mihari 4.4.1 → 4.5.2

data/lib/mihari.rb

@@ -169,13 +169,16 @@ require "mihari/schemas/rule"
 # Enrichers
 require "mihari/enrichers/base"
 require "mihari/enrichers/ipinfo"
+require "mihari/enrichers/shodan"
 
 # Models
 require "mihari/models/alert"
 require "mihari/models/artifact"
 require "mihari/models/autonomous_system"
+require "mihari/models/cpe"
 require "mihari/models/dns"
 require "mihari/models/geolocation"
+require "mihari/models/port"
 require "mihari/models/reverse_dns"
 require "mihari/models/rule"
 require "mihari/models/tag"
@@ -220,11 +223,12 @@ require "mihari/analyzers/rule"
 require "mihari/entities/message"
 
 require "mihari/entities/autonomous_system"
-require "mihari/entities/command"
 require "mihari/entities/config"
+require "mihari/entities/cpe"
 require "mihari/entities/dns"
 require "mihari/entities/geolocation"
 require "mihari/entities/ip_address"
+require "mihari/entities/port"
 require "mihari/entities/reverse_dns"
 require "mihari/entities/source"
 require "mihari/entities/tag"

data/mihari.gemspec

@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "coveralls_reborn", "~> 0.24"
   spec.add_development_dependency "fakefs", "~> 1.4"
   spec.add_development_dependency "mysql2", "~> 0.5"
-  spec.add_development_dependency "overcommit", "~> 0.58"
+  spec.add_development_dependency "overcommit", "~> 0.59"
   spec.add_development_dependency "pg", "~> 1.3"
   spec.add_development_dependency "rack-test", "~> 1.1"
   spec.add_development_dependency "rake", "~> 13.0"
@@ -39,13 +39,13 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rerun", "~> 0.13"
   spec.add_development_dependency "rspec", "~> 3.11"
   spec.add_development_dependency "simplecov-lcov", "~> 0.8.0"
-  spec.add_development_dependency "standard", "~> 1.9"
-  spec.add_development_dependency "steep", "~> 0.51"
+  spec.add_development_dependency "standard", "~> 1.11"
+  spec.add_development_dependency "steep", "~> 0.52"
   spec.add_development_dependency "timecop", "~> 0.9"
   spec.add_development_dependency "vcr", "~> 6.1"
   spec.add_development_dependency "webmock", "~> 3.14"
 
-  spec.add_dependency "activerecord", "7.0.2.3"
+  spec.add_dependency "activerecord", "7.0.2.4"
   spec.add_dependency "addressable", "2.8.0"
   spec.add_dependency "awrence", "2.0.1"
   spec.add_dependency "binaryedge", "0.1.0"
@@ -54,7 +54,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "dnpedia", "0.1.0"
   spec.add_dependency "dnstwister", "0.1.0"
   spec.add_dependency "dotenv", "2.7.6"
-  spec.add_dependency "dry-configurable", "0.14.0"
+  spec.add_dependency "dry-configurable", "0.15.0"
   spec.add_dependency "dry-container", "0.9.0"
   spec.add_dependency "dry-files", "0.1.0"
   spec.add_dependency "dry-initializer", "3.1.1"
@@ -81,22 +81,20 @@ Gem::Specification.new do |spec|
   spec.add_dependency "passive_circl", "0.1.0"
   spec.add_dependency "passivetotalx", "0.1.1"
   spec.add_dependency "plissken", "2.0.1"
-  spec.add_dependency "public_suffix", "4.0.6"
+  spec.add_dependency "public_suffix", "4.0.7"
   spec.add_dependency "pulsedive", "0.1.5"
   spec.add_dependency "puma", "5.6.4"
   spec.add_dependency "rack", "2.2.3"
   spec.add_dependency "rack-contrib", "2.3.0"
   spec.add_dependency "rack-cors", "1.1.1"
-  spec.add_dependency "safe_shell", "1.1.0"
   spec.add_dependency "securitytrails", "1.0.0"
   spec.add_dependency "semantic_logger", "4.10.0"
-  spec.add_dependency "sentry-ruby", "5.2.1"
+  spec.add_dependency "sentry-ruby", "5.3.0"
   spec.add_dependency "shodanx", "0.2.1"
   spec.add_dependency "slack-notifier", "2.4.0"
   spec.add_dependency "spysex", "0.2.0"
   spec.add_dependency "sqlite3", "1.4.2"
   spec.add_dependency "thor", "1.2.1"
-  spec.add_dependency "thread_safe", "0.3.6"
   spec.add_dependency "urlscan", "0.8.0"
   spec.add_dependency "uuidtools", "2.2.0"
   spec.add_dependency "virustotalx", "1.2.0"

