Class: Mihari::Structs::Shodan::Response

Inherits:

Dry::Struct

• Object
• Dry::Struct
• Mihari::Structs::Shodan::Response

Includes:

MemoWise

Defined in:

lib/mihari/structs/shodan.rb

Instance Attribute Summary

• #matches ⇒ Array<Match> readonly
• #total ⇒ Integer readonly

Class Method Summary

• .from_dynamic!(d) ⇒ Result

Instance Method Summary

• #artifacts ⇒ Array<Mihari::Models::Artifact>
• #collect_cpes_by_ip(ip) ⇒ Array<String>

  Collect CPE from matches.

• #collect_hostnames_by_ip(ip) ⇒ Array<String>

  Collect hostnames from matches.

• #collect_metadata_by_ip(ip) ⇒ Array<Hash>

  Collect metadata from matches.

• #collect_ports_by_ip(ip) ⇒ Array<String>

  Collect ports from matches.

• #collect_vulns_by_ip(ip) ⇒ Array<String>

  Collect vulnerabilities from matches.

• #select_matches_by_ip(ip) ⇒ Array<Mihari::Structs::Shodan::Match>

Instance Attribute Details

#matches ⇒ Array<Match> (readonly)

Returns:

• (Array<Match>)

# File 'lib/mihari/structs/shodan.rb', line 127

attribute :matches, Types.Array(Match)

#total ⇒ Integer (readonly)

Returns:

• (Integer)

# File 'lib/mihari/structs/shodan.rb', line 131

attribute :total, Types::Int

Class Method Details

.from_dynamic!(d) ⇒ Result

Parameters:

• d (Hash)

Returns:

• (Result)

# File 'lib/mihari/structs/shodan.rb', line 232

def from_dynamic!(d)
  d = Types::Hash[d]
  new(
    matches: d.fetch("matches", []).map { |x| Match.from_dynamic!(x) },
    total: d.fetch("total")
  )
end

Instance Method Details

#artifacts ⇒ Array<Mihari::Models::Artifact>

Returns:

• (Array<Mihari::Models::Artifact>)

# File 'lib/mihari/structs/shodan.rb', line 202

def artifacts
  matches.map do |match|
    metadata = collect_metadata_by_ip(match.ip_str)

    ports = collect_ports_by_ip(match.ip_str).map { |port| Models::Port.new(number: port) }
    reverse_dns_names = collect_hostnames_by_ip(match.ip_str).map do |name|
      Models::ReverseDnsName.new(name:)
    end
    cpes = collect_cpes_by_ip(match.ip_str).map { |name| Models::CPE.new(name:) }
    vulnerabilities = collect_vulns_by_ip(match.ip_str).map { |name| Models::Vulnerability.new(name:) }

    Mihari::Models::Artifact.new(
      data: match.ip_str,
      metadata:,
      autonomous_system: match.autonomous_system,
      geolocation: match.location.geolocation,
      ports:,
      reverse_dns_names:,
      cpes:,
      vulnerabilities:
    )
  end
end

#collect_cpes_by_ip(ip) ⇒ Array<String>

Collect CPE from matches

Parameters:

• ip (String)

Returns:

• (Array<String>)

# File 'lib/mihari/structs/shodan.rb', line 183

def collect_cpes_by_ip(ip)
  select_matches_by_ip(ip).map(&:cpe).flatten.uniq
end

#collect_hostnames_by_ip(ip) ⇒ Array<String>

Collect hostnames from matches

Parameters:

• ip (String)

Returns:

• (Array<String>)

# File 'lib/mihari/structs/shodan.rb', line 172

def collect_hostnames_by_ip(ip)
  select_matches_by_ip(ip).map(&:hostnames).flatten.uniq
end

#collect_metadata_by_ip(ip) ⇒ Array<Hash>

Collect metadata from matches

Parameters:

• ip (String)

Returns:

• (Array<Hash>)

# File 'lib/mihari/structs/shodan.rb', line 150

def collect_metadata_by_ip(ip)
  select_matches_by_ip(ip).map(&:metadata)
end

#collect_ports_by_ip(ip) ⇒ Array<String>

Collect ports from matches

Parameters:

• ip (String)

Returns:

• (Array<String>)

# File 'lib/mihari/structs/shodan.rb', line 161

def collect_ports_by_ip(ip)
  select_matches_by_ip(ip).map(&:port)
end

#collect_vulns_by_ip(ip) ⇒ Array<String>

Collect vulnerabilities from matches

Parameters:

• ip (String)

Returns:

• (Array<String>)

# File 'lib/mihari/structs/shodan.rb', line 194

def collect_vulns_by_ip(ip)
  # NOTE: vuln keys = CVE IDs
  select_matches_by_ip(ip).map { |match| match.vulns.keys }.flatten.uniq
end

#select_matches_by_ip(ip) ⇒ Array<Mihari::Structs::Shodan::Match>

Parameters:

• ip (String)

Returns:

• (Array<Mihari::Structs::Shodan::Match>)

# File 'lib/mihari/structs/shodan.rb', line 138

def select_matches_by_ip(ip)
  matches.select { |match| match.ip_str == ip }
end