MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' into feature/authentication 

Conflicts:
	app/Config/bootstrap.default.php
	app/Model/Server.php
	app/webroot/js/ajaxification.js
pull/1050/head
Iglocska 2016-03-27 12:15:51 +02:00
parent 17555065b9 45019525ca
commit 8599933062
35 changed files with 1145 additions and 424 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":4, "hotfix":27}
{"major":2, "minor":4, "hotfix":28}

10
app/Config/bootstrap.default.php
View File

@ -85,19 +85,21 @@
Cache::config('default', array('engine' => 'File'));
Configure::load('config');
$appendPort = true;
if (!Configure::read('MISP.baseurl')) {
if (isset($_SERVER['SERVER_NAME'])) $serverName = $_SERVER['SERVER_NAME'];
else if (isset($_SERVER['HTTP_HOST'])) $serverName = $_SERVER['HTTP_HOST'];
else $serverName = $_SERVER['SERVER_ADDR'];
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) {
if ($_SERVER['SERVER_PORT'] == 443) {
Configure::write('MISP.baseurl', sprintf('https://%s', $serverName));
if ($_SERVER['SERVER_PORT'] == 443 || !$appendPort) {
Configure::write('MISP.baseurl', sprintf('https://%s', $_SERVER['SERVER_ADDR']));
} else {
Configure::write('MISP.baseurl', sprintf('https://%s:%d', $serverName, $_SERVER['SERVER_PORT']));
}
} else {
if ($_SERVER['SERVER_PORT'] == 80) {
Configure::write('MISP.baseurl', sprintf('http://%s', $serverName));
if ($_SERVER['SERVER_PORT'] == 80 || !$appendPort) {
Configure::write('MISP.baseurl', sprintf('http://%s', $_SERVER['SERVER_ADDR']));
} else {
Configure::write('MISP.baseurl', sprintf('http://%s:%d', $serverName, $_SERVER['SERVER_PORT']));
}

62
app/Controller/AttributesController.php
View File

@ -2256,4 +2256,66 @@ class AttributesController extends AppController {
$this->Session->setFlash('Updated ' . $counter . ' attribute(s).');
$this->redirect('/pages/display/administration');
}
public function hoverEnrichment($id) {
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), array('conditions' => array('Attribute.id' => $id)));
if (empty($attribute)) throw new NotFoundException('Invalid Attribute');
$this->loadModel('Server');
$modules = $this->Server->getEnabledModules();
$validTypes = array();
if (isset($modules['hover_type'][$attribute[0]['Attribute']['type']])) {
$validTypes = $modules['hover_type'][$attribute[0]['Attribute']['type']];
}
$url = Configure::read('Plugin.Enrichment_services_url') ? Configure::read('Plugin.Enrichment_services_url') : $this->Server->serverSettings['Plugin']['Enrichment_services_url']['value'];
$port = Configure::read('Plugin.Enrichment_services_port') ? Configure::read('Plugin.Enrichment_services_port') : $this->Server->serverSettings['Plugin']['Enrichment_services_port']['value'];
App::uses('HttpSocket', 'Network/Http');
$httpSocket = new HttpSocket();
$resultArray = array();
foreach ($validTypes as &$type) {
$options = array();
$found = false;
foreach ($modules['modules'] as &$temp) {
if ($temp['name'] == $type) {
$found = true;
if (isset($temp['meta']['config'])) {
foreach ($temp['meta']['config'] as $conf) $options[$conf] = Configure::read('Plugin.Enrichment_' . $type . '_' . $conf);
}
}
}
if (!$found) throw new MethodNotAllowedException('No valid enrichment options found for this attribute.');
$data = array('module' => $type, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value']);
if (!empty($options)) $data['config'] = $options;
$data = json_encode($data);
try {
$response = $httpSocket->post($url . ':' . $port . '/query', $data);
$result = json_decode($response->body, true);
} catch (Exception $e) {
$resultArray[] = array($type => 'Enrichment service not reachable.');
continue;
}
if (!is_array($result)) {
$resultArray[] = array($type => $result);
continue;
}
if (!empty($result['results'])) {
foreach ($result['results'] as &$r) {
foreach ($r['values'] as $v) $resultArray[] = array($type => $v);
}
}
}
$this->set('results', $resultArray);
$this->layout = 'ajax';
$this->render('ajax/hover_enrichment');
}
public function describeTypes() {
$result = array();
$result['types'] = array_keys($this->Attribute->typeDefinitions);
$result['categories'] = array_keys($this->Attribute->categoryDefinitions);
foreach ($this->Attribute->categoryDefinitions as $cat => $data) {
$result['category_type_mappings'][$cat] = $data['types'];
}
$this->set('result', $result);
$this->set('_serialize', array('result'));
}
}

157
app/Controller/Component/BlackListComponent.php Normal file
View File

@ -0,0 +1,157 @@
<?php
/**
* create, read, update and delete (CRUD)
*/
class BlackListComponent extends Component {
public $settings = array();
public $defaultModel = '';
public function index($rest = false) {
if ($this->controller->response->type() === 'application/json' || $this->controller->response->type() == 'application/xml' || $rest) {
$blackList = $this->controller->paginate();
$blacklist= array();
foreach ($blackList as $item) {
$blacklist[] = $item[$this->controller->defaultModel];
}
$this->controller->set($this->controller->defaultModel, $blacklist);
$this->controller->set('_serialize', $this->controller->defaultModel);
} else {
$this->controller->set('response', $this->controller->paginate());
}
}
public function add($rest = false) {
if ($this->controller->request->is('post')) {
if ($rest) {
if ($this->controller->response->type() === 'application/json') {
$isJson = true;
$data = $this->controller->request->input('json_decode', true);
} else {
$data = $this->controller->request->data;
}
if (isset($data['request'])) $data = $data['request'];
} else {
$data = $this->controller->request->data;
}
if (is_array($data[$this->controller->defaultModel]['uuids'])) $uuids = $data[$this->controller->defaultModel]['uuids'];
else $uuids = explode(PHP_EOL, $data[$this->controller->defaultModel]['uuids']);
$successes = array();
$fails = array();
foreach ($uuids as $uuid) {
$uuid = trim($uuid);
if (strlen($uuid) == 36) {
$this->controller->{$this->controller->defaultModel}->create();
$object = array();
foreach ($this->controller->{$this->controller->defaultModel}->blacklistFields as $f) {
if (strpos($f, '_uuid')) $object[$f] = $uuid;
else $object[$f] = !empty($data[$this->controller->defaultModel][$f]) ? $data[$this->controller->defaultModel][$f] : '';
}
if ($this->controller->{$this->controller->defaultModel}->save($object)) {
$successes[] = $uuid;
} else {
$fails[] = $uuid;
}
} else {
$fails[] = $uuid;
}
}
$message = 'Done. Added ' . count($successes) . ' new entries to the blacklist. ' . count($fails) . ' entries could not be saved.';
if ($rest) {
$this->set('result', array('successes' => $successes, 'fails' => $fails));
$this->set('message', $message);
$this->set('_serialize', array('message', 'result'));
} else {
$this->controller->Session->setFlash(__($message));
$this->controller->redirect(array('action' => 'index'));
}
}
}
public function edit($rest = false, $id) {
if (strlen($id) == 36) {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('uuid' => $id)));
} else {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('id' => $id)));
}
if (empty($blockEntry)) throw new NotFoundException('Blacklist item not found.');
$this->controller->set('blockEntry', $blockEntry);
if ($this->controller->request->is('post')) {
if ($rest) {
if ($this->response->type() === 'application/json') {
$isJson = true;
$data = $this->controller->request->input('json_decode', true);
} else {
$data = $this->controller->request->data;
}
if (isset($data['request'])) $data = $data['request'];
} else {
$data = $this->controller->request->data;
}
$fields = $this->controller->{$this->controller->defaultModel}->blacklistFields;
foreach ($fields as $f) {
if ($f == 'uuid') continue;
if (isset($data[$this->controller->defaultModel][$f])) $blockEntry[$this->controller->defaultModel][$f] = $data[$this->controller->defaultModel][$f];
}
if ($this->controller->{$this->controller->defaultModel}->save($blockEntry)) {
if ($rest) {
$this->controller->set('message', array('Blacklist item added.'));
$this->controller->set('_serialize', array('message'));
} else {
$this->controller->Session->setFlash(__('Blacklist item added.'));
$this->controller->redirect(array('action' => 'index'));
}
} else {
if ($rest) {
throw new MethodNotAllowedException('Could not save the blacklist item.');
} else {
$this->controller->Session->setFlash('Could not save the blacklist item');
$this->controller->redirect(array('action' => 'index'));
}
}
}
}
public function delete($rest = false, $id) {
if (strlen($id) == 36) {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array(
'fields' => array('id'),
'conditions' => array('event_uuid' => $id),
));
$id = $blockEntry[$this->controller->defaultModel]['id'];
}
if (!$this->controller->request->is('post') && !$rest) {
throw new MethodNotAllowedException();
}
$this->controller->{$this->controller->defaultModel}->id = $id;
if (!$this->controller->{$this->controller->defaultModel}->exists()) {
throw new NotFoundException(__('Invalid blacklist entry'));
}
if ($this->controller->{$this->controller->defaultModel}->delete()) {
$this->controller->Session->setFlash(__('Blacklist entry removed'));
} else {
$this->controller->Session->setFlash(__('Could not remove the blacklist entry'));
}
$this->controller->redirect(array('action' => 'index'));
}
public $controller;
public function initialize(Controller $controller) {
$this->controller = $controller;
}
public function startup(Controller $controller) {
$this->controller = $controller;
}
public function __construct(ComponentCollection $collection, $settings = array()) {
$this->settings = Set::merge($this->settings, $settings);
parent::__construct($collection, $this->settings);
}
}