data/sig/lib/mihari/models/artifact.rbs

@@ -14,6 +14,8 @@ module Mihari
     attr_accessor whois_record(): Mihari::WhoisRecord
     attr_accessor dns_records(): Array[Mihari::DnsRecord]
     attr_accessor reverse_dns_names(): Array[Mihari::ReverseDnsName]
+    attr_accessor cpes(): Array[Mihari::CPE]
+    attr_accessor ports(): Array[Mihari::Port]
 
     include ActiveModel::Validations
 

data/sig/lib/mihari/models/cpe.rbs

@@ -0,0 +1,7 @@
+module Mihari
+  class CPE < ActiveRecord::Base
+    attr_accessor cpe (): String
+
+    def self.build_by_ip: (String ip) ->  Array[Mihari::CPE]
+  end
+end

data/sig/lib/mihari/models/port.rbs

@@ -0,0 +1,7 @@
+module Mihari
+  class Port < ActiveRecord::Base
+    attr_accessor port (): Integer
+
+    def self.build_by_ip: (String ip) ->  Array[Mihari::Port]
+  end
+end

data/sig/lib/mihari/structs/censys.rbs

@@ -14,10 +14,18 @@ module Mihari
         def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Location
       end
 
+      class Service
+        attr_reader port: Integer
+
+        def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Service
+      end
+
       class Hit
         attr_reader ip: String
         attr_reader location: Mihari::Structs::Censys::Location
         attr_reader autonomous_system: Mihari::Structs::Censys::AutonomousSystem
+        attr_reader metadata: Hash[(String | Symbol), untyped]
+        attr_reader services: Array[Mihari::Structs::Censys::Service]
 
