MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'fetcher_debug' into 2.4

pull/6382/head
iglocska 2020-10-02 16:14:49 +02:00
parent 79394d0933 f7dc3bcbdd
commit 6ee446d166
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
7 changed files with 71 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Controller/ServersController.php
View File

@ -1235,8 +1235,12 @@ class ServersController extends AppController
public function getWorkers()
{
$issues = 0;
$worker_array = $this->Server->workerDiagnostics($issues);
if (Configure::read('MISP.background_jobs')) {
$workerIssueCount = 0;
$worker_array = $this->Server->workerDiagnostics($workerIssueCount);
} else {
$worker_array = [__('Background jobs not enabled')];
}
return $this->RestResponse->viewData($worker_array);
}

21
app/Lib/Tools/ComplexTypeTool.php
View File

@ -248,12 +248,23 @@ class ComplexTypeTool
128 => array('single' => array('sha512'), 'composite' => array('filename|sha512'))
);
// algorithms to run through in order
private $__checks = array('Hashes', 'Email', 'IP', 'DomainOrFilename', 'SimpleRegex', 'AS', 'BTC');
// algorithms to run through in order, without Hashes that are checked separately
private $__checks = array('Email', 'IP', 'DomainOrFilename', 'SimpleRegex', 'AS', 'BTC');
/**
* @param string $raw_input Trimmed value
* @return array|false
*/
private function __resolveType($raw_input)
{
$input = array('raw' => trim($raw_input));
$input = array('raw' => $raw_input);
// Check hashes before refang and port extracting, it is not necessary for hashes. This speedups parsing
// freetexts or CSVs with a lot of hashes.
$hashes = $this->__checkForHashes($input);
if ($hashes) {
return $hashes;
}
$input = $this->__refangInput($input);
$input = $this->__extractPort($input);
@ -320,7 +331,7 @@ class ComplexTypeTool
if ($this->__checkForBTC($input)) {
$types[] = 'btc';
}
return array('types' => $types, 'to_ids' => true, 'default_type' => $hash['single'][0], 'value' => $input['raw']);
return array('types' => $types, 'to_ids' => true, 'default_type' => $types[0], 'value' => $input['raw']);
}
// ssdeep has a different pattern
if ($this->__resolveSsdeep($input['raw'])) {
@ -496,7 +507,7 @@ class ComplexTypeTool
private function __resolveHash($value)
{
$strlen = strlen($value);
if (isset($this->__hexHashTypes[$strlen]) && preg_match("#[0-9a-f]{" . $strlen . "}$#i", $value)) {
if (isset($this->__hexHashTypes[$strlen]) && ctype_xdigit($value)) {
return $this->__hexHashTypes[$strlen];
}
return false;

4
app/Model/AppModel.php
View File

@ -1888,9 +1888,7 @@ class AppModel extends Model
$workerType = '';
if (isset($workerDiagnostic['update']['ok']) && $workerDiagnostic['update']['ok']) {
$workerType = 'update';
} elseif (isset($workerDiagnostic['prio']['ok']) && $workerDiagnostic['prio']['ok']) {
$workerType = 'prio';
} else { // no worker running, doing inline update
} else { // update worker not running, doing the update inline
return $this->runUpdates($verbose, false);
}
$this->Job->create();