128
app/Controller/EventBlacklistsController.php
View File

@ -2,7 +2,7 @@
App::uses('AppController', 'Controller');
class EventBlacklistsController extends AppController {
public $components = array('Session', 'RequestHandler');
public $components = array('Session', 'RequestHandler', 'BlackList');
public function beforeFilter() {
parent::beforeFilter();
@ -22,136 +22,18 @@ class EventBlacklistsController extends AppController {
);
public function index() {
if ($this->response->type() === 'application/json' || $this->response->type() == 'application/xml' || $this->_isRest()) {
$blackList = $this->paginate();
$eventBlacklist= array();
foreach ($blackList as $item) {
$eventBlacklist[] = $item['EventBlacklist'];
}
$this->set('EventBlacklist', $eventBlacklist);
$this->set('_serialize', 'EventBlacklist');
} else {
$this->set('response', $this->paginate());
}
$this->BlackList->index($this->_isRest());
}
public function add() {
if ($this->request->is('post')) {
if ($this->_isRest()) {
if ($this->response->type() === 'application/json') {
$isJson = true;
$data = $this->request->input('json_decode', true);
} else {
$data = $this->request->data;
}
if (isset($data['request'])) $data = $data['request'];
} else {
$data = $this->request->data;
}
if (is_array($data['EventBlacklist']['uuids'])) $uuids = $data['EventBlacklist']['uuids'];
else $uuids = explode(PHP_EOL, $data['EventBlacklist']['uuids']);
$successes = array();
$fails = array();
foreach ($uuids as $uuid) {
$uuid = trim($uuid);
if (strlen($uuid) == 36) {
$this->EventBlacklist->create();
if ($this->EventBlacklist->save(
array(
'event_uuid' => $uuid,
'comment' => !empty($data['EventBlacklist']['comment']) ? $data['EventBlacklist']['comment'] : '',
'event_info' => !empty($data['EventBlacklist']['info']) ? $data['EventBlacklist']['info'] : '',
'event_orgc' => !empty($data['EventBlacklist']['orgc']) ? $data['EventBlacklist']['orgc'] : '',
)
)
) {
$successes[] = $uuid;
} else {
$fails[] = $uuid;
}
} else {
$fails[] = $uuid;
}
}
$message = 'Done. Added ' . count($successes) . ' new entries to the blacklist. ' . count($fails) . ' entries could not be saved.';
if ($this->_isRest()) {
$this->set('result', array('successes' => $successes, 'fails' => $fails));
$this->set('message', $message);
$this->set('_serialize', array('message', 'result'));
} else {
$this->Session->setFlash(__($message));
$this->redirect(array('action' => 'index'));
}
}
$this->BlackList->add($this->_isRest());
}
public function edit($id) {
if (strlen($id) == 36) {
$eb = $this->EventBlacklist->find('first', array('conditions' => array('uuid' => $id)));
} else {
$eb = $this->EventBlacklist->find('first', array('conditions' => array('id' => $id)));
}
if (empty($eb)) throw new NotFoundException('Blacklist item not found.');
$this->set('eb', $eb);
if ($this->request->is('post')) {
if ($this->_isRest()) {
if ($this->response->type() === 'application/json') {
$isJson = true;
$data = $this->request->input('json_decode', true);
} else {
$data = $this->request->data;
}
if (isset($data['request'])) $data = $data['request'];
} else {
$data = $this->request->data;
}
$fields = array('comment', 'event_info', 'event_orgc');
foreach ($fields as $f) {
if (isset($data['EventBlacklist'][$f])) $eb['EventBlacklist'][$f] = $data['EventBlacklist'][$f];
}
if ($this->EventBlacklist->save($eb)) {
if ($this->_isRest()) {
$this->set('message', array('Blacklist item added.'));
$this->set('_serialize', array('message'));
} else {
$this->Session->setFlash(__('Blacklist item added.'));
$this->redirect(array('action' => 'index'));
}
} else {
if ($this->_isRest()) {
throw new MethodNotAllowedException('Could not save the blacklist item.');
} else {
$this->Session->setFlash('Could not save the blacklist item');
$this->redirect(array('action' => 'index'));
}
}
}
$this->BlackList->edit($this->_isRest(), $id);
}
public function delete($id) {
if (strlen($id) == 36) {
$eb = $this->EventBlacklist->find('first', array(
'fields' => array('id'),
'conditions' => array('event_uuid' => $id),
));
$id = $eb['EventBlacklist']['id'];
}
if (!$this->request->is('post') && !$this->_isRest()) {
throw new MethodNotAllowedException();
}
$this->EventBlacklist->id = $id;
if (!$this->EventBlacklist->exists()) {
throw new NotFoundException(__('Invalid blacklist entry'));
}
if ($this->EventBlacklist->delete()) {
$this->Session->setFlash(__('Blacklist entry removed'));
} else {
$this->Session->setFlash(__('Could not remove the blacklist entry'));
}
$this->redirect(array('action' => 'index'));
$this->BlackList->delete($this->_isRest(), $id);
}
}