         def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Censys::Hit
       end

data/sig/lib/mihari/structs/shodan.rbs

@@ -14,6 +14,8 @@ module Mihari
         attr_reader location: Mihari::Structs::Shodan::Location
         attr_reader domains: Array[String]
         attr_reader ip_str: String
+        attr_reader port: Integer
+
         def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::Shodan::Match
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 4.4.1
+  version: 4.5.2
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-04-03 00:00:00.000000000 Z
+date: 2022-05-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -72,14 +72,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.58'
+        version: '0.59'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.58'
+        version: '0.59'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -184,28 +184,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '1.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.9'
+        version: '1.11'
 - !ruby/object:Gem::Dependency
   name: steep
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.51'
+        version: '0.52'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.51'
+        version: '0.52'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -254,14 +254,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.2.3
+        version: 7.0.2.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.2.3
+        version: 7.0.2.4
 - !ruby/object:Gem::Dependency
   name: addressable
   requirement: !ruby/object:Gem::Requirement
@@ -380,14 +380,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.14.0
+        version: 0.15.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.14.0
+        version: 0.15.0
 - !ruby/object:Gem::Dependency
   name: dry-container
   requirement: !ruby/object:Gem::Requirement
@@ -758,14 +758,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.6
+        version: 4.0.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.0.6
+        version: 4.0.7
 - !ruby/object:Gem::Dependency
   name: pulsedive
   requirement: !ruby/object:Gem::Requirement
@@ -836,20 +836,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.1.1
-- !ruby/object:Gem::Dependency
-  name: safe_shell
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.1.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.1.0
 - !ruby/object:Gem::Dependency
   name: securitytrails
   requirement: !ruby/object:Gem::Requirement
@@ -884,14 +870,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.1
+        version: 5.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.1
+        version: 5.3.0
 - !ruby/object:Gem::Dependency
   name: shodanx
   requirement: !ruby/object:Gem::Requirement
@@ -962,20 +948,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.2.1
-- !ruby/object:Gem::Dependency
-  name: thread_safe
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.3.6
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.3.6
 - !ruby/object:Gem::Dependency
   name: urlscan
   requirement: !ruby/object:Gem::Requirement
@@ -1139,15 +1111,17 @@ files:
 - lib/mihari/emitters/webhook.rb
 - lib/mihari/enrichers/base.rb
 - lib/mihari/enrichers/ipinfo.rb
+- lib/mihari/enrichers/shodan.rb
 - lib/mihari/entities/alert.rb
 - lib/mihari/entities/artifact.rb
 - lib/mihari/entities/autonomous_system.rb
-- lib/mihari/entities/command.rb
 - lib/mihari/entities/config.rb
+- lib/mihari/entities/cpe.rb
 - lib/mihari/entities/dns.rb
 - lib/mihari/entities/geolocation.rb
 - lib/mihari/entities/ip_address.rb
 - lib/mihari/entities/message.rb
+- lib/mihari/entities/port.rb
 - lib/mihari/entities/reverse_dns.rb
 - lib/mihari/entities/rule.rb
 - lib/mihari/entities/source.rb
@@ -1168,8 +1142,10 @@ files:
 - lib/mihari/models/alert.rb
 - lib/mihari/models/artifact.rb
 - lib/mihari/models/autonomous_system.rb
+- lib/mihari/models/cpe.rb
 - lib/mihari/models/dns.rb
 - lib/mihari/models/geolocation.rb
+- lib/mihari/models/port.rb
 - lib/mihari/models/reverse_dns.rb
 - lib/mihari/models/rule.rb
 - lib/mihari/models/tag.rb
@@ -1197,7 +1173,6 @@ files:
 - lib/mihari/web/app.rb
 - lib/mihari/web/endpoints/alerts.rb
 - lib/mihari/web/endpoints/artifacts.rb
-- lib/mihari/web/endpoints/command.rb
 - lib/mihari/web/endpoints/configs.rb
