Phunter Analyzer

[AnshSinghal]

Closes #2286

Description

Please include a summary of the change and link to the related issue.

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue).
• New feature (non-breaking change which adds functionality).
• Breaking change (fix or feature that would cause existing functionality to not work as expected).

Checklist

• I have read and understood the rules about how to Contribute to this project
• The pull request is for the branch develop
• A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case:
  • I strictly followed the documentation "How to create a Plugin"
  • Usage file was updated. A link to the PR to the docs repo has been added as a comment here.
  • Advanced-Usage was updated (in case the plugin provides additional optional configuration). A link to the PR to the docs repo has been added as a comment here.
  • I have dumped the configuration from Django Admin using the dumpplugin command and added it in the project as a data migration. ("How to share a plugin with the community")
  • If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
  • If you created a new analyzer and it is free (does not require any API key), please add it in the FREE_TO_USE_ANALYZERS playbook by following this guide.
  • Check if it could make sense to add that analyzer/connector to other freely available playbooks.
  • I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
  • If the plugin interacts with an external service, I have created an attribute called precisely url that contains this information. This is required for Health Checks.
  • If the plugin requires mocked testing, _monkeypatch() was used in its class to apply the necessary decorators.
  • I have added that raw JSON sample to the MockUpResponse of the _monkeypatch() method. This serves us to provide a valid sample for testing.
• I have inserted the copyright banner at the start of the file: # This file is a part of IntelOwl https://github.com/intelowlproject/IntelOwl # See the file 'LICENSE' for copying permission.
• If external libraries/packages with restrictive licenses were used, they were added in the Legal Notice section.
• Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
• I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
• If the GUI has been modified:
  • I have a provided a screenshot of the result in the PR.
  • I have created new frontend tests for the new component or updated existing ones.
• After you had submitted the PR, if DeepSource, Django Doctors or other third-party linters have triggered any alerts during the CI checks, I have solved those alerts.

Important Rules

• If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
• Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review by using GitHub's reviewing system detailed here.

{
  "report": {
    "valid": "yes",
    "views": "1",
    "carrier": "reliance telecom pvt ltd",
    "location": "baghpat/baraut, uttar pradesh",
    "possible": "yes",
    "line_type": "fixed line",
    "local_time": "19:47:16",
    "spam_status": "Not spammer",
    "phone_number": "+911234567890",
    "national_format": "01234 567 890",
    "international_format": "+91 1234 567 890"
  },
  "data_model": null,
  "errors": [],
  "parameters": {}
}

[AnshSinghal]

@mlodic @fgibertoni Please review

[fgibertoni]

Can you also provide an example of analyzer's output ?

[fgibertoni]

I think that we should refactor this.
Maybe adding an avoid_polling parameter to the _docker_run function which defaults to False to keep compatibility.

[AnshSinghal]

Sure

[fgibertoni]

Not needed if in docker analyzer

[AnshSinghal]

The phunter.py is also using this module so that would need to be installed.

[fgibertoni]

I think that performing the check twice is not necessary. I would keep it in docker analyzer only

[AnshSinghal]

Sure. But I believe it would be better in phunter.py so that it would instantly returns if invalid phone number is passed.

[fgibertoni]

intelowl_phoneinfoga container is already using this port. Please use a free one

[fgibertoni]

Suggested change

	image: intelowlproject/phunter:${REACT_APP_INTELOWL_VERSION}
	image: intelowlproject/intelowl_phunter:${REACT_APP_INTELOWL_VERSION}

[fgibertoni]

Suggested change

	container_name: phunter
	container_name: intelowl_phunter

[fgibertoni]

Is this number real ? You should use a non existing number here

[fgibertoni]

If no error is raised then nothing is returned. We should use a default

[fgibertoni]

Let's add a general Exception as fallback

[AnshSinghal]

😄 Didn't expect you to call for a general exception—tables have turned!

[fgibertoni]

Maybe consider using shlex for safer escaping before using subprocess.run

[AnshSinghal]

Umm but as we are already using a list which i believe is safer and preferred. What you say?

[fgibertoni]

The list is not escaping possible injection in formatted_number, so it would be safer to use shlex

[AnshSinghal]

Sure

[fgibertoni]

port

[fgibertoni]

Remove this as said

[fgibertoni]

Replied in thread

[AnshSinghal]

@fgibertoni service_api_key needs to be added to the GitHub Actions secret.

[github-actions]

This pull request has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates or it will be closed in 5 days.

[fgibertoni]

This should not be the issue stated here I think

[AnshSinghal]

But I believe the issue arising because of this only.

…

On Thu, 15 May 2025, 6:11 pm Federico Gibertoni, ***@***.***> wrote: *fgibertoni* left a comment (intelowlproject/IntelOwl#2841) <#2841 (comment)> This should not be the issue stated here I think — Reply to this email directly, view it on GitHub <#2841 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AQGMMT6SHJ7I57IFG6BLN3D26SDQNAVCNFSM6AAAAAB3W3P2VKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQOBTGY3TQOBTG4> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[fgibertoni]

I'm sorry you were right about the issue but the key had to be set in the test file.
You can pull the latest change from develop and should be fixed 😃

[AnshSinghal]

Sure. Will do the same

…

On Fri, 16 May 2025, 2:32 pm Federico Gibertoni, ***@***.***> wrote: *fgibertoni* left a comment (intelowlproject/IntelOwl#2841) <#2841 (comment)> I'm sorry you were right about the issue but the key had to be set in the test file. You can pull the latest change from develop and should be fixed 😃 — Reply to this email directly, view it on GitHub <#2841 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AQGMMT6GTPUD5WFLP64SEGL26WSRLAVCNFSM6AAAAAB3W3P2VKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQOBWGA4TSOBVGY> . You are receiving this because you authored the thread.Message ID: ***@***.***>