mihari 5.7.2 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config.ru +2 -0
- data/lib/mihari/analyzers/dnstwister.rb +2 -4
- data/lib/mihari/analyzers/urlscan.rb +1 -4
- data/lib/mihari/cli/main.rb +2 -12
- data/lib/mihari/commands/database.rb +0 -1
- data/lib/mihari/database.rb +2 -4
- data/lib/mihari/emitters/slack.rb +3 -6
- data/lib/mihari/emitters/the_hive.rb +3 -7
- data/lib/mihari/enrichers/google_public_dns.rb +2 -7
- data/lib/mihari/enrichers/ipinfo.rb +1 -3
- data/lib/mihari/enrichers/shodan.rb +1 -3
- data/lib/mihari/enrichers/whois.rb +0 -4
- data/lib/mihari/mixins/refang.rb +1 -4
- data/lib/mihari/mixins/unwrap_error.rb +27 -0
- data/lib/mihari/models/alert.rb +1 -3
- data/lib/mihari/models/artifact.rb +5 -7
- data/lib/mihari/models/rule.rb +1 -2
- data/lib/mihari/rule.rb +14 -10
- data/lib/mihari/service.rb +2 -0
- data/lib/mihari/services/rule_builder.rb +2 -4
- data/lib/mihari/structs/fofa.rb +2 -0
- data/lib/mihari/version.rb +1 -1
- data/lib/mihari/web/app.rb +3 -1
- data/lib/mihari/web/endpoints/alerts.rb +14 -18
- data/lib/mihari/web/endpoints/artifacts.rb +17 -22
- data/lib/mihari/web/endpoints/configs.rb +0 -1
- data/lib/mihari/web/endpoints/ip_addresses.rb +1 -1
- data/lib/mihari/web/endpoints/rules.rb +27 -32
- data/lib/mihari/web/endpoints/tags.rb +7 -9
- data/lib/mihari/web/middleware/connection_adapter.rb +3 -5
- data/lib/mihari/web/middleware/error_notification_adapter.rb +10 -6
- data/lib/mihari/web/public/assets/{index-ec641cb0.js → index-07cddfcd.js} +3 -3
- data/lib/mihari/web/public/index.html +1 -1
- data/lib/mihari/web/public/redoc-static.html +29 -49
- data/lib/mihari.rb +1 -1
- data/mihari.gemspec +10 -12
- data/requirements.txt +1 -1
- metadata +72 -30
- data/lib/mihari/services/rule_runner.rb +0 -19
@@ -128,7 +128,6 @@ module Mihari
|
|
128
128
|
desc "Search rules", {
|
129
129
|
is_array: true,
|
130
130
|
success: Entities::RulesWithPagination,
|
131
|
-
failure: [{ code: 404, message: "Not found", model: Entities::Message }],
|
132
131
|
summary: "Search rules"
|
133
132
|
}
|
134
133
|
params do
|
@@ -153,7 +152,7 @@ module Mihari
|
|
153
152
|
|
154
153
|
desc "Get a rule", {
|
155
154
|
success: Entities::Rule,
|
156
|
-
failure: [{ code: 404,
|
155
|
+
failure: [{ code: 404, model: Entities::Message }],
|
157
156
|
summary: "Get a rule"
|
158
157
|
}
|
159
158
|
params do
|
@@ -164,50 +163,48 @@ module Mihari
|
|
164
163
|
result = RuleGetter.result(params[:id].to_s)
|
165
164
|
return present(result.value!, with: Entities::Rule) if result.success?
|
166
165
|
|
167
|
-
|
168
|
-
case failure
|
166
|
+
case result.failure
|
169
167
|
when ActiveRecord::RecordNotFound
|
170
168
|
error!({ message: "ID:#{id} is not found" }, 404)
|
171
169
|
end
|
172
|
-
raise failure
|
170
|
+
raise result.failure
|
173
171
|
end
|
174
172
|
|
175
173
|
desc "Run a rule", {
|
176
|
-
success: Entities::Message,
|
174
|
+
success: { code: 201, model: Entities::Message },
|
175
|
+
failure: [{ code: 404, model: Entities::Message }],
|
177
176
|
summary: "Run a rule"
|
178
177
|
}
|
179
178
|
params do
|
180
179
|
requires :id, type: String
|
181
180
|
end
|
182
181
|
get "/:id/run" do
|
182
|
+
status 201
|
183
|
+
|
183
184
|
id = params[:id].to_s
|
184
185
|
result = RuleRunner.result(id)
|
185
|
-
if result.success?