203
app/Controller/EventsController.php
View File

@ -635,6 +635,11 @@ class EventsController extends AppController {
$this->set($variable, $currentModel->{$variable});
}
}
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Server');
$modules = $this->Server->getEnabledModules();
$this->set('modules', $modules);
}
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
$this->disableCache();
$this->layout = 'ajax';
@ -707,6 +712,12 @@ class EventsController extends AppController {
if (!$this->_isSiteAdmin() && $this->userRole['perm_publish']) $delegationConditions['OR'] = array('EventDelegation.org_id' => $this->Auth->user('org_id'), 'EventDelegation.requester_org_id' => $this->Auth->user('org_id'));
$this->set('delegationRequest', $this->EventDelegation->find('first', array('conditions' => $delegationConditions, 'recursive' => -1, 'contain' => array('Org', 'RequesterOrg'))));
}
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Server');
$modules = $this->Server->getEnabledModules();
$this->set('modules', $modules);
}
$this->set('contributors', $contributors);
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
}
@ -944,8 +955,8 @@ class EventsController extends AppController {
$this->set('_serialize', array('name', 'message', 'url', 'errors'));
return false;
} else {
$this->Session->setFlash(__('The event could not be saved. Please, try again.'), 'default', array(), 'error');
// TODO return error if REST
if ($add === 'blocked') $this->Session->setFlash('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance' . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
else $this->Session->setFlash(__('The event could not be saved. Please, try again.'), 'default', array(), 'error');
}
}
}
@ -2186,13 +2197,16 @@ class EventsController extends AppController {
$idList[] = $attribute['Attribute']['event_id'];
}
}
// display the full xml
$this->response->type('xml'); // set the content type
$this->layout = 'xml/default';
$this->header('Content-Disposition: download; filename="misp.search.results.xml"');
if ($this->response->type() === 'application/json') {
} else {
// display the full xml
$this->response->type('xml'); // set the content type
$this->layout = 'xml/default';
$this->header('Content-Disposition: download; filename="misp.search.results.xml"');
}
$results = $this->__fetchEvent(null, $idList);
$this->set('results', $results);
$this->render('xml');
}
@ -2706,39 +2720,13 @@ class EventsController extends AppController {
$typeCategoryMapping[$type][$k] = $k;
}
}
$defaultCategories = array(
'md5' => 'Payload delivery',
'sha1' => 'Payload delivery',
'sha224' =>'Payload delivery',
'sha256' => 'Payload delivery',
'sha384' => 'Payload delivery',
'sha512' => 'Payload delivery',
'sha512/224' => 'Payload delivery',
'sha512/256' => 'Payload delivery',
'authentihash' => 'Payload delivery',
'imphash' => 'Payload delivery',
'pehash' => 'Payload delivery',
'filename|md5' => 'Payload delivery',
'filename|sha1' => 'Payload delivery',
'filename|sha256' => 'Payload delivery',
'regkey' => 'Persistence mechanism',
'filename' => 'Payload delivery',
'ip-src' => 'Network activity',
'ip-dst' => 'Network activity',
'hostname' => 'Network activity',
'domain' => 'Network activity',
'url' => 'Network activity',
'link' => 'External analysis',
'email-src' => 'Payload delivery',
'email-dst' => 'Payload delivery',
'text' => 'Other',
);
$this->set('event', $event);
$this->set('typeList', array_keys($this->Event->Attribute->typeDefinitions));
$this->set('defaultCategories', $defaultCategories);
$this->set('defaultCategories', $this->Event->Attribute->defaultCategories);
$this->set('typeCategoryMapping', $typeCategoryMapping);
$this->set('resultArray', $resultArray);
$this->render('free_text_results');
$this->set('title', 'Freetext Import Results');
$this->render('resolved_attributes');
}
}
@ -2758,28 +2746,46 @@ class EventsController extends AppController {
$saved = 0;
$failed = 0;
$attributes = json_decode($this->request->data['Attribute']['JsonObject'], true);
foreach ($attributes as $k => $attribute) {
if ($attribute['type'] == 'ip-src/ip-dst') {
$types = array('ip-src', 'ip-dst');
} else {
$types = array($attribute['type']);
}
foreach ($types as $type) {
$this->Event->$objectType->create();
$attribute['type'] = $type;
$attribute['distribution'] = 5;
if (empty($attribute['comment'])) $attribute['comment'] = 'Imported via the freetext import.';
$attribute['event_id'] = $id;
if ($objectType == 'ShadowAttribute') {
$attribute['org_id'] = $this->Auth->user('org_id');
$attribute['event_org_id'] = $event['Event']['orgc_id'];
$attribute['email'] = $this->Auth->user('email');
$attribute['event_uuid'] = $event['Event']['uuid'];
}
if ($this->Event->$objectType->save($attribute)) {
$saved++;
$attributeSources = array('attributes', 'ontheflyattributes');
$ontheflyattributes = array();
foreach ($attributeSources as $source) {
foreach (${$source} as $k => $attribute) {
if ($attribute['type'] == 'ip-src/ip-dst') {
$types = array('ip-src', 'ip-dst');
} else if ($attribute['type'] == 'malware-sample') {
$result = $this->Event->Attribute->handleMaliciousBase64($id, $attribute['value'], $attribute['data'], array('md5', 'sha1', 'sha256'), $objectType == 'ShadowAttribute' ? true : false);
$shortValue = $attribute['value'];
$attribute['value'] = $shortValue . '|' . $result['md5'];
$attribute['data'] = $result['data'];
$additionalHashes = array('sha1', 'sha256');
foreach ($additionalHashes as $hash) {
$temp = $attribute;
$temp['type'] = 'filename|' . $hash;
$temp['value'] = $shortValue . '|' . $result[$hash];
unset($temp['data']);
$ontheflyattributes[] = $temp;
}
$types = array($attribute['type']);
} else {
$failed++;
$types = array($attribute['type']);
}
foreach ($types as $type) {
$this->Event->$objectType->create();
$attribute['type'] = $type;
$attribute['distribution'] = 5;
if (empty($attribute['comment'])) $attribute['comment'] = 'Imported via the freetext import.';
$attribute['event_id'] = $id;
if ($objectType == 'ShadowAttribute') {
$attribute['org_id'] = $this->Auth->user('org_id');
$attribute['event_org_id'] = $event['Event']['orgc_id'];
$attribute['email'] = $this->Auth->user('email');
$attribute['event_uuid'] = $event['Event']['uuid'];
}
if ($this->Event->$objectType->save($attribute)) {
$saved++;
} else {
$failed++;
}
}
}
}
@ -3410,4 +3416,85 @@ class EventsController extends AppController {
$this->set('tags', $tagNames);
$this->render('index');
}
// expects an attribute ID and the module to be used
public function queryEnrichment($attribute_id, $module = false) {
if (!Configure::read('Plugin.Enrichment_services_enable')) throw new MethodNotAllowedException('Enrichment services are not enabled.');
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), array('conditions' => array('Attribute.id' => $attribute_id)));
if (empty($attribute)) throw new MethodNotAllowedException('Attribute not found or you are not authorised to see it.');
if ($this->request->is('ajax')) {
$this->loadModel('Server');
$modules = $this->Server->getEnabledModules();
if (!is_array($modules) || empty($modules)) throw new MethodNotAllowedException('No valid enrichment options found for this attribute.');
$temp = array();
foreach ($modules['modules'] as &$module) {
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
$temp[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
}
}
$modules = &$temp;
foreach (array('attribute_id', 'modules') as $viewVar) $this->set($viewVar, $$viewVar);
$this->render('ajax/enrichmentChoice');
} else {
$this->loadModel('Server');
$modules = $this->Server->getEnabledModules();
if (!is_array($modules) || empty($modules)) throw new MethodNotAllowedException('No valid enrichment options found for this attribute.');
$options = array();
$found = false;
foreach ($modules['modules'] as &$temp) {
if ($temp['name'] == $module) {
$found = true;
if (isset($temp['meta']['config'])) {
foreach ($temp['meta']['config'] as $conf) $options[$conf] = Configure::read('Plugin.Enrichment_' . $module . '_' . $conf);
}
}
}
if (!$found) throw new MethodNotAllowedException('No valid enrichment options found for this attribute.');
$url = Configure::read('Plugin.Enrichment_services_url') ? Configure::read('Plugin.Enrichment_services_url') : $this->Server->serverSettings['Plugin']['Enrichment_services_url']['value'];
$port = Configure::read('Plugin.Enrichment_services_port') ? Configure::read('Plugin.Enrichment_services_port') : $this->Server->serverSettings['Plugin']['Enrichment_services_port']['value'];
App::uses('HttpSocket', 'Network/Http');
$httpSocket = new HttpSocket();
$data = array('module' => $module, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value']);
if (!empty($options)) $data['config'] = $options;
$data = json_encode($data);
try {
$response = $httpSocket->post($url . ':' . $port . '/query', $data);
$result = json_decode($response->body, true);
} catch (Exception $e) {
return 'Enrichment service not reachable.';
}
if (!is_array($result)) throw new Exception($result);
$resultArray = array();
if (isset($result['results']) && !empty($result['results'])) {
foreach ($result['results'] as $result) {
if (!is_array($result['values'])) $result['values'] = array($result['values']);
foreach ($result['values'] as $value) {
$temp = array(
'event_id' => $attribute[0]['Attribute']['event_id'],
'types' => $result['types'],
'default_type' => $result['types'][0],
'comment' => isset($result['comment']) ? $result['comment'] : false,
'to_ids' => isset($result['to_ids']) ? $result['to_ids'] : false,
'value' => $value
);
if (isset($result['data'])) $temp['data'] = $result['data'];
$resultArray[] = $temp;
}
}
}
$typeCategoryMapping = array();
foreach ($this->Event->Attribute->categoryDefinitions as $k => $cat) {
foreach ($cat['types'] as $type) {
$typeCategoryMapping[$type][$k] = $k;
}
}
$this->set('event', array('Event' => $attribute[0]['Event']));
$this->set('resultArray', $resultArray);
$this->set('typeList', array_keys($this->Event->Attribute->typeDefinitions));
$this->set('defaultCategories', $this->Event->Attribute->defaultCategories);
$this->set('typeCategoryMapping', $typeCategoryMapping);
$this->set('title', 'Enrichment Results');
$this->render('resolved_attributes');
}
}
}

39
app/Controller/OrgBlacklistsController.php Normal file
View File

@ -0,0 +1,39 @@
<?php
App::uses('AppController', 'Controller');
class OrgBlacklistsController extends AppController {
public $components = array('Session', 'RequestHandler', 'BlackList');
public function beforeFilter() {
parent::beforeFilter();
if(!$this->_isSiteAdmin()) $this->redirect('/');
if (!Configure::read('MISP.enableOrgBlacklisting')) {
$this->Session->setFlash(__('Organisation Blacklisting is not currently enabled on this instance.'));
$this->redirect('/');
}
}
public $paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'OrgBlacklist.created' => 'DESC'
),
);
public function index() {
$this->BlackList->index($this->_isRest());
}
public function add() {
$this->BlackList->add($this->_isRest());
}
public function edit($id) {
$this->BlackList->edit($this->_isRest(), $id);
}
public function delete($id) {
$this->BlackList->delete($this->_isRest(), $id);
}
}

18
app/Controller/ServersController.php
View File

@ -325,7 +325,7 @@ class ServersController extends AppController {
if (isset($this->request->data['Server']['submitted_cert']) && $this->request->data['Server']['submitted_cert']['size'] != 0 && !$this->request->data['Server']['delete_cert']) {
$this->__saveCert($this->request->data, $this->Server->id);
} else {
$this->__saveCert($this->request->data, $this->Server->id, true);
if ($this->request->data['Server']['delete_cert']) $this->__saveCert($this->request->data, $this->Server->id, true);
}
$this->Session->setFlash(__('The server has been saved'));
$this->redirect(array('action' => 'index'));
@ -560,7 +560,8 @@ class ServersController extends AppController {
public function serverSettingsReloadSetting($setting, $id) {
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException();
$pathToSetting = explode('.', $setting);
$settingObject = $this->Server->serverSettings;
if (strpos($setting, 'Plugin.Enrichment') !== false) $settingObject = $this->Server->getCurrentServerSettings();
else $settingObject = $this->Server->serverSettings;
foreach ($pathToSetting as $key) {
if (!isset($settingObject[$key])) throw new MethodNotAllowedException();
$settingObject = $settingObject[$key];
@ -616,6 +617,7 @@ class ServersController extends AppController {
'overallHealth' => 3,
);
$dumpResults = array();
$tempArray = array();
foreach ($finalSettings as $k => $result) {
if ($result['level'] == 3) $issues['deprecated']++;
$tabs[$result['tab']]['count']++;
@ -626,8 +628,12 @@ class ServersController extends AppController {
if ($result['level'] < $tabs[$result['tab']]['severity']) $tabs[$result['tab']]['severity'] = $result['level'];
}
$dumpResults[] = $result;
if ($result['tab'] != $tab) unset($finalSettings[$k]);
if ($result['tab'] == $tab) {
if (isset($result['subGroup'])) $tempArray[$result['subGroup']][] = $result;
else $tempArray['general'][] = $result;
}
}
$finalSettings = &$tempArray;
// Diagnostics portion
$diagnostic_errors = 0;
App::uses('File', 'Utility');
@ -773,9 +779,11 @@ class ServersController extends AppController {
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException();
if (!isset($setting) || !isset($id)) throw new MethodNotAllowedException();
$this->set('id', $id);
$relevantSettings = (array_intersect_key(Configure::read(), $this->Server->serverSettings));
if (strpos($setting, 'Plugin.Enrichment') !== false) $serverSettings = $this->Server->getCurrentServerSettings();
else $serverSettings = $this->Server->serverSettings;
$relevantSettings = (array_intersect_key(Configure::read(), $serverSettings));
$found = null;
foreach ($this->Server->serverSettings as $k => $s) {
foreach ($serverSettings as $k => $s) {
if (isset($s['branch'])) {
foreach ($s as $ek => $es) {
if ($ek != 'branch') {

