mihari 5.7.2 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/config.ru +2 -0
  3. data/lib/mihari/analyzers/dnstwister.rb +2 -4
  4. data/lib/mihari/analyzers/urlscan.rb +1 -4
  5. data/lib/mihari/cli/main.rb +2 -12
  6. data/lib/mihari/commands/database.rb +0 -1
  7. data/lib/mihari/database.rb +2 -4
  8. data/lib/mihari/emitters/slack.rb +3 -6
  9. data/lib/mihari/emitters/the_hive.rb +3 -7
  10. data/lib/mihari/enrichers/google_public_dns.rb +2 -7
  11. data/lib/mihari/enrichers/ipinfo.rb +1 -3
  12. data/lib/mihari/enrichers/shodan.rb +1 -3
  13. data/lib/mihari/enrichers/whois.rb +0 -4
  14. data/lib/mihari/mixins/refang.rb +1 -4
  15. data/lib/mihari/mixins/unwrap_error.rb +27 -0
  16. data/lib/mihari/models/alert.rb +1 -3
  17. data/lib/mihari/models/artifact.rb +5 -7
  18. data/lib/mihari/models/rule.rb +1 -2
  19. data/lib/mihari/rule.rb +14 -10
  20. data/lib/mihari/service.rb +2 -0
  21. data/lib/mihari/services/rule_builder.rb +2 -4
  22. data/lib/mihari/structs/fofa.rb +2 -0
  23. data/lib/mihari/version.rb +1 -1
  24. data/lib/mihari/web/app.rb +3 -1
  25. data/lib/mihari/web/endpoints/alerts.rb +14 -18
  26. data/lib/mihari/web/endpoints/artifacts.rb +17 -22
  27. data/lib/mihari/web/endpoints/configs.rb +0 -1
  28. data/lib/mihari/web/endpoints/ip_addresses.rb +1 -1
  29. data/lib/mihari/web/endpoints/rules.rb +27 -32
  30. data/lib/mihari/web/endpoints/tags.rb +7 -9
  31. data/lib/mihari/web/middleware/connection_adapter.rb +3 -5
  32. data/lib/mihari/web/middleware/error_notification_adapter.rb +10 -6
  33. data/lib/mihari/web/public/assets/{index-ec641cb0.js → index-07cddfcd.js} +3 -3
  34. data/lib/mihari/web/public/index.html +1 -1
  35. data/lib/mihari/web/public/redoc-static.html +29 -49
  36. data/lib/mihari.rb +1 -1
  37. data/mihari.gemspec +10 -12
  38. data/requirements.txt +1 -1
  39. metadata +72 -30
  40. data/lib/mihari/services/rule_runner.rb +0 -19
@@ -128,7 +128,6 @@ module Mihari
128
128
  desc "Search rules", {
129
129
  is_array: true,
130
130
  success: Entities::RulesWithPagination,
131
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
132
131
  summary: "Search rules"
133
132
  }
134
133
  params do
@@ -153,7 +152,7 @@ module Mihari
153
152
 
154
153
  desc "Get a rule", {
155
154
  success: Entities::Rule,
156
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
155
+ failure: [{ code: 404, model: Entities::Message }],
157
156
  summary: "Get a rule"
158
157
  }
159
158
  params do
@@ -164,50 +163,48 @@ module Mihari
164
163
  result = RuleGetter.result(params[:id].to_s)
165
164
  return present(result.value!, with: Entities::Rule) if result.success?
166
165
 
167
- failure = result.failure
168
- case failure
166
+ case result.failure
169
167
  when ActiveRecord::RecordNotFound
170
168
  error!({ message: "ID:#{id} is not found" }, 404)
171
169
  end
172
- raise failure
170
+ raise result.failure
173
171
  end
174
172
 
175
173
  desc "Run a rule", {
176
- success: Entities::Message,
174
+ success: { code: 201, model: Entities::Message },
175
+ failure: [{ code: 404, model: Entities::Message }],
177
176
  summary: "Run a rule"
178
177
  }
179
178
  params do
180
179
  requires :id, type: String
181
180
  end
182
181
  get "/:id/run" do
182
+ status 201
183
+
183
184
  id = params[:id].to_s
184
185
  result = RuleRunner.result(id)
185
- if result.success?
186
- status 201
187
- return present({ message: "ID:#{id}} ran successfully" }, with: Entities::Message)
188
- end
186
+ return present({ message: "ID:#{id}} has been ran" }, with: Entities::Message) if result.success?
189
187
 
190
- failure = result.failure
191
- case failure
188
+ case result.failure
192
189
  when ActiveRecord::RecordNotFound
193
190
  error!({ message: "ID:#{id} is not found" }, 404)
194
191
  end
195
- raise failure
192
+ raise result.failure
196
193
  end
197
194
 
198
195
  desc "Create a rule", {
199
- success: Entities::Rule,
196
+ success: { code: 201, model: Entities::Rule },
197
+ failure: [{ code: 404, model: Entities::Message }],
200
198
  summary: "Create a rule"
201
199
  }
202
200
  params do
203
201
  requires :yaml, type: String, documentation: { param_type: "body" }
204
202
  end
205
203
  post "/" do
204
+ status 201
205
+
206
206
  result = RuleCreator.result(params[:yaml])
207
- if result.success?
208
- status 201
209
- return present(result.value!.model, with: Entities::Rule)
210
- end
207
+ return present(result.value!.model, with: Entities::Rule) if result.success?
211
208
 
