lib/mihari/analyzers/censys.rb in mihari-5.1.1 vs lib/mihari/analyzers/censys.rb in mihari-5.1.2
- old
+ new
@@ -11,10 +11,16 @@
attr_reader :id
# @return [String, nil]
attr_reader :secret
+ # @return [Integer]
+ attr_reader :interval
+
+ # @return [String]
+ attr_reader :query
+
def initialize(*args, **kwargs)
super(*args, **kwargs)
@id = kwargs[:id] || Mihari.config.censys_id
@secret = kwargs[:secret] || Mihari.config.censys_secret
@@ -39,66 +45,18 @@
artifacts = []
cursor = nil
loop do
response = client.search(query, cursor: cursor)
- response = Structs::Censys::Response.from_dynamic!(response)
-
- artifacts << response_to_artifacts(response)
-
+ artifacts << response.result.to_artifacts(source)
cursor = response.result.links.next
break if cursor == ""
# sleep #{interval} seconds to avoid the rate limitation (if it is set)
sleep interval
end
artifacts.flatten.uniq(&:data)
- end
-
- #
- # Extract IPv4s from Censys search API response
- #
- # @param [Structs::Censys::Response] response
- #
- # @return [Array<String>]
- #
- def response_to_artifacts(response)
- response.result.hits.map { |hit| build_artifact(hit) }
- end
-
- #
- # Build an artifact from a Shodan search API response
- #
- # @param [Structs::Censys::Hit] hit
- #
- # @return [Artifact]
- #
- def build_artifact(hit)
- as = AutonomousSystem.new(asn: normalize_asn(hit.autonomous_system.asn))
-
- # sometimes Censys overlooks country
- # then set geolocation as nil
- geolocation = nil
- unless hit.location.country.nil?
- geolocation = Geolocation.new(
- country: hit.location.country,
- country_code: hit.location.country_code
- )
- end
-
- ports = hit.services.map(&:port).map do |port|
- Port.new(port: port)
- end
-
- Artifact.new(
- data: hit.ip,
- source: source,
- metadata: hit.metadata,
- autonomous_system: as,
- geolocation: geolocation,
- ports: ports
- )
end
def configuration_keys
%w[censys_id censys_secret]
end