RubyGems - mihari - Versions diffs - 4.1.2 → 4.2.0 - Mend

mihari 4.1.2 → 4.2.0

Files changed (78) hide show

checksums.yaml +4 -4
data/.github/workflows/test.yml +1 -1
data/README.md +1 -1
data/lib/mihari/analyzers/base.rb +18 -10
data/lib/mihari/analyzers/rule.rb +1 -1
data/lib/mihari/cli/base.rb +0 -4
data/lib/mihari/commands/init.rb +1 -1
data/lib/mihari/commands/search.rb +11 -58
data/lib/mihari/commands/validator.rb +1 -2
data/lib/mihari/emitters/base.rb +5 -2
data/lib/mihari/emitters/slack.rb +40 -4
data/lib/mihari/enrichers/base.rb +5 -2
data/lib/mihari/enrichers/ipinfo.rb +4 -3
data/lib/mihari/{web/entities → entities}/alert.rb +0 -0
data/lib/mihari/{web/entities → entities}/artifact.rb +0 -0
data/lib/mihari/{web/entities → entities}/autonomous_system.rb +0 -0
data/lib/mihari/{web/entities → entities}/command.rb +0 -0
data/lib/mihari/{web/entities → entities}/config.rb +0 -0
data/lib/mihari/{web/entities → entities}/dns.rb +0 -0
data/lib/mihari/{web/entities → entities}/geolocation.rb +0 -0
data/lib/mihari/{web/entities → entities}/ip_address.rb +0 -0
data/lib/mihari/{web/entities → entities}/message.rb +0 -0
data/lib/mihari/{web/entities → entities}/reverse_dns.rb +0 -0
data/lib/mihari/{web/entities → entities}/rule.rb +0 -0
data/lib/mihari/{web/entities → entities}/source.rb +0 -0
data/lib/mihari/{web/entities → entities}/tag.rb +0 -0
data/lib/mihari/{web/entities → entities}/whois.rb +0 -0
data/lib/mihari/errors.rb +2 -0
data/lib/mihari/feed/reader.rb +11 -55
data/lib/mihari/http.rb +94 -0
data/lib/mihari/mixins/error_notification.rb +20 -0
data/lib/mihari/mixins/retriable.rb +12 -2
data/lib/mihari/mixins/rule.rb +1 -2
data/lib/mihari/structs/ipinfo.rb +2 -3
data/lib/mihari/structs/rule.rb +30 -0
data/lib/mihari/structs/shodan.rb +9 -1
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/api.rb +0 -20
data/lib/mihari/web/app.rb +2 -2
data/lib/mihari/web/endpoints/rules.rb +3 -1
data/lib/mihari/web/middleware/error_notification_adapter.rb +19 -0
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari/web/public/redoc-static.html +1881 -165
data/lib/mihari/web/public/static/css/app.43138058.css +1 -0
data/lib/mihari/web/public/static/css/chunk-vendors.3ed9b08e.css +7 -0
data/lib/mihari/web/public/static/fonts/fa-brands-400.1fd0b4d7.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-brands-400.5d5236fb.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-regular-400.64b3730e.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-regular-400.95a8a8af.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-solid-900.6115ad71.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-solid-900.f0203cfc.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-v4compatibility.e1023515.ttf +0 -0
data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js +2 -0
data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js.map +1 -0
data/lib/mihari/web/public/static/js/app.4818aedd.js +2 -0
data/lib/mihari/web/public/static/js/app.4818aedd.js.map +1 -0
data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js +17 -0
data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js.map +1 -0
data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js +23 -0
data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js.map +1 -0
data/lib/mihari.rb +63 -15
data/mihari.gemspec +3 -3
data/sig/lib/mihari/emitters/slack.rbs +29 -1
data/sig/lib/mihari/feed/reader.rbs +2 -2
data/sig/lib/mihari/http.rbs +65 -0
data/sig/lib/mihari/mixins/error_notification.rbs +12 -0
data/sig/lib/mihari/structs/rule.rbs +6 -0
data/sig/lib/mihari.rbs +4 -8
metadata +68 -55
data/lib/mihari/cli/mixins/utils.rb +0 -72
data/lib/mihari/emitters/stdout.rb +0 -22
data/lib/mihari/notifiers/base.rb +0 -24
data/lib/mihari/notifiers/exception_notifier.rb +0 -126
data/lib/mihari/notifiers/slack.rb +0 -63
data/sig/lib/mihari/cli/mixins/utils.rbs +0 -50
data/sig/lib/mihari/notifiers/base.rbs +0 -18
data/sig/lib/mihari/notifiers/exception_notifier.rbs +0 -75
data/sig/lib/mihari/notifiers/slack.rbs +0 -50

