mirror of https://github.com/MISP/MISP
Merge branch 'hotfix-2.3.30' into develop
commit
6dcffe1d56
|
@ -1 +1 @@
|
|||
{"major":2, "minor":3, "hotfix":28}
|
||||
{"major":2, "minor":3, "hotfix":29}
|
|
@ -1088,12 +1088,14 @@ class AttributesController extends AppController {
|
|||
if ($this->request->is('post') && ($this->request->here == $fullAddress)) {
|
||||
$keyword = $this->request->data['Attribute']['keyword'];
|
||||
$keyword2 = $this->request->data['Attribute']['keyword2'];
|
||||
$tags = $this->request->data['Attribute']['tags'];
|
||||
$org = $this->request->data['Attribute']['org'];
|
||||
$type = $this->request->data['Attribute']['type'];
|
||||
$ioc = $this->request->data['Attribute']['ioc'];
|
||||
$this->set('ioc', $ioc);
|
||||
$category = $this->request->data['Attribute']['category'];
|
||||
$this->set('keywordSearch', $keyword);
|
||||
$this->set('tags', $tags);
|
||||
$keyWordText = null;
|
||||
$keyWordText2 = null;
|
||||
$keyWordText3 = null;
|
||||
|
@ -1114,26 +1116,67 @@ class AttributesController extends AppController {
|
|||
$temp = array();
|
||||
$temp2 = array();
|
||||
foreach ($keywordArray as $keywordArrayElement) {
|
||||
$saveWord = trim($keywordArrayElement);
|
||||
$keywordArrayElement = '%' . trim($keywordArrayElement) . '%';
|
||||
if ($keywordArrayElement != '%%') {
|
||||
if ($keywordArrayElement[1] == '!') {
|
||||
if (preg_match('@^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$@', substr($saveWord, 2))) {
|
||||
$cidrresults = $this->Cidr->CIDR($saveWord);
|
||||
foreach ($cidrresults as $result) {
|
||||
array_push($temp2, array('Attribute.value NOT LIKE' => $result));
|
||||
$saveWord = trim(strtolower($keywordArrayElement));
|
||||
if ($saveWord != '') {
|
||||
$toInclude = true;
|
||||
if ($saveWord[0] == '!') {
|
||||
$toInclude = false;
|
||||
$saveWord = substr($saveWord, 1);
|
||||
}
|
||||
} else {
|
||||
array_push($temp2, array('Attribute.value NOT LIKE' => '%' . substr($keywordArrayElement, 2)));
|
||||
}
|
||||
} else {
|
||||
|
||||
if (preg_match('@^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(\d|[1-2]\d|3[0-2]))$@', $saveWord)) {
|
||||
$cidrresults = $this->Cidr->CIDR($saveWord);
|
||||
foreach ($cidrresults as $result) {
|
||||
array_push($temp, array('Attribute.value LIKE' => $result));
|
||||
$result = strtolower($result);
|
||||
if (strpos($result, '|')) {
|
||||
$resultParts = explode('|', $result);
|
||||
if (!toInclude) {
|
||||
$temp2[] = array(
|
||||
'AND' => array(
|
||||
'LOWER(Attribute.value1) NOT LIKE' => $resultParts[0],
|
||||
'LOWER(Attribute.value2) NOT LIKE' => $resultParts[1],
|
||||
));
|
||||
} else {
|
||||
$temp[] = array(
|
||||
'AND' => array(
|
||||
'LOWER(Attribute.value1)' => $resultParts[0],
|
||||
'LOWER(Attribute.value2)' => $resultParts[1],
|
||||
));
|
||||
}
|
||||
} else {
|
||||
array_push($temp, array('Attribute.value LIKE' => $keywordArrayElement));
|
||||
if (!$toInclude) {
|
||||
array_push($temp2, array('LOWER(Attribute.value1) NOT LIKE' => $result));
|
||||
array_push($temp2, array('LOWER(Attribute.value2) NOT LIKE' => $result));
|
||||
} else {
|
||||
array_push($temp, array('LOWER(Attribute.value1) LIKE' => $result));
|
||||
array_push($temp, array('LOWER(Attribute.value2) LIKE' => $result));
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (strpos($saveWord, '|')) {
|
||||
$resultParts = explode('|', $saveWord);
|
||||
if (!$toInclude) {
|
