From 492b076f120b0821e059bee5fb133b04b52693ff Mon Sep 17 00:00:00 2001 From: juju4 Date: Sun, 26 May 2019 09:06:16 -0400 Subject: [PATCH 01/16] strict typing - snuffleupagus tests --- app/Controller/AppController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 38c41521d..b8de4a377 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -520,7 +520,7 @@ class AppController extends Controller private function __convertEmailToName($email) { - $name = explode('@', $email); + $name = explode('@', (string)$email); $name = explode('.', $name[0]); foreach ($name as $key => $value) { $name[$key] = ucfirst($value); @@ -663,7 +663,7 @@ class AppController extends Controller foreach ($options['paramArray'] as $p) { if ( isset($options['ordered_url_params'][$p]) && - (!in_array(strtolower($options['ordered_url_params'][$p]), array('null', '0', false, 'false', null))) + (!in_array(strtolower((string)$options['ordered_url_params'][$p]), array('null', '0', false, 'false', null))) ) { $data[$p] = $options['ordered_url_params'][$p]; $data[$p] = str_replace(';', ':', $data[$p]); From 22345a747d361f04c70cfaf758950f5abdfa283a Mon Sep 17 00:00:00 2001 From: StefanKelm Date: Thu, 13 Jun 2019 14:57:10 +0200 Subject: [PATCH 02/16] Update EventBlacklistsController.php (minor) aligns the text with app/Controller/Component/BlackListComponent.php --- app/Controller/EventBlacklistsController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/EventBlacklistsController.php b/app/Controller/EventBlacklistsController.php index 1080f8e97..a42bb636d 100644 --- a/app/Controller/EventBlacklistsController.php +++ b/app/Controller/EventBlacklistsController.php @@ -77,7 +77,7 @@ class EventBlacklistsController extends AppController if ($this->_isRest()) { return $this->RestResponse->saveSuccessResponse('EventBlacklist', 'Deleted', $ids, $this->response->type()); } else { - $this->Flash->success('Event deleted.'); + $this->Flash->success('Blacklist entry removed'); $this->redirect(array('controller' => 'eventBlacklists', 'action' => 'index')); } } else { From 2757d58f444a644516ca52978a3c9d685c4855e9 Mon Sep 17 00:00:00 2001 From: StefanKelm Date: Thu, 13 Jun 2019 16:00:29 +0200 Subject: [PATCH 03/16] Update edit.ctp Clarification that "Fetch GnuPG key" actually connects to the MIT key server --- app/View/Users/edit.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Users/edit.ctp b/app/View/Users/edit.ctp index bf77caf44..51e508682 100755 --- a/app/View/Users/edit.ctp +++ b/app/View/Users/edit.ctp @@ -20,7 +20,7 @@ ?>
Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge')); + echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the MIT key server by clicking on "Fetch GnuPG key" below.'))); ?>
Date: Tue, 18 Jun 2019 01:23:26 +0900 Subject: [PATCH 04/16] chg: [tools] ask_o () wants -e (for colorz) --- docs/generic/supportFunctions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/generic/supportFunctions.md b/docs/generic/supportFunctions.md index 61094d10a..8ba6c2512 100644 --- a/docs/generic/supportFunctions.md +++ b/docs/generic/supportFunctions.md @@ -239,7 +239,7 @@ ask_o () { while true; do case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac - echo -n "${1} (${OPT1}/${OPT2}) " + echo -e -n "${1} (${OPT1}/${OPT2}) " read ANSWER ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]') done From c097f001dc417c3a4e66fcb247108b8023f80acd Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 18 Jun 2019 09:57:27 +0200 Subject: [PATCH 05/16] new: [security] Made certain settings modifiable via the CLI only - some settings are too risky to be exposed, even to site admins, so made them CLI accessible only --- app/Controller/ServersController.php | 3 +++ app/Model/Server.php | 4 ++++ app/View/Elements/healthElements/settings_row.ctp | 12 ++++++++---- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 102ae2b32..4e2703abc 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1168,6 +1168,9 @@ class ServersController extends AppController } $setting = $this->Server->getSettingData($setting_name); + if (!empty($setting['cli_only'])) { + throw new MethodNotAllowedException(__('This setting can only be edited via the CLI.')); + } if ($this->request->is('get')) { if ($setting != null) { $value = Configure::read($setting['name']); diff --git a/app/Model/Server.php b/app/Model/Server.php index 318a1d0cb..ab902a7ed 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -210,6 +210,7 @@ class Server extends AppModel 'test' => 'testForBinExec', 'beforeHook' => 'beforeHookBinExec', 'type' => 'string', + 'cli_only' => 1 ), 'disable_auto_logout' => array( 'level' => 1, @@ -465,6 +466,7 @@ class Server extends AppModel 'null' => false, 'test' => 'testForWritableDir', 'type' => 'string', + 'cli_only' => 1 ), 'cached_attachments' => array( 'level' => 1, @@ -856,6 +858,7 @@ class Server extends AppModel 'test' => 'testForPath', 'type' => 'string', 'null' => true, + 'cli_only' => 1 ), 'custom_css' => array( 'level' => 2, @@ -979,6 +982,7 @@ class Server extends AppModel 'errorMessage' => '', 'test' => 'testForGPGBinary', 'type' => 'string', + 'cli_only' => 1 ), 'onlyencrypted' => array( 'level' => 0, diff --git a/app/View/Elements/healthElements/settings_row.ctp b/app/View/Elements/healthElements/settings_row.ctp index a575b5296..3be1d1d28 100644 --- a/app/View/Elements/healthElements/settings_row.ctp +++ b/app/View/Elements/healthElements/settings_row.ctp @@ -28,7 +28,7 @@ 'value_passive' => array( 'html' => nl2br(h($setting['value'])), 'class' => 'inline-field-solid live_filter_target', - 'requirement' => ((isset($setting['editable']) && !$setting['editable'])), + 'requirement' => ((isset($setting['editable']) && !$setting['editable']) || !empty($setting['cli_only'])), 'style' => 'width:500px;', 'id' => sprintf( 'setting_%s_%s_passive', @@ -39,7 +39,7 @@ 'value_solid' => array( 'html' => nl2br(h($setting['value'])), 'class' => 'inline-field-solid live_filter_target', - 'requirement' => ((!isset($setting['editable']) || $setting['editable'])), + 'requirement' => ((!isset($setting['editable']) || $setting['editable']) && empty($setting['cli_only'])), 'style' => 'width:500px;', 'id' => sprintf( 'setting_%s_%s_solid', @@ -51,7 +51,7 @@ ), 'value_placeholder' => array( 'class' => 'inline-field-placeholder hidden', - 'requirement' => ((!isset($setting['editable']) || $setting['editable'])), + 'requirement' => ((!isset($setting['editable']) || $setting['editable']) && empty($setting['cli_only'])), 'style' => 'width:500px;', 'id' => sprintf( 'setting_%s_%s_placeholder', @@ -60,7 +60,11 @@ ) ), 'description' => array( - 'html' => h($setting['description']), + 'html' => sprintf( + '%s%s', + !empty($setting['cli_only']) ? sprintf('[%s] ', __('CLI only')) : '', + h($setting['description']) + ), 'class' => 'live_filter_target' ), 'error' => array( From 007377129f94d41171547599bca9ed42d710a6ba Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 18 Jun 2019 10:51:16 +0200 Subject: [PATCH 06/16] new: [API] On-demand inclusion of attribute relations via the event view endpoint - new URL param, includeGranularCorrelations:1 added |\ /| ___| \,,/_/ ---__/ \/ \ __--/ (D) \ _ -/ (_ \ // / \_ / ==\ __-------_____--___--/ / \_ O o) / / \==/ / / || ) \_/\ || / _ / | | | /--______ ___\ /\ : | / __- - _/ ------ | | \ \ | - - / | | \ ) | | - | | ) | | | | | | | | | | | | < | | | |_/ < | /__\ < \ /__\ /___\ --- app/Controller/EventsController.