212
209
  failure = result.failure
213
210
  case failure
@@ -220,7 +217,8 @@ module Mihari
220
217
  end
221
218
 
222
219
  desc "Update a rule", {
223
- success: Entities::Rule,
220
+ success: { code: 201, model: Entities::Rule },
221
+ failure: [{ code: 404, model: Entities::Message }],
224
222
  summary: "Update a rule"
225
223
  }
226
224
  params do
@@ -228,12 +226,11 @@ module Mihari
228
226
  requires :yaml, type: String, documentation: { param_type: "body" }
229
227
  end
230
228
  put "/" do
229
+ status 201
230
+
231
231
  id = params[:id].to_s
232
232
  result = RuleUpdater.result(id: id, yaml: params[:yaml].to_s)
233
- if result.success?
234
- status 201
235
- return present(result.value!.model, with: Entities::Rule)
236
- end
233
+ return present(result.value!.model, with: Entities::Rule) if result.success?
237
234
 
238
235
  failure = result.failure
239
236
  case failure
@@ -248,27 +245,25 @@ module Mihari
248
245
  end
249
246
 
250
247
  desc "Delete a rule", {
251
- success: Entities::Message,
252
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
248
+ success: { code: 204, model: Entities::Message },
249
+ failure: [{ code: 404, model: Entities::Message }],
253
250
  summary: "Delete a rule"
254
251
  }
255
252
  params do
256
253
  requires :id, type: String
257
254
  end
258
255
  delete "/:id" do
256
+ status 204
257
+
259
258
  id = params[:id].to_s
260
259
  result = RuleDestroyer.result(id)
261
- if result.success?
262
- status 204
263
- return present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
264
- end
260
+ return present({ message: "ID:#{id} is deleted" }, with: Entities::Message) if result.success?
265
261
 
266
- failure = result.failure
267
- case failure
262
+ case result.failure
268
263
  when ActiveRecord::RecordNotFound
269
264
  error!({ message: "ID:#{id} is not found" }, 404)
270
265
  end
271
- raise failure
266
+ raise result.failure
272
267
  end
273
268
  end
274
269
  end
@@ -28,27 +28,25 @@ module Mihari
28
28
  end
29
29
 
30
30
  desc "Delete a tag", {
31
- success: Entities::Message,
32
- failure: [{ code: 404, message: "Not found", model: Entities::Message }],
31
+ success: { code: 204, model: Entities::Message },
32
+ failure: [{ code: 404, model: Entities::Message }],
33
33
  summary: "Delete a tag"
34
34
  }
35
35
  params do
36
36
  requires :id, type: Integer
37
37
  end
38
38
  delete "/:id" do
39
+ status 204
40
+
39
41
  id = params[:id].to_i
40
42
  result = TagDestroyer.result(id)
41
- if result.success?
42
- status 204
43
- return present({ message: "" }, with: Entities::Message)
44
- end
43
+ return present({ message: "" }, with: Entities::Message) if result.success?
45
44
 
46
- failure = result.failure
47
- case failure
45
+ case result.failure
48
46
  when ActiveRecord::RecordNotFound
49
47
  error!({ message: "ID:#{id} is not found" }, 404)
50
48
  end
51
- raise failure
49
+ raise result.failure
52
50
  end
53
51
  end
54
52
  end
@@ -7,16 +7,14 @@ module Mihari
7
7
  # DB connection adapter for Rack app
8
8
  #
9
9
  class ConnectionAdapter
10
+ attr_reader :app
11
+
10
12
  def initialize(app)
11
13
  @app = app
12
14
  end
13
15
 
14
16
  def call(env)
15
- Mihari::Database.with_db_connection do
16
- status, headers, body = @app.call(env)
17
-
18
- [status, headers, body]
19
- end
17
+ Mihari::Database.with_db_connection { app.call env }
20
18
  end
21
19
  end
22
20
  end
@@ -7,6 +7,10 @@ module Mihari
7
7
  # Error notification adapter for Rack app
8
8
  #
9
9
  class ErrorNotificationAdapter
10
+ include Mihari::Mixins::UnwrapError
11
+
12
+ attr_reader :app
13
+
10
14
  def initialize(app)
11
15
  @app = app
12
16
  end
@@ -14,16 +18,16 @@ module Mihari
14
18
  def with_error_notification
15
19
  yield
16
20
  rescue StandardError => e
17
- Mihari.logger.error e
21
+ unwrapped = unwrap_error(e)
22
+
23
+ Mihari.logger.error unwrapped
24
+ Sentry.capture_exception(unwrapped) if Sentry.initialized?
18
25
 
19
- Sentry.capture_exception(e) if Sentry.initialized?
26
+ raise unwrapped
20
27
  end
21
28
 
22
29
  def call(env)
23
- with_error_notification do
24
- status, headers, body = @app.call(env)
25
- [status, headers, body]
26
- end
30
+ with_error_notification { app.call(env) }
27
31
  end
28
32
  end
29
33
  end