 - lib/mihari/web/endpoints/ip_addresses.rb
 - lib/mihari/web/endpoints/rules.rb
@@ -1207,24 +1182,24 @@ files:
 - lib/mihari/web/middleware/error_notification_adapter.rb
 - lib/mihari/web/public/index.html
 - lib/mihari/web/public/redoc-static.html
-- lib/mihari/web/public/static/css/app.de5845d8.css
-- lib/mihari/web/public/static/css/chunk-vendors.da2a7bfc.css
+- lib/mihari/web/public/static/css/app.2a5d3d21.css
+- lib/mihari/web/public/static/css/chunk-vendors.06251949.css
 - lib/mihari/web/public/static/favicon.ico
-- lib/mihari/web/public/static/fonts/fa-brands-400.edf40f86.woff2
-- lib/mihari/web/public/static/fonts/fa-brands-400.f7223235.ttf
-- lib/mihari/web/public/static/fonts/fa-regular-400.3665ebc7.woff2
-- lib/mihari/web/public/static/fonts/fa-regular-400.a7fde52b.ttf
-- lib/mihari/web/public/static/fonts/fa-solid-900.0d2abd43.woff2
-- lib/mihari/web/public/static/fonts/fa-solid-900.5b03221c.ttf
-- lib/mihari/web/public/static/fonts/fa-v4compatibility.42932bea.ttf
-- lib/mihari/web/public/static/js/app-legacy.f550d6ae.js
-- lib/mihari/web/public/static/js/app-legacy.f550d6ae.js.map
-- lib/mihari/web/public/static/js/app.40749592.js
-- lib/mihari/web/public/static/js/app.40749592.js.map
-- lib/mihari/web/public/static/js/chunk-vendors-legacy.d6b76c57.js
-- lib/mihari/web/public/static/js/chunk-vendors-legacy.d6b76c57.js.map
-- lib/mihari/web/public/static/js/chunk-vendors.3bdbaffb.js
-- lib/mihari/web/public/static/js/chunk-vendors.3bdbaffb.js.map
+- lib/mihari/web/public/static/fonts/fa-brands-400.7fa789ab.ttf
+- lib/mihari/web/public/static/fonts/fa-brands-400.859fc388.woff2
+- lib/mihari/web/public/static/fonts/fa-regular-400.2ffd018f.woff2
+- lib/mihari/web/public/static/fonts/fa-regular-400.da02cb7e.ttf
+- lib/mihari/web/public/static/fonts/fa-solid-900.3a463ec3.ttf
+- lib/mihari/web/public/static/fonts/fa-solid-900.40ddefd7.woff2
+- lib/mihari/web/public/static/fonts/fa-v4compatibility.924588dc.ttf
+- lib/mihari/web/public/static/js/app-legacy.9d5c9c3d.js
+- lib/mihari/web/public/static/js/app-legacy.9d5c9c3d.js.map
+- lib/mihari/web/public/static/js/app.823b5af7.js
+- lib/mihari/web/public/static/js/app.823b5af7.js.map
+- lib/mihari/web/public/static/js/chunk-vendors-legacy.b110c129.js
+- lib/mihari/web/public/static/js/chunk-vendors-legacy.b110c129.js.map
+- lib/mihari/web/public/static/js/chunk-vendors.dde2116c.js
+- lib/mihari/web/public/static/js/chunk-vendors.dde2116c.js.map
 - mihari.gemspec
 - renovate.json
 - sig/lib/mihari.rbs
@@ -1285,8 +1260,10 @@ files:
 - sig/lib/mihari/models/alert.rbs
 - sig/lib/mihari/models/artifact.rbs
 - sig/lib/mihari/models/autonomous_system.rbs
+- sig/lib/mihari/models/cpe.rbs
 - sig/lib/mihari/models/dns.rbs
 - sig/lib/mihari/models/geolocation.rbs
+- sig/lib/mihari/models/port.rbs
 - sig/lib/mihari/models/reverse_dns.rbs
 - sig/lib/mihari/models/rule.rbs
 - sig/lib/mihari/models/tag.rbs

data/lib/mihari/entities/command.rb

@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Entities
-    class CommandInput < Grape::Entity
-      expose :command, documentation: { type: String, required: true }
-    end
-
-    class CommandResult < Grape::Entity
-      expose :output, documentation: { type: String, required: true }
-      expose :success, documentation: { type: Grape::API::Boolean, required: true }
-    end
-  end
-end

data/lib/mihari/web/endpoints/command.rb

@@ -1,33 +0,0 @@
-# frozen_string_literal: true
-
-require "safe_shell"
-
-module Mihari
-  module Endpoints
-    class Command < Grape::API
-      namespace :command do
-        desc "Run a command", {
-          success: Entities::CommandResult,
-          failure: [{ code: 400, message: "Bad request", model: Entities::Message }],
-          summary: "Run a command"
-        }
-        params do
-          requires :command, type: String, documentation: { param_type: "body" }
-        end
-        post "/" do
-          command = params[:command]
-          if command.nil?
-            error!({ message: "command is required" }, 400)
-          end
-
-          command = command.split
-
-          output = SafeShell.execute("mihari", *command)
-          success = $?.success?
-
-          present({ output: output, success: success }, with: Entities::CommandResult)
-        end
-      end
-    end
-  end
-end