mirror of https://github.com/MISP/MISP
parent
cd5d53b22b
commit
2d335f5dbe
|
@ -74,7 +74,7 @@ class AttributesController extends AppController {
|
||||||
// only own attributes verified by isAuthorized
|
// only own attributes verified by isAuthorized
|
||||||
|
|
||||||
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
|
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
|
||||||
// FIXME this is bad ... it should rather by a messagebox or should be filtered out on the view level
|
// TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
|
||||||
if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
|
if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
|
||||||
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
|
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
|
||||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||||
|
@ -219,13 +219,14 @@ class AttributesController extends AppController {
|
||||||
if($this->request->data['Attribute']['malware']) {
|
if($this->request->data['Attribute']['malware']) {
|
||||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||||
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
|
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
|
||||||
|
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$this->request->data['Attribute']['type'] = "attachment";
|
$this->request->data['Attribute']['type'] = "attachment";
|
||||||
$this->request->data['Attribute']['value'] = $filename;
|
$this->request->data['Attribute']['value'] = $filename;
|
||||||
|
$this->request->data['Attribute']['to_ids'] = 0;
|
||||||
}
|
}
|
||||||
$this->request->data['Attribute']['uuid'] = String::uuid();
|
$this->request->data['Attribute']['uuid'] = String::uuid();
|
||||||
$this->request->data['Attribute']['to_ids'] = 0; // LATER permit user to send this to IDS
|
|
||||||
$this->request->data['Attribute']['batch_import'] = 0;
|
$this->request->data['Attribute']['batch_import'] = 0;
|
||||||
|
|
||||||
if ($this->Attribute->save($this->request->data)) {
|
if ($this->Attribute->save($this->request->data)) {
|
||||||
|
@ -316,7 +317,7 @@ class AttributesController extends AppController {
|
||||||
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
|
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
|
||||||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
|
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
|
||||||
$this->set('attachment', true);
|
$this->set('attachment', true);
|
||||||
// FIXME we should ensure value cannot be changed here and not only on a view level (because of the associated file)
|
// TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
|
||||||
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
|
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
|
||||||
// $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id']));
|
// $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id']));
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -85,13 +85,13 @@ class EventsController extends AppController {
|
||||||
$relatedAttributes = array();
|
$relatedAttributes = array();
|
||||||
$this->loadModel('Attribute');
|
$this->loadModel('Attribute');
|
||||||
$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid');
|
$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid');
|
||||||
foreach ($this->Event->data['Attribute'] as $key => $attribute) {
|
foreach ($this->Event->data['Attribute'] as &$attribute) {
|
||||||
$relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields);
|
$relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields);
|
||||||
// for REST requests also add the encoded attachment
|
// for REST requests also add the encoded attachment
|
||||||
if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) {
|
if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) {
|
||||||
// LATER check if this has a serious performance impact on XML conversion and memory usage
|
// LATER check if this has a serious performance impact on XML conversion and memory usage
|
||||||
$encoded_file = $this->Attribute->base64EncodeAttachment($attribute);
|
$encoded_file = $this->Attribute->base64EncodeAttachment($attribute);
|
||||||
$this->Event->data['Attribute'][$key]['data'] = $encoded_file;
|
$attribute['data'] = $encoded_file;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->set('relatedAttributes', $relatedAttributes);
|
$this->set('relatedAttributes', $relatedAttributes);
|
||||||
|
@ -231,8 +231,8 @@ class EventsController extends AppController {
|
||||||
$fieldList=array('date', 'risk', 'info', 'published', 'private');
|
$fieldList=array('date', 'risk', 'info', 'published', 'private');
|
||||||
// always force the org, but do not force it for admins
|
// always force the org, but do not force it for admins
|
||||||
if ($this->_isAdmin()) {
|
if ($this->_isAdmin()) {
|
||||||
$this->Event->read(); // FIXME URGENT this should be deleted? delete and test
|
// set the same org as existed before
|
||||||
$fieldList[]='org';
|
$this->Event->read();
|
||||||
$this->request->data['Event']['org'] = $this->Event->data['Event']['org'];
|
$this->request->data['Event']['org'] = $this->Event->data['Event']['org'];
|
||||||
}
|
}
|
||||||
// we probably also want to remove the published flag
|
// we probably also want to remove the published flag
|
||||||
|
@ -509,8 +509,6 @@ class EventsController extends AppController {
|
||||||
if ($this->request->is('post') || $this->request->is('put')) {
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
$message = $this->request->data['Event']['message'];
|
$message = $this->request->data['Event']['message'];
|
||||||
if ($this->_sendContactEmail($id, $message)) {
|
if ($this->_sendContactEmail($id, $message)) {
|
||||||
// LATER when a user is deleted this will create problems.
