mirror of https://github.com/MISP/MISP
Merge branch 'hotfix-2.1.18'
commit
55c7dda27c
|
@ -122,6 +122,8 @@ Configure::write('SecureAuth.expire', 300); // the time-window for th
|
|||
|
||||
Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available to do resolution.
|
||||
|
||||
Configure::write('CyDefSig.cveurl', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId='); // Default URL for NVD/CVE reference.
|
||||
|
||||
// The following 3 fields are optional
|
||||
|
||||
//Configure::write('MISP.welcome_text_top', 'Welcome to the Organisation community\'s'); // used in Events::login before the MISP logo
|
||||
|
|
|
@ -1283,7 +1283,7 @@ class EventsController extends AppController {
|
|||
// save the gpg key to a temporary file
|
||||
$tmpfname = tempnam(TMP, "GPGkey");
|
||||
$handle = fopen($tmpfname, "w");
|
||||
fwrite($handle, $meUser['gpgkey']);
|
||||
fwrite($handle, $this->Auth->user('gpgkey'));
|
||||
fclose($handle);
|
||||
// attach it
|
||||
$this->Email->attachments = array(
|
||||
|
|
|
@ -150,7 +150,7 @@ class ServersController extends AppController {
|
|||
* @throws NotFoundException
|
||||
*/
|
||||
public function pull($id = null, $technique=false) {
|
||||
if (!$this->_IsSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
|
||||
if (!$this->_isSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
|
||||
$this->Server->id = $id;
|
||||
if (!$this->Server->exists()) {
|
||||
throw new NotFoundException(__('Invalid server'));
|
||||
|
|
|
@ -142,7 +142,7 @@ class ShadowAttributesController extends AppController {
|
|||
$event['Event']['published'] = 0;
|
||||
$this->Event->save($event, array('fieldList' => $fieldList));
|
||||
$this->Session->setFlash(__('Proposed attribute accepted', true), 'default', array());
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->Event->id));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -184,6 +184,7 @@ class ShadowAttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
$this->ShadowAttribute->delete($id, $cascade = false);
|
||||
$this->_setProposalLock($eventId, false);
|
||||
$this->Session->setFlash(__('Proposed change discarded', true), 'default', array());
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
||||
}
|
||||
|
@ -246,7 +247,7 @@ class ShadowAttributesController extends AppController {
|
|||
if ($successes) {
|
||||
// list the ones that succeeded
|
||||
$this->Session->setFlash(__('The lines' . $successes . ' have been saved', true));
|
||||
$this->_setProposalLock($eventId, 1);
|
||||
$this->__sendProposalAlertEmail($eventId);
|
||||
}
|
||||
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id']));
|
||||
|
@ -265,7 +266,7 @@ class ShadowAttributesController extends AppController {
|
|||
$this->request->data['ShadowAttribute']['email'] = $this->Auth->user('email');
|
||||
$this->request->data['ShadowAttribute']['org'] = $this->Auth->user('org');
|
||||
if ($this->ShadowAttribute->save($this->request->data)) {
|
||||
$this->_setProposalLock($eventId, 1);
|
||||
$this->__sendProposalAlertEmail($eventId);
|
||||
// inform the user and redirect
|
||||
$this->Session->setFlash(__('The proposal has been saved'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id']));
|
||||
|
@ -368,7 +369,7 @@ class ShadowAttributesController extends AppController {
|
|||
$this->request->data['ShadowAttribute']['email'] = $this->Auth->user('email');
|
||||
$this->request->data['ShadowAttribute']['org'] = $this->Auth->user('org');
|
||||
if ($this->ShadowAttribute->save($this->request->data)) {
|
||||
$this->_setProposalLock($eventId, 1);
|
||||
$this->__sendProposalAlertEmail($eventId);
|
||||
} else {
|
||||
$this->Session->setFlash(__('The ShadowAttribute could not be saved. Did you already upload this file?'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id']));
|
||||
|
@ -514,7 +515,7 @@ class ShadowAttributesController extends AppController {
|
|||
