Class: Enricher::IPVoid
- Inherits:
-
Object
- Object
- Enricher::IPVoid
- Defined in:
- lib/enricher/ipvoid.rb
Overview
IPVOID ipv4 allow for dynamic checks against the list checks provided by IPVOID.
Constant Summary collapse
- DISABLED =
true
Class Method Summary collapse
Instance Method Summary collapse
- #hash(hash) ⇒ Object
-
#initialize(constructor = {}) ⇒ IPVoid
constructor
A new instance of IPVoid.
- #junk ⇒ Object
- #url(url) ⇒ Object
Constructor Details
#initialize(constructor = {}) ⇒ IPVoid
Returns a new instance of IPVoid.
17 18 19 20 21 22 23 24 25 |
# File 'lib/enricher/ipvoid.rb', line 17 def initialize(constructor = {}) raise DisabledClassIncluded if DISABLED #First you need to include the correct require files APT_KEY = "YOUR API KEY HERE" @@hash_cache ||= Vash.new @@url_cache ||= Vash.new # Voliate Cache store for 43200 (12hr) end |
Class Method Details
.hash_cache ⇒ Object
13 14 15 |
# File 'lib/enricher/ipvoid.rb', line 13 def self.hash_cache @@hash_cache end |
.url_cache ⇒ Object
9 10 11 |
# File 'lib/enricher/ipvoid.rb', line 9 def self.url_cache @@url_cache end |
Instance Method Details
#hash(hash) ⇒ Object
53 54 55 56 57 58 |
# File 'lib/enricher/ipvoid.rb', line 53 def hash(hash) #To query a hash(sha1/sha256/md5) @@hash_cache["vt_#{hash}".to_sym] ||= Uirusu::VTFile.query_report(VT_APT_KEY, hash) result = Uirusu::VTResult.new(hash, results) result.to_json end |
#junk ⇒ Object
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/enricher/ipvoid.rb', line 27 def junk # RestClient scrape with Nokogiri.... (nokogiri requires libxml which is native which is not jruby compliant.. ) =begin for ip in open(conf.iplist, "r"): url = "http://www.ipvoid.com/scan/%s" % (ip) emailBody = emailBody + "IP: "+ip resp = requests.get(url) string1 = unicodedata.normalize('NFKD', resp.text).encode('ascii','ignore') r = string1.translate(string.maketrans("\n\t\r", " ")) blacklist = re.search(r'Blacklist Status</td><td><span.+>(\w.+)</span>', r) if blacklist != None and blacklist.group(1) == "BLACKLISTED": emailBody = emailBody + 'The IP is blacklisted! \n' detection = re.search(r'Detection Ratio</td><td>(\d+ / \d+) \(<font', r) emailBody = emailBody + 'Detection Ratio was %s \n' % detection.group(1) detected_line = re.search(r'\s+<tr><td><img src="(.+)', r) detected_sites = re.findall(r'Favicon" />(.+?)</td><td><img src=".+?" alt="Alert" title="Detected!".+?"nofollow" href="(.+?)" title', detected_line.group(1)) for site in detected_sites: emailBody = emailBody + "List Name:" + site[0] + "Url: "+ site[1] + "\n\n" else: emailBody = emailBody + 'Not blacklisted...\n\n' =end end |
#url(url) ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/enricher/ipvoid.rb', line 60 def url(url) # Use Base 36 for symbols #>> "[email protected]".hash.to_s(36) #=> "37zed965f04p" #>> "http://[email protected]".hash.to_s(36) #=> "vj36lppwievl" #=> Tack on.. vt_ to url converted .hash.to_s(36) @@url_cache["vt_#{url.hash.to_s(36)}".to_sym] ||= Uirusu::VTUrl.query_report(VT_APT_KEY, url) result = Uirusu::VTResult.new(url, results) result.to_json end |