18
app/Model/Event.php
View File

@ -2077,7 +2077,6 @@ class Event extends AppModel
$conditions['AND'][] = $rules;
}
}
if (!empty($options['to_ids']) || $options['to_ids'] === 0) {
$conditionsAttributes['AND'][] = array('Attribute.to_ids' => $options['to_ids']);
}
@ -2093,7 +2092,6 @@ class Event extends AppModel
$fieldsObj = array('*');
$fieldsShadowAtt = array('ShadowAttribute.id', 'ShadowAttribute.type', 'ShadowAttribute.category', 'ShadowAttribute.value', 'ShadowAttribute.to_ids', 'ShadowAttribute.uuid', 'ShadowAttribute.event_uuid', 'ShadowAttribute.event_id', 'ShadowAttribute.old_id', 'ShadowAttribute.comment', 'ShadowAttribute.org_id', 'ShadowAttribute.proposal_to_delete', 'ShadowAttribute.timestamp', 'ShadowAttribute.first_seen', 'ShadowAttribute.last_seen');
$fieldsOrg = array('id', 'name', 'uuid', 'local');
$sharingGroupData = $this->__cacheSharingGroupData($user, $useCache);
$params = array(
'conditions' => $conditions,
@ -5808,16 +5806,11 @@ class Event extends AppModel
$tag = ClassRegistry::init('Tag');
$args = $this->Attribute->dissectArgs($tagRules);
$tagArray = $this->EventTag->Tag->fetchEventTagIds($args[0], $args[1]);
$temp = array();
foreach ($tagArray[0] as $accepted) {
$temp['OR'][] = array('Event.id' => $accepted);
if (!empty($tagArray[0])) {
$filters[] = ['OR' => ['Event.id' => $tagArray[0]]];
} else {
$filters[] = ['AND' => ['Event.id NOT IN' => $tagArray[1]]];
}
$filters[] = $temp;
$temp = array();
foreach ($tagArray[1] as $rejected) {
$temp['AND'][] = array('Event.id !=' => $rejected);
}
$filters[] = $temp;
if ($useCache) {
$this->assetCache['tagFilters'] = $filters;
}
@ -6907,11 +6900,9 @@ class Event extends AppModel
if (isset($filters['tag']) and !isset($filters['tags'])) {
$filters['tags'] = $filters['tag'];
}
$subqueryElements = $this->harvestSubqueryElements($filters);
$filters = $this->addFiltersFromSubqueryElements($filters, $subqueryElements);
$filters = $this->addFiltersFromUserSettings($user, $filters);
if (empty($exportTool->mock_query_only)) {
$filters['include_attribute_count'] = 1;
$eventid = $this->filterEventIds($user, $filters, $elementCounter);
@ -6950,6 +6941,7 @@ class Event extends AppModel
$filters['eventid'] = $chunk;
if (!empty($filters['tags']['NOT'])) {
$filters['blockedAttributeTags'] = $filters['tags']['NOT'];
unset($filters['tags']['NOT']);
}
$result = $this->fetchEvent(
$user,

33
app/Model/Server.php
View File

@ -5322,18 +5322,19 @@ class Server extends AppModel
public function workerDiagnostics(&$workerIssueCount)
{
$worker_array = array(
'cache' => array('ok' => false),
'default' => array('ok' => false),
'email' => array('ok' => false),
'prio' => array('ok' => false),
'update' => array('ok' => false),
'scheduler' => array('ok' => false)
);
try {
$this->ResqueStatus = new ResqueStatus\ResqueStatus(Resque::redis());
} catch (Exception $e) {
// redis connection failed
return array(
'cache' => array('ok' => false),
'default' => array('ok' => false),
'email' => array('ok' => false),
'prio' => array('ok' => false),
'update' => array('ok' => false),
'scheduler' => array('ok' => false)
);
return $worker_array;
}
$workers = $this->ResqueStatus->getWorkers();
if (function_exists('posix_getpwuid')) {
@ -5342,14 +5343,6 @@ class Server extends AppModel
} else {
$currentUser = trim(shell_exec('whoami'));
}
$worker_array = array(
'cache' => array('ok' => true),
'default' => array('ok' => true),
'email' => array('ok' => true),
'prio' => array('ok' => true),
'update' => array('ok' => true),
'scheduler' => array('ok' => true)
);
$procAccessible = file_exists('/proc');
foreach ($workers as $pid => $worker) {
$entry = ($worker['type'] == 'regular') ? $worker['queue'] : $worker['type'];
@ -5367,7 +5360,13 @@ class Server extends AppModel
$ok = false;
$workerIssueCount++;
}
$worker_array[$entry]['workers'][] = array('pid' => $pid, 'user' => $worker['user'], 'alive' => $alive, 'correct_user' => $correct_user, 'ok' => $ok);
$worker_array[$entry]['workers'][] = array(
'pid' => $pid,
'user' => $worker['user'],
'alive' => $alive,
'correct_user' => $correct_user,
'ok' => $ok
);
}
foreach ($worker_array as $k => $queue) {
if (isset($worker_array[$k]['workers'])) {

