-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathcheck_urls.py
More file actions
42 lines (35 loc) · 1.71 KB
/
check_urls.py
File metadata and controls
42 lines (35 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#--depends-on commands
#--depends-on config
#--require-config virustotal-api-key
# ^ get API key from https://www.virustotal.com/en/documentation/public-api/
import re
from src import ModuleManager, utils
URL_VIRUSTOTAL = "https://www.virustotal.com/vtapi/v2/url/report"
RE_URL = re.compile(r"https?://\S+", re.I)
@utils.export("channelset", utils.BoolSetting("check-urls",
"Enable/Disable automatically checking for malicious URLs"))
@utils.export("serverset", utils.BoolSetting("check-urls",
"Enable/Disable automatically checking for malicious URLs"))
@utils.export("channelset", utils.BoolSetting("check-urls-kick",
"Enable/Disable automatically kicking users that send malicious URLs"))
class Module(ModuleManager.BaseModule):
_name = "CheckURL"
@utils.hook("command.regex")
@utils.kwarg("ignore_action", False)
@utils.kwarg("command", "check-url")
@utils.kwarg("pattern", utils.http.REGEX_URL)
def message(self, event):
if event["target"].get_setting("check-urls",
event["server"].get_setting("check-urls", False)):
url = utils.http.url_sanitise(event["match"].group(0))
page = utils.http.request(URL_VIRUSTOTAL, get_params={
"apikey": self.bot.config["virustotal-api-key"], "resource": url
}).json()
if page and page.get("positives", 0) > 1:
event.eat()
if event["target"].get_setting("check-urls-kick", False):
event["target"].send_kick(event["user"].nickname,
"Don't send malicious URLs!")
else:
event["stdout"].write("%s just send a malicous URL!" %
event["user"].nickname)