|
|
||||||
// LATER send the email to all the people who are in the org that created the event
|
|
||||||
// redirect to the view event page
|
// redirect to the view event page
|
||||||
$this->Session->setFlash(__('Email sent to the reporter.', true));
|
$this->Session->setFlash(__('Email sent to the reporter.', true));
|
||||||
} else {
|
} else {
|
||||||
|
@ -528,7 +526,7 @@ class EventsController extends AppController {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Sends out an email to all people within the same group
|
* Sends out an email to all people within the same org
|
||||||
* with the request to be contacted about a specific event.
|
* with the request to be contacted about a specific event.
|
||||||
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
|
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
|
||||||
*
|
*
|
||||||
|
@ -709,7 +707,7 @@ class EventsController extends AppController {
|
||||||
// check if the key is valid -> search for users based on key
|
// check if the key is valid -> search for users based on key
|
||||||
$this->loadModel('User');
|
$this->loadModel('User');
|
||||||
// no input sanitization necessary, it's done by model
|
// no input sanitization necessary, it's done by model
|
||||||
// TODO do not fetch recursive
|
// do not fetch recursive
|
||||||
$this->User->recursive=0;
|
$this->User->recursive=0;
|
||||||
$user = $this->User->findByAuthkey($key);
|
$user = $this->User->findByAuthkey($key);
|
||||||
if (empty($user)) {
|
if (empty($user)) {
|
||||||
|
@ -742,9 +740,9 @@ class EventsController extends AppController {
|
||||||
|
|
||||||
$sid++;
|
$sid++;
|
||||||
switch ($attribute['type']) {
|
switch ($attribute['type']) {
|
||||||
// LATER test all the snort attributes
|
// LATER nids - test all the snort attributes
|
||||||
// LATER add the tag keyword in the rules to capture network traffic
|
// LATER nids - add the tag keyword in the rules to capture network traffic
|
||||||
// LATER sanitize every $attribute['value'] to not conflict with snort
|
// LATER nids - sanitize every $attribute['value'] to not conflict with snort
|
||||||
case 'ip-dst':
|
case 'ip-dst':
|
||||||
$rules[] = sprintf($rule_format,
|
$rules[] = sprintf($rule_format,
|
||||||
'ip', // proto
|
'ip', // proto
|
||||||
|
@ -806,7 +804,7 @@ class EventsController extends AppController {
|
||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
case 'email-subject':
|
case 'email-subject':
|
||||||
// LATER email-subject rule might not match because of line-wrapping
|
// LATER nids - email-subject rule might not match because of line-wrapping
|
||||||
$rules[] = sprintf($rule_format,
|
$rules[] = sprintf($rule_format,
|
||||||
'tcp', // proto
|
'tcp', // proto
|
||||||
'$EXTERNAL_NET', // src_ip
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
@ -822,7 +820,7 @@ class EventsController extends AppController {
|
||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
case 'email-attachment':
|
case 'email-attachment':
|
||||||
// LATER email-attachment rule might not match because of line-wrapping
|
// LATER nids - email-attachment rule might not match because of line-wrapping
|
||||||
$rules[] = sprintf($rule_format,
|
$rules[] = sprintf($rule_format,
|
||||||
'tcp', // proto
|
'tcp', // proto
|
||||||
'$EXTERNAL_NET', // src_ip
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
@ -884,7 +882,7 @@ class EventsController extends AppController {
|
||||||
break;
|
break;
|
||||||
case 'user-agent':
|
case 'user-agent':
|
||||||
$rules[] = "";
|
$rules[] = "";
|
||||||
// TODO write snort user-agent rule
|
// TODO nids - write snort user-agent rule
|
||||||
break;
|
break;
|
||||||
case 'snort':
|
case 'snort':
|
||||||
$tmp_rule = $attribute['value'];
|
$tmp_rule = $attribute['value'];
|
||||||
|
@ -926,7 +924,7 @@ class EventsController extends AppController {
|
||||||
// finally the rule is cleaned up and can be outputed
|
// finally the rule is cleaned up and can be outputed
|
||||||
$rules[] = $tmp_rule;
|
$rules[] = $tmp_rule;
|
||||||
|
|
||||||
// TODO test using lots of snort rules.