9
app/Test/ComplexTypeToolTest.php
View File

@ -438,6 +438,15 @@ EOT;
$this->assertEquals('md5', $results[0]['default_type']);
}
public function testCheckFreeTextMd5Uppercase(): void
{
$complexTypeTool = new ComplexTypeTool();
$results = $complexTypeTool->checkFreeText('9E107D9D372BB6826BD81D3542A419D6');
$this->assertCount(1, $results);
$this->assertEquals('9E107D9D372BB6826BD81D3542A419D6', $results[0]['value']);
$this->assertEquals('md5', $results[0]['default_type']);
}
public function testCheckFreeTextSha1(): void
{
$complexTypeTool = new ComplexTypeTool();

19
app/files/community-metadata/defaults.json
View File

@ -92,7 +92,7 @@
"pgp_key": "\r\n\r\n-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nmQGNBF55bdcBDAC6+Fcey+0GcUw4iP4j15+/FylnvGa4wl8MRkYR5XryJn+n/O4s\r\nZbNCKpxwUA7lb2prn37lWMX7LswjvoxfmCTKi78UY1YH7Fqg3JG2PsV9Lw7uYnzC\r\nAImyAflzDpewo+eCF1aknvcbcbGkYFwdQ/37UfG/BkwCDQQGrBZ5EtL6CYXXNX/P\r\nX+4vYv23AVuchHvxeyW2dPLL3A6t3Mx8pZQBdN1cGZ1QAtE9IN0Yn2y+rMsNpDG4\r\ncOQ6bRqmue2I8JEB4AsQcufcqx69imBvBERsIZEyGZekLjmiuqDKI9Gti2VKZe/t\r\nxdl++gjplq6OAkdzXDGsMNtwxSk21IBrugAXK6K+4RPiMrPpBh81VGzBe2PRKUwT\r\nAZi06KZdaZudehvzIMLsNP5Aeep4+GXxoZ7Yrka/08SIv7SN5XY4o6xkli658Z+l\r\n8WAj2JiI684D/TK5MlvcBDQk1yKdDI2iC4eTFLkJ2PiDToUDT+vACrcnevstU+c8\r\nrNPFbvbB1DUIIo8AEQEAAbQ5Q29nbml0aXZlIFNlY3VyaXR5IENvbGxhYm9yYXRp\r\ndmUgPG1pc3BAY29nc2VjLWNvbGxhYi5vcmc+iQHUBBMBCAA+FiEEm65FjZ6Jbfp9\r\nCN50hA2Itf18R2cFAl55bdcCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC\r\nF4AACgkQhA2Itf18R2e/ewv7BuCpmNIR0YOJld8RqrS4g5MV6eKJUuTRYUOxDyw9\r\nvgdpdvM1FgHPZ7pJcsijKQ+S+dL7ADmEbsCLWe1UhcwbnVRxJ0T+1yxRf6ONQA0/\r\ntRLmrcF4j6JCkl01irWRnYxMI1w1ABOQj4/J7BcTCzbYUdnxSuWhcZBqcsYIHf8J\r\nHnfbVd7OIML/80IRZbRXn1ST6OeXK9RpzqO7bnfPGnd506dt8sfHCWRidUSv2max\r\nrsi9xSyXeSKSNPQFVBgYnMVwBVUGIaWTnt7Ly4I8Bs5P9NWUpLYrRgYLMbDzLWaD\r\nxX7qNQjAKkNCx9k7qQN0Ck9YqeUIuJQPq2doGuLKnqjJBXizsXbAFqcKitQz7WV2\r\nPUsN/QUguVyZbhy7oJELlWDiDWxS6EwpU+q0SODHjCFKoUXvWFkk9bz1K4/kLDFO\r\nOdTABp7i65nJst5b3pVXimoTKqW7JRyCUWz3aaaqjWSTPKP2GmQbxOwM86rgmnGX\r\nqq8Ces6LQw6zGw08ubDDotEKuQGNBF55bdcBDACbmsVMV7azLYys6iMXTLVERasT\r\nUnw8FpKADA2uDgQme5o3CjeFtBBkgBNe8zdOEEslggETVmntp4n6woQzOknDHNx/\r\nVMliUaGuIYgmC8hTDTF269fdRTpKMrcwu2aBEUpHpG7Xvz91HIr213FTwU0LLq0g\r\n+DefSlwdcMPJiCUqshLw8q/D3qVg/VYVen5li55RQBBFLgYYNgag3WnSejE41uqz\r\nvt40FZ4C88Pj0I3f+PRtfHHeXTZehUjs3+W4jn1fLWNmbIScmIhwp/Vqh8R