mihari 5.7.1 → 6.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/config.ru +2 -0
  3. data/lib/mihari/analyzers/dnstwister.rb +2 -4
  4. data/lib/mihari/analyzers/urlscan.rb +1 -4
  5. data/lib/mihari/cli/main.rb +4 -12
  6. data/lib/mihari/clients/base.rb +23 -1
  7. data/lib/mihari/clients/binaryedge.rb +1 -3
  8. data/lib/mihari/clients/censys.rb +1 -2
  9. data/lib/mihari/clients/crtsh.rb +2 -3
  10. data/lib/mihari/clients/dnstwister.rb +1 -2
  11. data/lib/mihari/clients/fofa.rb +1 -3
  12. data/lib/mihari/clients/greynoise.rb +1 -2
  13. data/lib/mihari/clients/hunterhow.rb +1 -2
  14. data/lib/mihari/clients/misp.rb +1 -2
  15. data/lib/mihari/clients/onyphe.rb +1 -2
  16. data/lib/mihari/clients/otx.rb +2 -14
  17. data/lib/mihari/clients/passivetotal.rb +3 -16
  18. data/lib/mihari/clients/publsedive.rb +2 -17
  19. data/lib/mihari/clients/securitytrails.rb +3 -25
  20. data/lib/mihari/clients/shodan.rb +1 -2
  21. data/lib/mihari/clients/the_hive.rb +1 -2
  22. data/lib/mihari/clients/urlscan.rb +1 -2
  23. data/lib/mihari/clients/virustotal.rb +3 -17
  24. data/lib/mihari/clients/zoomeye.rb +9 -19
  25. data/lib/mihari/commands/alert.rb +11 -11
  26. data/lib/mihari/commands/database.rb +4 -2
  27. data/lib/mihari/commands/mixins.rb +11 -0
  28. data/lib/mihari/commands/search.rb +15 -15
  29. data/lib/mihari/constants.rb +1 -1
  30. data/lib/mihari/database.rb +3 -5
  31. data/lib/mihari/emitters/slack.rb +3 -6
  32. data/lib/mihari/emitters/the_hive.rb +3 -7
  33. data/lib/mihari/enrichers/google_public_dns.rb +2 -7
  34. data/lib/mihari/enrichers/ipinfo.rb +1 -3
  35. data/lib/mihari/enrichers/shodan.rb +1 -3
  36. data/lib/mihari/enrichers/whois.rb +0 -4
  37. data/lib/mihari/http.rb +13 -11
  38. data/lib/mihari/mixins/refang.rb +1 -4
  39. data/lib/mihari/mixins/unwrap_error.rb +27 -0
  40. data/lib/mihari/models/alert.rb +1 -3
  41. data/lib/mihari/models/artifact.rb +5 -7
  42. data/lib/mihari/models/rule.rb +1 -2
  43. data/lib/mihari/rule.rb +14 -10
  44. data/lib/mihari/service.rb +2 -0
  45. data/lib/mihari/services/rule_builder.rb +2 -4
  46. data/lib/mihari/structs/fofa.rb +2 -0
  47. data/lib/mihari/version.rb +1 -1
  48. data/lib/mihari/web/app.rb +3 -1
  49. data/lib/mihari/web/endpoints/alerts.rb +14 -18
  50. data/lib/mihari/web/endpoints/artifacts.rb +17 -22
  51. data/lib/mihari/web/endpoints/configs.rb +0 -1
  52. data/lib/mihari/web/endpoints/ip_addresses.rb +1 -1
  53. data/lib/mihari/web/endpoints/rules.rb +27 -32
  54. data/lib/mihari/web/endpoints/tags.rb +7 -9
  55. data/lib/mihari/web/middleware/connection_adapter.rb +3 -5
  56. data/lib/mihari/web/middleware/error_notification_adapter.rb +15 -6
  57. data/lib/mihari/web/public/assets/{index-07fafab5.js → index-07cddfcd.js} +44 -44
  58. data/lib/mihari/web/public/index.html +1 -1
  59. data/lib/mihari/web/public/redoc-static.html +381 -401
  60. data/lib/mihari.rb +1 -2
  61. data/mihari.gemspec +14 -16
  62. data/mkdocs.yml +14 -8
  63. data/requirements.txt +1 -1
  64. metadata +81 -39
  65. data/lib/mihari/mixins/error_notification.rb +0 -21
  66. data/lib/mihari/services/rule_runner.rb +0 -19
@@ -128,7 +128,6 @@ module Mihari
128
128
  desc "Search rules", {
129
129
  is_array: true,
130
130
  success: Entities::RulesWithPagination,
131
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
132
131
  summary: "Search rules"
133
132
  }
134
133
  params do
@@ -153,7 +152,7 @@ module Mihari
153
152
 
