MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of github.com:MISP/MISP into 2.4

pull/7070/head
iglocska 2021-02-22 14:17:12 +01:00
parent 0e280c443f 3228588921
commit 48c8eaa59c
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
7 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
PyMISP

@ -1 +1 @@
Subproject commit 9316420dc028a1ffc541986fc08793e669f2165e
Subproject commit 2ceb38c741f9432432114998d0c0f8fa36686083

1
app/Lib/Tools/PubSubTool.php
View File

@ -273,6 +273,7 @@ class PubSubTool
'redis_password' => '',
'redis_database' => '1',
'redis_namespace' => 'mispq',
'host' => '127.0.0.1',
'port' => '50000',
'username' => null,
'password' => null,

6
app/Model/Attribute.php
View File

@ -1097,6 +1097,8 @@ class Attribute extends AppModel
case 'github-repository':
case 'github-organisation':
case 'twitter-id':
case 'dkim':
case 'dkim-signature':
case 'favicon-mmh3':
case 'chrome-extension-id':
case 'mobile-application-id':
@ -4625,7 +4627,7 @@ class Attribute extends AppModel
),
'Network activity' => array(
'desc' => __('Information about network traffic generated by the malware'),
'types' => array('ip-src', 'ip-dst', 'ip-dst|port', 'ip-src|port', 'port', 'hostname', 'domain', 'domain|ip', 'mac-address', 'mac-eui-64', 'email', 'email-dst', 'email-src', 'eppn', 'url', 'uri', 'user-agent', 'http-method', 'AS', 'snort', 'pattern-in-file', 'filename-pattern','stix2-pattern', 'pattern-in-traffic', 'attachment', 'comment', 'text', 'x509-fingerprint-md5', 'x509-fingerprint-sha1', 'x509-fingerprint-sha256', 'ja3-fingerprint-md5', 'jarm-fingerprint', 'hassh-md5', 'hasshserver-md5', 'other', 'hex', 'cookie', 'hostname|port', 'bro', 'zeek', 'anonymised', 'community-id', 'email-subject', 'favicon-mmh3')
'types' => array('ip-src', 'ip-dst', 'ip-dst|port', 'ip-src|port', 'port', 'hostname', 'domain', 'domain|ip', 'mac-address', 'mac-eui-64', 'email', 'email-dst', 'email-src', 'eppn', 'url', 'uri', 'user-agent', 'http-method', 'AS', 'snort', 'pattern-in-file', 'filename-pattern','stix2-pattern', 'pattern-in-traffic', 'attachment', 'comment', 'text', 'x509-fingerprint-md5', 'x509-fingerprint-sha1', 'x509-fingerprint-sha256', 'ja3-fingerprint-md5', 'jarm-fingerprint', 'hassh-md5', 'hasshserver-md5', 'other', 'hex', 'cookie', 'hostname|port', 'bro', 'zeek', 'anonymised', 'community-id', 'email-subject', 'favicon-mmh3', 'dkim', 'dkim-signature')
),
'Payload type' => array(
'desc' => __('Information about the final payload(s)'),
@ -4834,6 +4836,8 @@ class Attribute extends AppModel
'github-organisation' => array('desc' => __('A github organisation'), 'default_category' => 'Social network', 'to_ids' => 0),
'jabber-id' => array('desc' => __('Jabber ID'), 'default_category' => 'Social network', 'to_ids' => 0),
'twitter-id' => array('desc' => __('Twitter ID'), 'default_category' => 'Social network', 'to_ids' => 0),
'dkim' => array('desc' => __('DKIM public key'), 'default_category' => 'Network activity', 'to_ids' => 0),
'dkim-signature'=> array('desc' => __('DKIM signature'), 'default_category' => 'Network activity', 'to_ids' => 0),
'first-name' => array('desc' => __('First name of a natural person'), 'default_category' => 'Person', 'to_ids' => 0),
'middle-name' => array('desc' => __('Middle name of a natural person'), 'default_category' => 'Person', 'to_ids' => 0),
'last-name' => array('desc' => __('Last name of a natural person'), 'default_category' => 'Person', 'to_ids' => 0),

11
app/Model/Server.php
View File

@ -1536,7 +1536,7 @@ class Server extends AppModel
return true;
}
if (is_executable($value)) {
if (finfo_file($finfo, $value) == "application/x-executable" || finfo_file($finfo, $value) == "application/x-sharedlib") {
if (finfo_file($finfo, $value) == "application/x-executable" || finfo_file($finfo, $value) == "application/x-pie-executable" || finfo_file($finfo, $value) == "application/x-sharedlib") {
finfo_close($finfo);
return true;
} else {
@ -6220,6 +6220,15 @@ class Server extends AppModel
'type' => 'boolean',
'afterHook' => 'zmqAfterHook',
),
'ZeroMQ_host' => array(
'level' => 2,
'description' => __('The host that the pub/sub feature will use.'),
'value' => '127.0.0.1',
'errorMessage' => '',
'test' => 'testForEmpty',
'type' => 'string',
'afterHook' => 'zmqAfterHook',
),
'ZeroMQ_port' => array(
'level' => 2,
'description' => __('The port that the pub/sub feature will use.'),

4
app/View/Elements/global_menu.ctp
View File

@ -335,6 +335,10 @@
'text' => __('List Users'),
'url' => $baseurl . '/admin/users/index'
),
array(
'text' => __('List Auth Keys'),
'url' => $baseurl . '/auth_keys/index'
),
array(
'text' => __('List User Settings'),
'url' => $baseurl . '/user_settings/index/user_id:all'

6
app/files/feed-metadata/schema.json
View File

@ -87,20 +87,16 @@
}
},
"required": [
"id",
"name",
"provider",
"url",
"rules",
"enabled",
"distribution",
"sharing_group_id",
"tag_id",
"default",
"source_format",
"fixed_event",
"delta_merge",
"event_id",
"publish",
"override_ids",
"settings",
@ -133,11 +129,9 @@
}
},
"required": [
"id",
"name",
"colour",
"exportable",
"org_id",
"hide_tag"
]
}

4
app/files/scripts/mispzmq/mispzmq.py
View File

@ -102,8 +102,8 @@ class MispZmq:
self.socket = context.socket(zmq.PUB)
if self.settings["username"]:
self.socket.plain_server = True # must come before bind
self.socket.bind("tcp://*:{}".format(self.settings["port"]))
self._logger.debug("ZMQ listening on tcp://*:{}".format(self.settings["port"]))
self.socket.bind("tcp://{}:{}".format(self.settings["host"], self.settings["port"]))
self._logger.debug("ZMQ listening on tcp://{}:{}".format(self.settings["host"], self.settings["port"]))
if self._logger.isEnabledFor(logging.DEBUG):
monitor = self.socket.get_monitor_socket()