$this->request->data['ShadowAttribute']['email'] = $this->Auth->user('email');
|
||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'value', 'org');
|
||||
if ($this->ShadowAttribute->save($this->request->data)) {
|
||||
$this->_setProposalLock($this->request->data['ShadowAttribute']['event_id'], 1);
|
||||
$this->__sendProposalAlertEmail($this->request->data['ShadowAttribute']['event_id']);
|
||||
$this->Session->setFlash(__('The proposed Attribute has been saved'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
||||
} else {
|
||||
|
@ -544,30 +545,33 @@ class ShadowAttributesController extends AppController {
|
|||
$this->set('typeDefinitions', $this->ShadowAttribute->typeDefinitions);
|
||||
$this->set('categoryDefinitions', $this->ShadowAttribute->categoryDefinitions);
|
||||
}
|
||||
private function _setProposalLock($id, $setting) {
|
||||
// This method is used to change the proposalLock to the opposite of the passed argument setting if the current setting doesn't match and save the event
|
||||
|
||||
private function _setProposalLock($id, $lock = true) {
|
||||
$this->loadModel('Event');
|
||||
$this->Event->recursive = -1;
|
||||
$event = $this->Event->read(null, $id);
|
||||
if ($setting == 1) {
|
||||
if ($event['Event']['proposal_email_lock'] == 0) {
|
||||
$fieldList = array('proposal_email_lock', 'id', 'info');
|
||||
$event['Event']['proposal_email_lock'] = 1;
|
||||
$this->Event->save($event, array('fieldList' => $fieldList));
|
||||
$this->__sendProposalAlertEmail($id);
|
||||
}
|
||||
if ($lock) {
|
||||
$event['Event']['proposal_email_lock'] = 1;
|
||||
} else {
|
||||
if ($event['Event']['proposal_email_lock'] == 1) {
|
||||
$fieldList = array('proposal_email_lock', 'id', 'info');
|
||||
$event['Event']['proposal_email_lock'] = 0;
|
||||
$this->Event->save($event, array('fieldList' => $fieldList));
|
||||
}
|
||||
$event['Event']['proposal_email_lock'] = 0;
|
||||
}
|
||||
$fieldList = array('proposal_email_lock', 'id', 'info');
|
||||
$this->Event->save($event, array('fieldList' => $fieldList));
|
||||
}
|
||||
|
||||
|
||||
private function __sendProposalAlertEmail($id) {
|
||||
$this->loadModel('Event');
|
||||
$this->Event->recursive = -1;
|
||||
$event = $this->Event->read(null, $id);
|
||||
|
||||
// If the event has an e-mail lock, return
|
||||
if ($event['Event']['proposal_email_lock'] == 1) {
|
||||
return;
|
||||
} else {
|
||||
$this->_setProposalLock($id);
|
||||
}
|
||||
|
||||
$this->loadModel('User');
|
||||
$this->User->recursive = -1;
|
||||
$orgMembers = array();
|
||||
|
@ -580,7 +584,7 @@ class ShadowAttributesController extends AppController {
|
|||
$body = "";
|
||||
$body .= "Hello, \n";
|
||||
$body .= "\n";
|
||||
$body .= "A user of another organisation has proposed a change to an event created by you or your organisations. \n";
|
||||
$body .= "A user of another organisation has proposed a change to an event created by you or your organisation. \n";
|
||||
$body .= "\n";
|
||||
$body .= "To view the event in question, follow this link:";
|
||||
$body .= ' ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $id . "\n";
|
||||
|
@ -649,4 +653,28 @@ class ShadowAttributesController extends AppController {
|
|||
$this->Email->reset();
|
||||
}
|
||||
}
|
||||
|
||||
public function index() {
|
||||
|
||||
$this->paginate = array(
|
||||
'conditions' =>
|
||||
array('OR' =>
|
||||
array(
|
||||
'Event.org =' => $this->Auth->user('org'),
|
||||
'AND' => array(
|
||||
'ShadowAttribute.org =' => $this->Auth->user('org'),
|
||||
'Event.distribution >' => 0,
|
||||
),
|
||||
)
|
||||
),
|
||||
'fields' => array('id', 'org', 'old_id'),
|
||||
'contain' => array(
|
||||
'Event' =>array(
|
||||
'fields' => array('id', 'org', 'info', 'orgc'),
|
||||
),
|
||||
),
|
||||
'recursive' => 1
|
||||
);
|
||||
$this->set('shadowAttributes', $this->paginate());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -107,6 +107,7 @@ class Attribute extends AppModel {
