From ee15a9b5c62a71d909279b235ed36ba273cb1544 Mon Sep 17 00:00:00 2001 From: Terrtia Date: Mon, 17 Feb 2020 10:52:25 +0100 Subject: [PATCH] chg: [UI MISP import] add MISP import --- bin/export/MispExport.py | 6 +- bin/export/MispImport.py | 21 ++++- var/www/Flask_server.py | 2 + var/www/blueprints/import_export.py | 75 +++++++++++++++++ var/www/templates/decoded/menu_sidebar.html | 41 ++++++---- .../import_export/export_object.html | 62 ++++++++++++++ .../import_export/import_object.html | 81 +++++++++++++++++++ var/www/templates/nav_bar.html | 2 +- 8 files changed, 268 insertions(+), 22 deletions(-) create mode 100644 var/www/blueprints/import_export.py create mode 100644 var/www/templates/import_export/export_object.html create mode 100644 var/www/templates/import_export/import_object.html diff --git a/bin/export/MispExport.py b/bin/export/MispExport.py index 33740984..a9363060 100755 --- a/bin/export/MispExport.py +++ b/bin/export/MispExport.py @@ -8,11 +8,11 @@ import redis sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib')) sys.path.append(os.path.join(os.environ['AIL_BIN'], 'packages')) +import Item import Cryptocurrency import Pgp import Decoded import Domain -import Item import Screenshot import Correlate_object @@ -221,8 +221,8 @@ def create_list_of_objs_to_export(l_obj, mode='union'): print(event.to_json()) - #misp = PyMISP('https://127.0.0.1:8443/', 'uXgcN42b7xuL88XqK5hubwD8Q8596VrrBvkHQzB0', False) - #misp.add_event(event, pythonify=True) + misp = PyMISP('https://127.0.0.1:8443/', 'uXgcN42b7xuL88XqK5hubwD8Q8596VrrBvkHQzB0', False) + misp.add_event(event, pythonify=True) def create_all_misp_obj(all_obj_to_export, set_relationship): diff --git a/bin/export/MispImport.py b/bin/export/MispImport.py index d3b328e6..1db430b2 100755 --- a/bin/export/MispImport.py +++ b/bin/export/MispImport.py @@ -44,6 +44,21 @@ def get_global_id_from_id(global_id): obj_meta['id'] = global_id[1] return obj_meta +def get_import_dir(): + return os.path.join(os.environ['AIL_HOME'], 'temp/import') + +def sanitize_import_file_path(filename): + IMPORT_FOLDER = get_import_dir() + filename = os.path.join(IMPORT_FOLDER, filename) + filename = os.path.realpath(filename) + # path traversal + if not os.path.commonprefix([filename, IMPORT_FOLDER]) == IMPORT_FOLDER: + return os.path.join(IMPORT_FOLDER, str(uuid.uuid4()) + '.json') + # check if file already exist + if os.path.isfile(filename): + return os.path.join(IMPORT_FOLDER, str(uuid.uuid4()) + '.json') + return filename + def get_misp_obj_tag(misp_obj): if misp_obj.attributes: misp_tags = misp_obj.attributes[0].tags @@ -204,19 +219,19 @@ def import_objs_from_file(filepath): for misp_obj in event_to_import.objects: create_obj_relationships(map_uuid_global_id, misp_obj) - #print(map_uuid_global_id) + return map_uuid_global_id if __name__ == '__main__': # misp = PyMISP('https://127.0.0.1:8443/', 'uXgcN42b7xuL88XqK5hubwD8Q8596VrrBvkHQzB0', False) - #import_objs_from_file('test_import_item.json') + import_objs_from_file('test_import_item.json') #Screenshot.delete_screenshot('a92d459f70c4dea8a14688f585a5e2364be8b91fbf924290ead361d9b909dcf1') #Decoded.delete_decoded('d59a110ab233fe87cefaa0cf5603b047b432ee07') #Pgp.pgp.delete_correlation('key', '0xA4BB02A75E6AF448') #Item.delete_item('submitted/2020/02/10/b2485894-4325-469b-bc8f-6ad1c2dbb202.gz') - Item.delete_item('archive/pastebin.com_pro/2020/02/10/K2cerjP4.gz') + #Item.delete_item('archive/pastebin.com_pro/2020/02/10/K2cerjP4.gz') diff --git a/var/www/Flask_server.py b/var/www/Flask_server.py index f5d6d19f..07ecbb41 100755 --- a/var/www/Flask_server.py +++ b/var/www/Flask_server.py @@ -40,6 +40,7 @@ from blueprints.root import root from blueprints.crawler_splash import crawler_splash from blueprints.correlation import correlation from blueprints.tags_ui import tags_ui +from blueprints.import_export import import_export Flask_dir = os.environ['AIL_FLASK'] @@ -93,6 +94,7 @@ app.register_blueprint(root, url_prefix=baseUrl) app.register_blueprint(crawler_splash, url_prefix=baseUrl) app.register_blueprint(correlation, url_prefix=baseUrl) app.register_blueprint(tags_ui, url_prefix=baseUrl) +app.register_blueprint(import_export, url_prefix=baseUrl) # ========= =========# # ========= Cookie name ======== diff --git a/var/www/blueprints/import_export.py b/var/www/blueprints/import_export.py new file mode 100644 index 00000000..f93b7cd3 --- /dev/null +++ b/var/www/blueprints/import_export.py @@ -0,0 +1,75 @@ +#!