attempt to fix some logic

2025-09-17 00:05:48 +02:00
parent 47ce7ff883
commit f2db739fa1
6 changed files with 218 additions and 142 deletions
--- a/providers/crtsh_provider.py
+++ b/providers/crtsh_provider.py
@@ -355,7 +355,7 @@ class CrtShProvider(BaseProvider):
            'not_before': cert_data.get('not_before'),
            'not_after': cert_data.get('not_after'),
            'entry_timestamp': cert_data.get('entry_timestamp'),
-            'source': 'crt.sh'
+            'source': 'crtsh'
        }
        
        try:
@@ -367,8 +367,9 @@ class CrtShProvider(BaseProvider):
                metadata['is_currently_valid'] = self._is_cert_valid(cert_data)
                metadata['expires_soon'] = (not_after - datetime.now(timezone.utc)).days <= 30
                
-                metadata['not_before'] = not_before.strftime('%Y-%m-%d %H:%M:%S UTC')
-                metadata['not_after'] = not_after.strftime('%Y-%m-%d %H:%M:%S UTC')
+                # UPDATED: Keep raw date format or convert to standard format
+                metadata['not_before'] = not_before.isoformat()
+                metadata['not_after'] = not_after.isoformat()
                
        except Exception as e:
            self.logger.logger.debug(f"Error computing certificate metadata: {e}")
--- a/providers/dns_provider.py
+++ b/providers/dns_provider.py
@@ -155,12 +155,7 @@ class DNSProvider(BaseProvider):

    def _query_record(self, domain: str, record_type: str, result: ProviderResult) -> None:
        """
-        Query a specific type of DNS record for the domain and add results to ProviderResult.
-        
-        Args:
-            domain: Domain to query
-            record_type: DNS record type (A, AAAA, CNAME, etc.)
-            result: ProviderResult to populate
+        UPDATED: Query DNS records with minimal formatting - keep raw values.
        """
        try:
            self.total_requests += 1
@@ -180,13 +175,14 @@ class DNSProvider(BaseProvider):
                elif record_type == 'SOA':
                    target = str(record.mname).rstrip('.')
                elif record_type in ['TXT']:
-                    # TXT records are treated as attributes, not relationships
+                    # UPDATED: Keep raw TXT record value
                    txt_value = str(record).strip('"')
                    dns_records.append(f"TXT: {txt_value}")
                    continue
                elif record_type == 'SRV':
                    target = str(record.target).rstrip('.')
                elif record_type == 'CAA':
+                    # UPDATED: Keep raw CAA record format
                    caa_value = f"{record.flags} {record.tag.decode('utf-8')} \"{record.value.decode('utf-8')}\""
                    dns_records.append(f"CAA: {caa_value}")
                    continue
@@ -200,8 +196,8 @@ class DNSProvider(BaseProvider):
                        'value': target,
                        'ttl': response.ttl
                    }
-                    relationship_type = f"{record_type.lower()}_record"
-                    confidence = 0.8  # Standard confidence for DNS records
+                    relationship_type = f"{record_type.lower()}_record"  # Raw relationship type
+                    confidence = 0.8

                    # Add relationship
                    result.add_relationship(
@@ -213,7 +209,7 @@ class DNSProvider(BaseProvider):
                        raw_data=raw_data
                    )

-                    # Add DNS record as attribute to the source domain
+                    # UPDATED: Keep raw DNS record format
                    dns_records.append(f"{record_type}: {target}")

                    # Log relationship discovery
@@ -226,7 +222,7 @@ class DNSProvider(BaseProvider):
                        discovery_method=f"dns_{record_type.lower()}_record"
                    )

-            # Add DNS records as a consolidated attribute
+            # Add DNS records as a consolidated attribute (raw format)
            if dns_records:
                result.add_attribute(
                    target_node=domain,
@@ -241,5 +237,5 @@ class DNSProvider(BaseProvider):
        except Exception as e:
            self.failed_requests += 1
            self.logger.logger.debug(f"{record_type} record query failed for {domain}: {e}")
-            # Re-raise the exception so the scanner can handle it
-            raise e
+            raise e
+
--- a/providers/shodan_provider.py
+++ b/providers/shodan_provider.py
@@ -211,14 +211,7 @@ class ShodanProvider(BaseProvider):

    def _process_shodan_data(self, ip: str, data: Dict[str, Any]) -> ProviderResult:
        """
-        Process Shodan data to extract relationships and attributes.
-        
-        Args:
-            ip: IP address queried
-            data: Raw Shodan response data
-            
-        Returns:
-            ProviderResult with relationships and attributes
+        UPDATED: Process Shodan data with raw attribute names and values.
        """
        result = ProviderResult()

@@ -271,9 +264,10 @@ class ShodanProvider(BaseProvider):
                        confidence=0.9
                    )
            elif isinstance(value, (str, int, float, bool)) and value is not None:
+                # UPDATED: Keep raw Shodan field names (no "shodan_" prefix)
                result.add_attribute(
                    target_node=ip,
-                    name=f"shodan_{key}",
+                    name=key,  # Raw field name from Shodan API
                    value=value,
                    attr_type='shodan_info',
                    provider=self.name,