fix: [objects] fix investigation + ail2ail + screenshot MISP export

pull/594/head
Terrtia 2023-06-04 17:34:21 +02:00
parent 1eae92c755
commit f3c3cb5d05
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
5 changed files with 29 additions and 8 deletions

View File

@ -141,7 +141,10 @@ def is_server_client_sync_mode_connected(ail_uuid, sync_mode):
return res == 1 return res == 1
def is_server_client_connected(ail_uuid): def is_server_client_connected(ail_uuid):
try:
return r_cache.sismember('ail_2_ail:server:all_clients', ail_uuid) return r_cache.sismember('ail_2_ail:server:all_clients', ail_uuid)
except:
return False
def clear_server_connected_clients(): def clear_server_connected_clients():
for ail_uuid in get_server_all_connected_clients(): for ail_uuid in get_server_all_connected_clients():
@ -398,7 +401,10 @@ def get_all_ail_instance_keys():
return r_serv_sync.smembers(f'ail:instance:key:all') return r_serv_sync.smembers(f'ail:instance:key:all')
def is_allowed_ail_instance_key(key): def is_allowed_ail_instance_key(key):
try:
return r_serv_sync.sismember(f'ail:instance:key:all', key) return r_serv_sync.sismember(f'ail:instance:key:all', key)
except:
return False
def get_ail_instance_key(ail_uuid): def get_ail_instance_key(ail_uuid):
return r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'api_key') return r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'api_key')
@ -427,7 +433,10 @@ def get_ail_instance_all_sync_queue(ail_uuid):
return r_serv_sync.smembers(f'ail:instance:sync_queue:{ail_uuid}') return r_serv_sync.smembers(f'ail:instance:sync_queue:{ail_uuid}')
def is_ail_instance_queue(ail_uuid, queue_uuid): def is_ail_instance_queue(ail_uuid, queue_uuid):
try:
return r_serv_sync.sismember(f'ail:instance:sync_queue:{ail_uuid}', queue_uuid) return r_serv_sync.sismember(f'ail:instance:sync_queue:{ail_uuid}', queue_uuid)
except:
return False
def exists_ail_instance(ail_uuid): def exists_ail_instance(ail_uuid):
return r_serv_sync.exists(f'ail:instance:{ail_uuid}') return r_serv_sync.exists(f'ail:instance:{ail_uuid}')
@ -439,7 +448,10 @@ def get_ail_instance_description(ail_uuid):
return r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'description') return r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'description')
def exists_ail_instance(ail_uuid): def exists_ail_instance(ail_uuid):
try:
return r_serv_sync.sismember('ail:instance:all', ail_uuid) return r_serv_sync.sismember('ail:instance:all', ail_uuid)
except:
return False
def is_ail_instance_push_enabled(ail_uuid): def is_ail_instance_push_enabled(ail_uuid):
res = r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'push') res = r_serv_sync.hget(f'ail:instance:{ail_uuid}', 'push')
@ -935,7 +947,10 @@ def get_all_sync_queue_dict():
return dict_sync_queues return dict_sync_queues
def is_queue_registred_by_ail_instance(queue_uuid, ail_uuid): def is_queue_registred_by_ail_instance(queue_uuid, ail_uuid):
try:
return r_serv_sync.sismember(f'ail:instance:sync_queue:{ail_uuid}', queue_uuid) return r_serv_sync.sismember(f'ail:instance:sync_queue:{ail_uuid}', queue_uuid)
except:
return False
def register_ail_to_sync_queue(ail_uuid, queue_uuid): def register_ail_to_sync_queue(ail_uuid, queue_uuid):
is_linked = is_ail_instance_linked_to_sync_queue(ail_uuid) is_linked = is_ail_instance_linked_to_sync_queue(ail_uuid)

View File

@ -22,6 +22,7 @@ sys.path.append(os.environ['AIL_BIN'])
################################## ##################################
# Import Project packages # Import Project packages
################################## ##################################
from lib import ail_core
from lib import ConfigLoader from lib import ConfigLoader
from lib import Tag from lib import Tag
from lib.exceptions import UpdateInvestigationError from lib.exceptions import UpdateInvestigationError
@ -445,7 +446,7 @@ def api_register_object(json_dict):
investigation = Investigation(investigation_uuid) investigation = Investigation(investigation_uuid)
obj_type = json_dict.get('type', '').replace(' ', '') obj_type = json_dict.get('type', '').replace(' ', '')
if not exists_obj_type(obj_type): if obj_type not in ail_core.get_all_objects():
return {"status": "error", "reason": f"Invalid Object Type: {obj_type}"}, 400 return {"status": "error", "reason": f"Invalid Object Type: {obj_type}"}, 400
subtype = json_dict.get('subtype', '') subtype = json_dict.get('subtype', '')

View File

@ -9,6 +9,7 @@ import sys
from hashlib import sha256 from hashlib import sha256
from io import BytesIO from io import BytesIO
from flask import url_for from flask import url_for
from pymisp import MISPObject
sys.path.append(os.environ['AIL_BIN']) sys.path.append(os.environ['AIL_BIN'])
################################## ##################################

View File

@ -72,7 +72,10 @@ class AbstractSubtypeObject(AbstractObject, ABC):
return last_seen return last_seen
def get_nb_seen(self): def get_nb_seen(self):
return int(r_object.zscore(f'{self.type}_all:{self.subtype}', self.id)) nb = r_object.zscore(f'{self.type}_all:{self.subtype}', self.id)
if not nb:
nb = 0
return int(nb)
# # TODO: CHECK RESULT # # TODO: CHECK RESULT
def get_nb_seen_by_date(self, date_day): def get_nb_seen_by_date(self, date_day):

View File

@ -25,6 +25,7 @@ from exporter import MISPExporter
from exporter import TheHiveExporter from exporter import TheHiveExporter
from lib.exceptions import MISPConnectionError from lib.exceptions import MISPConnectionError
from lib.objects import ail_objects from lib.objects import ail_objects
from lib import ail_core
from lib.Investigations import Investigation from lib.Investigations import Investigation
# ============ BLUEPRINT ============ # ============ BLUEPRINT ============
@ -91,7 +92,7 @@ def import_object_file():
@login_analyst @login_analyst
def objects_misp_export(): def objects_misp_export():
user_id = current_user.get_id() user_id = current_user.get_id()
object_types = ail_objects.get_all_objects_with_subtypes_tuple() object_types = ail_core.get_all_objects_with_subtypes_tuple()
to_export = MISPExporter.get_user_misp_objects_to_export(user_id) to_export = MISPExporter.get_user_misp_objects_to_export(user_id)
return render_template("export_object.html", object_types=object_types, to_export=to_export) return render_template("export_object.html", object_types=object_types, to_export=to_export)