|
// LATER nids - test using lots of snort rules.
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -977,7 +975,6 @@ class EventsController extends AppController {
|
||||||
// // check if the key is valid -> search for users based on key
|
// // check if the key is valid -> search for users based on key
|
||||||
// $this->loadModel('User');
|
// $this->loadModel('User');
|
||||||
// // no input sanitization necessary, it's done by model
|
// // no input sanitization necessary, it's done by model
|
||||||
// // TODO do not fetch recursive
|
|
||||||
// $this->User->recursive=0;
|
// $this->User->recursive=0;
|
||||||
// $user = $this->User->findByAuthkey($key);
|
// $user = $this->User->findByAuthkey($key);
|
||||||
// if (empty($user)) {
|
// if (empty($user)) {
|
||||||
|
|
|
@ -224,7 +224,6 @@ class UsersController extends AppController {
|
||||||
|
|
||||||
|
|
||||||
public function login() {
|
public function login() {
|
||||||
// FIXME implement authentication brute-force protection
|
|
||||||
if ($this->Auth->login()) {
|
if ($this->Auth->login()) {
|
||||||
$this->redirect($this->Auth->redirect());
|
$this->redirect($this->Auth->redirect());
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -33,7 +33,7 @@ class Attribute extends AppModel {
|
||||||
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
|
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
|
||||||
);
|
);
|
||||||
|
|
||||||
// these are definition of possible types + their descriptions and maybe LATER other behaviors
|
// these are definition of possible types + their descriptions and maybe later other behaviors
|
||||||
// e.g. if the attribute should be correlated with others or not
|
// e.g. if the attribute should be correlated with others or not
|
||||||
|
|
||||||
public $type_definitions = array(
|
public $type_definitions = array(
|
||||||
|
@ -298,7 +298,7 @@ class Attribute extends AppModel {
|
||||||
$file = new File ($filepath);
|
$file = new File ($filepath);
|
||||||
if($file->exists()) {
|
if($file->exists()) {
|
||||||
if (!$file->delete()) {
|
if (!$file->delete()) {
|
||||||
$this->Session->setFlash(__('Delete failed. Please report to administrator', true), 'default', array(), 'error'); // TODO change this message. Throw an internal error
|
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -517,7 +517,7 @@ class Attribute extends AppModel {
|
||||||
// prepare the conditions
|
// prepare the conditions
|
||||||
$conditions = array(
|
$conditions = array(
|
||||||
'Attribute.event_id !=' => $attribute['event_id'],
|
'Attribute.event_id !=' => $attribute['event_id'],
|
||||||
// 'Attribute.type' => $attribute['type'], // LATER also filter on type
|
// 'Attribute.type' => $attribute['type'], // do not filter on type
|
||||||
);
|
);
|
||||||
if (empty($attribute['value1'])) // prevent issues with empty fields
|
if (empty($attribute['value1'])) // prevent issues with empty fields
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -17,7 +17,7 @@ class Server extends AppModel {
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
public $validate = array(
|
public $validate = array(
|
||||||
'url' => array( // TODO add extra validation to refuse multiple urls from the same org
|
'url' => array( // TODO add extra validation to refuse multiple time the same url from the same org
|
||||||
'url' => array(
|
'url' => array(
|
||||||
'rule' => array('url'),
|
'rule' => array('url'),
|
||||||
'message' => 'Please enter a valid base-url.',
|
'message' => 'Please enter a valid base-url.',
|
||||||
|
|
Loading…
Reference in New Issue