25
app/Controller/SharingGroupsController.php
View File

@ -17,7 +17,21 @@ class SharingGroupsController extends AppController {
'order' => array(
'SharingGroup.name' => 'ASC'
),
'contain' => array('SharingGroupOrg' => array('Organisation'), 'Organisation', 'SharingGroupServer' => array('Server')),
'fields' => array('SharingGroup.id', 'SharingGroup.name', 'SharingGroup.description', 'SharingGroup.releasability', 'SharingGroup.local', 'SharingGroup.active'),
'contain' => array(
'SharingGroupOrg' => array(
'Organisation' => array('fields' => array('Organisation.name', 'Organisation.id', 'Organisation.uuid'))
),
'Organisation' => array(
'fields' => array('Organisation.id', 'Organisation.name', 'Organisation.uuid'),
),
'SharingGroupServer' => array(
'fields' => array('SharingGroupServer.all_orgs'),
'Server' => array(
'fields' => array('Server.name', 'Server.id')
)
)
),
);
public function add() {
@ -158,7 +172,7 @@ class SharingGroupsController extends AppController {
foreach ($result as $k => $sg) {
//$result[$k]['access'] = $this->SharingGroup->checkAccess($this->Auth->user(), $sg['SharingGroup']['id']);
//debug($this->)
if ($sg['SharingGroup']['organisation_uuid'] == $this->Auth->user('Organisation')['uuid'] && $this->userRole['perm_sharing_group']) {
if ($sg['Organisation']['uuid'] == $this->Auth->user('Organisation')['uuid'] && $this->userRole['perm_sharing_group']) {
$result[$k]['editable'] = true;
} else {
$result[$k]['editable'] = false;
@ -170,7 +184,12 @@ class SharingGroupsController extends AppController {
}
}
$this->set('passive', $passive);
$this->set('sharingGroups', $result);
if ($this->_isRest()) {
$this->set('response', $result);
$this->set('_serialize', array('response'));
} else {
$this->set('sharingGroups', $result);
}
}
public function view($id) {

3
app/Model/AppModel.php
View File

@ -122,6 +122,9 @@ class AppModel extends Model {
case 'addEventBlacklists':
$sql = 'CREATE TABLE IF NOT EXISTS `event_blacklists` ( `id` int(11) NOT NULL AUTO_INCREMENT, `event_uuid` varchar(40) COLLATE utf8_bin NOT NULL, `created` datetime NOT NULL, PRIMARY KEY (`id`), `event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin ;';
break;
case 'addOrgBlacklists':
$sql = 'CREATE TABLE IF NOT EXISTS `org_blacklists` ( `id` int(11) NOT NULL AUTO_INCREMENT, `org_uuid` varchar(40) COLLATE utf8_bin NOT NULL, `created` datetime NOT NULL, PRIMARY KEY (`id`), `org_name` varchar(255) COLLATE utf8_bin NOT NULL, `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin ;';
break;
case 'addEventBlacklistsContext':
$sql = 'ALTER TABLE `event_blacklists` ADD `event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL , ADD `event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, ADD `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL ;';
break;

30
app/Model/Attribute.php
View File

@ -249,6 +249,36 @@ class Attribute extends AppModel {
)
);
public $defaultCategories = array(
'md5' => 'Payload delivery',
'sha1' => 'Payload delivery',
'sha224' =>'Payload delivery',
'sha256' => 'Payload delivery',
'sha384' => 'Payload delivery',
'sha512' => 'Payload delivery',
'sha512/224' => 'Payload delivery',
'sha512/256' => 'Payload delivery',
'authentihash' => 'Payload delivery',
'imphash' => 'Payload delivery',
'pehash' => 'Payload delivery',
'filename|md5' => 'Payload delivery',
'filename|sha1' => 'Payload delivery',
'filename|sha256' => 'Payload delivery',
'regkey' => 'Persistence mechanism',
'filename' => 'Payload delivery',
'ip-src' => 'Network activity',
'ip-dst' => 'Network activity',
'hostname' => 'Network activity',
'domain' => 'Network activity',
'url' => 'Network activity',
'link' => 'External analysis',
'email-src' => 'Payload delivery',
'email-dst' => 'Payload delivery',
'text' => 'Other',
'attachment' => 'External analysis',
'malware-sample' => 'Payload delivery'
);
// typeGroupings are a mapping to high level groups for attributes
// for example, IP addresses, domain names, hostnames e-mail addresses are all network related attribute types
// whilst filenames and hashes are all file related attribute types

5
app/Model/Event.php
View File

@ -1830,6 +1830,11 @@ class Event extends AppModel {
}
if ($data['Event']['orgc_id'] != $user['org_id'] && !$user['Role']['perm_sync'] && !$user['Role']['perm_site_admin']) throw new MethodNotAllowedException('Event cannot be created as you are not a member of the creator organisation.');
}
if (Configure::read('MISP.enableOrgBlacklisting')) {
$this->OrgBlacklist = ClassRegistry::init('OrgBlacklist');
$orgc = $this->Orgc->find('first', array('conditions' => array('Orgc.id' => $data['Event']['orgc_id']), 'fields' => array('Orgc.uuid'), 'recursive' => -1));
if ($this->OrgBlacklist->hasAny(array('OrgBlacklist.org_uuid' => $orgc['Orgc']['uuid']))) return 'blocked';
}
if ($fromXml) {
// Workaround for different structure in XML/array than what CakePHP expects
$data = $this->cleanupEventArrayFromXML($data);

1
app/Model/EventBlacklist.php
View File

@ -6,6 +6,7 @@ class EventBlacklist extends AppModel{
public $actsAs = array(
'Containable',
);
public $blacklistFields = array('event_uuid', 'comment', 'event_info', 'event_orgc');
public $validate = array(
'event_uuid' => array(

27
app/Model/OrgBlacklist.php Normal file
View File

@ -0,0 +1,27 @@
<?php
App::uses('AppModel', 'Model');
class OrgBlacklist extends AppModel{
public $useTable = 'org_blacklists';
public $recursive = -1;
public $actsAs = array('Containable');
public $blacklistFields = array('org_uuid', 'comment', 'org_name');
public $validate = array(
'org_uuid' => array(
'unique' => array(
'rule' => 'isUnique',
'message' => 'Organisation already blacklisted.'
),
'uuid' => array(
'rule' => array('uuid'),
'message' => 'Please provide a valid UUID'
),
)
);
public function beforeValidate($options = array()) {
parent::beforeValidate();
if (empty($this->data['OrgBlacklist']['id'])) $this->data['OrgBlacklist']['date_created'] = date('Y-m-d H:i:s');
return true;
}
}

