MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [galaxies] Added support of `kill_chain_order` in galaxies

pull/4156/head
mokaddem 2019-02-14 10:24:42 +01:00
parent 42e26f62fe
commit 1f73a655cf
3 changed files with 32 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Model/AppModel.php
View File

@ -72,7 +72,7 @@ class AppModel extends Model
7 => false, 8 => false, 9 => false, 10 => false, 11 => false, 12 => false,
13 => false, 14 => false, 15 => false, 18 => false, 19 => false, 20 => false,
21 => false, 22 => false, 23 => false, 24 => false, 25 => false, 26 => false,
27 => false, 28 => false
27 => false, 28 => false, 29 => false
);
public function afterSave($created, $options = array())
@ -1089,6 +1089,9 @@ class AppModel extends Model
case 28:
$sqlArray[] = "ALTER TABLE `servers` ADD `caching_enabled` tinyint(1) NOT NULL DEFAULT 0;";
break;
case 29:
$sqlArray[] = "ALTER TABLE `galaxies` ADD `kill_chain_order` text NOT NULL;";
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

31
app/Model/Galaxy.php
View File

@ -28,6 +28,18 @@ class Galaxy extends AppModel
$this->GalaxyCluster->deleteAll(array('GalaxyCluster.galaxy_id' => $this->id));
}
public function afterFind($results, $primary = false)
{
foreach ($results as $k => $v) {
if (isset($v['Galaxy']['kill_chain_order']) && $v['Galaxy']['kill_chain_order'] !== '') {
$results[$k]['Galaxy']['kill_chain_order'] = json_decode($v['Galaxy']['kill_chain_order'], true);
} else {
unset($results[$k]['Galaxy']['kill_chain_order']);
}
}
return $results;
}
private function __load_galaxies($force = false)
{
$dir = new Folder(APP . 'files' . DS . 'misp-galaxy' . DS . 'galaxies');
@ -39,8 +51,11 @@ class Galaxy extends AppModel
$file->close();
}
$galaxyTypes = array();
foreach ($galaxies as $galaxy) {
foreach ($galaxies as $i => $galaxy) {
$galaxyTypes[$galaxy['type']] = $galaxy['type'];
if (isset($galaxies[$i]['kill_chain_order'])) {
$galaxies[$i]['kill_chain_order'] = json_encode($galaxy['kill_chain_order']);
}
}
$temp = $this->find('all', array(
'fields' => array('uuid', 'version', 'id', 'icon'),
@ -415,6 +430,7 @@ class Galaxy extends AppModel
'mitre-mobile-attack' => $killChainOrderMobile,
'mitre-pre-attack' => $killChainOrderPre,
);
$killChainOrders = array();
$expectedDescription = 'ATT&CK Tactic';
$expectedNamespace = 'mitre-attack';
@ -431,18 +447,17 @@ class Galaxy extends AppModel
$mispUUID = Configure::read('MISP')['uuid'];
$attackTactic = array(
'killChain' => $killChainOrders,
'attackTactic' => array(),
'attackTags' => array(),
'instance-uuid' => $mispUUID
);
if (!empty($galaxies)) {
$galaxy = $galaxies[0];
} else {
$galaxy = array();
}
$attackTactic = array(
'killChain' => $galaxy['Galaxy']['kill_chain_order'],
'attackTactic' => array(),
'attackTags' => array(),
'instance-uuid' => $mispUUID
);
$clusters = $galaxy['GalaxyCluster'];
$attackClusters = array();

7
app/webroot/js/misp.js
View File

@ -3835,11 +3835,14 @@ function insertJSONRestResponse() {
$('#json-response-container').html(parsedJson);
}
function syntaxHighlightJson(json) {
function syntaxHighlightJson(json, indent) {
if (indent === undefined) {
indent = 2;
}
if (typeof json == 'string') {
json = JSON.parse(json);
}
json = JSON.stringify(json, undefined, 2);
json = JSON.stringify(json, undefined, indent);
json = json.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/(?:\r\n|\r|\n)/g, '<br>').replace(/ /g, '&nbsp;');
return json.replace(/("(\\u[a-zA-Z0-9]{4}|\\[^u]|[^\\"])*"(\s*:)?|\b(true|false|null)\b|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?)/g, function (match) {
var cls = 'json_number';