mihari 4.0.0 → 4.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/mihari/analyzers/shodan.rb +18 -3
- data/lib/mihari/models/rule.rb +1 -1
- data/lib/mihari/structs/rule.rb +6 -0
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/endpoints/rules.rb +35 -0
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari/web/public/redoc-static.html +13 -10
- data/lib/mihari/web/public/static/js/app.cb1fa7be.js +30 -0
- data/lib/mihari/web/public/static/js/app.cb1fa7be.js.map +1 -0
- data/lib/mihari/web/public/static/js/app.eb95cfc9.js +30 -0
- data/lib/mihari/web/public/static/js/app.eb95cfc9.js.map +1 -0
- data/lib/mihari.rb +0 -1
- data/sig/lib/mihari/analyzers/shodan.rbs +2 -0
- metadata +6 -4
- data/lib/mihari/analyzers/basic.rb +0 -19
- data/sig/lib/mihari/analyzers/basic.rbs +0 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f96f1f1e70601518505d5b48aba5a9e0c60f1555e9d7c96ca307a32f5214a568
|
|
4
|
+
data.tar.gz: 87910483603ccf914b867bede2ea287d456c9bde59ccfebd2324c42b8b1c6928
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 71fc241abdc3c41f28d49e7a2004957edaf0f09adc2f96b634af9dc5ea6de02fb2377fe0f88fbdb3c72816b2f72ebb4f6747e959a0dc7b13fff8377806bc57db
|
|
7
|
+
data.tar.gz: 9270f526e57e69df875f5a4cdacc0905cf8e8635f4fcea734f9a52b4f8b2e81a732a1990c4def0c53623ee57b60e7c40ee249a1b9501f866b1aec64fbbc1b47c
|
|
@@ -16,7 +16,7 @@ module Mihari
|
|
|
16
16
|
results = results.map { |result| Structs::Shodan::Result.from_dynamic!(result) }
|
|
17
17
|
results.map do |result|
|
|
18
18
|
matches = result.matches || []
|
|
19
|
-
matches.map { |match| build_artifact
|
|
19
|
+
matches.map { |match| build_artifact(match, matches) }
|
|
20
20
|
end.flatten.uniq(&:data)
|
|
21
21
|
end
|
|
22
22
|
|
|
@@ -73,14 +73,27 @@ module Mihari
|
|
|
73
73
|
responses
|
|
74
74
|
end
|
|
75
75
|
|
|
76
|
+
#
|
|
77
|
+
# Collect metadata from matches
|
|
78
|
+
#
|
|
79
|
+
# @param [Array<Structs::Shodan::Match>] matches
|
|
80
|
+
# @param [String] ip
|
|
81
|
+
#
|
|
82
|
+
# @return [Array<Hash>]
|
|
83
|
+
#
|
|
84
|
+
def collect_metadata_by_ip(matches, ip)
|
|
85
|
+
matches.select { |match| match.ip_str == ip }.map(&:metadata)
|
|
86
|
+
end
|
|
87
|
+
|
|
76
88
|
#
|
|
77
89
|
# Build an artifact from a Shodan search API response
|
|
78
90
|
#
|
|
79
91
|
# @param [Structs::Shodan::Match] match
|
|
92
|
+
# @param [Array<Structs::Shodan::Match>] matches
|
|
80
93
|
#
|
|
81
94
|
# @return [Artifact]
|
|
82
95
|
#
|
|
83
|
-
def build_artifact(match)
|
|
96
|
+
def build_artifact(match, matches)
|
|
84
97
|
as = nil
|
|
85
98
|
as = AutonomousSystem.new(asn: normalize_asn(match.asn)) unless match.asn.nil?
|
|
86
99
|
|
|
@@ -92,10 +105,12 @@ module Mihari
|
|
|
92
105
|
)
|
|
93
106
|
end
|
|
94
107
|
|
|
108
|
+
metadata = collect_metadata_by_ip(matches, match.ip_str)
|
|
109
|
+
|
|
95
110
|
Artifact.new(
|
|
96
111
|
data: match.ip_str,
|
|
97
112
|
source: source,
|
|
98
|
-
metadata:
|
|
113
|
+
metadata: metadata,
|
|
99
114
|
autonomous_system: as,
|
|
100
115
|
geolocation: geolocation
|
|
101
116
|
)
|
data/lib/mihari/models/rule.rb
CHANGED
data/lib/mihari/structs/rule.rb
CHANGED
|
@@ -108,6 +108,12 @@ module Mihari
|
|
|
108
108
|
# @return [Mihari::Rule]
|
|
109
109
|
#
|
|
110
110
|
def to_model
|
|
111
|
+
rule = Mihari::Rule.find(id)
|
|
112
|
+
rule.title = title
|
|
113
|
+
rule.description = description
|
|
114
|
+
rule.data = data
|
|
115
|
+
rule
|
|
116
|
+
rescue ActiveRecord::RecordNotFound
|
|
111
117
|
Mihari::Rule.new(
|
|
112
118
|
id: id,
|
|
113
119
|
title: title,
|
data/lib/mihari/version.rb
CHANGED
|
@@ -112,6 +112,41 @@ module Mihari
|
|
|
112
112
|
present model.to_h, with: Entities::Rule
|
|
113
113
|
end
|
|
114
114
|
|
|
115
|
+
desc "Update a rule", {
|
|
116
|
+
success: Entities::Rule,
|
|
117
|
+
summary: "Update a rule"
|
|
118
|
+
}
|
|
119
|
+
put "/" do
|
|
120
|
+
id = params["id"].to_s
|
|
121
|
+
|
|
122
|
+
begin
|
|
123
|
+
Mihari::Rule.find(id)
|
|
124
|
+
rescue ActiveRecord::RecordNotFound
|
|
125
|
+
error!({ message: "ID:#{id} is not found" }, 404)
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
rule = Structs::Rule::Rule.new(params)
|
|
129
|
+
|
|
130
|
+
begin
|
|
131
|
+
rule.validate!
|
|
132
|
+
rescue RuleValidationError
|
|
133
|
+
error!({ message: "Data format is invalid", details: rule.errors.to_h }, 400) if rule.errors?
|
|
134
|
+
|
|
135
|
+
# when NoMethodError occurs
|
|
136
|
+
error!({ message: "Data format is invalid" }, 400)
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
begin
|
|
140
|
+
model = rule.to_model
|
|
141
|
+
model.save
|
|
142
|
+
rescue ActiveRecord::RecordNotUnique
|
|
143
|
+
error!({ message: "ID:#{rule.id} is already registered" }, 400)
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
status 201
|
|
147
|
+
present model.to_h, with: Entities::Rule
|
|
148
|
+
end
|
|
149
|
+
|
|
115
150
|
desc "Delete a rule", {
|
|
116
151
|
success: Entities::Message,
|
|
117
152
|
failure: [{ code: 404, message: "Not found", model: Entities::Message }],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/static/favicon.ico"><title>Mihari</title><link href="/static/js/app.
|
|
1
|
+
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/static/favicon.ico"><title>Mihari</title><link href="/static/js/app.cb1fa7be.js" rel="preload" as="script"></head><body><noscript><strong>We're sorry but Mihari doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div><script src="/static/js/app.cb1fa7be.js"></script></body></html>
|