154
153
  desc "Get a rule", {
155
154
  success: Entities::Rule,
156
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
155
+ failure: [{ code: 404, model: Entities::Message }],
157
156
  summary: "Get a rule"
158
157
  }
159
158
  params do
@@ -164,50 +163,48 @@ module Mihari
164
163
  result = RuleGetter.result(params[:id].to_s)
165
164
  return present(result.value!, with: Entities::Rule) if result.success?
166
165
 
167
- failure = result.failure
168
- case failure
166
+ case result.failure
169
167
  when ActiveRecord::RecordNotFound
170
168
  error!({ message: "ID:#{id} is not found" }, 404)
171
169
  end
172
- raise failure
170
+ raise result.failure
173
171
  end
174
172
 
175
173
  desc "Run a rule", {
176
- success: Entities::Message,
174
+ success: { code: 201, model: Entities::Message },
175
+ failure: [{ code: 404, model: Entities::Message }],
177
176
  summary: "Run a rule"
178
177
  }
179
178
  params do
180
179
  requires :id, type: String
181
180
  end
182
181
  get "/:id/run" do
182
+ status 201
183
+
183
184
  id = params[:id].to_s
184
185
  result = RuleRunner.result(id)
185
- if result.success?
186
- status 201
187
- return present({ message: "ID:#{id}} ran successfully" }, with: Entities::Message)
188
- end
186
+ return present({ message: "ID:#{id}} has been ran" }, with: Entities::Message) if result.success?
189
187
 
190
- failure = result.failure
191
- case failure
188
+ case result.failure
192
189
  when ActiveRecord::RecordNotFound
193
190
  error!({ message: "ID:#{id} is not found" }, 404)
194
191
  end
195
- raise failure
192
+ raise result.failure
196
193
  end
197
194
 
198
195
  desc "Create a rule", {
199
- success: Entities::Rule,
196
+ success: { code: 201, model: Entities::Rule },
197
+ failure: [{ code: 404, model: Entities::Message }],
200
198
  summary: "Create a rule"
201
199
  }
202
200
  params do
203
201
  requires :yaml, type: String, documentation: { param_type: "body" }
204
202
  end
205
203
  post "/" do
204
+ status 201
205
+
206
206
  result = RuleCreator.result(params[:yaml])
207
- if result.success?
208
- status 201
209
- return present(result.value!.model, with: Entities::Rule)
210
- end
207
+ return present(result.value!.model, with: Entities::Rule) if result.success?
211
208
 
212
209
  failure = result.failure
213
210
  case failure
@@ -220,7 +217,8 @@ module Mihari
220
217
  end
221
218
 
222
219
  desc "Update a rule", {
223
- success: Entities::Rule,
220
+ success: { code: 201, model: Entities::Rule },
221
+ failure: [{ code: 404, model: Entities::Message }],
224
222
  summary: "Update a rule"
225
223
  }
226
224
  params do
@@ -228,12 +226,11 @@ module Mihari
228
226
  requires :yaml, type: String, documentation: { param_type: "body" }
229
227
  end
230
228
  put "/" do
229
+ status 201
230
+
231
231
  id = params[:id].to_s
232
232
  result = RuleUpdater.result(id: id, yaml: params[:yaml].to_s)
233
- if result.success?
234
- status 201
235
- return present(result.value!.model, with: Entities::Rule)
236
- end
233
+ return present(result.value!.model, with: Entities::Rule) if result.success?
237
234
 