||||
$temp2[] = array(
|
||||
'AND' => array(
|
||||
'LOWER(Attribute.value1) NOT LIKE' => '%' . $resultParts[0],
|
||||
'LOWER(Attribute.value2) NOT LIKE' => $resultParts[1] . '%',
|
||||
));
|
||||
} else {
|
||||
$temp2[] = array(
|
||||
'AND' => array(
|
||||
'LOWER(Attribute.value1)' => '%' . $resultParts[0],
|
||||
'LOWER(Attribute.value2)' => $resultParts[1] . '%',
|
||||
));
|
||||
}
|
||||
} else {
|
||||
if (!$toInclude) {
|
||||
array_push($temp2, array('LOWER(Attribute.value1) NOT LIKE' => '%' . $saveWord . '%'));
|
||||
array_push($temp2, array('LOWER(Attribute.value2) NOT LIKE' => '%' . $saveWord . '%'));
|
||||
} else {
|
||||
array_push($temp, array('LOWER(Attribute.value1) LIKE' => '%' . $saveWord . '%'));
|
||||
array_push($temp, array('LOWER(Attribute.value2) LIKE' => '%' . $saveWord . '%'));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1175,6 +1218,19 @@ class AttributesController extends AppController {
|
|||
$conditions['AND'][] = $temp;
|
||||
}
|
||||
}
|
||||
if (!empty($tags)) {
|
||||
$include = array();
|
||||
$exclude = array();
|
||||
$keywordArray = explode("\n", $tags);
|
||||
foreach ($keywordArray as $tagname) {
|
||||
$tagname = trim($tagname);
|
||||
if (substr($tagname, 0, 1) === '!') $exclude[] = substr($tagname, 1);
|
||||
else $include[] = $tagname;
|
||||
}
|
||||
$this->loadModel('Tag');
|
||||
if (!empty($include)) $conditions['AND'][] = array('OR' => array('Attribute.event_id' => $this->Tag->findTags($include)));
|
||||
if (!empty($exclude)) $conditions['AND'][] = array('Attribute.event_id !=' => $this->Tag->findTags($exclude));
|
||||
}
|
||||
if ($type != 'ALL') {
|
||||
$conditions['Attribute.type ='] = $type;
|
||||
}
|
||||
|
@ -1204,7 +1260,6 @@ class AttributesController extends AppController {
|
|||
$conditions['AND'][] = $temp;
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->request->data['Attribute']['alternate']) {
|
||||
$events = $this->searchAlternate($conditions);
|
||||
$this->set('events', $events);
|
||||
|
@ -1244,7 +1299,6 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
$this->set('attributes', $attributes);
|
||||
|
||||
// and store into session
|
||||
$this->Session->write('paginate_conditions', $this->paginate);
|
||||
$this->Session->write('paginate_conditions_keyword', $keyword);
|
||||
|
@ -1252,6 +1306,7 @@ class AttributesController extends AppController {
|
|||
$this->Session->write('paginate_conditions_org', $org);
|
||||
$this->Session->write('paginate_conditions_type', $type);
|
||||
$this->Session->write('paginate_conditions_ioc', $ioc);
|
||||
$this->Session->write('paginate_conditions_tags', $tags);
|
||||
$this->Session->write('paginate_conditions_category', $category);
|
||||
$this->Session->write('search_find_idlist', $idList);
|
||||
$this->Session->write('search_find_attributeidlist', $attributeIdList);
|
||||
|
@ -1278,17 +1333,18 @@ class AttributesController extends AppController {
|
|||
$this->set('attrDescriptions', $this->Attribute->fieldDescriptions);
|
||||
$this->set('typeDefinitions', $this->Attribute->typeDefinitions);
|
||||
$this->set('categoryDefinitions', $this->Attribute->categoryDefinitions);
|
||||
|
||||
// get from Session
|
||||
$keyword = $this->Session->read('paginate_conditions_keyword');
|
||||
$keyword2 = $this->Session->read('paginate_conditions_keyword2');
|
||||
$org = $this->Session->read('paginate_conditions_org');
|
||||