/usr/bin/env python3 +# -*-coding:UTF-8 -* + +''' + Blueprint Flask: MISP format import export +''' + +import os +import sys +import json +import random + +from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response +from flask_login import login_required, current_user, login_user, logout_user + +sys.path.append('modules') +import Flask_config + +# Import Role_Manager +from Role_Manager import create_user_db, check_password_strength, check_user_role_integrity +from Role_Manager import login_admin, login_analyst, login_read_only + +sys.path.append(os.path.join(os.environ['AIL_BIN'], 'export')) +import MispImport +import MispExport + +sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib')) +import Correlate_object + +bootstrap_label = Flask_config.bootstrap_label + +# ============ BLUEPRINT ============ +import_export = Blueprint('import_export', __name__, template_folder=os.path.join(os.environ['AIL_FLASK'], 'templates/import_export')) + +# ============ VARIABLES ============ + + + +# ============ FUNCTIONS ============ + + +# ============= ROUTES ============== +@import_export.route('/import_export/import') +@login_required +@login_analyst +def import_object(): + tags = request.args.get('tags') + return render_template("import_object.html", bootstrap_label=bootstrap_label) + +@import_export.route("/import_export/import_file", methods=['POST']) +@login_required +@login_analyst +def import_object_file(): + + is_file = False + if 'file' in request.files: + file = request.files['file'] + if file: + if file.filename: + is_file = True + + if is_file: + filename = MispImport.sanitize_import_file_path(file.filename) + file.save(filename) + map_uuid_global_id = MispImport.import_objs_from_file(filename) + os.remove(filename) + + return render_template("import_object.html", bootstrap_label=bootstrap_label) + +@import_export.route('/import_export/export') +@login_required +@login_analyst +def export_object(): + object_type = request.args.get('object_type') + return render_template("export_object.html", bootstrap_label=bootstrap_label) diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html index f8b63426..a1794296 100644 --- a/var/www/templates/decoded/menu_sidebar.html +++ b/var/www/templates/decoded/menu_sidebar.html @@ -6,32 +6,22 @@ diff --git a/var/www/templates/import_export/export_object.html b/var/www/templates/import_export/export_object.html new file mode 100644 index 00000000..5be449b9 --- /dev/null +++ b/var/www/templates/import_export/export_object.html @@ -0,0 +1,62 @@ + + + + + + + AIL - framework + + + + + + + + + + + + + + + + + {% include 'nav_bar.html' %} + +
+
+ + {% include 'decoded/menu_sidebar.html' %} + +
+ + MISP exporter + +
+
+
+ + + + + + + diff --git a/var/www/templates/import_export/import_object.html b/var/www/templates/import_export/import_object.html new file mode 100644 index 00000000..7dcdfb36 --- /dev/null +++ b/var/www/templates/import_export/import_object.html @@ -0,0 +1,81 @@ + + + + + + + AIL - framework + + + + + + + + + + + + + + + + + {% include 'nav_bar.html' %} + +
+
+ + {% include 'decoded/menu_sidebar.html' %} + +
+ +
+
+
MISP Import from MISP Export File
+
+
+ +
+ +
+ + +
+
+ +
+ +
+ + +
+ +
+
+
+ + + + + + + diff --git a/var/www/templates/nav_bar.html b/var/www/templates/nav_bar.html index 2f50dfd1..adbc1cf5 100644 --- a/var/www/templates/nav_bar.html +++ b/var/www/templates/nav_bar.html @@ -25,7 +25,7 @@ Crawlers