Class: PassiveTotal::CLInterface
- Inherits:
-
Object
- Object
- PassiveTotal::CLInterface
- Defined in:
- lib/passivetotal/cli.rb
Overview
Handles all the command-line parsing and dispatching queries to the PassiveTotal::API instance CLInterface is aliased by CLI
Class Method Summary collapse
-
.parse_command_line(args) ⇒ Object
parses the command line and yields an options hash === Default Options options = { :method => :usage, :query => nil, :set => nil, :debug => false, :apikey => ENV }.
-
.run(args) ⇒ Object
main method, takes command-line arguments and performs the desired queries and outputs.
-
.usage ⇒ Object
returns a string containing the usage information.
Class Method Details
.parse_command_line(args) ⇒ Object
parses the command line and yields an options hash
Default Options
options =
:method => :usage,
:query => nil,
:set => nil,
:debug => false,
:apikey => ENV['PASSIVETOTAL_APIKEY']
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
# File 'lib/passivetotal/cli.rb', line 17 def self.parse_command_line(args) origARGV = ARGV.dup ARGV.replace(args) opts = GetoptLong.new( [ '--help', '-h', GetoptLong::NO_ARGUMENT ], [ '--debug', '-v', GetoptLong::NO_ARGUMENT ], [ '--username', '-u', GetoptLong::REQUIRED_ARGUMENT ], [ '--apikey', '-k', GetoptLong::REQUIRED_ARGUMENT ], [ '--metadata', '-m', GetoptLong::REQUIRED_ARGUMENT ], [ '--passive', '-p', GetoptLong::REQUIRED_ARGUMENT ], [ '--subdomains', '-s', GetoptLong::REQUIRED_ARGUMENT ], [ '--classification', '-c', GetoptLong::REQUIRED_ARGUMENT ], [ '--tags', '-t', GetoptLong::REQUIRED_ARGUMENT ], [ '--sinkhole', '-x', GetoptLong::REQUIRED_ARGUMENT ], [ '--evercompromised', '-e', GetoptLong::REQUIRED_ARGUMENT ], [ '--dynamic', '-d', GetoptLong::REQUIRED_ARGUMENT ], [ '--watching', '-w', GetoptLong::REQUIRED_ARGUMENT ], [ '--sslcertificate', '-l', GetoptLong::REQUIRED_ARGUMENT ], [ '--ssl_history', '-H', GetoptLong::REQUIRED_ARGUMENT ], [ '--trackers', '-T', GetoptLong::REQUIRED_ARGUMENT ], [ '--osint', '-o', GetoptLong::REQUIRED_ARGUMENT ], [ '--malware', '-M', GetoptLong::REQUIRED_ARGUMENT ], [ '--set', '-i', GetoptLong::REQUIRED_ARGUMENT ] ) = { :method => :usage, :query => nil, :set => nil, :debug => false, :apikey => ENV['PASSIVETOTAL_APIKEY'], :username => ENV['PASSIVETOTAL_USERNAME'] } opts.each do |opt, arg| case opt when '--help' [:method] = :usage when '--debug' [:debug] = true when '--username' [:username] = arg when '--apikey' [:apikey] = arg when '--metadata' [:method] = :metadata [:query] = arg when '--passive' [:method] = :passive [:query] = arg when '--subdomains' [:method] = :subdomains [:query] = arg when '--classification' [:method] = :classification [:query] = arg when '--tags' [:method] = :tags [:query] = arg when '--sinkhole' [:method] = :sinkhole [:query] = arg when '--evercompromised' [:method] = :ever_compromised [:query] = arg when '--dynamic' [:method] = :dynamic [:query] = arg when '--watching' [:method] = :watching [:query] = arg when '--sslcertificate' [:method] = :ssl_certificate [:query] = arg when '--ssl_history' [:method] = :ssl_certificate_history [:query] = arg when '--trackers' [:method] = :trackers [:query] = arg when '--osint' [:method] = :osint [:query] = arg when '--malware' [:method] = :malware [:query] = arg when '--set' [:set] = arg.dup else [:method] = :usage end end if [:method] == :tags and [:set] if [:set] =~ /^\-/ [:set].gsub!(/^\-/,'') [:method] = :remove_tag else [:method] = :add_tag end end args = ARGV.dup ARGV.replace(origARGV) if [:debug] $stderr.puts "PassiveTotal CLI Options" $stderr.puts " username: #{[:username]}" $stderr.puts " apikey: #{[:apikey]}" $stderr.puts " debug: #{[:debug]}" $stderr.puts " method: #{[:method]}" $stderr.puts " query: #{[:query]}" $stderr.puts " set: #{[:set]}" end return end |
.run(args) ⇒ Object
main method, takes command-line arguments and performs the desired queries and outputs
167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 |
# File 'lib/passivetotal/cli.rb', line 167 def self.run(args) = parse_command_line(args) return usage() if [:method] == :usage pt = PassiveTotal::API.new([:username], [:apikey]) if pt.respond_to?([:method]) if [:set] data = pt.send([:method], [:query], [:set]) else data = pt.send([:method], [:query]) end data.response.results['response_time'] = data.response_time return JSON.pretty_generate(data.response.results) end return '' end |
.usage ⇒ Object
returns a string containing the usage information
135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 |
# File 'lib/passivetotal/cli.rb', line 135 def self.usage help_text = "Usage: #{$0} [-v] [-u <username>] [-k <apikey>] <action flag> <query> [-i <value>]\n" help_text << "-h Help\n" help_text << "-v Verbose output\n" help_text << "-u <username> Sets the Username, defaults to the environment variable PASSIVETOTAL_USERNAME\n" help_text << "-k <apikey> Sets the APIKEY, defaults to the environment variable PASSIVETOTAL_APIKEY\n" help_text << "ACTIONS (You have to select one, last one wins)" help_text << " -m <ip or dom> Queries metadata for given IP or domain\n" help_text << " -p <ip or dom> Queries passive DNS data for given IP or domain\n" help_text << " -c <ip or dom> Queries (or sets) the classification for a given IP or domain\n" help_text << " -t <ip or dom> Queries (adds or removes) the tags associated with a given IP or domain\n" help_text << " * To remove a tag, prepend a dash, '-' to the tag name when using the -i option\n" help_text << " -e <ip or dom> Queries (or sets) the ever compromised flag on a given IP or domain\n" help_text << " -w <ip or dom> Queries (or sets) the watched flag on a given IP or domain\n" help_text << " -s <dom> Queries the subdomains for a given domain\n" help_text << " -d <dom> Queries (or sets) if a domain is a dynamic DNS domain\n" help_text << " -x <ip> Queries (or sets) if a given IP is a sinkhole\n" help_text << " -l <hash> Queries for SSL certificates/IP addresses associated with a given SHA-1 hash\n" help_text << " -H <ip or hash> Queries for SSL certificate history associated with a given IP or SHA-1 hash\n" help_text << " -T <ip or dom> Queries for Tracker information associated with a given IP or domain\n" help_text << " -o <ip or dom> Queries for OSINT on a given IP or domain\n" help_text << " -M <ip or dom> Queries for Malware sample records for a given IP or domain\n" help_text << "SETTING VALUES" help_text << " -i <value> Sets the value, used in conjuntion with -c, -t, -e, -w, -d, or -x\n" help_text << " Valid values for -i depend on what it's used with:\n" help_text << " -c : malicious, non-malicious, suspicious, unknown\n" help_text << " -t : <a tag name consisting of characters: [a-zA-Z_]>\n" help_text << " -e, -w, -d, -x: true, false\n" help_text end |