Module: Sonar::Search

Included in:
Client
Defined in:
lib/sonar/search.rb

Defined Under Namespace

Classes: SearchError

Constant Summary collapse

IS_IP =

Allow IP queries to be in the form of “1.”, “1.2.”, “1.2.3.”, and “1.2.3.4”

/^(\d{1,3}\.|\d{1,3}\.\d{1,3}\.|\d{1,3}\.\d{1,3}\.\d{1,3}\.|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$/
QUERY_TYPES =

Implemented search query types

[
  { name: 'certificate', description: 'Certificate lookup', input: 'sha' },
  { name: 'certips', description: 'Certificate to IPs', input: 'sha' },
  { name: 'rdns', description: 'IP to Reverse DNS Lookup or DNS Lookup to IP', input: 'ip' },
  { name: 'fdns', description: 'Domains to IP or IPs to Domain', input: 'domain' },
  { name: 'ipcerts', description: 'IP to Certificates', input: 'ip' },
  { name: 'namecerts', description: 'Domain to Certificates', input: 'domain' },
  { name: 'links_to', description: 'HTTP References to Domain', input: 'domain' },
  { name: 'ports', description: 'Open Ports', input: 'ip' },
  { name: 'processed', description: 'Open Ports (Processed)', input: 'ip' },
  { name: 'raw', description: 'Open Ports (Raw)', input: 'ip' },
  { name: 'sslcert', description: 'Certificate Details', input: 'sha' },
  { name: 'all', description: 'Search all appropriate search types for an IP or domain', input: 'all' }
]

Instance Method Summary collapse

Instance Method Details

#domain_search_type_namesObject 



35
36
37
 
# File 'lib/sonar/search.rb', line 35

def domain_search_type_names
  domain_search_types.map { |type| type[:name] }
end

#domain_search_typesObject 



43
44
45
 
# File 'lib/sonar/search.rb', line 43

def domain_search_types
  QUERY_TYPES.select { |type| type[:input] == 'domain' }
end

#handle_search_response(resp) ⇒ Object

Raises:



51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'lib/sonar/search.rb', line 51

def handle_search_response(resp)
  errors = 0
  if resp.is_a?(Sonar::Request::RequestIterator)
    resp.each do |data|
      errors += 1 if data.key?('errors') || data.key?('error')
      print_json(cleanup_data(data), options['format'])
    end
  else
    errors += 1 if resp.key?('errors') || resp.key?('error')
    print_json(cleanup_data(resp), options['format'])
  end

  raise Search::SearchError.new("Encountered #{errors} errors while searching") if errors > 0
end

#ip_search_type_namesObject 



31
32
33
 
# File 'lib/sonar/search.rb', line 31

def ip_search_type_names
  ip_search_types.map { |type| type[:name] }
end

#ip_search_typesObject 



39
40
41
 
# File 'lib/sonar/search.rb', line 39

def ip_search_types
  QUERY_TYPES.select { |type| type[:input] == 'ip' }
end

#query_type_namesObject 



47
48
49
 
# File 'lib/sonar/search.rb', line 47

def query_type_names
  QUERY_TYPES.map { |type| type[:name] }
end

#search(params = {}) ⇒ Hashie::Mash

Get search

params take in search type as key and query as value ‘rapid7.com’

Returns:

  • (Hashie::Mash)

    with response of search



73
74
75
76
77
78
79
80
 
# File 'lib/sonar/search.rb', line 73

def search(params = {})
  type_query = params.select { |k, _v| query_type_names.include?(k.to_s) }.first
  fail ArgumentError, "The query type provided is invalid or not yet implemented." unless type_query
  type = type_query[0].to_sym
  params[:q] = type_query[1]
  params = extract_params(params)
  get_search_endpoint(type, params)
end