data/lib/mihari/structs/rule.rb CHANGED Viewed

@@ -121,6 +121,36 @@ module Mihari
             data: data
           )
         end
+        #
+        # @return [Mihari::Analyzers::Rule]
+        #
+        def to_analyzer
+          analyzer = Mihari::Analyzers::Rule.new(
+            title: self[:title],
+            description: self[:description],
+            tags: self[:tags],
+            queries: self[:queries],
+            allowed_data_types: self[:allowed_data_types],
+            disallowed_data_values: self[:disallowed_data_values],
+            id: id
+          )
+          analyzer.ignore_old_artifacts = self[:ignore_old_artifacts]
+          analyzer.ignore_threshold = self[:ignore_threshold]
+          analyzer
+        end
+        class << self
+          #
+          # @param [Mihari::Rule] model
+          #
+          # @return [Mihari::Structs::Rule::Rule]
+          #
+          def from_model(model)
+            Structs::Rule::Rule.new(model.data)
+          end
+        end
       end
     end
   end

data/lib/mihari/structs/shodan.rb CHANGED Viewed

@@ -26,9 +26,17 @@ module Mihari
         def self.from_dynamic!(d)
           d = Types::Hash[d]
+          # hostnames should be an array of string but sometimes Shodan returns a string
+          # e.g. "hostnames": "set(['149.28.146.131.vultr.com', 'rebs.ga'])",
+          # https://github.com/ninoseki/mihari/issues/424
+          # so use an empty array if hostnames is a string
+          hostnames = d.fetch("hostnames")
+          hostnames = [] if hostnames.is_a?(String)
           new(
             asn: d["asn"],
-            hostnames: d.fetch("hostnames"),
+            hostnames: hostnames,
             location: Location.from_dynamic!(d.fetch("location")),
             domains: d.fetch("domains"),
             ip_str: d.fetch("ip_str"),

data/lib/mihari/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mihari
-  VERSION = "4.1.2"
+  VERSION = "4.2.0"
 end

data/lib/mihari/web/api.rb CHANGED Viewed

@@ -1,25 +1,5 @@
 # frozen_string_literal: true
-# Entities
-require "mihari/web/entities/message"
-require "mihari/web/entities/autonomous_system"
-require "mihari/web/entities/command"
-require "mihari/web/entities/config"
-require "mihari/web/entities/dns"
-require "mihari/web/entities/geolocation"
-require "mihari/web/entities/ip_address"
-require "mihari/web/entities/reverse_dns"
-require "mihari/web/entities/source"
-require "mihari/web/entities/tag"
-require "mihari/web/entities/whois"
-require "mihari/web/entities/artifact"
-require "mihari/web/entities/alert"
-require "mihari/web/entities/rule"
 # Endpoints
 require "mihari/web/endpoints/alerts"
 require "mihari/web/endpoints/artifacts"

data/lib/mihari/web/app.rb CHANGED Viewed

@@ -6,12 +6,11 @@ require "rack/contrib"
 require "rack/handler/puma"
 require "rack/cors"
-require "grape"
-require "grape-entity"
 require "grape-swagger"
 require "grape-swagger-entity"
 require "mihari/web/middleware/connection_adapter"
+require "mihari/web/middleware/error_notification_adapter"
 require "mihari/web/api"
@@ -37,6 +36,7 @@ module Mihari
           end
           use Middleware::ConnectionAdapter
+          use Middleware::ErrorNotificationAdapter
           run App.new
         end.to_app

data/lib/mihari/web/endpoints/rules.rb CHANGED Viewed

@@ -79,7 +79,9 @@ module Mihari
             error!({ message: "ID:#{id} is not found" }, 404)
           end
-          Mihari::CLI::Main.start ["search", rule.id]
+          struct = Mihari::Structs::Rule::Rule.from_model(rule)
+          analyzer = struct.to_analyzer
+          analyzer.run
           status 201
           present({ message: "ID:#{id} is ran successfully" }, with: Entities::Message)

data/lib/mihari/web/middleware/error_notification_adapter.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Mihari
+  module Middleware
+    class ErrorNotificationAdapter
+      include Mixins::ErrorNotification
+      def initialize(app)
+        @app = app
+      end
+      def call(env)
+        with_error_notification do
+          status, headers, body = @app.call(env)
+          [status, headers, body]
+        end
+      end
+    end
+  end
+end

data/lib/mihari/web/public/index.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!~~DOCTYPE~~ html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/static/favicon.ico"><title>Mihari</title><~~link~~ ~~href~~="/static/js/app.~~b88ce341~~.js" rel="~~preload~~" as="script"></head><body><noscript><strong>We're sorry but Mihari doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div~~><script src="/static/js/app.b88ce341.js"~~></~~script></~~body></html>
1	+ <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="/static/favicon.ico"/><title>Mihari</title><script defer="defer" type="module" src="/static/js/chunk-vendors.15e84e22.js"></script><script defer="defer" type="module" src="/static/js/app.4818aedd.js"></script><link href="/static/css/chunk-vendors.3ed9b08e.css" rel="stylesheet"><link href="/static/css/app.43138058.css" rel="stylesheet"><script defer="defer" src="/static/js/chunk-vendors-legacy.c99e452e.js" nomodule></script><script defer="defer" src="/static/js/app-legacy.46b666f0.js" nomodule></script></head><body><noscript><strong>We're sorry but Mihari doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div></body></html>