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index e285e38ec..505a2c1be 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1549,6 +1549,8 @@ class EventsController extends AppController $conditions['includeFeedCorrelations'] = 1; if (!$this->_isRest()) { $conditions['includeGranularCorrelations'] = 1; + } else if (!empty($this->params['named']['includeGranularCorrelations'])) { + $conditions['includeGranularCorrelations'] = 1; } if (!isset($this->params['named']['includeServerCorrelations'])) { $conditions['includeServerCorrelations'] = 1; @@ -1559,6 +1561,28 @@ class EventsController extends AppController $conditions['includeServerCorrelations'] = $this->params['named']['includeServerCorrelations']; } $results = $this->Event->fetchEvent($this->Auth->user(), $conditions); + if (!empty($this->params['named']['includeGranularCorrelations'])) { + foreach ($results as $k => $event) { + if (!empty($event['RelatedAttribute'])) { + foreach ($event['RelatedAttribute'] as $attribute_id => $relation) { + foreach ($event['Attribute'] as $k2 => $attribute) { + if ((int)$attribute['id'] == $attribute_id) { + $results[$k]['Attribute'][$k2]['RelatedAttribute'][] = $relation; + break 2; + } + } + foreach ($event['Object'] as $k2 => $object) { + foreach ($object['Attribute'] as $k3 => $attribute) { + if ((int)$attribute['id'] == $attribute_id) { + $results[$k]['Object'][$k2]['Attribute'][$k3]['RelatedAttribute'][] = $relation; + break 3; + } + } + } + } + } + } + } if (empty($results)) { throw new NotFoundException(__('Invalid event')); } From 9f8e22e96ce27a472e8f8372b82fef377238ff44 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Tue, 18 Jun 2019 13:46:32 +0200 Subject: [PATCH 07/16] fix: [js] fixes #4678 and javascript errors --- app/webroot/js/misp.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index d197f8a3a..a8d00c3f0 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -4148,6 +4148,8 @@ function checkIfLoggedIn() { if (data.slice(-2) !== 'OK') { window.location.replace(baseurl + "/users/login"); } + }).fail(function() { + window.location.replace(baseurl + "/users/login"); }); } setTimeout(function() { checkIfLoggedIn(); }, 5000); From 80975bf7d3e922d128d92e4c3f2d9321c5be74dd Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 18 Jun 2019 14:42:31 +0200 Subject: [PATCH 08/16] fix: [UI] Enrichment hover should also work after sorting / changing the event attribute context, etc --- app/View/Elements/eventattribute.ctp | 26 ++++++++++++++++++++++++++ app/webroot/js/misp.js | 26 -------------------------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/app/View/Elements/eventattribute.ctp b/app/View/Elements/eventattribute.ctp index fceb11d5d..a157f8c7b 100644 --- a/app/View/Elements/eventattribute.ctp +++ b/app/View/Elements/eventattribute.ctp @@ -315,6 +315,32 @@ attributes or the appropriate distribution level. If you think there is a mistak url = "" + "/sightings/advanced/" + object_id + "/" + object_context; genericPopup(url, '#popover_box'); }); + $(".eventViewAttributeHover").mouseenter(function() { + $('#' + currentPopover).popover('destroy'); + var type = $(this).attr('data-object-type'); + var id = $(this).attr('data-object-id'); + + if (type + "_" + id in ajaxResults["hover"]) { + var element = $('#' + type + '_' + id + '_container'); + element.popover({ + title: attributeHoverTitle(id, type), + content: ajaxResults["hover"][type + "_" + id], + placement: attributeHoverPlacement(element), + html: true, + trigger: 'manual', + container: 'body' + }).popover('show'); + currentPopover = type + '_' + id + '_container'; + } else { + timer = setTimeout(function () { + runHoverLookup(type, id) + }, + 500 + ); + } + }).mouseout(function() { + clearTimeout(timer); + }); }); $('#attributesFilterField').bind("keydown", function(e) { var eventid = $('#attributesFilterField').data("eventid"); diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index d197f8a3a..52589e4ec 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -4015,32 +4015,6 @@ $(document).ready(function() { $('#quickFilterButton').trigger("click"); } }); - $(".eventViewAttributeHover").mouseenter(function() { - $('#' + currentPopover).popover('destroy'); - var type = $(this).attr('data-object-type'); - var id = $(this).attr('data-object-id'); - - if (type + "_" + id in ajaxResults["hover"]) { - var element = $('#' + type + '_' + id + '_container'); - element.popover({ - title: attributeHoverTitle(id, type), - content: ajaxResults["hover"][type + "_" + id], - placement: attributeHoverPlacement(element), - html: true, - trigger: 'manual', - container: 'body' - }).popover('show'); - currentPopover = type + '_' + id + '_container'; - } else { - timer = setTimeout(function () { - runHoverLookup(type, id) - }, - 500 - ); - } - }).mouseout(function() { - clearTimeout(timer); - }); $(".queryPopover").click(function() { url = $(this).data('url'); id = $(this).data('id'); From 5c10a02bf00248d0feaf36067e423a0b0290d9b8 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Tue, 18 Jun 2019 15:50:48 +0200 Subject: [PATCH 09/16] fix: [object:proposeValidTemplate] Support only_full_group_by sql mode. Fix #4746 --- app/Model/MispObject.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/app/Model/MispObject.php b/app/Model/MispObject.php index 1610a0e6c..f06b31a19 100644 --- a/app/Model/MispObject.php +++ b/app/Model/MispObject.php @@ -747,11 +747,10 @@ class MispObject extends AppModel } $attribute_types = array_keys($attribute_types); - $potential_templates = $this->ObjectTemplate->find('all', array( + $potential_templates = $this->ObjectTemplate->find('list', array( 'recursive' => -1, 'fields' => array( 'ObjectTemplate.id', - 'ObjectTemplate.name', 'COUNT(ObjectTemplateElement.type) as type_count' ), 'conditions' => array( @@ -767,11 +766,11 @@ class MispObject extends AppModel 'conditions' => array('ObjectTemplate.id = ObjectTemplateElement.object_template_id') ) ), - 'group' => 'ObjectTemplate.name', + 'group' => 'ObjectTemplate.id', 'order' => 'type_count DESC' )); - $potential_template_ids = Hash::extract($potential_templates, '{n}.ObjectTemplate.id'); + $potential_template_ids = array_keys($potential_templates); $templates = $this->ObjectTemplate->find('all', array( 'recursive' => -1, 'conditions' => array('id' => $potential_template_ids), From 5b1697667fc16901d720433ff6335a24a8cd6b8e Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 18 Jun 2019 17:51:25 +0200 Subject: [PATCH 10/16] new: [UI] Filter the object template index using the quick search --- app/Controller/ObjectTemplatesController.php | 12 ++++++++++++ app/View/ObjectTemplates/index.ctp | 18 ++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/app/Controller/ObjectTemplatesController.php b/app/Controller/ObjectTemplatesController.php index d1bcb66dc..b4f6c8031 100644 --- a/app/Controller/ObjectTemplatesController.php +++ b/app/Controller/ObjectTemplatesController.php @@ -163,12 +163,22 @@ class ObjectTemplatesController extends AppController public function index($all = false) { + $passedArgsArray = array(); + $passedArgs = $this->passedArgs; if (!$all || !