7JHf2\r\n69UGgWr4cOaLGh6C2Io+TVJ+Sq7TMt47qB6eO53Vr2nyizXTxjrmAWqjw3OLc8QX\r\nWsjbpTMqUaPisnCpog/3SqnE4Fe2rQYkroQao6dRL3FrmgvnyhLgjUtjk6fAfx1+\r\nH6fQFH/JJGCNefG9AWo41Er3oHGoV0yqlI697uk0QGdx/848hc0gXLrus82bw+BI\r\nx36ycevxkpmfvzC8lew/vLEB7t/jqXH2H9Qqtm0AEQEAAYkBvAQYAQgAJhYhBJuu\r\nRY2eiW36fQjedIQNiLX9fEdnBQJeeW3XAhsMBQkJZgGAAAoJEIQNiLX9fEdnmYsM\r\nAJzX6MCYoGPED1VXMoPXVS9s7V7hv+0Q4SKcoUxqROwA0wb3NwvdnzO/WAQlzIIj\r\ny1Sk9VX8qZkATN7+nti8jfhKnlMVqAXFFg9fMsq68WlTzHiyGm06DnM2DXBvdLRT\r\nwbcm5H4Ly1/bCFww6Spbxo3zScrSCeRrIHHGOHEzr/vhcZavRDpFmdpTCD6ID7oG\r\nw5jR6GdSCpvBT6Lq7M2xe6cVw/A9z5tE3cIf75uikKfch8HFVV2l1B9XLJVpvhqv\r\nYf+kUa7l7VP893yyTyf9G6SSaS77VKlHxn+OQ9AX+wdgSpD5SgVkvRFXejXw8oIZ\r\nBeTNYTvYYgV75ApnvT+hyeirGDCRRiTiuva0ijd71PzTRk+5Ad80rav1Jy864dUt\r\nDcSklY5T+wjJf7kb/3nIE5vqO/3YkJxdDTvZM23T+IZsCvamQ5pyyp+bP3HTAZkr\r\no6oiGFXbv5OF6/wkUG6vQ5w1RCUQVLfrM6Dh675dx/sdI+p0JMt6BlvlRUJSofu0\r\nWw==\r\n=4aXp\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n",
"misp_project_vetted": true,
"scope_of_data_to_be_shared": "Information Operation Threat Intelligence including disinformation, indicators, threat intelligence information, reports, contextual threat actor information or financial fraud information."
},
},
{
"name": "COVID-19 MISP community",
"uuid": "5e59659e-8e24-4e5d-b3fa-2ba744b7dd05",
@ -108,5 +108,22 @@
"misp_project_vetted": true,
"scope_of_data_to_be_shared": "Anything around COVID-19 that might help the community.",
"self_registration": true
},
{
"name": "PISAX - pan-European Information Sharing and Analysis Center (ISAC) to IXPs and GRXs",
"logo": "https://www.pisax.org/assets/img/pisax.jpg",
"uuid": "1c8793f0-5f91-4213-84b1-a038692a3e5c",
"org_uuid": "5ebd3e6c-b97c-4e3b-868a-4ebc02de0b81",
"org_name": "PISAX.org",
"description": "The Actions overall objective is to create a common pan-European Information Sharing and Analysis Center (ISAC) to support Internet Exchange Points (IXPs) and General Packet Radio Service Roaming eXchange (GRXs) at the national, European and international level.",
"url": "https://misp.pisax.org/",
"sector": "IXPs/GRXs",
"nationality": "International",
"type": "Vetted Information Sharing Community",
"email": "undefined",
"pgp_key": "undefined",
"misp_project_vetted": true,
"scope_of_data_to_be_shared": "Any relevant security information for IXPs and GRXs",
"self_registration": true
}
]