171
app/Model/Server.php
View File

@ -496,12 +496,20 @@ class Server extends AppModel {
),
'enableEventBlacklisting' => array(
'level' => 1,
'description' => 'Since version 1.3.107 you can start blacklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.',
'description' => 'Since version 2.3.107 you can start blacklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.',
'value' => false,
'type' => 'boolean',
'test' => 'testBool',
'beforeHook' => 'eventBlacklistingBeforeHook'
),
'enableOrgBlacklisting' => array(
'level' => 1,
'description' => 'Blacklisting organisation UUIDs to prevent the creation of any event created by the blacklisted organisation.',
'value' => false,
'type' => 'boolean',
'test' => 'testBool',
'beforeHook' => 'orgBlacklistingBeforeHook'
),
'log_client_ip' => array(
'level' => 1,
'description' => 'If enabled, all log entries will include the IP address of the user.',
@ -898,6 +906,22 @@ class Server extends AppModel {
'test' => 'testBool',
'type' => 'boolean'
),
'Enrichment_services_enable' => array(
'level' => 0,
'description' => 'Enable/disable the enrichment services',
'value' => false,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean'
),
'Enrichment_hover_enable' => array(
'level' => 0,
'description' => 'Enable/disable the hover over information retrieved from the enrichment modules',
'value' => false,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean'
),
'CustomAuth_custom_password_reset' => array(
'level' => 2,
'description' => 'Provide your custom authentication users with an external URL to the authentication system to reset their passwords.',
@ -915,6 +939,22 @@ class Server extends AppModel {
'test' => 'testForEmpty',
'type' => 'string',
'null' => true
),
'Enrichment_services_url' => array(
'level' => 1,
'description' => 'The url used to access the enrichment services. By default, it is accessible at http://127.0.0.1:6666',
'value' => 'http://127.0.0.1',
'errorMessage' => '',
'test' => 'testForEmpty',
'type' => 'string'
),
'Enrichment_services_port' => array(
'level' => 1,
'description' => 'The port used to access the enrichment services. By default, it is accessible at 127.0.0.1:6666',
'value' => '6666',
'errorMessage' => '',
'test' => 'testForPortNumber',
'type' => 'numeric'
)
),
'debug' => array(
@ -1558,10 +1598,69 @@ class Server extends AppModel {
}
}
public function serverSettingsRead($unsorted = false) {
private function __getEnrichmentSettings() {
$modules = $this->getEnrichmentModules();
$result = array();
if (!empty($modules['modules'])) {
foreach ($modules['modules'] as $module) {
$result[$module['name']][0] = array('name' => 'enabled', 'type' => 'boolean');
if (isset($module['meta']['config'])) foreach ($module['meta']['config'] as $conf) $result[$module['name']][] = array('name' => $conf, 'type' => 'string');
}
}
return $result;
}
public function getCurrentServerSettings() {
$serverSettings = $this->serverSettings;
$results = array();
$currentSettings = Configure::read();
if (Configure::read('Plugin.Enrichment_services_enable')) {
$results = $this->__getEnrichmentSettings();
foreach ($results as $module => $data) {
foreach ($data as $result) {
$setting = array('level' => 1, 'errorMessage' => '');
if ($result['type'] == 'boolean') {
$setting['test'] = 'testBool';
$setting['type'] = 'boolean';
$setting['description'] = 'Enable or disable the ' . $module . ' module.';
$setting['value'] = false;
} else {
$setting['test'] = 'testForEmpty';
$setting['type'] = 'string';
$setting['description'] = 'Set this required module specific setting.';
$setting['value'] = '';
}
$serverSettings['Plugin']['Enrichment_' . $module . '_' . $result['name']] = $setting;
}
}
}
return $serverSettings;
}
public function serverSettingsRead($unsorted = false) {
$serverSettings = $this->getCurrentServerSettings();
$results = array();
$currentSettings = Configure::read();
if (Configure::read('Plugin.Enrichment_services_enable')) {
$results = $this->__getEnrichmentSettings();
foreach ($results as $module => $data) {
foreach ($data as $result) {
$setting = array('level' => 1, 'errorMessage' => '');
if ($result['type'] == 'boolean') {
$setting['test'] = 'testBool';
$setting['type'] = 'boolean';
$setting['description'] = 'Enable or disable the ' . $module . ' module.';
$setting['value'] = false;
} else {
$setting['test'] = 'testForEmpty';
$setting['type'] = 'string';
$setting['description'] = 'Set this required module specific setting.';
$setting['value'] = '';
}
$serverSettings['Plugin']['Enrichment_' . $module . '_' . $result['name']] = $setting;
}
}
}
$finalSettingsUnsorted = array();
foreach ($serverSettings as $branchKey => &$branchValue) {
if (isset($branchValue['branch'])) {
@ -1571,6 +1670,10 @@ class Server extends AppModel {
if (isset($currentSettings[$branchKey][$leafKey])) $setting = $currentSettings[$branchKey][$leafKey];
$leafValue = $this->__evaluateLeaf($leafValue, $leafKey, $setting);
if ($leafKey != 'branch') {
if ($branchKey == 'Plugin') {
$pluginData = explode('_', $leafKey);
$leafValue['subGroup'] = $pluginData[0];
}
if (strpos($branchKey, 'Secur') === 0) $leafValue['tab'] = 'Security';
else $leafValue['tab'] = $branchKey;
$finalSettingsUnsorted[$branchKey . '.' . $leafKey] = $leafValue;
@ -1785,13 +1888,26 @@ class Server extends AppModel {
}
return true;
}
public function customAuthBeforeHook($setting, $value) {
if ($value) $this->updateDatabase('addCustomAuth');
$this->cleanCacheFiles();
return true;
}
public function orgBlacklistingBeforeHook($setting, $value) {
$this->cleanCacheFiles();
if ($value) {
try {
$this->OrgBlacklist = ClassRegistry::init('OrgBlacklist');
$schema = $this->OrgBlacklist->schema();
} catch (Exception $e) {
$this->updateDatabase('addOrgBlacklists');
}
}
return true;
}
// never come here directly, always go through a secondary check like testForTermsFile in order to also pass along the expected file path
private function __testForFile($value, $path) {
@ -2621,4 +2737,53 @@ class Server extends AppModel {
}
return $validServers;
}
public function getEnrichmentModules() {
if (!Configure::read('Plugin.Enrichment_services_enable')) return 'Enrichment service not enabled.';
$url = Configure::read('Plugin.Enrichment_services_url') ? Configure::read('Plugin.Enrichment_services_url') : $this->serverSettings['Plugin']['Enrichment_services_url']['value'];
$port = Configure::read('Plugin.Enrichment_services_port') ? Configure::read('Plugin.Enrichment_services_port') : $this->serverSettings['Plugin']['Enrichment_services_port']['value'];
App::uses('HttpSocket', 'Network/Http');
$httpSocket = new HttpSocket();
try {
$response = $httpSocket->get($url . ':' . $port . '/modules');
} catch (Exception $e) {
return 'Enrichment service not reachable.';
}
$modules = json_decode($response->body, true);
if (!empty($modules)) {
$result = array('modules' => $modules);
foreach ($modules as &$module) {
if ($module['type'] !== 'expansion') continue;
foreach ($module['mispattributes']['input'] as $attribute) {
$result['types'][$attribute][] = $module['name'];
}
}
return $result;
} else return 'The enrichment service reports that it found no enrichment modules.';
}
public function getEnabledModules() {
$modules = $this->getEnrichmentModules();
if (is_array($modules)) {
foreach ($modules['modules'] as $k => &$module) {
if (!Configure::read('Plugin.Enrichment_' . $module['name'] . '_enabled')) {
unset($modules['modules'][$k]);
}
}
}
if (!isset($modules) || empty($modules)) $modules = array();
if (isset($modules['modules']) && !empty($modules['modules'])) $modules['modules'] = array_values($modules['modules']);
$types = array();
$hover_types = array();
if (!is_array($modules)) return array();
foreach ($modules['modules'] as $temp) {
foreach ($temp['mispattributes']['input'] as $input) {
if (!isset($temp['meta']['module-type']) || in_array('expansion', $temp['meta']['module-type'])) $types[$input][] = $temp['name'];
if (isset($temp['meta']['module-type']) && in_array('hover', $temp['meta']['module-type'])) $hover_types[$input][] = $temp['name'];
}
}
$modules['types'] = $types;
$modules['hover_type'] = $hover_types;
return $modules;
}
}

6
app/Model/ShadowAttribute.php
View File

@ -232,14 +232,14 @@ class ShadowAttribute extends AppModel {
'order' => array(),
));
foreach ($correlatingAttributes[$k] as $key => &$correlatingAttribute) {
if ($correlatingAttribute['Attribute']['event_id'] == $sa['event_id']) unset($correlatingAttributes[$k][$key]);
if ($correlatingAttribute['Attribute']['event_id'] == $temp['event_id']) unset($correlatingAttributes[$k][$key]);
}
foreach ($correlatingAttributes as $k => $cA) {
foreach ($cA as $corr) {
$shadow_attribute_correlations[] = array(
'value' => $correlatingValues[$k],
'1_event_id' => $sa['event_id'],
'1_shadow_attribute_id' => $sa['id'],
'1_event_id' => $temp['event_id'],
'1_shadow_attribute_id' => $temp['id'],
'event_id' => $corr['Attribute']['event_id'],
'attribute_id' => $corr['Attribute']['id'],
'org_id' => $corr['Event']['org_id'],

9
app/View/Attributes/ajax/hover_enrichment.ctp Normal file
View File

@ -0,0 +1,9 @@
<?php
foreach ($results as &$r):
foreach ($r as $k => &$v):
?>
<span class="bold blue"><?php echo h($k);?></span>: <span class="red"><?php echo h($v);?></span><br />
<?php
endforeach;
endforeach;
?>

19
app/View/Elements/eventattribute.ctp
View File

@ -191,7 +191,8 @@
<?php echo h($object['type']); ?>
</div>
</td>
<td class="showspaces <?php echo $extra; ?> limitedWidth">
<td id="<?php echo h($currentType) . '_' . h($object['id']) . '_container'; ?>" class="showspaces <?php echo $extra; ?> limitedWidth">
<div <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'onMouseOver="hoverModuleExpand(\'' . $currentType . '\', \'' . $object['id'] . '\');";'?>>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php if ('attachment' === $object['type'] || 'malware-sample' === $object['type'] ): ?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_solid'; ?>" class="inline-field-solid">
@ -232,6 +233,7 @@
if (isset($object['validationIssue'])) echo ' <span class="icon-warning-sign" title="Warning, this doesn\'t seem to be a legitimage ' . strtoupper(h($object['type'])) . ' value">&nbsp;</span>';
?>
</div>
</div>
</td>
<td class="showspaces bitwider <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
@ -301,9 +303,14 @@
<?php
if ($object['objectType'] == 0) {
if ($isSiteAdmin || !$mayModify):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/ShadowAttribute');" title="Propose enrichment">&nbsp;</span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/shadow_attributes/edit/<?php echo $object['id']; ?>" title="Propose Edit" class="icon-share useCursorPointer"></a>
<span class="icon-trash useCursorPointer" title="Propose Deletion" onClick="deleteObject('shadow_attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<span class="icon-trash useCursorPointer" title="Propose Deletion" onClick="deleteObject('shadow_attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
if ($isSiteAdmin):
?>
@ -311,9 +318,14 @@
<?php endif;
endif;
if ($isSiteAdmin || $mayModify) {
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/Attribute');" title="Add enrichment">&nbsp;</span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
}
} else {
@ -377,6 +389,7 @@
$('.select_proposal, .select_all').click(function(){
attributeListAnyProposalCheckBoxesChecked();
});
});
</script>
<?php

