MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [attackMatrix] force kill chaine header order

pull/3347/head
Sami Mokaddem 2018-06-08 14:28:42 +00:00
parent 775001f2cc
commit 4fdf7f6340
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Controller/EventsController.php
View File

@ -4539,6 +4539,8 @@ class EventsController extends AppController {
}
public function viewMitreAttackMatrix($eventId) {
$killChainOrder = array('initial-access', 'execution', 'persistence', 'privilege-escalation', 'defense-evasion', 'credential-access', 'discovery', 'lateral-movement', 'collection', 'exfiltration', 'command-and-control');
$event = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $eventId));
if (empty($event)) throw new NotFoundException('Event not found or you are not authorised to view it.');
$event = $event[0];
@ -4591,6 +4593,7 @@ class EventsController extends AppController {
$gradientTool = new ColourGradientTool();
$colours = $gradientTool->createGradientFromValues($scores);
$this->set('killChainOrder', $killChainOrder);
$this->set('killChainNames', array_keys($attackClusters));
$this->set('attackClusters', $attackClusters);
$this->set('scores', $scores);

7
app/View/Events/view_mitre_attack_matrix.ctp
View File

@ -1,3 +1,7 @@
<?php
//debug($killChainOrder);
//debug($attackClusters[$killChainOrder[0]]);
?>
<div id="matrix_container" class="fixed-table-container-inner" style="padding-top: 30px;">
<div class="header-background"></div>
<div class="fixed-table-container-inner">
@ -23,7 +27,8 @@
do {
$added = false;
echo '<tr>';
foreach($attackClusters as $kc => $clusters) {
foreach($killChainOrder as $kc) {
$clusters = $attackClusters[$kc];
$td = '<td ';
if ($i < count($clusters)) {
$tagName = $clusters[$i]['tag_name'];