Module: DroneBL
- Includes:
- HTTParty
- Defined in:
- lib/dronebl-client.rb
Constant Summary collapse
- TYPES =
{"1"=>"Testing class.", "2"=>"Sample data", "3"=>"IRC spam drone", "5"=>"Bottler (experimental)", "6"=>"Unknown worm or spambot", "7"=>"DDoS drone", "8"=>"Open SOCKS proxy", "9"=>"Open HTTP proxy", "10"=>"Proxychain", "11"=>"Web Page Proxy", "13"=>"Automated dictionary attacks", "14"=>"Open WINGATE proxy", "15"=>"Compromised router / gateway", "16"=>"Autorooting worms", "17"=>"Automatically determined botnet IP", "255"=>"Uncategorized threat class"}
Class Attribute Summary collapse
-
.key ⇒ Object
Returns the value of attribute key.
Class Method Summary collapse
- .add(ips, type, comment = '', show_raw = false) ⇒ Object
- .gen_add_query(ips, type, comment = '') ⇒ Object
- .gen_lookup_query(ips, archived = false) ⇒ Object
- .lookup(ips, archived = false, show_raw = false) ⇒ Object
- .parse_response(xml, show_raw = false) ⇒ Object
Class Attribute Details
.key ⇒ Object
Returns the value of attribute key.
28 29 30 |
# File 'lib/dronebl-client.rb', line 28 def key @key end |
Class Method Details
.add(ips, type, comment = '', show_raw = false) ⇒ Object
67 68 69 70 |
# File 'lib/dronebl-client.rb', line 67 def add ips, type, comment='', show_raw=false query = gen_add_query ips, type, comment parse_response post('/RPC2', {:body => query }).body, show_raw=show_raw end |
.gen_add_query(ips, type, comment = '') ⇒ Object
54 55 56 57 58 59 60 |
# File 'lib/dronebl-client.rb', line 54 def gen_add_query ips, type, comment='' comment ||= '' "<?xml version='1.0'?> <request key='#{key}'> #{ips.map { |ip| "<add ip='#{ip}' type='#{type}'#{ " comment='#{comment}'" unless comment.nil? || comment.empty?}>"}.join("\n")} </request>" end |
.gen_lookup_query(ips, archived = false) ⇒ Object
45 46 47 48 49 50 51 52 53 |
# File 'lib/dronebl-client.rb', line 45 def gen_lookup_query ips, archived=false archived ||= false [ "<?xml version='1.0'?>", "<request key='#{key}'>", " #{ips.map { |ip| "<lookup ip='#{ip}' listed='#{archived ? 2 : 1}'>"}.join("\n")}", '</request>' ].join("\n") end |
.lookup(ips, archived = false, show_raw = false) ⇒ Object
62 63 64 65 |
# File 'lib/dronebl-client.rb', line 62 def lookup ips, archived=false, show_raw=false query = gen_lookup_query ips, archived parse_response post('/RPC2', {:body => query }).body, show_raw=show_raw end |
.parse_response(xml, show_raw = false) ⇒ Object
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/dronebl-client.rb', line 29 def parse_response xml, show_raw=false # This giant mess of hax is needed because the DroneBL response to queries # is encased in CDATA for whatever reason. begin puts xml if show_raw resp = Nokogiri.parse(xml).at("response") if resp['type'].downcase == 'error' abort "call failed: '#{resp.css('message').text}' data: '#{resp.css('data').text}'" end Nokogiri::XML("<?xml version='1.0'>\n<results>#{resp.text}</results>").css("result").map(&:to_h) # thanks to jhass in #ruby on freenode rescue NoMethodError => e puts 'Unfortunately, there was an error parsing the response we got back from the DroneBL servers.' return {} end end |