RubyGems - mihari - Versions diffs - 4.1.2 → 4.2.0 - Mend

mihari 4.1.2 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

checksums.yaml +4 -4
data/.github/workflows/test.yml +1 -1
data/README.md +1 -1
data/lib/mihari/analyzers/base.rb +18 -10
data/lib/mihari/analyzers/rule.rb +1 -1
data/lib/mihari/cli/base.rb +0 -4
data/lib/mihari/commands/init.rb +1 -1
data/lib/mihari/commands/search.rb +11 -58
data/lib/mihari/commands/validator.rb +1 -2
data/lib/mihari/emitters/base.rb +5 -2
data/lib/mihari/emitters/slack.rb +40 -4
data/lib/mihari/enrichers/base.rb +5 -2
data/lib/mihari/enrichers/ipinfo.rb +4 -3
data/lib/mihari/{web/entities → entities}/alert.rb +0 -0
data/lib/mihari/{web/entities → entities}/artifact.rb +0 -0
data/lib/mihari/{web/entities → entities}/autonomous_system.rb +0 -0
data/lib/mihari/{web/entities → entities}/command.rb +0 -0
data/lib/mihari/{web/entities → entities}/config.rb +0 -0
data/lib/mihari/{web/entities → entities}/dns.rb +0 -0
data/lib/mihari/{web/entities → entities}/geolocation.rb +0 -0
data/lib/mihari/{web/entities → entities}/ip_address.rb +0 -0
data/lib/mihari/{web/entities → entities}/message.rb +0 -0
data/lib/mihari/{web/entities → entities}/reverse_dns.rb +0 -0
data/lib/mihari/{web/entities → entities}/rule.rb +0 -0
data/lib/mihari/{web/entities → entities}/source.rb +0 -0
data/lib/mihari/{web/entities → entities}/tag.rb +0 -0
data/lib/mihari/{web/entities → entities}/whois.rb +0 -0
data/lib/mihari/errors.rb +2 -0
data/lib/mihari/feed/reader.rb +11 -55
data/lib/mihari/http.rb +94 -0
data/lib/mihari/mixins/error_notification.rb +20 -0
data/lib/mihari/mixins/retriable.rb +12 -2
data/lib/mihari/mixins/rule.rb +1 -2
data/lib/mihari/structs/ipinfo.rb +2 -3
data/lib/mihari/structs/rule.rb +30 -0
data/lib/mihari/structs/shodan.rb +9 -1
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/api.rb +0 -20
data/lib/mihari/web/app.rb +2 -2
data/lib/mihari/web/endpoints/rules.rb +3 -1
data/lib/mihari/web/middleware/error_notification_adapter.rb +19 -0
data/lib/mihari/web/public/index.html +1 -1
data/lib/mihari/web/public/redoc-static.html +1881 -165
data/lib/mihari/web/public/static/css/app.43138058.css +1 -0
data/lib/mihari/web/public/static/css/chunk-vendors.3ed9b08e.css +7 -0
data/lib/mihari/web/public/static/fonts/fa-brands-400.1fd0b4d7.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-brands-400.5d5236fb.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-regular-400.64b3730e.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-regular-400.95a8a8af.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-solid-900.6115ad71.woff2 +0 -0
data/lib/mihari/web/public/static/fonts/fa-solid-900.f0203cfc.ttf +0 -0
data/lib/mihari/web/public/static/fonts/fa-v4compatibility.e1023515.ttf +0 -0
data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js +2 -0
data/lib/mihari/web/public/static/js/app-legacy.46b666f0.js.map +1 -0
data/lib/mihari/web/public/static/js/app.4818aedd.js +2 -0
data/lib/mihari/web/public/static/js/app.4818aedd.js.map +1 -0
data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js +17 -0
data/lib/mihari/web/public/static/js/chunk-vendors-legacy.c99e452e.js.map +1 -0
data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js +23 -0
data/lib/mihari/web/public/static/js/chunk-vendors.15e84e22.js.map +1 -0
data/lib/mihari.rb +63 -15
data/mihari.gemspec +3 -3
data/sig/lib/mihari/emitters/slack.rbs +29 -1
data/sig/lib/mihari/feed/reader.rbs +2 -2
data/sig/lib/mihari/http.rbs +65 -0
data/sig/lib/mihari/mixins/error_notification.rbs +12 -0
data/sig/lib/mihari/structs/rule.rbs +6 -0
data/sig/lib/mihari.rbs +4 -8
metadata +68 -55
data/lib/mihari/cli/mixins/utils.rb +0 -72
data/lib/mihari/emitters/stdout.rb +0 -22
data/lib/mihari/notifiers/base.rb +0 -24
data/lib/mihari/notifiers/exception_notifier.rb +0 -126
data/lib/mihari/notifiers/slack.rb +0 -63
data/sig/lib/mihari/cli/mixins/utils.rbs +0 -50
data/sig/lib/mihari/notifiers/base.rbs +0 -18
data/sig/lib/mihari/notifiers/exception_notifier.rbs +0 -75
data/sig/lib/mihari/notifiers/slack.rbs +0 -50

