Update otx tests and add support for returning IPs

Signed-off-by: Jay Townsend <townsend891@hotmail.com>
2025-02-25 15:03:01 +08:00 · 2019-09-22 22:26:10 +01:00 · 2019-09-22 22:26:10 +01:00 · 2fad8cf7a9
commit 2fad8cf7a9
parent 3c7e0c1ac2
3 changed files with 15 additions and 5 deletions
--- a/tests/discovery/test_otx.py
+++ b/tests/discovery/test_otx.py
@ -20,7 +20,7 @@ def test_api(self):
    def test_search(self):
        search = otxsearch.SearchOtx(TestOtx.domain())
        search.process()
-        assert type(search.get_hostnames()) == list
+        assert type(search.get_hostnames()) == set

    def test_search_no_results(self):
        search = otxsearch.SearchOtx('radiant.eu')
--- a/theHarvester/main.py
+++ b/theHarvester/main.py
@ -316,8 +316,11 @@ def start():
                        otxsearch_search.process()
                        hosts = filter(otxsearch_search.get_hostnames())
                        all_hosts.extend(hosts)
+                        ips = filter(otxsearch_search.get_ips())
+                        all_ip.extend(ips)
                        db = stash.stash_manager()
                        db.store_all(word, all_hosts, 'host', 'otx')
+                        db.store_all(word, all_ip, 'ip', 'otx')
                    except Exception as e:
                        print(e)

--- a/theHarvester/discovery/otxsearch.py
+++ b/theHarvester/discovery/otxsearch.py
@ -1,6 +1,6 @@
 from theHarvester.lib.core import *
-from theHarvester.parsers import myparser
 import grequests
+import json


 class SearchOtx:
@ -9,6 +9,8 @@ def __init__(self, word):
        self.word = word
        self.results = ''
        self.totalresults = ''
+        self.totalhosts = set()
+        self.totalips = set()

    def do_search(self):
        base_url = f'https://otx.alienvault.com/api/v1/indicators/domain/{self.word}/passive_dns'
@ -20,11 +22,16 @@ def do_search(self):
        except Exception as e:
            print(e)
        self.totalresults += self.results
+        dct = json.loads(self.totalresults)
+        self.totalhosts = {host['hostname'] for host in dct['passive_dns']}
+        self.totalips = {ip['address'] for ip in dct['passive_dns'] if 'NXDOMAIN' not in ip['address']}

-    def get_hostnames(self) -> Set:
-        return myparser.Parser(self.totalresults, self.word).hostnames()
+    def get_hostnames(self) -> set:
+        return self.totalhosts
+
+    def get_ips(self) -> set:
+        return self.totalips

    def process(self):
        self.do_search()
-        self.get_hostnames()
        print('\tSearching results.')