$this->_isSiteAdmin()) { $this->paginate['conditions'][] = array('ObjectTemplate.active' => 1); $this->set('all', false); } else { $this->set('all', true); } + if (!empty($this->params['named']['searchall'])) { + $this->paginate['conditions']['AND']['OR'] = array( + 'ObjectTemplate.uuid LIKE' => '%' . strtolower($this->params['named']['searchall']) . '%', + 'LOWER(ObjectTemplate.name) LIKE' => '%' . strtolower($this->params['named']['searchall']) . '%', + 'ObjectTemplate.meta-category LIKE' => '%' . strtolower($this->params['named']['searchall']) . '%', + 'LOWER(ObjectTemplate.description) LIKE' => '%' . strtolower($this->params['named']['searchall']) . '%' + ); + } if ($this->_isRest()) { $rules = $this->paginate; unset($rules['limit']); @@ -180,6 +190,8 @@ class ObjectTemplatesController extends AppController $objectTemplates = $this->paginate(); $this->set('list', $objectTemplates); } + $this->set('passedArgs', json_encode($passedArgs)); + $this->set('passedArgsArray', $passedArgsArray); } public function update($type = false, $force = false) diff --git a/app/View/ObjectTemplates/index.ctp b/app/View/ObjectTemplates/index.ctp index 3482d4b9d..3c1f77a94 100644 --- a/app/View/ObjectTemplates/index.ctp +++ b/app/View/ObjectTemplates/index.ctp @@ -41,6 +41,12 @@ 'active' => $all ) ) + ), + array( + 'type' => 'search', + 'button' => __('Filter'), + 'placeholder' => __('Enter value to search'), + 'data' => '', ) ) ); @@ -141,5 +147,17 @@ endforeach; ?> + element('/genericElements/SideMenu/side_menu', array('menuList' => 'objectTemplates', 'menuItem' => 'index')); From c06aa1fd79de0dcb0753bcc9cba2d1a300f21a78 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 19 Jun 2019 14:08:06 +0200 Subject: [PATCH 11/16] fix: [API] Simple worker management added - /servers/startWorker/[queue] - /servers/stopWorker/[pid] - /servers/getWorkers --- app/Controller/Component/ACLComponent.php | 1 + app/Controller/ServersController.php | 23 +++++++++++++++++++++-- app/View/Events/automation.ctp | 11 +++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index f954a9d09..d50b3c01d 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -343,6 +343,7 @@ class ACLComponent extends Component 'getPyMISPVersion' => array('*'), 'getSubmodulesStatus' => array('perm_site_admin'), 'getSubmoduleQuickUpdateForm' => array('perm_site_admin'), + 'getWorkers' => array(), 'getVersion' => array('*'), 'import' => ('perm_site_admin'), 'index' => array('OR' => array('perm_sync', 'perm_admin')), diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 4e2703abc..8de5bbab0 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1103,7 +1103,13 @@ class ServersController extends AppController } else { shell_exec($prepend . APP . 'Console' . DS . 'cake CakeResque.CakeResque startscheduler -i 5 > /dev/null 2>&1 &'); } - $this->redirect('/servers/serverSettings/workers'); + $message = __('Worker start signal sent'); + if ($this->_isRest()) { + return $this->RestResponse->saveSuccessResponse('Servers', 'startWorker', $type, $this->response->type(), $message); + } else { + $this->Flash->info($message); + $this->redirect('/servers/serverSettings/workers'); + } } public function stopWorker($pid) @@ -1112,7 +1118,20 @@ class ServersController extends AppController throw new MethodNotAllowedException(); } $this->Server->killWorker($pid, $this->Auth->user()); - $this->redirect('/servers/serverSettings/workers'); + $message = __('Worker stop signal sent'); + if ($this->_isRest()) { + return $this->RestResponse->saveSuccessResponse('Servers', 'stopWorker', $pid, $this->response->type(), $message); + } else { + $this->Flash->info($message); + $this->redirect('/servers/serverSettings/workers'); + } + } + + public function getWorkers() + { + $issues = 0; + $worker_array = $this->Server->workerDiagnostics($issues); + return $this->RestResponse->viewData($worker_array); } private function __checkVersion() diff --git a/app/View/Events/automation.ctp b/app/View/Events/automation.ctp index 6829f587f..893026975 100644 --- a/app/View/Events/automation.ctp +++ b/app/View/Events/automation.ctp @@ -329,6 +329,17 @@ echo sprintf('