238
235
  failure = result.failure
239
236
  case failure
@@ -248,27 +245,25 @@ module Mihari
248
245
  end
249
246
 
250
247
  desc "Delete a rule", {
251
- success: Entities::Message,
252
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
248
+ success: { code: 204, model: Entities::Message },
249
+ failure: [{ code: 404, model: Entities::Message }],
253
250
  summary: "Delete a rule"
254
251
  }
255
252
  params do
256
253
  requires :id, type: String
257
254
  end
258
255
  delete "/:id" do
256
+ status 204
257
+
259
258
  id = params[:id].to_s
260
259
  result = RuleDestroyer.result(id)
261
- if result.success?
262
- status 204
263
- return present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
264
- end
260
+ return present({ message: "ID:#{id} is deleted" }, with: Entities::Message) if result.success?
265
261
 
266
- failure = result.failure
267
- case failure
262
+ case result.failure
268
263
  when ActiveRecord::RecordNotFound
269
264
  error!({ message: "ID:#{id} is not found" }, 404)
270
265
  end
271
- raise failure
266
+ raise result.failure
272
267
  end
273
268
  end
274
269
  end
@@ -28,27 +28,25 @@ module Mihari
28
28
  end
29
29
 
30
30
  desc "Delete a tag", {
31
- success: Entities::Message,
32
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
31
+ success: { code: 204, model: Entities::Message },
32
+ failure: [{ code: 404, model: Entities::Message }],
33
33
  summary: "Delete a tag"
34
34
  }
35
35
  params do
36
36
  requires :id, type: Integer
37
37
  end
38
38
  delete "/:id" do
39
+ status 204
40
+
39
41
  id = params[:id].to_i
40
42
  result = TagDestroyer.result(id)
41
- if result.success?
42
- status 204
43
- return present({ message: "" }, with: Entities::Message)
44
- end
43
+ return present({ message: "" }, with: Entities::Message) if result.success?
45
44
 
46
- failure = result.failure
47
- case failure
45
+ case result.failure
48
46
  when ActiveRecord::RecordNotFound
49
47
  error!({ message: "ID:#{id} is not found" }, 404)
50
48
  end
51
- raise failure
49
+ raise result.failure
52
50
  end
53
51
  end
54
52
  end
@@ -7,16 +7,14 @@ module Mihari
7
7
  # DB connection adapter for Rack app
8
8
  #
9
9
  class ConnectionAdapter
10
+ attr_reader :app
11
+
10
12
  def initialize(app)
11
13
  @app = app
12
14
  end
13
15
 
14
16
  def call(env)
15
- Mihari::Database.with_db_connection do
16
- status, headers, body = @app.call(env)
17
-
18
- [status, headers, body]
19
- end
17
+ Mihari::Database.with_db_connection { app.call env }
20
18
  end
21
19
  end
22
20
  end
@@ -7,18 +7,27 @@ module Mihari
7
7
  # Error notification adapter for Rack app
8
8
  #
9
9
  class ErrorNotificationAdapter
10
- include Mixins::ErrorNotification
10
+ include Mihari::Mixins::UnwrapError
11
+
12
+ attr_reader :app
11
13
 
12
14
  def initialize(app)
13
15
  @app = app
14
16
  end
15
17
 
16
- def call(env)
17
- with_error_notification do
18
- status, headers, body = @app.call(env)
18
+ def with_error_notification
19
+ yield
20
+ rescue StandardError => e
21
+ unwrapped = unwrap_error(e)
22
+
23
+ Mihari.logger.error unwrapped
24
+ Sentry.capture_exception(unwrapped) if Sentry.initialized?
19
25
 
20
- [status, headers, body]
21
- end
26
+ raise unwrapped
27
+ end
28
+
29
+ def call(env)
30
+ with_error_notification { app.call(env) }
22
31
  end
23
32
  end
24
33
  end