def run(self): Analyzer.run(self) data = self.getData() try: # enrichment service if self.service == 'enrichment': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_enrichment(query=data) self.report(result) # malware service elif self.service == 'malware': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_malware(query=data) self.report(result) # osint service elif self.service == 'osint': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_osint(query=data) self.report(result) # passive dns service elif self.service == 'passive_dns': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_passive_dns(query=data) self.report(result) # ssl certificate details service elif self.service == 'ssl_certificate_details': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_details(query=data) self.report(result) # ssl certificate history service elif self.service == 'ssl_certificate_history': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_history(query=data) self.report(result) # unique resolutions service elif self.service == 'unique_resolutions': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_unique_resolutions(query=data) self.report(result) # whois details service elif self.service == 'whois_details': whois_request = WhoisRequest(username=self.username, api_key=self.api_key) result = whois_request.get_whois_details(query=data) self.report(result) else: self.error('Unknown PassiveTotal service') except Exception as e: self.unexpectedError(e)
def get_ssl(self, **kwargs): client = SslRequest(self.username, self.apikey) keys = ['query', 'compact', 'field', 'type'] params = self._cleanup_params(keys, **kwargs) if not params.get('type'): return client.get_ssl_certificate_details(**params) elif params.get('type') == 'history': return client.get_ssl_certificate_history(**params) elif params.get('type') == 'search' and params.get('field'): return client.search_ssl_certificate_by_field(**params) else: self.stoq.log.error("No SSL field provided.") return None
def get_ssl(self, **kwargs): client = SslRequest(self.username, self.apikey) keys = ['query', 'compact', 'field', 'type'] params = self._cleanup_params(keys, **kwargs) if not params.get('type'): return client.get_ssl_certificate_details(**params) elif params.get('type') == 'history': return client.get_ssl_certificate_history(**params) elif params.get('type') == 'search' and params.get('field'): return client.search_ssl_certificate_by_field(**params) else: self.log.error("No SSL field provided.") return None
class SslTestCase(unittest.TestCase): """Test case for SSL certificate methods.""" formats = ['json'] def setup_class(self): self.patcher = patch('passivetotal.api.Client._get', fake_request) self.patcher.start() self.client = SslRequest('--No-User--', '--No-Key--') def teardown_class(self): self.patcher.stop() def test_ssl_certificate_details(self): """Test getting SSL certificate details.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) assert (response.get('serialNumber') ) == '2317683628587350290823564500811277499' def test_process_ssl_certificate_details(self): """Test processing SSL certificate details.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) wrapped = Response(response) for item in self.formats: assert (getattr(wrapped, item)) def test_property_load(self): """Test loading properties on a result.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) wrapped = Response(response) for key, value in iteritems(response): assert (getattr(wrapped, key)) == value def test_ssl_certificate_search(self): """Test getting a SSL certificate search.""" payload = { 'query': 'www.passivetotal.org', 'field': 'subjectCommonName' } response = self.client.search_ssl_certificate_by_field(**payload) assert (response['results'][0]['serialNumber'] ) == '2317683628587350290823564500811277499' def test_ssl_certificate_search_bad_field(self): """Test sending a bad field in a search.""" with pytest.raises(INVALID_FIELD_TYPE) as excinfo: def invalid_field(): payload = {'query': 'www.passivetotal.org', 'field': '_'} self.client.search_ssl_certificate_by_field(**payload) invalid_field() assert 'must be one of the following' in str(excinfo.value) def test_ssl_certificate_search_missing_field(self): """Test missing a field in a search.""" with pytest.raises(MISSING_FIELD) as excinfo: def missing_field(): payload = {'query': 'www.passivetotal.org', 'no-field': '_'} self.client.search_ssl_certificate_by_field(**payload) missing_field() assert 'value is required' in str(excinfo.value) def test_process_ssl_certificate_search(self): """Test processing search results.""" payload = { 'query': 'www.passivetotal.org', 'field': 'subjectCommonName' } response = self.client.search_ssl_certificate_by_field(**payload) results = Response(response) assert (Response(results.results[0]).serialNumber ) == '2317683628587350290823564500811277499' def test_process_ssl_certificate_history(self): """Test processing search results.""" payload = {'query': '52.8.228.23'} response = self.client.get_ssl_certificate_history(**payload) wrapped = Response(response) record = Response(wrapped.results.pop(0)) assert (record.sha1) == 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'
