Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] VirusTotal get report ip_addresses do not return 'resolutions' #1204

Closed
TheOnlyTermin opened this issue Jul 26, 2023 · 0 comments
Closed

[Bug] VirusTotal get report ip_addresses do not return 'resolutions' #1204

TheOnlyTermin opened this issue Jul 26, 2023 · 0 comments
Assignees
@jeromeleonard
Labels
category:bug Issue is related to a bug priotiry:high scope:analyzer Issue is analyzer related
Milestone
3.3.0

Comments

@TheOnlyTermin
Copy link
Contributor

Describe the bug
When submitting an IP address to the VirusTotal Get Report analyzer it does not return any resolutions.

To Reproduce
Steps to reproduce the behavior:

  1. Enable and configure VirusTotal Get Report analyzer with a free api key.
  2. Run analyzer with type ip address
  3. Review result, no json data in the summary tags regarding resolutions.

Expected behavior
A report summary consisting of the number of resolutions relating to the IP address, coloured based on the severity level. For example: VT:GetReport="200 resolution(s)". This assumes that #1203 is resolved.

Complementary information
no_resolutions

Work environment

  • Client OS: Windows 10
  • Server OS: Red Hat 8
  • Browse type and version: Edge 115.0.1901.183
  • Cortex version: 3.1.7-1
  • Cortex Analyzer name: VirusTotal_GetReport_3_1
  • Cortex Analyzer version: 3.1

Possible solutions
Resolutions are included in the free api tier (https://developers.virustotal.com/reference/ip-resolutions). The get_object on line 170 is failing as it returns a list of dictionaries and the VT package expects a dictionary. Using get_json can resolve this.
@TheOnlyTermin TheOnlyTermin mentioned this issue Jul 26, 2023
Closed
@jeromeleonard jeromeleonard self-assigned this Aug 1, 2023
@jeromeleonard jeromeleonard added category:bug Issue is related to a bug scope:analyzer Issue is analyzer related priotiry:high labels Aug 1, 2023
@jeromeleonard jeromeleonard added this to the 3.3.0 milestone Aug 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jeromeleonard jeromeleonard

Labels
category:bug Issue is related to a bug priotiry:high scope:analyzer Issue is analyzer related
Projects
None yet
Milestone
3.3.0
Development

Successfully merging a pull request may close this issue.

Fix summary for ip addresses and resolutions
2 participants
@jeromeleonard @TheOnlyTermin