167
app/View/Elements/eventattributerow.ctp
View File

@ -1,167 +0,0 @@
<?php
$extra = '';
$extra2 = '';
$extra3 = '';
$currentType = 'denyForm';
// 0 = attribute
// 1 = shadow_attribute
if ($object['objectType'] == 0 ) {
$currentType = 'Attribute';
if ($object['hasChildren'] == 1) {
$extra = 'highlight1';
$extra3 = 'highlightBlueSides highlightBlueTop';
}
if (!$mayModify) $currentType = 'ShadowAttribute';
} else $extra = 'highlight2';
if ($object['objectType'] == 1) {
$extra2 = '1';
$extra3 = 'highlightBlueSides';
if (isset($object['firstChild'])) {
$extra3 .= ' highlightBlueTop';
}
if (isset($object['lastChild'])) {
$extra3 .= ' highlightBlueBottom';
}
}
?>
<tr id = "<?php echo $currentType . '_' . $object['id'] . '_tr'; ?>" class="<?php echo $extra3; ?>">
<?php if ($mayModify): ?>
<td class="<?php echo $extra; ?>" style="width:10px;">
<?php if ($object['objectType'] == 0): ?>
<input id = "select_<?php echo $object['id']; ?>" class="select_attribute" type="checkbox" data-id="<?php echo $object['id'];?>" />
<?php endif; ?>
</td>
<?php endif; ?>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_timestamp_solid'; ?>">
<?php
if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
else echo '&nbsp';
?>
</div>
</td>
<td class="shortish <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="shortish <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td class="showspaces <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ): ?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_solid'; ?>" class="inline-field-solid">
<?php else: ?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'value', <?php echo $event['Event']['id'];?>);">
<?php
endif;
$sigDisplay = $object['value'];
if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
$t = ($currentType == 'Attribute' ? 'attributes' : 'shadow_attributes');
$filenameHash = explode('|', nl2br(h($object['value'])));
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo h($filepath);
echo $this->Html->link($filename, array('controller' => $t, 'action' => 'download', $object['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => $t, 'action' => 'download', $object['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($object['type'], '|') !== false) {
$filenameHash = explode('|', $object['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $object['type']) {
if (! is_null(Configure::read('MISP.cveurl'))) {
$cveUrl = Configure::read('MISP.cveurl');
} else {
$cveUrl = "http://www.google.com/search?q=";
}
echo $this->Html->link(h($sigDisplay), h($cveUrl) . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $object['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo nl2br(h($sigDisplay));
}
?>
</div>
</td>
<td class="showspaces bitwider <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<td class="shortish <?php echo $extra; ?>">
<ul class="inline" style="margin:0px;">
<?php
if ($object['objectType'] == 0 && isset($relatedAttributes[$object['id']]) && (null != $relatedAttributes[$object['id']])) {
foreach ($relatedAttributes[$object['id']] as $relatedAttribute) {
echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
if ($relatedAttribute['org'] == $me['org']) {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array ('style' => 'color:red;'));
} else {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']));
}
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['to_ids']) echo 'Yes';
else echo 'No';
?>
</div>
</td>
<td class="<?php echo $extra; ?> shortish">
<?php
$turnRed = '';
if ($object['objectType'] == 0 && $object['distribution'] == 0) $turnRed = 'style="color:red"';
?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_solid'; ?>" <?php echo $turnRed; ?> class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'distribution', <?php echo $event['Event']['id'];?>);">
<?php if ($object['objectType'] == 0) echo h($distributionLevels[$object['distribution']]); ?>&nbsp;
</div>
</td>
<td class="short action-links <?php echo $extra;?>">
<?php
if ($object['objectType'] == 0) {
if ($isSiteAdmin || $mayModify) {
?>
<a href="<?php echo $baseurl."/attributes/edit/".$object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
} else {
?>
<a href="<?php echo $baseurl."/shadow_attributes/edit/".$object['id']; ?>" title="Propose Edit" class="icon-edit useCursorPointer"></a>
<?php
}
} else {
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin) {
?>
<span class="icon-ok useCursorPointer" onClick="acceptObject('shadow_attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($object['org'] == $me['org'])) {
?>
<span class="icon-trash useCursorPointer" onClick="deleteObject('shadow_attributes', 'discard' ,'<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
}
?>
</td>
</tr>

2
app/View/Elements/healthElements/diagnostics.ctp
View File

@ -1,4 +1,4 @@
<div style="border:1px solid #dddddd; margin-top:1px; width:100%; padding:10px">
<div style="border:1px solid #dddddd; margin-top:1px; width:95%; padding:10px">
<h3>MISP version</h3>
<p>Since version 2.3.14, every version of MISP includes a json file with the current version. This is checked against the latest tag on github, if there is a version mismatch the tool will warn you about it. Make sure that you update MISP regularly.</p>
<div style="background-color:#f7f7f9;width:300px;">

88
app/View/Elements/healthElements/settings_tab.ctp
View File

@ -1,34 +1,56 @@
<table class="table table-hover table-condensed" style="border:1px solid #dddddd; margin-top:1px; width:100%; padding:10px">
<tr>
<th>Priority</th>
<th>Setting</th>
<th>Value</th>
<th>Description</th>
<th>Error Message</th>
</tr>
<?php
foreach ($finalSettings as $k => $setting):
$bgColour = '';
if (isset($setting['error']) && $setting['level'] < 3) {
$bgColour = 'background-color:' . $priorityErrorColours[$setting['level']] . ';';
if ($setting['level'] == 0 || $setting['level'] == 2) $bgColour .= 'color:white;';
}
if ($setting['level'] == 3) $bgColour = 'background-color:gray;color:white;';
if ($setting['type'] == 'boolean') $setting['value'] = ($setting['value'] === true ? 'true' : 'false');
if (isset($setting['options'])) $setting['value'] = ($setting['options'][$setting['value']]);
<div style="border:1px solid #dddddd; margin-top:1px; width:95%; padding:10px">
<?php
foreach ($finalSettings as $subGroup => &$settings):
?>
<tr id ="<?php echo h($k); ?>_row">
<td class="short" style="<?php echo $bgColour; ?>"><?php echo h($priorities[$setting['level']]);?></td>
<td class="short" style="<?php echo $bgColour; ?>"><?php echo h($setting['setting']);?></td>
<?php if ((isset($setting['editable']) && !$setting['editable']) || $setting['level'] == 3): ?>
<td id="setting_<?php echo $k; ?>_passive" class="inline-field-solid" style="<?php echo $bgColour; ?>width:500px;"><?php echo nl2br(h($setting['value']));?></td>
<?php else: ?>
<td id="setting_<?php echo $k; ?>_solid" class="inline-field-solid" ondblclick="serverSettingsActivateField('<?php echo $setting['setting'];?>', '<?php echo $k;?>')" style="<?php echo $bgColour; ?>width:500px;"><?php echo h($setting['value']);?></td>
<td id="setting_<?php echo $k; ?>_placeholder" class="short hidden inline-field-placeholder" style="<?php echo $bgColour; ?>width:500px;"></td>
<?php endif; ?>
<td style="<?php echo $bgColour; ?>"><?php echo h($setting['description']);?></td>
<td style="<?php echo $bgColour; ?>" class="short"><?php if (isset($setting['error']) && $setting['level'] != 3) echo h($setting['errorMessage']); ?></td>
</tr>
<?php
endforeach; ?>
</table>
<div>
<table class="table table-hover table-condensed" style="border:1px solid #dddddd; margin-top:1px; margin-bottom:0px; width:100%; padding:10px">
<?php if ($subGroup != 'general'): ?>
<tr>
<th class="useCursorPointer" style="border-right: 1px solid #dddddd;color: #0088cc;" onClick="toggleSettingSubGroup('<?php echo h($subGroup);?>')"><?php echo h($subGroup);?></th>
</tr>
<?php endif;?>
<tr class="subGroup_<?php echo h($subGroup);?> hidden">
<th>Priority</th>
<th>Setting</th>
<th>Value</th>
<th>Description</th>
<th>Error Message</th>
</tr>
<?php
foreach ($settings as $k => $setting):
$bgColour = '';
if (isset($setting['error']) && $setting['level'] < 3) {
$bgColour = 'background-color:' . $priorityErrorColours[$setting['level']] . ';';
if ($setting['level'] == 0 || $setting['level'] == 2) $bgColour .= 'color:white;';
}
if ($setting['level'] == 3) $bgColour = 'background-color:gray;color:white;';
if ($setting['type'] == 'boolean') $setting['value'] = ($setting['value'] === true ? 'true' : 'false');
if (isset($setting['options'])) $setting['value'] = ($setting['options'][$setting['value']]);
?>
<tr id ="<?php echo h($k); ?>_row" class="subGroup_<?php echo h($subGroup);?> hidden">
<td class="short" style="<?php echo $bgColour; ?>"><?php echo h($priorities[$setting['level']]);?></td>
<td class="short" style="<?php echo $bgColour; ?>"><?php echo h($setting['setting']);?></td>
<?php if ((isset($setting['editable']) && !$setting['editable']) || $setting['level'] == 3): ?>
<td id="setting_<?php echo $k; ?>_passive" class="inline-field-solid" style="<?php echo $bgColour; ?>width:500px;"><?php echo nl2br(h($setting['value']));?></td>
<?php else: ?>
<td id="setting_<?php echo $k; ?>_solid" class="inline-field-solid" ondblclick="serverSettingsActivateField('<?php echo $setting['setting'];?>', '<?php echo $k;?>')" style="<?php echo $bgColour; ?>width:500px;"><?php echo h($setting['value']);?></td>
<td id="setting_<?php echo $k; ?>_placeholder" class="short hidden inline-field-placeholder" style="<?php echo $bgColour; ?>width:500px;"></td>
<?php endif; ?>
<td style="<?php echo $bgColour; ?>"><?php echo h($setting['description']);?></td>
<td style="<?php echo $bgColour; ?>"><?php if (isset($setting['error']) && $setting['level'] != 3) echo h($setting['errorMessage']); ?></td>
</tr>
<?php
endforeach;
?>
</table>
<div class="subGroup_<?php echo h($subGroup);?> hidden" style="margin-bottom:30px;"></div>
</div>
<?php
endforeach;
?>
</div>
<script type="text/javascript">
$(document).ready(function() {
$('.subGroup_general').show();
});
</script>

