mirror of https://github.com/MISP/MISP
chg: [internal] Include more types in hash export
parent
2964335f04
commit
3dc6281676
|
@ -6,16 +6,16 @@ class HashesExport
|
|||
'flatten' => 1
|
||||
);
|
||||
|
||||
public $validTypes = array(
|
||||
const VALID_TYPES = array(
|
||||
'simple' => array(
|
||||
'md5', 'sha1', 'sha256', 'sha224', 'sha512', 'sha512/224', 'sha512/256', 'ssdeep', 'imphash', 'tlsh',
|
||||
'x509-fingerprint-sha1', 'x509-fingerprint-md5', 'x509-fingerprint-sha256', 'pehash', 'authentihash',
|
||||
'impfuzzy'
|
||||
'md5', 'sha1', 'sha256', 'sha224', 'sha384', 'sha512', 'sha512/224', 'sha512/256', 'sha3-224', 'sha3-256',
|
||||
'sha3-384', 'sha3-512', 'ssdeep', 'imphash', 'tlsh', 'x509-fingerprint-sha1', 'x509-fingerprint-md5',
|
||||
'x509-fingerprint-sha256', 'pehash', 'authentihash', 'impfuzzy'
|
||||
),
|
||||
'composite' => array(
|
||||
'malware-sample', 'filename|md5', 'filename|sha1', 'filename|sha256', 'filename|sha224', 'filename|sha512',
|
||||
'filename|sha512/224', 'filename|sha512/256', 'filename|ssdeep', 'filename|imphash', 'filename|tlsh',
|
||||
'x509-fingerprint-sha1', 'x509-fingerprint-md5', 'x509-fingerprint-sha256', 'filename|pehash',
|
||||
'filename|sha512/224', 'filename|sha512/256', 'filename|sha3-224', 'filename|sha3-256', 'filename|sha3-384',
|
||||
'filename|sha3-512', 'filename|ssdeep', 'filename|imphash', 'filename|tlsh', 'filename|pehash',
|
||||
'filename|authentihash', 'filename|impfuzzy'
|
||||
)
|
||||
);
|
||||
|
@ -23,18 +23,17 @@ class HashesExport
|
|||
public function handler($data, $options = array())
|
||||
{
|
||||
if ($options['scope'] === 'Attribute') {
|
||||
if (in_array($data['Attribute']['type'], $this->validTypes['composite'])) {
|
||||
if (in_array($data['Attribute']['type'], self::VALID_TYPES['composite'], true)) {
|
||||
return explode('|', $data['Attribute']['value'])[1];
|
||||
} else if (in_array($data['Attribute']['type'], $this->validTypes['simple'])) {
|
||||
} else if (in_array($data['Attribute']['type'], self::VALID_TYPES['simple'], true)) {
|
||||
return $data['Attribute']['value'];
|
||||
}
|
||||
}
|
||||
if ($options['scope'] === 'Event') {
|
||||
} else if ($options['scope'] === 'Event') {
|
||||
$result = array();
|
||||
foreach ($data['Attribute'] as $attribute) {
|
||||
if (in_array($attribute['type'], $this->validTypes['composite'])) {
|
||||
if (in_array($attribute['type'], self::VALID_TYPES['composite'], true)) {
|
||||
$result[] = explode('|', $attribute['value'])[1];
|
||||
} else if (in_array($attribute['type'], $this->validTypes['simple'])) {
|
||||
} else if (in_array($attribute['type'], self::VALID_TYPES['simple'], true)) {
|
||||
$result[] = $attribute['value'];
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue