err))