|
|||
'email-subject' => array('desc' => "The subject of the email"),
|
||||
'email-attachment' => array('desc' => "File name of the email attachment."),
|
||||
'url' => array('desc' => 'url'),
|
||||
'http-method' => array('desc' => "HTTP method used by the malware (e.g. POST, GET, ...)."),
|
||||
'user-agent' => array('desc' => "The user-agent used by the malware in the HTTP request."),
|
||||
'regkey' => array('desc' => "Registry key or value"),
|
||||
'regkey|value' => array('desc' => "Registry value + data separated by |"),
|
||||
|
@ -159,7 +160,7 @@ class Attribute extends AppModel {
|
|||
),
|
||||
'Network activity' => array(
|
||||
'desc' => 'Information about network traffic generated by the malware',
|
||||
'types' => array('ip-src', 'ip-dst', 'hostname', 'domain', 'email-dst', 'url', 'user-agent', 'AS', 'snort', 'pattern-in-file', 'pattern-in-traffic', 'attachment', 'comment', 'text', 'other')
|
||||
'types' => array('ip-src', 'ip-dst', 'hostname', 'domain', 'email-dst', 'url', 'user-agent', 'http-method', 'AS', 'snort', 'pattern-in-file', 'pattern-in-traffic', 'attachment', 'comment', 'text', 'other')
|
||||
),
|
||||
'Payload type' => array(
|
||||
'desc' => 'Information about the final payload(s)',
|
||||
|
@ -408,6 +409,13 @@ class Attribute extends AppModel {
|
|||
break;
|
||||
}
|
||||
|
||||
// uppercase the following types
|
||||
switch($this->data['Attribute']['type']) {
|
||||
case 'http-method':
|
||||
$this->data['Attribute']['value'] = strtoupper($this->data['Attribute']['value']);
|
||||
break;
|
||||
}
|
||||
|
||||
// set to_ids if it doesn't exist
|
||||
if (empty($this->data['Attribute']['to_ids'])) {
|
||||
$this->data['Attribute']['to_ids'] = 0;
|
||||
|
@ -495,6 +503,13 @@ class Attribute extends AppModel {
|
|||
$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
}
|
||||
break;
|
||||
case 'http-method':
|
||||
if (preg_match("#(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK|VERSION-CONTROL|REPORT|CHECKOUT|CHECKIN|UNCHECKOUT|MKWORKSPACE|UPDATE|LABEL|MERGE|BASELINE-CONTROL|MKACTIVITY|ORDERPATCH|ACL|PATCH|SEARCH)#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Unknown HTTP method.';
|
||||
}
|
||||
break;
|
||||
case 'filename':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
|
|
|
@ -25,11 +25,21 @@ class ShadowAttribute extends AppModel {
|
|||
'Regexp' => array('fields' => array('value', 'value2')),
|
||||
);
|
||||
|
||||
/**
|
||||
* hasMany relation to shadow attributes
|
||||
*
|
||||
* @var unknown
|
||||
*/
|
||||
/**
|
||||
* belongsTo associations
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $belongsTo = array(
|
||||
'Event' => array(
|
||||
'className' => 'Event',
|
||||
'foreignKey' => 'event_id',
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => '',
|
||||
'counterCache' => true
|
||||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* Display field
|
||||
|
@ -266,21 +276,6 @@ class ShadowAttribute extends AppModel {
|
|||
|
||||
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
||||
|
||||
/**
|
||||
* belongsTo associations
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $belongsTo = array(
|
||||
'Event' => array(
|
||||
'className' => 'Event',
|
||||
'foreignKey' => 'id',
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => '',
|
||||
'counterCache' => true
|
||||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* beforeSave
|
||||
|
|
|
@ -213,7 +213,12 @@ if (!empty($event['Attribute'])):?>
|
|||
echo h($filenameHash[0]);
|
||||
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
|
||||
} elseif ('vulnerability' == $attribute['type']) {
|
||||
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
|
||||
if (! is_null(Configure::read('CyDefSig.cveurl'))) {
|
||||
$cveUrl = Configure::read('CyDefSig.cveurl');
|
||||
} else {
|
||||
$cveUrl = "http://www.google.com/search?q=";
|
||||
}
|
||||
echo $this->Html->link(h($sigDisplay), h($cveUrl) . h($sigDisplay), array('target' => '_blank'));
