// A program to scan emails for phishing links.
// Copyright (C) 2019 Harald Eilertsen
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
use chrono::{ DateTime, Utc };
use serde::{ Deserialize, Deserializer };
use serde_json;
use std::io::{ self, BufRead };
use std::net::IpAddr;
use std::result::Result;
use std::str::FromStr;
pub struct PhishTank {
pub phishes: Vec<Phish>,
}
#[derive(Deserialize)]
pub struct Phish {
pub phish_id: u64,
pub url: String,
pub phish_detail_url: String,
pub submission_time: DateTime<Utc>,
#[serde(deserialize_with = "deserialize_yesno")]
pub verified: bool,
pub verification_time: Option<DateTime<Utc>>,
#[serde(deserialize_with = "deserialize_yesno")]
pub online: bool,
pub target: String,
pub details: Vec<PhishDetails>,
}
#[derive(Deserialize)]
pub struct PhishDetails {
pub ip_address: IpAddr,
pub cidr_block: String,
pub announcing_network: String,
pub rir: String,
pub detail_time: DateTime<Utc>,
}
pub fn load_phistank<R: BufRead>(input: R) -> Result<PhishTank, io::Error> {
let phishes = serde_json::from_reader(input)?;
Ok(PhishTank { phishes })
}
impl PhishTank {
pub fn is_phish(&self, url: &str) -> bool {
self.phishes.iter().find(|phish| phish.url == url).is_some()
}
}
// Helper function to deserialize "yes/no" into a bool.
//
// The PhishTank dataset uses the strings "yes" and "no" to represent
// boolean values. This function helps us deserialize back into a proper
// bool.
//
fn deserialize_yesno<'de, D>(d: D) -> Result<bool, D::Error>
where D: Deserializer<'de>
{
match String::deserialize(d)?.as_ref() {
"yes" => Ok(true),
"no" => Ok(false),
_ => Err(serde::de::Error::custom("Expected \"yes\" or \"no\"."))
}
}