update the shodan to use only ip

2025-09-16 00:57:24 +02:00
parent f0f80be955
commit baa57bfac2
2 changed files with 153 additions and 255 deletions
--- a/core/scanner.py
+++ b/core/scanner.py
@@ -491,7 +491,7 @@ class Scanner:
            if provider_results is None:
                provider_successful = False
            elif not self._is_stop_requested():
-                discovered, is_large_entity = self._process_provider_results_forensic(
+                discovered, is_large_entity = self._process_provider_results(
                    target, provider, provider_results, node_attributes, depth
                )
                if is_large_entity:
@@ -711,7 +711,7 @@ class Scanner:
        
        self.logger.logger.info(f"Provider state updated: {target} -> {provider_name} -> {status} ({results_count} results)")

-    def _process_provider_results_forensic(self, target: str, provider, results: List,
+    def _process_provider_results(self, target: str, provider, results: List,
                                        node_attributes: Dict, current_depth: int) -> Tuple[Set[str], bool]:
        """Process provider results, returns (discovered_targets, is_large_entity)."""
        provider_name = provider.get_name()
@@ -741,8 +741,14 @@ class Scanner:
                discovery_method=f"{provider_name}_query_depth_{current_depth}"
            )

+            # Collect attributes for the source node
            self._collect_node_attributes(source, provider_name, rel_type, rel_target, raw_data, node_attributes[source])

+            # If the relationship is asn_membership, collect attributes for the target ASN node
+            if rel_type == 'asn_membership':
+                self._collect_node_attributes(rel_target, provider_name, rel_type, source, raw_data, node_attributes[rel_target])
+
+
            if isinstance(rel_target, list):
                # If the target is a list, iterate and process each item
                for single_target in rel_target:
@@ -909,18 +915,22 @@ class Scanner:
                        attributes.setdefault('related_domains_san', []).append(target)

        elif provider_name == 'shodan':
+            # This logic will now apply to the correct node (ASN or IP)
            shodan_attributes = attributes.setdefault('shodan', {})
            for key, value in raw_data.items():
                if key not in shodan_attributes or not shodan_attributes.get(key):
                    shodan_attributes[key] = value

+            if _is_valid_ip(node_id):
+                if 'ports' in raw_data:
+                    attributes['ports'] = raw_data['ports']
+                if 'os' in raw_data and raw_data['os']:
+                    attributes['os'] = raw_data['os']
+
        if rel_type == "asn_membership":
-            attributes['asn'] = {
-                'id': target,
-                'description': raw_data.get('org', ''),
-                'isp': raw_data.get('isp', ''),
-                'country': raw_data.get('country', '')
-            }
+            # This is the key change: these attributes are for the target (the ASN),
+            # not the source (the IP). We will add them to the ASN node later.
+            pass
        
        record_type_name = rel_type
        if record_type_name not in attributes: