MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules

pull/4584/head
chrisr3d 2019-04-15 16:08:02 +02:00
parent fdc726e609 a94f1deea6
commit 142992988a
10 changed files with 61 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -46,7 +46,7 @@ class AppController extends Controller
public $helpers = array('Utility', 'OrgImg', 'FontAwesome'); public $helpers = array('Utility', 'OrgImg', 'FontAwesome');
private $__queryVersion = '65'; private $__queryVersion = '66';
public $pyMispVersion = '2.4.103'; public $pyMispVersion = '2.4.103';
public $phpmin = '7.0'; public $phpmin = '7.0';
public $phprec = '7.2'; public $phprec = '7.2';

46
app/Controller/EventsController.php
View File

@ -4204,60 +4204,60 @@ class EventsController extends AppController
// #TODO i18n // #TODO i18n
$exports = array( $exports = array(
'xml' => array( 'xml' => array(
'url' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/false.xml', 'url' => '/events/restSearch/xml/eventid:' . $id . '.xml',
'text' => 'MISP XML (metadata + all attributes)', 'text' => 'MISP XML (metadata + all attributes)',
'requiresPublished' => false, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Encode Attachments', 'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/xml/false/false/false/false/false/false/false/false/false/' . $id . '/true.xml', 'checkbox_set' => '/events/restSearch/xml/eventid:' . $id . '/withAttachments:1.xml',
'checkbox_default' => true 'checkbox_default' => true
), ),
'json' => array( 'json' => array(
'url' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/false.json', 'url' => '/events/restSearch/json/eventid:' . $id . '.json',
'text' => 'MISP JSON (metadata + all attributes)', 'text' => 'MISP JSON (metadata + all attributes)',
'requiresPublished' => false, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Encode Attachments', 'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/json/false/false/false/false/false/false/false/false/false/' . $id . '/true.json', 'checkbox_set' => '/events/restSearch/json/withAttachments:1/eventid:' . $id . '.json',
'checkbox_default' => true 'checkbox_default' => true
), ),
'openIOC' => array( 'openIOC' => array(
'url' => '/events/downloadOpenIOCEvent/download/' . $id, 'url' => '/events/downloadOpenIOCEvent/download/' . $id,
'text' => 'OpenIOC (all indicators marked to IDS)', 'text' => 'OpenIOC (all indicators marked to IDS)',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => false, 'checkbox' => false,
), ),
'csv' => array( 'csv' => array(
'url' => '/events/csv/download/' . $id, 'url' => '/events/csv/download/' . $id,
'text' => 'CSV', 'text' => 'CSV',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes', 'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/events/csv/download/' . $id . '/1' 'checkbox_set' => '/events/csv/download/' . $id . '/1'
), ),
'csv_with_context' => array( 'csv_with_context' => array(
'url' => '/events/csv/download/' . $id . '/0/0/0/0/1', 'url' => '/events/restSearch/returnFormat:csv/eventid:' . $id,
'text' => 'CSV with additional context', 'text' => 'CSV with additional context',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes', 'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/events/csv/download/' . $id . '/1/0/0/0/1' 'checkbox_set' => '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/eventid:' . $id
), ),
'stix_xml' => array( 'stix_xml' => array(
'url' => '/events/restSearch/stix/eventid:' . $id, 'url' => '/events/restSearch/stix/eventid:' . $id,
'text' => 'STIX XML (metadata + all attributes)', 'text' => 'STIX XML (metadata + all attributes)',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Encode Attachments', 'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1' 'checkbox_set' => '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1'
), ),
'stix_json' => array( 'stix_json' => array(
'url' => '/events/stix/download/' . $id . '.json', 'url' => '/events/restSearch/stix/eventid:' . $id . '.json',
'text' => 'STIX JSON (metadata + all attributes)', 'text' => 'STIX JSON (metadata + all attributes)',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Encode Attachments', 'checkbox_text' => 'Encode Attachments',
'checkbox_set' => '/events/stix/download/' . $id . '/true.json' 'checkbox_set' => '/events/restSearch/stix/withAttachments:1/eventid:' . $id . '.json'
), ),
'stix2_json' => array( 'stix2_json' => array(
'url' => '/events/restSearch/stix2/eventid:' . $id, 'url' => '/events/restSearch/stix2/eventid:' . $id,
@ -4268,36 +4268,36 @@ class EventsController extends AppController
'checkbox_set' => '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1' 'checkbox_set' => '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1'
), ),
'rpz' => array( 'rpz' => array(
'url' => '/attributes/rpz/download/false/' . $id, 'url' => '/attributes/restSearch/returnFormat:rpz/published:1||0/eventid:' . $id,
'text' => 'RPZ Zone file', 'text' => 'RPZ Zone file',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => false, 'checkbox' => false,
), ),
'suricata' => array( 'suricata' => array(
'url' => '/events/nids/suricata/download/' . $id, 'url' => '/events/restSearch/returnFormat:suricata/published:1||0/eventid:' . $id,
'text' => 'Download Suricata rules', 'text' => 'Download Suricata rules',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => false, 'checkbox' => false,
), ),
'snort' => array( 'snort' => array(
'url' => '/events/nids/snort/download/' . $id, 'url' => '/events/restSearch/returnFormat:snort/published:1||0/eventid:' . $id,
'text' => 'Download Snort rules', 'text' => 'Download Snort rules',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => false, 'checkbox' => false,
), ),
'bro' => array( 'bro' => array(
'url' => '/attributes/bro/download/all/false/' . $id, 'url' => '/attributes/bro/download/all/false/' . $id,
'text' => 'Download Bro rules', 'text' => 'Download Bro rules',
'requiresPublished' => true, 'requiresPublished' => false,
'checkbox' => false 'checkbox' => false
), ),
'text' => array( 'text' => array(
'url' => '/attributes/text/download/all/false/' . $id,
'text' => 'Export all attribute values as a text file', 'text' => 'Export all attribute values as a text file',
'requiresPublished' => true, 'url' => '/attributes/restSearch/returnFormat:text/published:1||0/eventid:' . $id,
'requiresPublished' => false,
'checkbox' => true, 'checkbox' => true,
'checkbox_text' => 'Include non-IDS marked attributes', 'checkbox_text' => 'Include non-IDS marked attributes',
'checkbox_set' => '/attributes/text/download/all/false/' . $id . '/true' 'checkbox_set' => '/attributes/restSearch/returnFormat:text/published:1||0/to_ids:1||0/eventid:' . $id
), ),
); );
if ($event['Event']['published'] == 0) { if ($event['Event']['published'] == 0) {