$type = $this->Session->read('paginate_conditions_type');
|
||||
$category = $this->Session->read('paginate_conditions_category');
|
||||
$tags = $this->Session->read('paginate_conditions_tags');
|
||||
$this->set('keywordSearch', $keyword);
|
||||
$this->set('keywordSearch2', $keyword2);
|
||||
$this->set('orgSearch', $org);
|
||||
$this->set('typeSearch', $type);
|
||||
$this->set('tags', $tags);
|
||||
$this->set('isSearch', 1);
|
||||
$this->set('categorySearch', $category);
|
||||
|
||||
|
@ -1693,9 +1749,33 @@ class AttributesController extends AppController {
|
|||
|
||||
public function generateCorrelation() {
|
||||
if (!self::_isSiteAdmin()) throw new NotFoundException();
|
||||
if (!Configure::read('MISP.background_jobs')) {
|
||||
$k = $this->Attribute->generateCorrelation();
|
||||
$this->Session->setFlash(__('All done. ' . $k . ' attributes processed.'));
|
||||
$this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration'));
|
||||
} else {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->create();
|
||||
$data = array(
|
||||
'worker' => 'default',
|
||||
'job_type' => 'generate correlation',
|
||||
'job_input' => 'All attributes',
|
||||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org' => 'ADMIN',
|
||||
'message' => 'Job created.',
|
||||
);
|
||||
$job->save($data);
|
||||
$jobId = $job->id;
|
||||
$process_id = CakeResque::enqueue(
|
||||
'default',
|
||||
'AdminShell',
|
||||
array('jobGenerateCorrelation', $jobId)
|
||||
);
|
||||
$job->saveField('process_id', $process_id);
|
||||
$this->Session->setFlash(__('Job queued. You can view the progress if you navigate to the active jobs view (administration -> jobs).'));
|
||||
$this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration'));
|
||||
}
|
||||
}
|
||||
|
||||
public function fetchViewValue($id, $field = null) {
|
||||
|
|
|
@ -2843,7 +2843,7 @@ class EventsController extends AppController {
|
|||
if ($attribute['save'] == '1') {
|
||||
$this->Event->Attribute->create();
|
||||
$attribute['distribution'] = $event['Event']['distribution'];
|
||||
$attribute['comment'] = 'Imported via the freetext import.';
|
||||
if (empty($attribute['comment'])) $attribute['comment'] = 'Imported via the freetext import.';
|
||||
$attribute['event_id'] = $id;
|
||||
if ($this->Event->Attribute->save($attribute)) {
|
||||
$saved++;
|
||||
|
@ -2860,7 +2860,11 @@ class EventsController extends AppController {
|
|||
$event['Event']['published'] = 0;
|
||||
$this->Event->save($event);
|
||||
}
|
||||
if ($failed > 0) {
|
||||
$this->Session->setFlash($saved . ' attributes created. ' . $failed . ' attributes could not be saved. This may be due to attributes with similar values already existing.');
|
||||
} else {
|
||||
$this->Session->setFlash($saved . ' attributes created.');
|
||||
}
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $id));
|
||||
} else {
|
||||
throw new MethodNotAllowedException();
|
||||
|
|
|
@ -373,6 +373,14 @@ class Server extends AppModel {
|
|||
'test' => 'testForTermsFile',
|
||||
'type' => 'string'
|
||||
),
|
||||
'showorgalternate' => array(
|
||||
'level' => 2,
|
||||
'description' => 'True enables the alternate org fields for the event index (source org and member org) instead of the traditional way of showing only an org field. This allows users to see if an event was uploaded by a member organisation on their MISP instance, or if it originated on an interconnected instance.',