%s

', $data['title']); echo sprintf('

%s

', implode(" ", $data['description'])); echo sprintf("
%s
", implode("\n", $data['url'])); + $data = array( + 'title' => __('Administering the background workers via the API.'), + 'description' => array( + __('You can start/stop and view the bacground workers via the API.'), + sprintf('
%s: %s/servers/%s
', __('Add worker'), $baseurl, 'startWorker/[queue_name]'), + sprintf('%s: %s/servers/%s
', __('Stop worker'), $baseurl, 'stopWorker/[worker_pid]'), + sprintf('%s: %s/servers/%s
', __('Get worker info'), $baseurl, 'getWorkers') + ) + ); + echo sprintf('

%s

', $data['title']); + echo sprintf('

%s

', implode(" ", $data['description'])); foreach ($command_line_functions as $clusterRef => $cluster) { echo sprintf('

%s

', $clusterRef, $cluster['header']); echo sprintf('

%s:
', $cluster['description']); From 7eabb893c359143844e8cbdd1405e48a80086092 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 20 Jun 2019 11:57:38 +0900 Subject: [PATCH 12/16] chg: [doc] Added plyara to kali installer, amended RHEL misp-modules --- INSTALL/INSTALL.tpl.sh | 3 +++ docs/INSTALL.rhel7.md | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/INSTALL/INSTALL.tpl.sh b/INSTALL/INSTALL.tpl.sh index e14a0f7bc..d0d1fdd9e 100755 --- a/INSTALL/INSTALL.tpl.sh +++ b/INSTALL/INSTALL.tpl.sh @@ -465,6 +465,9 @@ installMISPonKali () { # install python-magic $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic 2> /dev/null > /dev/null + # install plyara + $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara 2> /dev/null > /dev/null + # install zmq needed by mispzmq $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq 2> /dev/null > /dev/null diff --git a/docs/INSTALL.rhel7.md b/docs/INSTALL.rhel7.md index 0417f4e3d..104b70142 100644 --- a/docs/INSTALL.rhel7.md +++ b/docs/INSTALL.rhel7.md @@ -703,7 +703,7 @@ sudo systemctl enable --now misp-workers.service ## 9.07/ misp-modules (WIP!) ```bash # some misp-modules dependencies -sudo yum install openjpeg-devel gcc-c++ poppler-cpp-devel -y +sudo yum install openjpeg-devel gcc-c++ poppler-cpp-devel pkgconfig python-devel redhat-rpm-config -y sudo chmod 2777 /usr/local/src sudo chown root:users /usr/local/src From 4b5f36fcd30e1d1adaa443da9d8cfb308d1c976b Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 20 Jun 2019 12:31:27 +0900 Subject: [PATCH 13/16] chg: [installer] Updated installer --- INSTALL/INSTALL.sh | 5 ++++- INSTALL/INSTALL.sh.sfv | 6 +++--- INSTALL/INSTALL.sh.sha1 | 2 +- INSTALL/INSTALL.sh.sha256 | 2 +- INSTALL/INSTALL.sh.sha384 | 2 +- INSTALL/INSTALL.sh.sha512 | 2 +- 6 files changed, 11 insertions(+), 8 deletions(-) diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index a435db6e8..0d8e25d0e 100644 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -393,7 +393,7 @@ ask_o () { while true; do case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac - echo -n "${1} (${OPT1}/${OPT2}) " + echo -e -n "${1} (${OPT1}/${OPT2}) " read ANSWER ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]') done @@ -2141,6 +2141,9 @@ installMISPonKali () { # install python-magic $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic 2> /dev/null > /dev/null + # install plyara + $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara 2> /dev/null > /dev/null + # install zmq needed by mispzmq $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq 2> /dev/null > /dev/null diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index 3a4a55f07..1df185bd3 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.3.8 on 2019-06-15 at 11:59.41 +; Generated