6
app/Model/Job.php
View File

@ -42,7 +42,7 @@ class Job extends AppModel
$this->save($data); $this->save($data);
$id = $this->id; $id = $this->id;
$this->Event = ClassRegistry::init('Event'); $this->Event = ClassRegistry::init('Event');
if (in_array($type, array_keys($this->Event->export_types))) { if (in_array($type, array_keys($this->Event->export_types)) && $type !== 'bro') {
$process_id = CakeResque::enqueue( $process_id = CakeResque::enqueue(
'cache', 'cache',
$shell . 'Shell', $shell . 'Shell',
@ -50,13 +50,11 @@ class Job extends AppModel
true true
); );
} elseif ($type === 'bro') { } elseif ($type === 'bro') {
$extra = $type;
$type = 'bro'; $type = 'bro';
$extra2 = isset($user['nids_sid']) ? $user['nids_sid'] : 0;
$process_id = CakeResque::enqueue( $process_id = CakeResque::enqueue(
'cache', 'cache',
$shell . 'Shell', $shell . 'Shell',
array('cachebro' . $type, $user['id'], $id, $extra, $extra2), array('cachebro', $user['id'], $id),
true true
); );
} else { } else {

2
app/Plugin/ShibbAuth/README.md
View File

@ -44,7 +44,7 @@ in the list given by apache.
If used with Apache as webserver it might be useful to make a distinction to filter out API/Syncs from SSO login. It can be added to the vhost as follows: If used with Apache as webserver it might be useful to make a distinction to filter out API/Syncs from SSO login. It can be added to the vhost as follows:
```Apache ```Apache
<If "-T reqenv('HTTP_AUTHORIZATION')"> <If "-T req('Authorization')">
Require all granted Require all granted
AuthType None AuthType None
</If> </If>

2
app/View/Attributes/index.ctp
View File

@ -169,7 +169,7 @@ $(document).ready(function () {
object_id = selected.join('|'); object_id = selected.join('|');
} }
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context; url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
genericPopup(url, '#screenshot_box'); genericPopup(url, '#popover_box');
}); });
$('.correlation-toggle').click(function() { $('.correlation-toggle').click(function() {
var attribute_id = $(this).data('attribute-id'); var attribute_id = $(this).data('attribute-id');

2
app/View/Elements/eventattribute.ctp
View File

@ -317,7 +317,7 @@ attributes or the appropriate distribution level. If you think there is a mistak
object_id = selected.join('|'); object_id = selected.join('|');
} }
url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context; url = "<?php echo $baseurl; ?>" + "/sightings/advanced/" + object_id + "/" + object_context;
genericPopup(url, '#screenshot_box'); genericPopup(url, '#popover_box');
}); });
}); });
$('#attributesFilterField').bind("keydown", function(e) { $('#attributesFilterField').bind("keydown", function(e) {

1
app/View/Layouts/default.ctp
View File

@ -40,6 +40,7 @@
<body> <body>
<div id="popover_form" class="ajax_popover_form"></div> <div id="popover_form" class="ajax_popover_form"></div>
<div id="popover_form_large" class="ajax_popover_form ajax_popover_form_large"></div> <div id="popover_form_large" class="ajax_popover_form ajax_popover_form_large"></div>
<div id="popover_box" class="popover_box"></div>
<div id="screenshot_box" class="screenshot_box"></div> <div id="screenshot_box" class="screenshot_box"></div>
<div id="confirmation_box" class="confirmation_box"></div> <div id="confirmation_box" class="confirmation_box"></div>
<div id="gray_out" class="gray_out"></div> <div id="gray_out" class="gray_out"></div>

2
app/files/misp-objects

@ -1 +1 @@
Subproject commit bfcfe7aae9a13db637281c8ccd10f9d89d33b593 Subproject commit 81924c519f2d5899023da427cc2d5f8cf29e076b

10
app/webroot/css/main.css
View File

@ -846,6 +846,16 @@ a.proposal_link_red:hover {
left: calc(50% - 700px); left: calc(50% - 700px);
} }
.popover_box {
display:none;
position: fixed;
top:150px;
background-color:#f4f4f4;
border-radius: 11px 11px 10px 10px;
box-shadow: 4px 4px 4px #333;
z-index:5;
}
.screenshot_box { .screenshot_box {
display:none; display:none;
position: absolute; position: absolute;

38
app/webroot/js/misp.js
View File

@ -1265,6 +1265,7 @@ function cancelPopoverForm(id) {
$("#popover_form").fadeOut(); $("#popover_form").fadeOut();
$("#popover_form_large").fadeOut(); $("#popover_form_large").fadeOut();
$("#screenshot_box").fadeOut(); $("#screenshot_box").fadeOut();
$("#popover_box").fadeOut();