data/lib/mihari/structs/rule.rb CHANGED Viewed

@@ -121,6 +121,36 @@ module Mihari
             data: data
           )
         end
+        #
+        # @return [Mihari::Analyzers::Rule]
+        #
+        def to_analyzer
+          analyzer = Mihari::Analyzers::Rule.new(
+            title: self[:title],
+            description: self[:description],
+            tags: self[:tags],
+            queries: self[:queries],
+            allowed_data_types: self[:allowed_data_types],
+            disallowed_data_values: self[:disallowed_data_values],
+            id: id
+          )
+          analyzer.ignore_old_artifacts = self[:ignore_old_artifacts]
+          analyzer.ignore_threshold = self[:ignore_threshold]
+          analyzer
+        end
+        class << self
+          #
+          # @param [Mihari::Rule] model
+          #
+          # @return [Mihari::Structs::Rule::Rule]
+          #
+          def from_model(model)
+            Structs::Rule::Rule.new(model.data)
+          end
+        end
       end
     end
   end

data/lib/mihari/structs/shodan.rb CHANGED Viewed

@@ -26,9 +26,17 @@ module Mihari
         def self.from_dynamic!(d)
           d = Types::Hash[d]
+          # hostnames should be an array of string but sometimes Shodan returns a string
+          # e.g. "hostnames": "set(['149.28.146.131.vultr.com', 'rebs.ga'])",
+          # https://github.com/ninoseki/mihari/issues/424
+          # so use an empty array if hostnames is a string
+          hostnames = d.fetch("hostnames")
+          hostnames = [] if hostnames.is_a?(String)
           new(
             asn: d["asn"],
-            hostnames: d.fetch("hostnames"),
+            hostnames: hostnames,
             location: Location.from_dynamic!(d.fetch("location")),
             domains: d.fetch("domains"),
             ip_str: d.fetch("ip_str"),

data/lib/mihari/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Mihari
-  VERSION = "4.1.2"
+  VERSION = "4.2.0"
 end

data/lib/mihari/web/api.rb CHANGED Viewed

@@ -1,25 +1,5 @@
 # frozen_string_literal: true
-# Entities
-require "mihari/web/entities/message"
-require "mihari/web/entities/autonomous_system"
-require "mihari/web/entities/command"
-require "mihari/web/entities/config"
-require "mihari/web/entities/dns"
-require "mihari/web/entities/geolocation"
-require "mihari/web/entities/ip_address"
-require "mihari/web/entities/reverse_dns"
-require "mihari/web/entities/source"
-require "mihari/web/entities/tag"
-require "mihari/web/entities/whois"
-require "mihari/web/entities/artifact"
-require "mihari/web/entities/alert"
-require "mihari/web/entities/rule"
 # Endpoints
 require "mihari/web/endpoints/alerts"
 require "mihari/web/endpoints/artifacts"

data/lib/mihari/web/app.rb CHANGED Viewed

@@ -6,12 +6,11 @@ require "rack/contrib"
 require "rack/handler/puma"
 require "rack/cors"
-require "grape"
-require "grape-entity"
 require "grape-swagger"
 require "grape-swagger-entity"
 require "mihari/web/middleware/connection_adapter"
+require "mihari/web/middleware/error_notification_adapter"
 require "mihari/web/api"
@@ -37,6 +36,7 @@ module Mihari
           end
           use Middleware::ConnectionAdapter
+          use Middleware::ErrorNotificationAdapter
           run App.new
         end.to_app

data/lib/mihari/web/endpoints/rules.rb CHANGED Viewed

@@ -79,7 +79,9 @@ module Mihari
             error!({ message: "ID:#{id} is not found" }, 404)
           end
-          Mihari::CLI::Main.start ["search", rule.id]
+          struct = Mihari::Structs::Rule::Rule.from_model(rule)
+          analyzer = struct.to_analyzer
+          analyzer.run
           status 201
           present({ message: "ID:#{id} is ran successfully" }, with: Entities::Message)

data/lib/mihari/web/middleware/error_notification_adapter.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Mihari
+  module Middleware
+    class ErrorNotificationAdapter
+      include Mixins::ErrorNotification
+      def initialize(app)
+        @app = app
+      end
+      def call(env)
+        with_error_notification do
+          status, headers, body = @app.call(env)
+          [status, headers, body]
+        end
+      end
+    end
+  end
+end

data/lib/mihari/web/public/index.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!~~DOCTYPE~~ html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/static/favicon.ico"><title>Mihari</title><~~link~~ ~~href~~="/static/js/app.~~b88ce341~~.js" rel="~~preload~~" as="script"></head><body><noscript><strong>We're sorry but Mihari doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div~~><script src="/static/js/app.b88ce341.js"~~></~~script></~~body></html>
1	+ <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="/static/favicon.ico"/><title>Mihari</title><script defer="defer" type="module" src="/static/js/chunk-vendors.15e84e22.js"></script><script defer="defer" type="module" src="/static/js/app.4818aedd.js"></script><link href="/static/css/chunk-vendors.3ed9b08e.css" rel="stylesheet"><link href="/static/css/app.43138058.css" rel="stylesheet"><script defer="defer" src="/static/js/chunk-vendors-legacy.c99e452e.js" nomodule></script><script defer="defer" src="/static/js/app-legacy.46b666f0.js" nomodule></script></head><body><noscript><strong>We're sorry but Mihari doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div></body></html>