mirror of https://github.com/MISP/MISP
- Fixed an issue with the new UUID generation method call in OpenIOC - Fixed an invalid validation check on the salt key - Added a note on the server page to make it more obvious that values can be changed by double clicking thempull/727/head
parent
b02480c5eb
commit
56adab6122
|
@ -148,8 +148,9 @@ class IOCImportComponent extends Component {
|
|||
|
||||
// Add a special attribute that captures the basic data about the .ioc such as the ioc-s uuid, info, long info, author, etc.
|
||||
// Define the fields used in the global iocinfo variable.
|
||||
$this->Attribute = ClassRegistry::init('Attribute');
|
||||
foreach ($this->iocinfo as $k => $v) {
|
||||
if (isset($event[$v])) $event['Attribute'][] = array('uuid' => $this->{$Model->alias}->generateUuid(), 'category' => 'Other', 'type' => 'comment', 'event_id' => $id, 'value' => $v . ': ' . $event[$v], 'to_ids' => $this->typeToIdsSettings['comment'], 'distribution' => $this->distribution, 'comment' => 'OpenIOC import from file ' . $filename);
|
||||
if (isset($event[$v])) $event['Attribute'][] = array('uuid' => $this->Attribute->generateUuid(), 'category' => 'Other', 'type' => 'comment', 'event_id' => $id, 'value' => $v . ': ' . $event[$v], 'to_ids' => $this->typeToIdsSettings['comment'], 'distribution' => $this->distribution, 'comment' => 'OpenIOC import from file ' . $filename);
|
||||
}
|
||||
|
||||
// attach the graph to the event
|
||||
|
@ -202,7 +203,7 @@ class IOCImportComponent extends Component {
|
|||
$attribute['type'] = 'other';
|
||||
$attribute['value'] = 'containsnot: ' . $attribute['value'];
|
||||
}
|
||||
$attribute['to_ids'] = $this->typeToIdsSettings[$attribute['type']];
|
||||
if (isset($this->typeToIdsSettings[$attribute['type']])) $attribute['to_ids'] = $this->typeToIdsSettings[$attribute['type']];
|
||||
// If we couldn't figure out the category / type and got Other/other, append the search term in the value
|
||||
if ($temp[0] == 'Other' && $temp[1] == 'other') {
|
||||
$attribute['value'] = $attribute['search'] . ': ' . $attribute['value'];
|
||||
|
@ -519,6 +520,7 @@ class IOCImportComponent extends Component {
|
|||
$att1 = $this->__analyseIndicator($array[0], $id);
|
||||
$att2 = $this->__analyseIndicator($array[1], $id);
|
||||
$attempt = $this->__convertToCompositeAttribute($att1, $att2, $id);
|
||||
$attempt['to_ids'] = $this->typeToIdsSettings[$attempt['type']];
|
||||
if ($attempt) {
|
||||
$this->saved_uuids[] = $id;
|
||||
return $attempt;
|
||||
|
@ -542,6 +544,7 @@ class IOCImportComponent extends Component {
|
|||
|
||||
// Attempt to convert the two attributes retrieved from an AND indicator into a single attribute, if they are eligible to be converted. If not, add it to the array of failures.
|
||||
private function __convertToCompositeAttribute($att1, $att2, $uuid) {
|
||||
$this->Attribute = ClassRegistry::init('Attribute');
|
||||
// check if the current attribute is one of the known pairs saved in the array $attributePairs
|
||||
foreach ($this->attributePairs as $pair) {
|
||||
// if attribute 1's type = the first type of the pair and attribute 2's type is the type of the second attribute of the pair, return a new joint attribute with the new type-name (usually type1|type2) and its predefined category
|
||||
|
@ -561,7 +564,7 @@ class IOCImportComponent extends Component {
|
|||
default:
|
||||
$value = $att1['value'] . '|' . $att2['value'];
|
||||
}
|
||||
return array('type' => $pair[2], 'value' => $value, 'uuid' => $this->{$Model->alias}->generateUuid(), 'category' => $pair[3], 'to_ids' => $this->typeToIdsSettings[$pair[2]], 'distribution' => $this->distribution);
|
||||
return array('type' => $pair[2], 'value' => $value, 'uuid' => $this->Attribute->generateUuid(), 'category' => $pair[3], 'to_ids' => $this->typeToIdsSettings[$pair[2]], 'distribution' => $this->distribution);
|
||||
}
|
||||
// Try the same thing above with the attributes reversed
|
||||
if ($att2['type'] == $pair[0] && $att1['type'] == $pair[1]) {
|
||||
|
@ -579,7 +582,7 @@ class IOCImportComponent extends Component {
|
|||
default:
|
||||
$value = $att2['value'] . '|' . $att1['value'];
|
||||
}
|
||||
return array('type' => $pair[2], 'value' => $value, 'uuid' => $this->{$Model->alias}->generateUuid(), 'category' => $pair[3], 'to_ids' => $this->typeToIdsSettings[$pair[2]], 'distribution' => $this->distribution);
|
||||
return array('type' => $pair[2], 'value' => $value, 'uuid' => $this->Attribute->generateUuid(), 'category' => $pair[3], 'to_ids' => $this->typeToIdsSettings[$pair[2]], 'distribution' => $this->distribution);
|
||||
}
|
||||
}
|
||||
// If no match found, return false, it's not a valid composite attribute for MISP
|
||||
|
|
|
@ -2130,7 +2130,7 @@ class EventsController extends AppController {
|
|||
// add the original openIOC file as an attachment
|
||||
$saveEvent['Attribute'][] = array(
|
||||
'category' => 'External analysis',
|
||||
'uuid' => $this->{$Model->alias}->generateUuid(),
|
||||
'uuid' => $this->Event->generateUuid(),
|
||||
'type' => 'attachment',
|
||||
'value' => $this->data['Event']['submittedioc']['name'],
|
||||
'to_ids' => false,
|
||||
|
@ -2703,7 +2703,7 @@ class EventsController extends AppController {
|
|||
'org' => $this->Auth->user('org'),
|
||||
'orgc' => $this->Auth->user('org'),
|
||||
'timestamp' => $ts,
|
||||
'uuid' => $this->{$Model->alias}->generateUuid(),
|
||||
'uuid' => $this->Event->generateUuid(),
|
||||
'user_id' => $this->Auth->user('id'),
|
||||
));
|
||||
$default['Event']['info'] = 'A junk event for load testing';
|
||||
|
@ -2724,7 +2724,7 @@ class EventsController extends AppController {
|
|||
'value1' => $value,
|
||||
'value2' => '',
|
||||
'comment' => '',
|
||||
'uuid' => $this->{$Model->alias}->generateUuid(),
|
||||
'uuid' => $this->Event->generateUuid(),
|
||||
'timestamp' => $ts,
|
||||
);
|
||||
}
|
||||
|
|
|
@ -1247,7 +1247,7 @@ class Server extends AppModel {
|
|||
|
||||
public function testSalt($value) {
|
||||
if ($this->testForEmpty($value) !== true) return $this->testForEmpty($value);
|
||||
if (strlen($value) != 32) return 'The salt has to be a 32 byte long string.';
|
||||
if (strlen($value) < 32) return 'The salt has to be an at least 32 byte long string.';
|
||||
if ($value == "Rooraenietu8Eeyo<Qu2eeNfterd-dd+") return 'This is the default salt shipped with the application and is therefore unsecure.';
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
echo $this->element('healthElements/overview');
|
||||
}
|
||||
?>
|
||||
<div style="font-style: italic;">To edit a setting, simply double click it.</div>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'serverSettings'));
|
||||
|
|
Loading…
Reference in New Issue