$("#confirmation_box").fadeOut(); $("#confirmation_box").fadeOut();
$('#gray_out').fadeOut(); $('#gray_out').fadeOut();
$('#popover_form').fadeOut(); $('#popover_form').fadeOut();
@ -3281,7 +3282,7 @@ $(".cortex-json").click(function() {
// add the same as below for click popup // add the same as below for click popup
$(document).on( "click", ".eventViewAttributePopup", function() { $(document).on( "click", ".eventViewAttributePopup", function() {
$('#screenshot_box').empty(); $('#popover_box').empty();
type = $(this).attr('data-object-type'); type = $(this).attr('data-object-type');
id = $(this).attr('data-object-id'); id = $(this).attr('data-object-id');
if (!(type + "_" + id in ajaxResults["persistent"])) { if (!(type + "_" + id in ajaxResults["persistent"])) {
@ -3297,16 +3298,16 @@ $(document).on( "click", ".eventViewAttributePopup", function() {
if (type + "_" + id in ajaxResults["persistent"]) { if (type + "_" + id in ajaxResults["persistent"]) {
var enrichment_popover = ajaxResults["persistent"][type + "_" + id]; var enrichment_popover = ajaxResults["persistent"][type + "_" + id];
enrichment_popover += '<div class="close-icon useCursorPointer popup-close-icon" onClick="closeScreenshot();"></div>'; enrichment_popover += '<div class="close-icon useCursorPointer popup-close-icon" onClick="closeScreenshot();"></div>';
$('#screenshot_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>'); $('#popover_box').html('<div class="screenshot_content">' + enrichment_popover + '</div>');
$('#screenshot_box').show(); $('#popover_box').show();
$("#gray_out").fadeIn(); $("#gray_out").fadeIn();
$('#screenshot_box').css({'padding': '5px'}); $('#popover_box').css({'padding': '5px'});
$('#screenshot_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" ); $('#popover_box').css( "maxWidth", ( $( window ).width() * 0.9 | 0 ) + "px" );
$('#screenshot_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" ); $('#popover_box').css( "maxHeight", ( $( window ).width() - 300 | 0 ) + "px" );
$('#screenshot_box').css( "overflow-y", "auto"); $('#popover_box').css( "overflow-y", "auto");
var left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2); var left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
$('#screenshot_box').css({'left': left + 'px'}); $('#popover_box').css({'left': left + 'px'});
} }
$('#' + currentPopover).popover('destroy'); $('#' + currentPopover).popover('destroy');
}); });
@ -3689,6 +3690,7 @@ $(document).keyup(function(e){
$("#popover_form").fadeOut(); $("#popover_form").fadeOut();
$("#popover_form_large").fadeOut(); $("#popover_form_large").fadeOut();
$("#screenshot_box").fadeOut(); $("#screenshot_box").fadeOut();
$("#popover_box").fadeOut();
$("#confirmation_box").fadeOut(); $("#confirmation_box").fadeOut();
$(".loading").hide(); $(".loading").hide();
resetForms(); resetForms();
@ -4036,16 +4038,16 @@ $(document).ready(function() {
cortex_data = htmlEncode(JSON.stringify(cortex_data, null, 2)); cortex_data = htmlEncode(JSON.stringify(cortex_data, null, 2));
var popupHtml = '<pre class="simplepre">' + cortex_data + '</pre>'; var popupHtml = '<pre class="simplepre">' + cortex_data + '</pre>';
popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>'; popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>';
$('#screenshot_box').html(popupHtml); $('#popover_box').html(popupHtml);
$('#screenshot_box').show(); $('#popover_box').show();
$('#screenshot_box').css({'padding': '5px'}); $('#popover_box').css({'padding': '5px'});
left = ($(window).width() / 2) - ($('#screenshot_box').width() / 2); left = ($(window).width() / 2) - ($('#popover_box').width() / 2);
if (($('#screenshot_box').height() + 250) > $(window).height()) { if (($('#popover_box').height() + 250) > $(window).height()) {
$('#screenshot_box').height($(window).height() - 250); $('#popover_box').height($(window).height() - 250);
$('#screenshot_box').css("overflow-y", "scroll"); $('#popover_box').css("overflow-y", "scroll");
$('#screenshot_box').css("overflow-x", "hidden"); $('#popover_box').css("overflow-x", "hidden");
} }
$('#screenshot_box').css({'left': left + 'px'}); $('#popover_box').css({'left': left + 'px'});
$("#gray_out").fadeIn(); $("#gray_out").fadeIn();
}); });
$('.add_object_attribute_row').click(function() { $('.add_object_attribute_row').click(function() {