|
||||
'value' => '',
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean'
|
||||
),
|
||||
),
|
||||
'GnuPG' => array(
|
||||
'branch' => 1,
|
||||
|
|
|
@ -87,7 +87,7 @@ class Tag extends AppModel {
|
|||
public function findTags($array) {
|
||||
$ids = array();
|
||||
foreach ($array as $a) {
|
||||
$conditions['OR'][] = array('name like' => '%' . $a . '%');
|
||||
$conditions['OR'][] = array('LOWER(name) like' => '%' . strtolower($a) . '%');
|
||||
}
|
||||
$params = array(
|
||||
'recursive' => 1,
|
||||
|
|
|
@ -5,6 +5,7 @@ if ($isSearch == 1) {
|
|||
echo "<h4>Results for all attributes";
|
||||
if ($keywordSearch != null) echo " with the value containing \"<b>" . h($keywordSearch) . "</b>\"";
|
||||
if ($keywordSearch2 != null) echo " from the events \"<b>" . h($keywordSearch2) . "</b>\"";
|
||||
if ($tags != null) echo " from events tagged \"<b>" . h($tags) . "</b>\"";
|
||||
if ($categorySearch != "ALL") echo " of category \"<b>" . h($categorySearch) . "</b>\"";
|
||||
if ($typeSearch != "ALL") echo " of type \"<b>" . h($typeSearch) . "</b>\"";
|
||||
if (isset($orgSearch) && $orgSearch != '' && $orgSearch != null) echo " created by the organisation \"<b>" . h($orgSearch) . "</b>\"";
|
||||
|
|
|
@ -6,6 +6,8 @@
|
|||
<?php
|
||||
echo $this->Form->input('keyword', array('type' => 'textarea', 'label' => 'Containing the following expressions', 'div' => 'clear', 'class' => 'input-xxlarge'));
|
||||
echo $this->Form->input('keyword2', array('type' => 'textarea', 'label' => 'Being attributes of the following event IDs', 'div' => 'clear', 'class' => 'input-xxlarge'));
|
||||
echo $this->Form->input('tags', array('type' => 'textarea', 'label' => 'Being an attribute of an event matching the following tags', 'div' => 'clear', 'class' => 'input-xxlarge'));
|
||||
|
||||
?>
|
||||
<?php
|
||||
if (Configure::read('MISP.showorg') || $isAdmin)
|
||||
|
|
|
@ -7,13 +7,14 @@
|
|||
<th>Category</th>
|
||||
<th>Type</th>
|
||||
<th>IDS</th>
|
||||
<th>Comment</th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
<?php
|
||||
echo $this->Form->create('Attribute', array('url' => '/events/saveFreeText/' . $event_id));
|
||||
foreach ($resultArray as $k => $item):
|
||||
?>
|
||||
<tr id="row_<?php echo $k; ?>">
|
||||
<tr id="row_<?php echo $k; ?>" class="freetext_row">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.save', array(
|
||||
'label' => false,
|
||||
|
@ -61,7 +62,7 @@
|
|||
}
|
||||
?>
|
||||
</td>
|
||||
<td class="short">
|
||||
<td class="short" style="width:30px;">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.to_ids', array(
|
||||
'label' => false,
|
||||
|
@ -70,8 +71,18 @@
|
|||
));
|
||||
?>
|
||||
</td>
|
||||
<td class="short">
|
||||
<?php
|
||||
echo $this->Form->input('Attribute.' . $k . '.comment', array(
|
||||
'label' => false,
|
||||
'style' => 'padding:0px;height:20px;margin-bottom:0px;',
|
||||
'type' => 'text',
|
||||
'placeholder' => 'Imported via the freetext import.',
|
||||
));
|
||||
?>
|
||||
</td>
|
||||
<td class="action short">
|
||||
<span class="icon-remove pointer" onClick="freetextRemoveRow('<?php echo $k; ?>');"></span>
|
||||
<span class="icon-remove pointer" onClick="freetextRemoveRow('<?php echo $k; ?>', '<?php echo $event_id; ?>');"></span>
|
||||
</td>
|
||||
</tr>
|
||||
<?php
|
||||
|
|
|
@ -46,16 +46,24 @@
|
|||
<?php echo $this->Paginator->sort('published');?>
|
||||
</th>
|
||||
