MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules

pull/4584/head
chrisr3d 2019-04-15 16:08:02 +02:00
parent fdc726e609 a94f1deea6
commit 142992988a
10 changed files with 61 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -46,7 +46,7 @@ class AppController extends Controller
public $helpers = array('Utility', 'OrgImg', 'FontAwesome');
private $__queryVersion = '65';
private $__queryVersion = '66';
public $pyMispVersion = '2.4.103';
public $phpmin = '7.0';
public $phprec = '7.2';

46
app/Controller/EventsController.php
View File

@ -4204,60 +4204,60 @@ class EventsController extends AppController
// #TODO i18n
$exports = array(
'xml' => array(
'url' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/false.xml',
'url' => '/events/restSearch/xml/eventid:' . $id . '.xml',
'text' => 'MISP XML (metadata + all attributes)',
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/true.xml',
'checkbox_set' => '/events/restSearch/xml/eventid:' . $id . '/withAttachments:1.xml',
'checkbox_default' => true
),
'json' => array(
'url' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/false.json',
'url' => '/events/restSearch/json/eventid:' . $id . '.json',
'text' => 'MISP JSON (metadata + all attributes)',
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/true.json',
'checkbox_set' => '/events/restSearch/json/withAttachments:1/eventid:' . $id . '.json',
'checkbox_default' => true
),
'openIOC' => array(
'url' => '/events/downloadOpenIOCEvent/download/' . $id,
'text' => 'OpenIOC (all indicators marked to IDS)',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => false,
),
'csv' => array(
'url' => '/events/csv/download/' . $id,
'text' => 'CSV',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/events/csv/download/' . $id . '/1'
),
'csv_with_context' => array(
'url' => '/events/csv/download/' . $id . '/0/0/0/0/1',
'url' => '/events/restSearch/returnFormat:csv/eventid:' . $id,
'text' => 'CSV with additional context',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/events/csv/download/' . $id . '/1/0/0/0/1'
'checkbox_set' => '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/eventid:' . $id
),
'stix_xml' => array(
'url' => '/events/restSearch/stix/eventid:' . $id,
'text' => 'STIX XML (metadata + all attributes)',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1'
),
'stix_json' => array(
'url' => '/events/stix/download/' . $id . '.json',
'url' => '/events/restSearch/stix/eventid:' . $id . '.json',
'text' => 'STIX JSON (metadata + all attributes)',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/stix/download/' . $id . '/true.json'
'checkbox_set' => '/events/restSearch/stix/withAttachments:1/eventid:' . $id . '.json'
),
'stix2_json' => array(
'url' => '/events/restSearch/stix2/eventid:' . $id,
@ -4268,36 +4268,36 @@ class EventsController extends AppController
'checkbox_set' => '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1'
),
'rpz' => array(
'url' => '/attributes/rpz/download/false/' . $id,
'url' => '/attributes/restSearch/returnFormat:rpz/published:1||0/eventid:' . $id,
'text' => 'RPZ Zone file',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => false,
),
'suricata' => array(
'url' => '/events/nids/suricata/download/' . $id,
'url' => '/events/restSearch/returnFormat:suricata/published:1||0/eventid:' . $id,
'text' => 'Download Suricata rules',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => false,
),
'snort' => array(
'url' => '/events/nids/snort/download/' . $id,
'url' => '/events/restSearch/returnFormat:snort/published:1||0/eventid:' . $id,
'text' => 'Download Snort rules',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => false,
),
'bro' => array(
'url' => '/attributes/bro/download/all/false/' . $id,
'text' => 'Download Bro rules',
'requiresPublished' => true,
'requiresPublished' => false,
'checkbox' => false
),
'text' => array(
'url' => '/attributes/text/download/all/false/' . $id,
'text' => 'Export all attribute values as a text file',
'requiresPublished' => true,
'url' => '/attributes/restSearch/returnFormat:text/published:1||0/eventid:' . $id,
'requiresPublished' => false,
'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/attributes/text/download/all/false/' . $id . '/true'
'checkbox_set' => '/attributes/restSearch/returnFormat:text/published:1||0/to_ids:1||0/eventid:' . $id
),
);
if ($event['Event']['published'] == 0) {

6
app/Model/Job.php
View File

@ -42,7 +42,7 @@ class Job extends AppModel
$this->save($data);
$id = $this->id;
$this->Event = ClassRegistry::init('Event');
if (in_array($type, array_keys($this->Event->export_types))) {
if (in_array($type, array_keys($this->Event->export_types)) && $type !== 'bro') {
$process_id = CakeResque::enqueue(
'cache',
$shell . 'Shell',
@ -50,13 +50,11 @@ class Job extends AppModel
true
);
} elseif ($type === 'bro') {
$extra = $type;
$type = 'bro';
$extra2 = isset($user['nids_sid']) ? $user['nids_sid'] : 0;
$process_id = CakeResque::enqueue(
'cache',
$shell . 'Shell',
array('cachebro' . $type, $user['id'], $id, $extra, $extra2),
array('cachebro', $user['id'], $id),
true
);
} else {