|
186
|
-
status 201
|
187
|
-
return present({ message: "ID:#{id}} ran successfully" }, with: Entities::Message)
|
188
|
-
end
|
186
|
+
return present({ message: "ID:#{id}} has been ran" }, with: Entities::Message) if result.success?
|
189
187
|
|
190
|
-
|
191
|
-
case failure
|
188
|
+
case result.failure
|
192
189
|
when ActiveRecord::RecordNotFound
|
193
190
|
error!({ message: "ID:#{id} is not found" }, 404)
|
194
191
|
end
|
195
|
-
raise failure
|
192
|
+
raise result.failure
|
196
193
|
end
|
197
194
|
|
198
195
|
desc "Create a rule", {
|
199
|
-
success: Entities::Rule,
|
196
|
+
success: { code: 201, model: Entities::Rule },
|
197
|
+
failure: [{ code: 404, model: Entities::Message }],
|
200
198
|
summary: "Create a rule"
|
201
199
|
}
|
202
200
|
params do
|
203
201
|
requires :yaml, type: String, documentation: { param_type: "body" }
|
204
202
|
end
|
205
203
|
post "/" do
|
204
|
+
status 201
|
205
|
+
|
206
206
|
result = RuleCreator.result(params[:yaml])
|
207
|
-
if result.success?
|
208
|
-
status 201
|
209
|
-
return present(result.value!.model, with: Entities::Rule)
|
210
|
-
end
|
207
|
+
return present(result.value!.model, with: Entities::Rule) if result.success?
|
211
208
|
|
212
209
|
failure = result.failure
|
213
210
|
case failure
|
@@ -220,7 +217,8 @@ module Mihari
|
|
220
217
|
end
|
221
218
|
|
222
219
|
desc "Update a rule", {
|
223
|
-
success: Entities::Rule,
|
220
|
+
success: { code: 201, model: Entities::Rule },
|
221
|
+
failure: [{ code: 404, model: Entities::Message }],
|
224
222
|
summary: "Update a rule"
|
225
223
|
}
|
226
224
|
params do
|
@@ -228,12 +226,11 @@ module Mihari
|
|
228
226
|
requires :yaml, type: String, documentation: { param_type: "body" }
|
229
227
|
end
|
230
228
|
put "/" do
|
229
|
+
status 201
|
230
|
+
|
231
231
|
id = params[:id].to_s
|
232
232
|
result = RuleUpdater.result(id: id, yaml: params[:yaml].to_s)
|
233
|
-
if result.success?
|
234
|
-
status 201
|
235
|
-
return present(result.value!.model, with: Entities::Rule)
|
236
|
-
end
|
233
|
+
return present(result.value!.model, with: Entities::Rule) if result.success?
|
237
234
|
|
238
235
|
failure = result.failure
|
239
236
|
case failure
|
@@ -248,27 +245,25 @@ module Mihari
|
|
248
245
|
end
|
249
246
|
|
250
247
|
desc "Delete a rule", {
|
251
|
-
success: Entities::Message,
|
252
|
-
failure: [{ code: 404,
|
248
|
+
success: { code: 204, model: Entities::Message },
|
249
|
+
failure: [{ code: 404, model: Entities::Message }],
|
253
250
|
summary: "Delete a rule"
|
254
251
|
}
|
255
252
|
params do
|
256
253
|
requires :id, type: String
|
257
254
|
end
|
258
255
|
delete "/:id" do
|
256
|
+
status 204
|
257
|
+
|
259
258
|
id = params[:id].to_s
|
260
259
|
result = RuleDestroyer.result(id)
|
261
|
-
if result.success?