by RHash v1.3.8 on 2019-06-20 at 12:31.17 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 94958 11:59.41 2019-06-15 INSTALL.sh -INSTALL.sh AD8916A355616615634DD364BB78945301039BDD E12BB967B309DB78E723476B79AC6F1001F02248A0001593B5EFA5C18D0BEBB6 37BC162A792BDBC86AEC04F629E5C410D754C92CA76D796F8FA9F11272A35064D6D3371165A330F747E5C71BF69311F0 71C1FF6F5FB0C2A61A9C0AACE2D017C7EA4A7094B49F22CD22E5723702CFAC27F66D05C52368F169FD8F40166AFC493F5512E078EDF5C279939AB85110A27EBD +; 95062 12:31.17 2019-06-20 INSTALL.sh +INSTALL.sh 297AAAC2B11BC8571D76666D499AD3288E08FA6E AAEF70E4E4E5E9141BD2DB3C408DF16947265BC55308378AE8F117B2184DA6AF 14DB03604CB5FD37C5870B518CC96B88B5C972AF21F36F3DBB9EF2FE1FAC7C70F452DD6FB14058702F84126AF6940D31 14F01AD5B6E33A7FCDAB7742F321555143C571BC380072C09FE4FAA7CBB9DABC4393006D185FEA53CEBA1722D4D7197C4E5F4B46184E5C077A56C7C849A13BDC diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index 06d6bd0b2..ed46bf437 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -ad8916a355616615634dd364bb78945301039bdd INSTALL.sh +297aaac2b11bc8571d76666d499ad3288e08fa6e INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index d64f0508c..e6901e6f6 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -e12bb967b309db78e723476b79ac6f1001f02248a0001593b5efa5c18d0bebb6 INSTALL.sh +aaef70e4e4e5e9141bd2db3c408df16947265bc55308378ae8f117b2184da6af INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index 2c2bff2ed..b6fba5713 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -37bc162a792bdbc86aec04f629e5c410d754c92ca76d796f8fa9f11272a35064d6d3371165a330f747e5c71bf69311f0 INSTALL.sh +14db03604cb5fd37c5870b518cc96b88b5c972af21f36f3dbb9ef2fe1fac7c70f452dd6fb14058702f84126af6940d31 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index 5c29b57ba..0ca16f643 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -71c1ff6f5fb0c2a61a9c0aace2d017c7ea4a7094b49f22cd22e5723702cfac27f66d05c52368f169fd8f40166afc493f5512e078edf5c279939ab85110a27ebd INSTALL.sh +14f01ad5b6e33a7fcdab7742f321555143c571bc380072c09fe4faa7cbb9dabc4393006d185fea53ceba1722d4d7197c4e5f4b46184e5c077a56c7c849a13bdc INSTALL.sh From 444b3f9c05e921f4e1c443487a08eedc79909b04 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 20 Jun 2019 13:59:31 +0900 Subject: [PATCH 14/16] fix: [installer] Currently misp-packer fails on waiting for user input during upgrade --- docs/INSTALL.ubuntu1804.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/INSTALL.ubuntu1804.md b/docs/INSTALL.ubuntu1804.md index 588745ca1..5f0504a2d 100644 --- a/docs/INSTALL.ubuntu1804.md +++ b/docs/INSTALL.ubuntu1804.md @@ -46,7 +46,16 @@ aptUpgrade () { debug "Upgrading system" checkAptLock sudo apt-get update - sudo apt-get upgrade -qy + + # If we run in non-interactive mode, make sure we do not stop all of a sudden + if [[ "${PACKER}" == "1" || "${UNATTENDED}" == "1" ]]; then + export DEBIAN_FRONTEND=noninteractive + export DEBIAN_PRIORITY=critical + sudo -E apt-get -qy -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" upgrade + sudo -E apt-get -qy autoclean + else + sudo apt-get upgrade -qy + fi } # ``` From 08e7ca34b84fdbade732d42dc4883f7ebaf991a6 Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Thu, 20 Jun 2019 14:00:42 +0900 Subject: [PATCH 15/16] chg: [installer] Update installer to Fix Auto-VMs --- INSTALL/INSTALL.sh | 11 ++++++++++- INSTALL/INSTALL.sh.sfv | 6 +++--- INSTALL/INSTALL.sh.sha1 | 2 +- INSTALL/INSTALL.sh.sha256 | 2 +- INSTALL/INSTALL.sh.sha384 | 2 +- INSTALL/INSTALL.sh.sha512 | 2 +- 6 files changed, 17 insertions(+), 8 deletions(-) diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh index 0d8e25d0e..606ea434b 100644 --- a/INSTALL/INSTALL.sh +++ b/INSTALL/INSTALL.sh @@ -967,7 +967,16 @@ aptUpgrade () { debug "Upgrading system" checkAptLock sudo apt-get update - sudo apt-get upgrade -qy + + # If we run in non-interactive mode, make sure we do not stop all of a sudden + if [[ "${PACKER}" == "1" || "${UNATTENDED}" == "1" ]]; then + export DEBIAN_FRONTEND=noninteractive + export DEBIAN_PRIORITY=critical + sudo -E apt-get -qy -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" upgrade + sudo -E apt-get -qy autoclean + else + sudo apt-get upgrade -qy + fi } # check if sudo is installed diff --git a/INSTALL/INSTALL.sh.sfv b/INSTALL/INSTALL.sh.sfv index 1df185bd3..cbc9ddd71 100644 --- a/INSTALL/INSTALL.sh.sfv +++ b/INSTALL/INSTALL.sh.sfv @@ -1,5 +1,5 @@ -; Generated by RHash v1.3.8 on 2019-06-20 at 12:31.17 +; Generated by RHash v1.3.8 on 2019-06-20 at 14:00.36 ; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/ ; -; 95062 12:31.17 2019-06-20 INSTALL.sh -INSTALL.sh 297AAAC2B11BC8571D76666D499AD3288E08FA6E AAEF70E4E4E5E9141BD2DB3C408DF16947265BC55308378AE8F117B2184DA6AF 14DB03604CB5FD37C5870B518CC96B88B5C972AF21F36F3DBB9EF2FE1FAC7C70F452DD6FB14058702F84126AF6940D31 14F01AD5B6E33A7FCDAB7742F321555143C571BC380072C09FE4FAA7CBB9DABC4393006D185FEA53CEBA1722D4D7197C4E5F4B46184E5C077A56C7C849A13BDC +; 95437 14:00.36 2019-06-20 INSTALL.sh +INSTALL.sh 8CFDF8FC14572C9AA51673D7449C354257C6CE67 61B8976709B44B3F2C0491EDB6FA013AC15BA4833F074929810C65C93C274FCB 75D5538717565401F180E7C777BE41A167B2365473806141C9357E75220DD198BE68DC2B59452F39396B42FB50208194 460D731E91EAA0F589B96D13CC451BCB7014C683A357099B13492E7683A459ECB7C2A43AFFB237C966CE67DD06140199686E968B518A33ED73C84135948E0749 diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1 index ed46bf437..716062ee5 100644 --- a/INSTALL/INSTALL.sh.sha1 +++ b/INSTALL/INSTALL.sh.sha1 @@ -1 +1 @@ -297aaac2b11bc8571d76666d499ad3288e08fa6e INSTALL.sh +8cfdf8fc14572c9aa51673d7449c354257c6ce67 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256 index e6901e6f6..bd3388041 100644 --- a/INSTALL/INSTALL.sh.sha256 +++ b/INSTALL/INSTALL.sh.sha256 @@ -1 +1 @@ -aaef70e4e4e5e9141bd2db3c408df16947265bc55308378ae8f117b2184da6af INSTALL.sh +61b8976709b44b3f2c0491edb6fa013ac15ba4833f074929810c65c93c274fcb INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384 index b6fba5713..98ebc9458 100644 --- a/INSTALL/INSTALL.sh.sha384 +++ b/INSTALL/INSTALL.sh.sha384 @@ -1 +1 @@ -14db03604cb5fd37c5870b518cc96b88b5c972af21f36f3dbb9ef2fe1fac7c70f452dd6fb14058702f84126af6940d31 INSTALL.sh +75d5538717565401f180e7c777be41a167b2365473806141c9357e75220dd198be68dc2b59452f39396b42fb50208194 INSTALL.sh diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512 index 0ca16f643..3e622b45f 100644 --- a/INSTALL/INSTALL.sh.sha512 +++ b/INSTALL/INSTALL.sh.sha512 @@ -1 +1 @@ -14f01ad5b6e33a7fcdab7742f321555143c571bc380072c09fe4faa7cbb9dabc4393006d185fea53ceba1722d4d7197c4e5f4b46184e5c077a56c7c849a13bdc INSTALL.sh +460d731e91eaa0f589b96d13cc451bcb7014c683a357099b13492e7683a459ecb7c2a43affb237c966ce67dd06140199686e968b518a33ed73c84135948e0749 INSTALL.sh From 73963d846c243e756f636deb88d1ca76ba0a7a37 Mon Sep 17 00:00:00 2001 From: iglocska Date: Thu, 20 Jun 2019 13:58:14 +0200 Subject: [PATCH 16/16] fix: [data-massaging] Removed massaging for float type attributes - it not only stripped anything but floats as expected, but additionally also rounded the value --- app/Model/Attribute.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 889ae0b60..0939e46b1 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -1477,9 +1477,6 @@ class Attribute extends AppModel $value = strtolower($value); str_replace(':', '|', $value); break; - case 'float': - $value = floatval($value); - break; case 'hex': $value = strtoupper($value); break;