Skip to content

Commit f8e11a6

Browse files
TheTechromancerTheTechromancer
committed
fix tests for 3.0
1 parent 691285e commit f8e11a6

File tree

2 files changed

+21
-19
lines changed

2 files changed

+21
-19
lines changed

bbot/modules/shodan_enterprise.py

Lines changed: 13 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
class shodan_enterprise(BaseModule):
55
watched_events = ["IP_ADDRESS"]
6-
produced_events = ["OPEN_TCP_PORT", "TECHNOLOGY", "OPEN_UDP_PORT", "ASN", "VULNERABILITY"]
6+
produced_events = ["OPEN_TCP_PORT", "TECHNOLOGY", "OPEN_UDP_PORT", "ASN", "FINDING"]
77
flags = ["passive", "safe"]
88
meta = {
99
"created_date": "2026-01-27",
@@ -71,7 +71,7 @@ async def handle_event(self, event):
7171
"ASN",
7272
parent=event,
7373
tags=host.get("tags") or [],
74-
context=f"Shodan API {ip} request and find ASN",
74+
context=f"{{module}} queried Shodan API for {ip} and found ASN",
7575
)
7676

7777
if "data" not in host:
@@ -91,7 +91,7 @@ async def handle_event(self, event):
9191
"TECHNOLOGY",
9292
parent=event,
9393
tags=data.get("tags") or [],
94-
context=f"Shodan API {ip} request and find TECHNOLOGY: {technology}",
94+
context=f"{{module}} queried Shodan API for {ip} and found TECHNOLOGY: {technology}",
9595
)
9696

9797
for technology in data.get("cpe23", []):
@@ -101,7 +101,7 @@ async def handle_event(self, event):
101101
"TECHNOLOGY",
102102
parent=event,
103103
tags=data.get("tags") or [],
104-
context=f"Shodan API {ip} request and find TECHNOLOGY: {technology}",
104+
context=f"{{module}} queried Shodan API for {ip} and found TECHNOLOGY: {technology}",
105105
)
106106

107107
# TECHNOLOGY Additional Formats
@@ -116,7 +116,7 @@ async def handle_event(self, event):
116116
"TECHNOLOGY",
117117
parent=event,
118118
tags=data.get("tags") or [],
119-
context=f"Shodan API {ip} request and find TECHNOLOGY: {data['product']}",
119+
context=f"{{module}} queried Shodan API for {ip} and found TECHNOLOGY: {data['product']}",
120120
)
121121

122122
if "http" in data:
@@ -130,7 +130,7 @@ async def handle_event(self, event):
130130
"TECHNOLOGY",
131131
parent=event,
132132
tags=tags,
133-
context=f"Shodan API {ip} request and find TECHNOLOGY: {technology}",
133+
context=f"{{module}} queried Shodan API for {ip} and found TECHNOLOGY: {technology}",
134134
)
135135

136136
# OPEN_TCP_PORT, OPEN_UDP_PORT Extraction
@@ -141,20 +141,20 @@ async def handle_event(self, event):
141141
"OPEN_TCP_PORT",
142142
parent=event,
143143
tags=data.get("tags") or [],
144-
context=f"Shodan API {ip} request and find OPEN_TCP_PORT: {data.get('port')}",
144+
context=f"{{module}} queried Shodan API for {ip} and found OPEN_TCP_PORT: {data.get('port')}",
145145
)
146146
elif data["transport"] == "udp":
147147
await self.emit_event(
148148
self.helpers.make_netloc(ip, data.get("port")),
149149
"OPEN_UDP_PORT",
150150
parent=event,
151151
tags=data.get("tags") or [],
152-
context=f"Shodan API {ip} request and find OPEN_UDP_PORT: {data.get('port')}",
152+
context=f"{{module}} queried Shodan API for {ip} and found OPEN_UDP_PORT: {data.get('port')}",
153153
)
154154
else:
155155
self.warning(f"Unknown transport {data['transport']}")
156156

157-
# VULNERABILITY Extraction
157+
# FINDING Extraction
158158
if "vulns" in data:
159159
for cve, vuln_data in data["vulns"].items():
160160
cvss = vuln_data.get("cvss", 0)
@@ -163,14 +163,16 @@ async def handle_event(self, event):
163163
key=lambda x: severity_map[x],
164164
)
165165
vuln = {
166+
"name": "Shodan - Possible Vulnerabilities",
166167
"host": data.get("ip_str"),
167168
"severity": severity,
168169
"description": cve,
170+
"confidence": "LOW"
169171
}
170172
await self.emit_event(
171173
vuln,
172-
"VULNERABILITY",
174+
"FINDING",
173175
parent=event,
174176
tags=[],
175-
context=f"Shodan API {ip} request and find VULNERABILITY {cve}",
177+
context=f"{{module}} queried Shodan API for {ip} and found FINDING {cve}",
176178
)

bbot/test/test_step_2/module_tests/test_module_shodan_enterprise.py

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -62,15 +62,15 @@ def check(self, module_test, events):
6262
udp_ports = [e.data for e in events if e.type == "OPEN_UDP_PORT"]
6363
assert any("8.8.8.8:53" in str(p) for p in tcp_ports), "TCP port 53 not detected"
6464
assert any("8.8.8.8:53" in str(p) for p in udp_ports), "UDP port 53 not detected"
65-
vuln_events = [e for e in events if e.type == "VULNERABILITY"]
66-
vuln_map = {e.data.get("description"): e.data.get("severity") for e in vuln_events}
67-
assert "CVE-2021-12345" in vuln_map
68-
assert vuln_map["CVE-2021-12345"] == "HIGH"
69-
assert "CVE-2020-00001" in vuln_map
70-
assert vuln_map["CVE-2020-00001"] == "LOW"
65+
finding_events = [e for e in events if e.type == "FINDING"]
66+
finding_map = {e.data.get("description"): e.data.get("severity") for e in finding_events}
67+
assert "CVE-2021-12345" in finding_map
68+
assert finding_map["CVE-2021-12345"] == "HIGH"
69+
assert "CVE-2020-00001" in finding_map
70+
assert finding_map["CVE-2020-00001"] == "LOW"
7171
tech_events = [e for e in events if e.type == "TECHNOLOGY"]
7272
tech_names = {e.data.get("technology") for e in tech_events}
7373
assert "cpe:/a:google:dns" in tech_names
74-
assert "Google Public DNS" in tech_names
75-
assert "OpenSSL" in tech_names
74+
assert "google public dns" in tech_names
75+
assert "openssl" in tech_names
7676
assert "nginx" in tech_names

0 commit comments

Comments
 (0)