class SslTestCase(unittest.TestCase): """Test case for SSL certificate methods.""" formats = ['json', 'xml', 'csv', 'text', 'table'] def setup_class(self): self.patcher = patch('passivetotal.api.Client._get', fake_request) self.patcher.start() self.client = SslRequest('--No-User--', '--No-Key--') def teardown_class(self): self.patcher.stop() def test_ssl_certificate_details(self): """Test getting SSL certificate details.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) assert (response.get('serialNumber')) == '2317683628587350290823564500811277499' def test_process_ssl_certificate_details(self): """Test processing SSL certificate details.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) wrapped = SslResponse(response) for item in self.formats: assert (getattr(wrapped, item)) def test_property_load(self): """Test loading properties on a result.""" payload = {'query': 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'} response = self.client.get_ssl_certificate_details(**payload) wrapped = SslResponse(response) for key, value in iteritems(response): assert (getattr(wrapped, key)) == value def test_ssl_certificate_search(self): """Test getting a SSL certificate search.""" payload = {'query': 'www.passivetotal.org', 'field': 'subjectCommonName'} response = self.client.search_ssl_certificate_by_field(**payload) assert (response['results'][0]['serialNumber']) == '2317683628587350290823564500811277499' def test_ssl_certificate_search_bad_field(self): """Test sending a bad field in a search.""" with pytest.raises(INVALID_FIELD_TYPE) as excinfo: def invalid_field(): payload = {'query': 'www.passivetotal.org', 'field': '_'} self.client.search_ssl_certificate_by_field(**payload) invalid_field() assert 'must be one of the following' in str(excinfo.value) def test_ssl_certificate_search_missing_field(self): """Test missing a field in a search.""" with pytest.raises(MISSING_FIELD) as excinfo: def missing_field(): payload = {'query': 'www.passivetotal.org', 'no-field': '_'} self.client.search_ssl_certificate_by_field(**payload) missing_field() assert 'value is required' in str(excinfo.value) def test_process_ssl_certificate_search(self): """Test processing search results.""" payload = {'query': 'www.passivetotal.org', 'field': 'subjectCommonName'} response = self.client.search_ssl_certificate_by_field(**payload) results = SslSearchResponse(response) assert (results.get_records()[0].serialNumber) == '2317683628587350290823564500811277499' def test_process_ssl_certificate_history(self): """Test processing search results.""" payload = {'query': '52.8.228.23'} response = self.client.get_ssl_certificate_history(**payload) wrapped = SslHistoryResponse(response) record = wrapped.get_records().pop(0) assert (record.sha1) == 'e9a6647d6aba52dc47b3838c920c9ee59bad7034'
def run(self): data = self.get_data() try: # enrichment service if self.service == 'enrichment': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_enrichment(query=data) self.report(result) # malware service elif self.service == 'malware': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_malware(query=data) self.report(result) # osint service elif self.service == 'osint': enrichment_request = EnrichmentRequest(username=self.username, api_key=self.api_key) result = enrichment_request.get_osint(query=data) self.report(result) # passive dns service elif self.service == 'passive_dns': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_passive_dns(query=data) self.report(result) # ssl certificate details service elif self.service == 'ssl_certificate_details': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_details(query=data) self.report(result) # ssl certificate history service elif self.service == 'ssl_certificate_history': ssl_request = SslRequest(username=self.username, api_key=self.api_key) result = ssl_request.get_ssl_certificate_history(query=data) print(len(result['results'])) if len(result['results'] ) == 1 and result['results'][0]['ipAddresses'] == 'N/A': print("ok") self.report({'results': []}) else: self.report(result) # unique resolutions service elif self.service == 'unique_resolutions': dns_request = DnsRequest(username=self.username, api_key=self.api_key) result = dns_request.get_unique_resolutions(query=data) self.report(result) # whois details service elif self.service == 'whois_details': whois_request = WhoisRequest(username=self.username, api_key=self.api_key) result = whois_request.get_whois_details(query=data) self.report(result) # components service elif self.service == 'components': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_components(query=data) self.report(result) # trackers service elif self.service == 'trackers': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_trackers(query=data) self.report(result) # host pairs service elif self.service == 'host_pairs': host_attr_request = HostAttributeRequest( username=self.username, api_key=self.api_key) result = host_attr_request.get_host_pairs(query=data, direction='parents') children = host_attr_request.get_host_pairs( query=data, direction='children') result['totalRecords'] += children['totalRecords'] result['results'] = result['results'] + children['results'] self.report(result) else: self.error('Unknown PassiveTotal service') except Exception as e: self.unexpectedError(e)