2
app/Plugin/ShibbAuth/README.md
View File

@ -44,7 +44,7 @@ in the list given by apache.
If used with Apache as webserver it might be useful to make a distinction to filter out API/Syncs from SSO login. It can be added to the vhost as follows:
```Apache
<If "-T reqenv('HTTP_AUTHORIZATION')">
<If "-T req('Authorization')">
Require all granted
AuthType None
</If>

2
app/View/Attributes/index.ctp
View File

@ -169,7 +169,7 @@ $(document).ready(function () {
object_id = selected.join('|');
}
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
genericPopup(url, '#screenshot_box');
genericPopup(url, '#popover_box');
});
$('.correlation-toggle').click(function() {
var attribute_id = $(this).data('attribute-id');

2
app/View/Elements/eventattribute.ctp
View File

@ -317,7 +317,7 @@ attributes or the appropriate distribution level. If you think there is a mistak
object_id = selected.join('|');
}
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
genericPopup(url, '#screenshot_box');
genericPopup(url, '#popover_box');
});
});
$('#attributesFilterField').bind("keydown", function(e) {

1
app/View/Layouts/default.ctp
View File

@ -40,6 +40,7 @@
<body>
<div id="popover_form" class="ajax_popover_form"></div>
<div id="popover_form_large" class="ajax_popover_form ajax_popover_form_large"></div>
<div id="popover_box" class="popover_box"></div>
<div id="screenshot_box" class="screenshot_box"></div>
<div id="confirmation_box" class="confirmation_box"></div>
<div id="gray_out" class="gray_out"></div>

2
app/files/misp-objects

@ -1 +1 @@
Subproject commit bfcfe7aae9a13db637281c8ccd10f9d89d33b593
Subproject commit 81924c519f2d5899023da427cc2d5f8cf29e076b

10
app/webroot/css/main.css
View File

@ -846,6 +846,16 @@ a.proposal_link_red:hover {
left: calc(50% - 700px);
}
.popover_box {
display:none;
position: fixed;
top:150px;
background-color:#f4f4f4;
border-radius: 11px 11px 10px 10px;
box-shadow: 4px 4px 4px #333;
z-index:5;
}
.screenshot_box {
display:none;
position: absolute;

38
app/webroot/js/misp.js
View File

@ -1265,6 +1265,7 @@ function cancelPopoverForm(id) {
$("#popover_form").fadeOut();
$("#popover_form_large").fadeOut();
$("#screenshot_box").fadeOut();
$("#popover_box").fadeOut();
$("#confirmation_box").fadeOut();
$('#gray_out').fadeOut();
$('#popover_form').fadeOut();
@ -3281,7 +3282,7 @@ $(".cortex-json").click(function() {
// add the same as below for click popup
$(document).on( "click", ".eventViewAttributePopup", function() {
$('#screenshot_box').empty();
$('#popover_box').empty();
type = $(this).attr('data-object-type');
id = $(this).attr('data-object-id');
if (!(type + "_" + id in ajaxResults["persistent"])) {
@ -3297,16 +3298,16 @@ $(document).on( "click", ".eventViewAttributePopup", function() {
if (type + "_" + id in ajaxResults["persistent"]) {
var enrichment_popover = ajaxResults["persistent"][type + "_" + id];
enrichment_popover += '<div class="close-icon useCursorPointer popup-close-icon" onClick="closeScreenshot();"></div>';
$('#screenshot_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>');
$('#screenshot_box').show();
$('#popover_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>');
$('#popover_box').show();
$("#gray_out").fadeIn();
$('#screenshot_box').css({'padding': '5px'});
$('#screenshot_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" );
$('#screenshot_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" );
$('#screenshot_box').css( "overflow-y", "auto");
$('#popover_box').css({'padding': '5px'});
$('#popover_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" );
$('#popover_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" );
$('#popover_box').css( "overflow-y", "auto");
var left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2);
$('#screenshot_box').css({'left': left + 'px'});
var left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
$('#popover_box').css({'left': left + 'px'});
}
$('#' + currentPopover).popover('destroy');
});
@ -3689,6 +3690,7 @@ $(document).keyup(function(e){
$("#popover_form").fadeOut();
$("#popover_form_large").fadeOut();
$("#screenshot_box").fadeOut();
$("#popover_box").fadeOut();
$("#confirmation_box").fadeOut();
$(".loading").hide();
resetForms();
@ -4036,16 +4038,16 @@ $(document).ready(function() {
cortex_data = htmlEncode(JSON.stringify(cortex_data, null, 2));
var popupHtml = '<pre class="simplepre">' + cortex_data + '</pre>';
popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>';
$('#screenshot_box').html(popupHtml);
$('#screenshot_box').show();
$('#screenshot_box').css({'padding': '5px'});
left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2);
if (($('#screenshot_box').height() + 250) > $(window).height()) {
$('#screenshot_box').height($(window).height() - 250);
$('#screenshot_box').css("overflow-y", "scroll");
$('#screenshot_box').css("overflow-x", "hidden");
$('#popover_box').html(popupHtml);
$('#popover_box').show();
$('#popover_box').css({'padding': '5px'});
left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
if (($('#popover_box').height() + 250) > $(window).height()) {
$('#popover_box').height($(window).height() - 250);
$('#popover_box').css("overflow-y", "scroll");
$('#popover_box').css("overflow-x", "hidden");
}
$('#screenshot_box').css({'left': left + 'px'});
$('#popover_box').css({'left': left + 'px'});
$("#gray_out").fadeIn();
});
$('.add_object_attribute_row').click(function() {