From c13549ac829ea0ebaf0d9d8c1fadda0076ba6b67 Mon Sep 17 00:00:00 2001 From: Philipp Kunz Date: Tue, 1 Aug 2023 12:49:59 +0200 Subject: [PATCH] fix(core): update --- test/test.ts | 7 ++++ ts/00_commitinfo_data.ts | 2 +- ts/abuse.ch.classes.feodotracker.ts | 63 +++++++++++++++++++++++++++++ ts/index.ts | 3 +- ts/paths.ts | 1 + 5 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 ts/abuse.ch.classes.feodotracker.ts diff --git a/test/test.ts b/test/test.ts index 190f75e..4e3434a 100644 --- a/test/test.ts +++ b/test/test.ts @@ -13,4 +13,11 @@ tap.test('should deal with UrlHouse data', async () => { console.log(data.length); }); +tap.test('should deal with FeodoTracker data', async () => { + const feodoTracker = new abuseCh.FeodoTracker(); + const data = await feodoTracker.getData(); + console.log(data.length); + console.log(data[0]); +}); + tap.start(); diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index dbe19e2..9b71610 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@apiclient.xyz/abuse.ch', - version: '1.0.8', + version: '1.0.9', description: 'an unofficial client to retrieve abuse.ch data' } diff --git a/ts/abuse.ch.classes.feodotracker.ts b/ts/abuse.ch.classes.feodotracker.ts new file mode 100644 index 0000000..bd903b1 --- /dev/null +++ b/ts/abuse.ch.classes.feodotracker.ts @@ -0,0 +1,63 @@ +import * as plugins from './plugins.js'; +import * as paths from './paths.js'; +import * as helpers from './helpers.js'; + +export interface IFeodoTrackerData { + ID: string; + Dateadded: string; + DestinationIP: string; + DestinationPort: string; + Malware: string; + Reporter: string; +} + + +export class FeodoTracker { + private static readonly FEODO_TRACKER_API_URL: string = 'https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt'; + + public async getData(): Promise { + plugins.smartfile.fs.ensureDirSync(paths.feodoTrackerTmp); + const txtPath = plugins.path.join(paths.feodoTrackerTmp, 'feodo.txt'); + + const response = await plugins.nodeFetch(FeodoTracker.FEODO_TRACKER_API_URL, { + ...(helpers.findProxy() ? { + agent: helpers.getAgent(), + } : {}) + }); + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + await new Promise((resolve, reject) => { + const fileStream = plugins.fs.createWriteStream(txtPath); + // @ts-ignore + const readable = plugins.stream.Readable.from(response.body); + plugins.stream.pipeline(readable, fileStream, (err) => { + if (err) reject(err); + else resolve(null); + }); + }); + + let data: IFeodoTrackerData[] = []; + await new Promise((resolve, reject) => { + plugins.stream.pipeline( + plugins.fs.createReadStream(txtPath), + plugins.csv({ + headers: ['ID', 'Dateadded', 'DestinationIP', 'DestinationPort', 'Malware', 'Reporter'], + mapValues: ({ header, value }) => value.trim() + }), + (err) => { + if (err) reject(err); + } + ) + .on('data', (row) => { + data.push(row); + }) + .on('end', resolve) + .on('error', reject); + }); + + plugins.smartfile.fs.removeSync(paths.feodoTrackerTmp); + return data; + } +} diff --git a/ts/index.ts b/ts/index.ts index 2e82211..6bc4bad 100644 --- a/ts/index.ts +++ b/ts/index.ts @@ -1,2 +1,3 @@ -export * from './abuse.ch.classes.urlhouse.js'; +export * from './abuse.ch.classes.feodotracker.js'; export * from './abuse.ch.classes.threatfox.js'; +export * from './abuse.ch.classes.urlhouse.js'; diff --git a/ts/paths.ts b/ts/paths.ts index 83956f2..6117e6c 100644 --- a/ts/paths.ts +++ b/ts/paths.ts @@ -5,3 +5,4 @@ export const nogitDir = plugins.path.join(packageDir, '.nogit'); export const urlHouseTmp = plugins.path.join(nogitDir, 'tmp.urlhaus'); export const threatFoxTmp = plugins.path.join(nogitDir, 'tmp.threatfox'); +export const feodoTrackerTmp = plugins.path.join(nogitDir, 'tmp.feodotracker');