4
app/View/Elements/side_menu.ctp
View File

@ -223,6 +223,10 @@
<li <?php if ($menuItem === 'eventBlacklistsAdd') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/eventBlacklists/add">Blacklists Event</a></li>
<li <?php if ($menuItem === 'eventBlacklists') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/eventBlacklists">Manage Event Blacklists</a></li>
<?php endif;
if (Configure::read('MISP.enableOrgBlacklisting')): ?>
<li <?php if ($menuItem === 'orgBlacklistsAdd') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/orgBlacklists/add">Blacklists Organisation</a></li>
<li <?php if ($menuItem === 'orgBlacklists') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/orgBlacklists">Manage Org Blacklists</a></li>
<?php endif;
endif;
break;

6
app/View/EventBlacklists/edit.ctp
View File

@ -8,20 +8,20 @@
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => 'Creating organisation',
'default' => $eb['EventBlacklist']['event_orgc'],
'default' => $blockEntry['EventBlacklist']['event_orgc'],
));
echo $this->Form->input('event_info', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => 'Event info',
'default' => $eb['EventBlacklist']['event_info'],
'default' => $blockEntry['EventBlacklist']['event_info'],
));
echo $this->Form->input('comment', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'default' => $eb['EventBlacklist']['comment'],
'default' => $blockEntry['EventBlacklist']['comment'],
));
?>
</fieldset>

20
app/View/Events/ajax/enrichmentChoice.ctp Normal file
View File

@ -0,0 +1,20 @@
<div class="popover_choice">
<legend><?php echo __('Choose the enrichment module that you wish to use for the expansion'); ?></legend>
<div class="popover_choice_main" id ="popover_choice_main">
<div style="width:100%;">
<?php foreach ($modules as $k => $module): ?>
<div style="border-bottom:1px solid black; text-align:center;width:100%;" class="templateChoiceButton useCursorPointer" onClick="window.location='<?php echo $baseurl;?>/events/queryEnrichment/<?php echo implode('/', array(h($attribute_id), h($module['name'])));?>';" title="<?php echo h($module['description']);?>"><?php echo h($module['name']);?></div>
<?php endforeach; ?>
</div>
</div>
<div class="templateChoiceButton templateChoiceButtonLast" onClick="cancelPopoverForm();">Cancel</div>
</div>
<script type="text/javascript">
$(document).ready(function() {
resizePopoverBody();
});
$(window).resize(function() {
resizePopoverBody();
});
</script>

166
app/View/Events/resolved_attributes.ctp Normal file
View File

@ -0,0 +1,166 @@
<div class="index">
<h2><?php echo h($title);?></h2>
<p>Below you can see the attributes that are to be created. Make sure that the categories and the types are correct, often several options will be offered based on an inconclusive automatic resolution. </p>
<?php
echo $this->Form->create('Attribute', array('url' => '/events/saveFreeText/' . $event['Event']['id'], 'class' => 'mainForm'));
if ($isSiteAdmin) {
echo $this->Form->input('force', array(
'checked' => false,
'label' => 'Proposals instead of attributes',
));
}
echo $this->Form->input('JsonObject', array(
'label' => false,
'type' => 'text',
'style' => 'display:none;',
'value' => '',
));
echo $this->Form->end();
?>
<table class="table table-striped table-hover table-condensed">
<tr>
<th>Value</th>
<th>Category</th>
<th>Type</th>
<th>IDS<input type="checkbox" id="checkAll" style="margin:0px;margin-left:3px;"/></th>
<th>Comment</th>
<th>Actions</th>
</tr>
<?php
$options = array();
foreach ($resultArray as $k => $item):
?>
<tr id="row_<?php echo $k; ?>" class="freetext_row">
<?php
echo $this->Form->input('Attribute' . $k . 'Save', array(
'label' => false,
'style' => 'display:none;',
'value' => 1,
));
echo $this->Form->input('Attribute' . $k . 'Value', array(
'label' => false,
'type' => 'hidden',
'value' => h($item['value']),
));
echo $this->Form->input('Attribute' . $k . 'Data', array(
'label' => false,
'type' => 'hidden',
'value' => isset($item['data']) ? h($item['data']) : false,
));
?>
<td>
<input type="hidden" id="<?php echo 'Attribute' . $k . 'Save'; ?>" value=1 >
<div id="<?php echo 'Attribute' . $k . 'Value'; ?>"><?php echo h($item['value']); ?></div>
</td>
<td class="short">
<?php
if (!isset($item['category'])) {
$default = array_search($defaultCategories[$item['default_type']], $typeCategoryMapping[$item['default_type']]);
} else {
$default = array_search($item['category'], $typeCategoryMapping[$item['default_type']]);
}
?>
<select id="<?php echo 'Attribute' . $k . 'Category'; ?>" style='padding:0px;height:20px;margin-bottom:0px;'>
<?php
foreach ($typeCategoryMapping[$item['default_type']] as $type) {
echo '<option value="' . $type . '" ';
if ($type == $default) echo 'selected="selected"';
echo '>' . $type . '</option>';
}
?>
</select>
</td>
<td class="short">
<?php
$divVisibility = '';
$selectVisibility = '';
if (count($item['types']) == 1) {
$selectVisibility = 'display:none;';
} else {
$divVisibility = 'style="display:none;"';
if (!in_array(array_keys($item['types']), $options)) $options[] = array_values($item['types']);
}
?>
<div id = "<?php echo 'Attribute' . $k . 'TypeStatic'; ?>" <?php echo $divVisibility; ?> ><?php echo h($item['default_type']); ?></div>
<select id = "<?php echo 'Attribute' . $k . 'Type'; ?>" class='typeToggle' style='padding:0px;height:20px;margin-bottom:0px;<?php echo $selectVisibility; ?>'>
<?php
foreach ($item['types'] as $type) {
echo '<option value="' . $type . '" ';
echo ($type == $item['default_type'] ? 'selected="selected"' : '') . '>' . $type . '</option>';
}
?>
</select>
</td>
<td class="short" style="width:40px;text-align:center;">
<input type="checkbox" id="<?php echo 'Attribute' . $k . 'To_ids'; ?>" <?php if ($item['to_ids']) echo 'checked'; ?> class="idsCheckbox" />
</td>
<td class="short">
<input type="text" class="freetextCommentField" id="<?php echo 'Attribute' . $k . 'Comment'; ?>" style="padding:0px;height:20px;margin-bottom:0px;" placeholder="Imported via the freetext import." <?php if (isset($item['comment']) && $item['comment'] !== false) echo 'value="' . $item['comment'] . '"'?>/>
</td>
<td class="action short">
<span class="icon-remove pointer" onClick="freetextRemoveRow('<?php echo $k; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
</td>
</tr>
<?php
endforeach;
$optionsRearranged = array();
foreach ($options as $group) {
foreach ($group as $k => $element) {
$temp = $group;
unset ($temp[$k]);
if (!isset($optionsRearranged[$element])) $optionsRearranged[$element] = array();
$optionsRearranged[$element] = array_merge($optionsRearranged[$element], $temp);
}
}
?>
</table>
<span>
<button class="btn btn-primary" style="float:left;" onClick="freetextImportResultsSubmit('<?php echo h($event['Event']['id']); ?>', '<?php echo count($resultArray); ?>');">Submit</button>
<span style="float:right">
<?php
if (!empty($optionsRearranged)):
?>
<select id="changeFrom" style="margin-left:50px;margin-top:10px;">
<?php
foreach (array_keys($optionsRearranged) as $fromElement):
?>
<option><?php echo $fromElement; ?></option>
<?php
endforeach;
?>
</select>
<span class="icon-arrow-right"></span>
<select id="changeTo" style="margin-top:10px;">
<?php
$keys = array_keys($optionsRearranged);
foreach ($optionsRearranged[$keys[0]] as $toElement):
?>
<option value="<?php echo $toElement; ?>"><?php echo $toElement; ?></option>
<?php
endforeach;
?>
</select>
<span class="btn btn-inverse" onClick="changeFreetextImportExecute();">Change all</span><br />
<?php endif; ?>
<input type="text" id="changeComments" style="margin-left:50px;margin-top:10px;width:446px;" placeholder="Update all comment fields">
<span class="btn btn-inverse" onClick="changeFreetextImportCommentExecute();">Change all</span>
</span>
</span>
</div>
<?php if (!empty($optionsRearranged)):?>
<script>
var options = <?php echo json_encode($optionsRearranged);?>;
$(document).ready(function(){
$('#changeFrom').change(function(){
changeFreetextImportFrom();
});
$('#changeFrom').trigger('change');
$('#checkAll').change(function() {
$('.idsCheckbox').prop('checked', $('#checkAll').is(':checked'));
});
});
</script>
<?php
endif;
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'freetextResults'));
?>