<?php
|
||||
if (Configure::read('MISP.showorg') || $isAdmin): ?>
|
||||
if (Configure::read('MISP.showorgalternate') && Configure::read('MISP.showorg')):
|
||||
?>
|
||||
<th class="filter"><?php echo $this->Paginator->sort('org', 'Source org'); ?></th>
|
||||
<th class="filter"><?php echo $this->Paginator->sort('org', 'Member org'); ?></th>
|
||||
<?php
|
||||
else:
|
||||
if (Configure::read('MISP.showorg') || $isAdmin):
|
||||
?>
|
||||
<th class="filter"><?php echo $this->Paginator->sort('org'); ?></th>
|
||||
<?php
|
||||
endif;
|
||||
if ($isSiteAdmin):
|
||||
?>
|
||||
<th class="filter"><?php echo $this->Paginator->sort('owner org');?></th>
|
||||
<?php
|
||||
endif;
|
||||
endif;
|
||||
?>
|
||||
<?php if ($isSiteAdmin): ?>
|
||||
<th class="filter">
|
||||
<?php echo $this->Paginator->sort('owner org');?>
|
||||
</th>
|
||||
<?php endif; ?>
|
||||
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||
<?php if (Configure::read('MISP.tagging')): ?>
|
||||
<th class="filter">Tags</th>
|
||||
|
@ -101,7 +109,7 @@
|
|||
|
||||
</td>
|
||||
<?php endif;?>
|
||||
<?php if ('true' == $isSiteAdmin): ?>
|
||||
<?php if ($isSiteAdmin || (Configure::read('MISP.showorgalternate') && Configure::read('MISP.showorg'))): ?>
|
||||
<td class="short" onclick="document.location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
|
||||
<?php
|
||||
$imgRelativePath = 'orgs' . DS . h($event['Event']['org']) . '.png';
|
||||
|
|
|
@ -28,7 +28,21 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
|
|||
<?php echo h($event['Event']['uuid']); ?>
|
||||
|
||||
</dd>
|
||||
<?php if (Configure::read('MISP.showorg') || $isAdmin): ?>
|
||||
<?php
|
||||
if (Configure::read('MISP.showorgalternate') && (Configure::read('MISP.showorg') || $isAdmin)): ?>
|
||||
<dt>Source Organisation</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['orgc']); ?>
|
||||
|
||||
</dd>
|
||||
<dt>Member Organisation</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['org']); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
else:
|
||||
if (Configure::read('MISP.showorg') || $isAdmin): ?>
|
||||
<dt>Org</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['orgc']); ?>
|
||||
|
@ -41,7 +55,11 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
|
|||
<?php echo h($event['Event']['org']); ?>
|
||||
|
||||
</dd>
|
||||
<?php endif; ?>
|
||||
<?php
|
||||
endif;
|
||||
endif;
|
||||
|
||||
?>
|
||||
<dt>Contributors</dt>
|
||||
<dd>
|
||||
<?php
|
||||
|
|
|
@ -86,7 +86,7 @@ SCHEMALOC_DICT = {
|
|||
# mappings
|
||||
status_mapping = {'0' : 'New', '1' : 'Open', '2' : 'Closed'}
|
||||
TLP_mapping = {'0' : 'AMBER', '1' : 'GREEN', '2' : 'GREEN', '3' : 'GREEN'}
|
||||
confidence_mapping = {'0' : 'None', '1' : 'High'}
|
||||
confidence_mapping = {False : 'None', True : 'High'}
|
||||
|
||||
not_implemented_attributes = ['yara', 'pattern-in-traffic', 'pattern-in-memory']
|
||||
|
||||
|
|
|
@ -897,9 +897,12 @@ function templateFileUploadTriggerBrowse(id) {
|
|||
$('#upload_' + id + '_file').click();
|
||||
}
|
||||
|
||||
function freetextRemoveRow(id) {
|
||||
function freetextRemoveRow(id, event_id) {
|
||||
$('#row_' + id).hide();
|
||||
$('#Attribute' + id + 'Save').attr("value", "0");
|
||||
if ($(".freetext_row:visible").length == 0) {
|
||||
window.location = "/events/" + event_id;
|
||||
}
|
||||
}
|
||||
|
||||
function indexEvaluateFiltering() {
|
||||
|
|
Loading…
Reference in New Issue