search

wgpsec / tig

Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
Apache License 2.0
850 stars 138 forks source link

情报查询报错 #3

Closed cnbjxxxxx closed 3 years ago

cnbjxxxxx commented 3 years ago

您好,配置完微步在线api后,发现无法查询,微步在线的api接口地址变了

teamssix commented 3 years ago

您好,请问有报错详情吗?我这边运行正常的。

fnatic0606 commented 3 years ago

配置文件里加了api后,执行python报错

keac commented 3 years ago

麻烦贴一下报错详情方便我们排查

fnatic0606 commented 3 years ago

D:\安全工具包\渗透工具包\渗透测试工具包\信息收集\tig-master\tig-master>python tig.py -i 125.41.206.14 -c config.ini

+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ |T|h|r|e|a|t| |I|n|t|e|l|l|i|g|e|n|c|e| |G|a|t|h|e|r|i|n|g| +-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+ Author: TeamsSix Version: 0.4.2 Date: 2021-04-09

[!] 正在查询 125.41.206.14 的情报信息-------------------------------------------- Exception in thread t_ThreatBook: Traceback (most recent call last): File "D:\python\lib\threading.py", line 932, in _bootstrap_inner self.run() File "D:\python\lib\threading.py", line 870, in run self._target(*self._args, self._kwargs) File "tig.py", line 145, in ThreatBook r = requests.request("GET", url, params=query) File "D:\python\lib\site-packages\requests\api.py", line 61, in request return session.request(method=method, url=url, kwargs) File "D:\python\lib\site-packages\requests\sessions.py", line 542, in request resp = self.send(prep, send_kwargs) File "D:\python\lib\site-packages\requests\sessions.py", line 655, in send r = adapter.send(request, kwargs) File "D:\python\lib\site-packages\requests\adapters.py", line 439, in send resp = conn.urlopen( File "D:\python\lib\site-packages\urllib3\connectionpool.py", line 696, in urlopen self._prepare_proxy(conn) File "D:\python\lib\site-packages\urllib3\connectionpool.py", line 964, in _prepare_proxy conn.connect() File "D:\python\lib\site-packages\urllib3\connection.py", line 359, in connect conn = self._connect_tls_proxy(hostname, conn) File "D:\python\lib\site-packages\urllib3\connection.py", line 500, in _connect_tls_proxy return ssl_wrapsocket( File "D:\python\lib\site-packages\urllib3\util\ssl.py", line 432, in ssl_wrap_socket ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_intls) File "D:\python\lib\site-packages\urllib3\util\ssl.py", line 474, in _ssl_wrap_socket_impl return ssl_context.wrap_socket(sock) File "D:\python\lib\ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "D:\python\lib\ssl.py", line 997, in _create raise ValueError("check_hostname requires server_hostname") ValueError: check_hostname requires server_hostname

teamssix commented 3 years ago

您好,根据您的报错信息来看,是在进行微步API信息的获取过程中出现了报错。

由于我这边再次测试发现程序是能够正常运行的,至于您这里的报错可能是由于您的配置文件中微步API填写的格式存在问题,微步API应该是英文字母和数字组合的一串字符,对于配置文件中关于微步API填写部分,正确的填写格式应该为:ThreatBook_api = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

fnatic0606 commented 3 years ago

支持查域名么?

teamssix commented 3 years ago

暂时还不支持,下个版本或将加入这个功能

kay6666 commented 3 years ago

同样是微步api问题 [!] 正在查询 223.167.118.17 的情报信息--------------------------------------------

[-] 微步 API 调用失败,错误信息:Invalid Key Status ,api没问题,请问还怎么弄呢

kay6666 commented 3 years ago

同样是微步api问题 [!] 正在查询 223.167.118.17 的情报信息--------------------------------------------

[-] 微步 API 调用失败,错误信息:Invalid Key Status ,api没问题,请问还怎么弄呢

解决了 api的问题