|
262
|
-
status 204
|
263
|
-
return present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
|
264
|
-
end
|
260
|
+
return present({ message: "ID:#{id} is deleted" }, with: Entities::Message) if result.success?
|
265
261
|
|
266
|
-
|
267
|
-
case failure
|
262
|
+
case result.failure
|
268
263
|
when ActiveRecord::RecordNotFound
|
269
264
|
error!({ message: "ID:#{id} is not found" }, 404)
|
270
265
|
end
|
271
|
-
raise failure
|
266
|
+
raise result.failure
|
272
267
|
end
|
273
268
|
end
|
274
269
|
end
|
@@ -28,27 +28,25 @@ module Mihari
|
|
28
28
|
end
|
29
29
|
|
30
30
|
desc "Delete a tag", {
|
31
|
-
success: Entities::Message,
|
32
|
-
failure: [{ code: 404,
|
31
|
+
success: { code: 204, model: Entities::Message },
|
32
|
+
failure: [{ code: 404, model: Entities::Message }],
|
33
33
|
summary: "Delete a tag"
|
34
34
|
}
|
35
35
|
params do
|
36
36
|
requires :id, type: Integer
|
37
37
|
end
|
38
38
|
delete "/:id" do
|
39
|
+
status 204
|
40
|
+
|
39
41
|
id = params[:id].to_i
|
40
42
|
result = TagDestroyer.result(id)
|
41
|
-
if result.success?
|
42
|
-
status 204
|
43
|
-
return present({ message: "" }, with: Entities::Message)
|
44
|
-
end
|
43
|
+
return present({ message: "" }, with: Entities::Message) if result.success?
|
45
44
|
|
46
|
-
|
47
|
-
case failure
|
45
|
+
case result.failure
|
48
46
|
when ActiveRecord::RecordNotFound
|
49
47
|
error!({ message: "ID:#{id} is not found" }, 404)
|
50
48
|
end
|
51
|
-
raise failure
|
49
|
+
raise result.failure
|
52
50
|
end
|
53
51
|
end
|
54
52
|
end
|
@@ -7,16 +7,14 @@ module Mihari
|
|
7
7
|
# DB connection adapter for Rack app
|
8
8
|
#
|
9
9
|
class ConnectionAdapter
|
10
|
+
attr_reader :app
|
11
|
+
|
10
12
|
def initialize(app)
|
11
13
|
@app = app
|
12
14
|
end
|
13
15
|
|
14
16
|
def call(env)
|
15
|
-
Mihari::Database.with_db_connection
|
16
|
-
status, headers, body = @app.call(env)
|
17
|
-
|
18
|
-
[status, headers, body]
|
19
|
-
end
|
17
|
+
Mihari::Database.with_db_connection { app.call env }
|
20
18
|
end
|
21
19
|
end
|
22
20
|
end
|
@@ -7,6 +7,10 @@ module Mihari
|
|
7
7
|
# Error notification adapter for Rack app
|
8
8
|
#
|
9
9
|
class ErrorNotificationAdapter
|
10
|
+
include Mihari::Mixins::UnwrapError
|
11
|
+
|
12
|
+
attr_reader :app
|
13
|
+
|
10
14
|
def initialize(app)
|
11
15
|
@app = app
|
12
16
|
end
|
@@ -14,16 +18,16 @@ module Mihari
|
|
14
18
|
def with_error_notification
|
15
19
|
yield
|
16
20
|
rescue StandardError => e
|
17
|
-
|
21
|
+
unwrapped = unwrap_error(e)
|
22
|
+
|
23
|
+
Mihari.logger.error unwrapped
|
24
|
+
Sentry.capture_exception(unwrapped) if Sentry.initialized?
|
18
25
|
|
19
|
-
|
26
|
+
raise unwrapped
|
20
27
|
end
|
21
28
|
|
22
29
|
def call(env)
|
23
|
-
with_error_notification
|
24
|
-
status, headers, body = @app.call(env)
|
25
|
-
[status, headers, body]
|
26
|
-
end
|
30
|
+
with_error_notification { app.call(env) }
|
27
31
|
end
|
28
32
|
end
|
29
33
|
end
|