4
app/View/Feeds/preview_index.ctp
View File

@ -32,8 +32,9 @@
<th class="filter">Tags</th>
<th class="filter"><?php echo $this->Paginator->sort('date');?></th>
<th class="filter" title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>"><?php echo $this->Paginator->sort('threat_level_id');?></th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>"><?php echo $this->Paginator->sort('analysis');?></th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>"><?php echo $this->Paginator->sort('analysis');?></th>
<th class="filter"><?php echo $this->Paginator->sort('info');?></th>
<th class="filter"><?php echo $this->Paginator->sort('timestamp');?></th>
<th class="actions">Actions</th>
</tr>
@ -59,6 +60,7 @@
<td ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'">
<?php echo nl2br(h($event['info'])); ?>&nbsp;
</td>
<td ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'" class="short"><?php echo h($event['timestamp']); ?></td>
<td class="short action-links">
<?php if ($feed['Feed']['enabled']) echo $this->Form->postLink('', '/feeds/getEvent/' . $id . '/' . $uuid, array('class' => 'icon-download'), __('Are you sure you want to fetch and save this event on your instance?', $this->Form->value('Feed.id'))); ?>
<a href='<?php echo $eventViewURL . h($uuid);?>' class = "icon-list-alt" title = "View"></a>

4
app/View/Layouts/ajax.ctp
View File

@ -17,6 +17,6 @@
*/
?>
<?php
echo $this->Html->css('bootstrap');
echo $this->Html->css('main');
//echo $this->Html->css('bootstrap');
//echo $this->Html->css('main');
echo $content_for_layout; ?>

34
app/View/OrgBlacklists/add.ctp Normal file
View File

@ -0,0 +1,34 @@
<div class="orgBlacklist form">
<?php echo $this->Form->create('OrgBlacklist');?>
<fieldset>
<legend>Add Organisation Blacklist Entries</legend>
<p>Simply paste a list of all the organisation UUIDs that you wish to block from being entered.</p>
<?php
echo $this->Form->input('uuids', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'placeholder' => 'Enter a single or a list of UUIDs'
));
echo $this->Form->input('org_name', array(
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => 'Organisation name',
'placeholder' => '(Optional) The organisation name that the organisation is associated with'
));
echo $this->Form->input('comment', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'placeholder' => '(Optional) Any comments you would like to add regarding this (or these) entries.'
));
?>
</fieldset>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklistsAdd'));
?>

28
app/View/OrgBlacklists/edit.ctp Normal file
View File

@ -0,0 +1,28 @@
<div class="orgBlacklist form">
<?php echo $this->Form->create('OrgBlacklist');?>
<fieldset>
<legend>Add Event Blacklist Entries</legend>
<p>Simply paste a list of all the event UUIDs that you wish to block from being entered.</p>
<?php
echo $this->Form->input('org_name', array(
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => 'Creating organisation',
'default' => $blockEntry['OrgBlacklist']['org_name'],
));
echo $this->Form->input('comment', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'default' => $blockEntry['OrgBlacklist']['comment'],
));
?>
</fieldset>
<?php
echo $this->Form->button('Edit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklistsAdd'));
?>

62
app/View/OrgBlacklists/index.ctp Normal file
View File

@ -0,0 +1,62 @@
<div class="orgBlacklists index">
<h2><?php echo __('Organisation Blacklists');?></h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('org_name');?></th>
<th><?php echo $this->Paginator->sort('org_uuid');?></th>
<th><?php echo $this->Paginator->sort('created');?></th>
<th><?php echo $this->Paginator->sort('comment');?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr><?php
foreach ($response as $item): ?>
<tr>
<td class="short"><?php echo h($item['OrgBlacklist']['id']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlacklist']['org_name']) ? h($item['OrgBlacklist']['org_name']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['OrgBlacklist']['org_uuid']); ?>&nbsp;</td>
<td><?php echo h($item['OrgBlacklist']['created']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlacklist']['comment']) ? h($item['OrgBlacklist']['comment']) : '&nbsp;'); ?></td>
<td class="short action-links">
<a href="<?php echo $baseurl;?>/orgBlacklists/edit/<?php echo h($item['OrgBlacklist']['id']); ?>"><span class="icon-edit" title="edit">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['OrgBlacklist']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete the blacklist entry for the event UUID %s?', h($item['OrgBlacklist']['org_uuid']))); ?>
</td>
</tr><?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklists'));
?>

2
app/View/ShadowAttributes/add_attachment.ctp
View File

@ -1,7 +1,7 @@
<div class="shadow_attributes form">
<?php echo $this->Form->create('ShadowAttribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("ShadowAttributeMalware").removeAttribute("disabled");'));?>
<fieldset>
<legend><?php echo __('Add Attachment'); ?></legend>
<legend><?php echo __('Propose Attachment'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category');

2
app/View/ShadowAttributes/edit.ctp
View File

@ -1,7 +1,7 @@
<div class="shadow_attributes <?php if (!isset($ajax) || !$ajax) echo 'form';?>">
<?php echo $this->Form->create('ShadowAttribute');?>
<fieldset>
<legend><?php echo __('Add ShadowAttribute'); ?></legend>
<legend><?php echo __('Add Proposal'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array(

2
app/View/Templates/add.ctp
View File

@ -34,7 +34,7 @@
</div><br />
<?php
echo $this->Form->input('description', array(
'label' => 'Event Description',
'label' => 'Template Description',
'div' => 'clear',
'type' => 'textarea',
'class' => 'form-control span6',

2
app/View/Templates/edit.ctp
View File

@ -34,7 +34,7 @@
</div><br />
<?php
echo $this->Form->input('description', array(
'label' => 'Event Description',
'label' => 'Template Description',
'div' => 'clear',
'type' => 'textarea',
'class' => 'form-control span6',

61
app/webroot/js/ajaxification.js
View File

@ -944,6 +944,23 @@ function getPopup(id, context, target, admin) {
});
}
function simplePopup(url) {
$("#gray_out").fadeIn();
$.ajax({
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
dataType:"html",
cache: false,
success:function (data, textStatus) {
$(".loading").hide();
$("#popover_form").html(data);
$("#popover_form").fadeIn();
},
url: url,
});
}
function resizePopoverBody() {
var bodyheight = $(window).height();
bodyheight = 3 * bodyheight / 4 - 150;
@ -1569,18 +1586,20 @@ function freetextImportResultsSubmit(id, count) {
var temp;
for (i = 0; i < count; i++) {
if ($('#Attribute' + i + 'Save').val() == 1) {
temp = {
value:$('#Attribute' + i + 'Value').val(),
category:$('#Attribute' + i + 'Category').val(),
type:$('#Attribute' + i + 'Type').val(),
to_ids:$('#Attribute' + i + 'To_ids')[0].checked,
comment:$('#Attribute' + i + 'Comment').val(),
}
attributeArray[attributeArray.length] = temp;
temp = {
value:$('#Attribute' + i + 'Value').val(),
category:$('#Attribute' + i + 'Category').val(),
type:$('#Attribute' + i + 'Type').val(),
to_ids:$('#Attribute' + i + 'To_ids')[0].checked,
comment:$('#Attribute' + i + 'Comment').val(),
data:$('#Attribute' + i + 'Data').val()
}
attributeArray[attributeArray.length] = temp;
console.log(temp)
}
}
};
$("#AttributeJsonObject").val(JSON.stringify(attributeArray));
var formData = $("#AttributeFreeTextImportForm").serialize();
var formData = $(".mainForm").serialize();
$.ajax({
type: "post",
cache: false,
@ -2254,4 +2273,26 @@ function checkUserExternalAuth() {
$('#externalAuthDiv').hide();
$('#passwordDivDiv').show();
}
}
function toggleSettingSubGroup(group) {
$('.subGroup_' + group).toggle();
}
function hoverModuleExpand(type, id) {
$('.popover').remove();
$.ajax({
success:function (html) {
$('#' + type + '_' + id + '_container').popover({
title: 'Lookup results:',
content: html,
placement: 'left',
html: true,
trigger: 'hover',
container: 'body'
}).popover('show');
},
cache: false,
url:"/" + type + "s/hoverEnrichment/" + id,
});
}