|
||||
} elseif ('link' == $attribute['type']) {
|
||||
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
|
||||
} else {
|
||||
|
|
|
@ -0,0 +1,88 @@
|
|||
<div class="shadowAttributes index">
|
||||
<h2>Proposals</h2>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
$this->Paginator->options(array(
|
||||
'update' => '.span12',
|
||||
'evalScripts' => true,
|
||||
'before' => '$(".progress").show()',
|
||||
'complete' => '$(".progress").hide()',
|
||||
));
|
||||
echo $this->Paginator->prev('« ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
|
||||
echo $this->Paginator->next(__('next') . ' »', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
?>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
|
||||
<table class="table table-striped table-hover table-condensed">
|
||||
<tr>
|
||||
<th>Event</th>
|
||||
<th>
|
||||
<?php echo $this->Paginator->sort('org', 'Org');?>
|
||||
</th>
|
||||
<th>
|
||||
Type
|
||||
</th>
|
||||
<th>
|
||||
<?php echo $this->Paginator->sort('id', 'Info');?>
|
||||
</th>
|
||||
</tr>
|
||||
<?php foreach ($shadowAttributes as $event):?>
|
||||
<tr>
|
||||
<td class="short" onclick="document.location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
|
||||
<?php echo h($event['Event']['id']);?>
|
||||
</td>
|
||||
<td class="short" onclick="document.location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
|
||||
<?php echo h($event['ShadowAttribute']['org'])?>
|
||||
</td>
|
||||
<td class="short" onclick="document.location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
|
||||
<?php
|
||||
if ($event['ShadowAttribute']['old_id'] != 0) {
|
||||
echo 'Attribute edit';
|
||||
} else {
|
||||
echo 'New Attribute';
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
<td onclick="document.location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
|
||||
<?php echo h($event['Event']['info']); ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</table>
|
||||
<p>
|
||||
<?php
|
||||
echo $this->Paginator->counter(array(
|
||||
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||
));
|
||||
?>
|
||||
</p>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
echo $this->Paginator->prev('« ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
|
||||
echo $this->Paginator->next(__('next') . ' »', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
?>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<div class="actions <?php echo $debugMode;?>">
|
||||
<ul class="nav nav-list">
|
||||
<li class="active"><a href="/events/index">List Events</a></li>
|
||||
<?php if ($isAclAdd): ?>
|
||||
<li><a href="/events/add">Add Event</a></li>
|
||||
<?php endif; ?>
|
||||
<li class="divider"></li>
|
||||
<li><a href="/attributes/index">List Attributes</a></li>
|
||||
<li><a href="/attributes/search">Search Attributes</a></li>
|
||||
<li class="divider"></li>
|
||||
<li><a href="/events/export">Export</a></li>
|
||||
<?php if ($isAclAuth): ?>
|
||||
<li><a href="/events/automation">Automation</a></li>
|
||||
<?php endif;?>
|
||||
</ul>
|
||||
</div>
|
|
@ -1,6 +1,18 @@
|
|||
<div class="users form">
|
||||
<h2>CyDefSIG Terms and Conditions</h2>
|
||||
<p>Please add your terms and conditions here</p>
|
||||
<h2>MISP Terms and Conditions</h2>
|
||||
|
||||
<?php
|
||||
$termsFile = APP ."View/Users/terms";
|
||||
|
||||
if (!(file_exists($termsFile))) {
|
||||
echo "<p>Please add your terms and conditions in file $termsFile.</p>";
|
||||
}else {
|
||||
$terms = new File($termsFile, false);
|
||||
echo $terms->read(true,'r');
|
||||
$terms->close();
|
||||
}
|
||||
?>
|
||||
|
||||
<?php
|
||||
if (!$termsaccepted) {
|
||||
echo $this->Form->create('User');
|
||||
|
@ -17,4 +29,4 @@ if (!$termsaccepted) {
|
|||
<li><a href="/pages/display/doc/general">User Guide</a></li>
|
||||
<li class="active"><a href="/users/terms">Terms & Conditions</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue