MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' into enforce-iso-datetime

pull/5615/head
mokaddem 2020-02-10 14:18:14 +01:00
parent 6243c0a859 9c22e02848
commit 8e2da13e0e
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
39 changed files with 395 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
INSTALL/INSTALL.sh
View File

@ -185,7 +185,8 @@ usage () {
echo -e "${SCRIPT_NAME} -c | Install ONLY ${LBLUE}MISP${NC} Core" # core
echo -e " -M | ${LBLUE}MISP${NC} modules" # modules
echo -e " -D | ${LBLUE}MISP${NC} dashboard" # dashboard
echo -e " -V | Viper" # viper
## FIXME: The current stat of Viper is broken, disabling any use.
##echo -e " -V | Viper" # viper
echo -e " -m | Mail 2 ${LBLUE}MISP${NC}" # mail2
echo -e " -S | Experimental ssdeep correlations" # ssdeep
echo -e " -A | Install ${YELLOW}all${NC} of the above" # all
@ -196,7 +197,7 @@ usage () {
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
echo -e "Options can be combined: ${SCRIPT_NAME} -c -D # Will install Core+Dashboard"
space
echo -e "Recommended is either a barebone MISP install (ideal for syncing from other instances) or"
echo -e "MISP + modules - ${SCRIPT_NAME} -c -M"
@ -1845,7 +1846,7 @@ viper () {
$SUDO_CMD /usr/local/src/viper/venv/bin/pip install -r requirements.txt
echo "Launching viper-web"
$SUDO_CMD /usr/local/src/viper-web/viper-web -p 8888 -H 0.0.0.0 &
echo 'PATH="/home/misp/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee /etc/environment
echo 'PATH="/home/misp/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee -a /etc/environment
echo ". /etc/environment" >> /home/${MISP_USER}/.profile
# TODO: Perms, MISP_USER_HOME, nasty hack cuz Kali on R00t
@ -2112,8 +2113,9 @@ installSupported () {
progress 4
# Install Viper - functionLocation('generic/viper-debian.md')
[[ -n $VIPER ]] || [[ -n $ALL ]] && viper
progress 4
## FIXME: The current stat of Viper is broken, disabling any use.
##[[ -n $VIPER ]] || [[ -n $ALL ]] && viper
##progress 4
# Install ssdeep - functionLocation('generic/ssdeep-debian.md')
[[ -n $SSDEEP ]] || [[ -n $ALL ]] && ssdeep
@ -2388,8 +2390,9 @@ installMISPonKali () {
debug "Installing misp-modules"
mispmodules
debug "Installing Viper"
viper
## FIXME: The current stat of Viper is broken, disabling any use.
##debug "Installing Viper"
##viper
debug "Installing ssdeep"
ssdeep
@ -2466,8 +2469,14 @@ x86_64-fedora-30
x86_64-debian-stretch
x86_64-debian-buster
x86_64-ubuntu-bionic
x86_64-kali-2019.1
x86_64-kali-2019.2
x86_64-kali-2019.3
x86_64-kali-2019.4
x86_64-kali-2020.1
x86_64-kali-2020.2
x86_64-kali-2020.3
x86_64-kali-2020.4
armv6l-raspbian-stretch
armv7l-raspbian-stretch
armv7l-debian-jessie

6
INSTALL/INSTALL.sh.sfv
View File

@ -1,5 +1,5 @@
; Generated by RHash v1.3.9 on 2020-01-21 at 17:22.04
; Generated by RHash v1.3.9 on 2020-02-03 at 13:15.37
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
;
; 99445 17:22.04 2020-01-21 INSTALL.sh
INSTALL.sh 6E1976E8429DE5E28AD7B4F286904F0D6AE278FE 0032F7224EF5CAC309A1E3EDC4D185D6014BAE6DCCC07FBD12528D7574C6167E 1EEEA5E9C5FC2DDF6198442E8B301CB30DEC443798BD597B9D6DA3C8FD5F1C77AB5EB0F44988876BBA7314B3BEC4C297 8C950F3C6A5A8D5CCCC298551555CDC7C631E2A93177DF7BEA2E5C0A80D651C2D459A4328832BE96CDEB874C3CC2214FAB9DA0FA1B97DD642E7488ADB558E748
; 99767 13:15.37 2020-02-03 INSTALL.sh
INSTALL.sh F27125A2CD54B088B95072FF1D87C2A9EDDE3FDC 4A2F544B20AF69618BD0F744A433CBC442DAE17CC35028906DB20FB2C56DA2D6 CE625D7EB46FCC9B0228BFDD1AF62B9FC78F1D53B14CABA881C19C115F3E8F8D031EEF6A07E6E08A3B1F1D28C4EE8335 84D8940C178BFCFDA1A218D7AD7DEFA27EA62486DC7E06E165F1BE2C7738DCD384A95E62A95F7203AEDAD8593F648302E963BC3C00CCA987A415952A86192BC8

2
INSTALL/INSTALL.sh.sha1
View File

@ -1 +1 @@
6e1976e8429de5e28ad7b4f286904f0d6ae278fe INSTALL.sh
f27125a2cd54b088b95072ff1d87c2a9edde3fdc INSTALL.sh

2
INSTALL/INSTALL.sh.sha256
View File

@ -1 +1 @@
0032f7224ef5cac309a1e3edc4d185d6014bae6dccc07fbd12528d7574c6167e INSTALL.sh
4a2f544b20af69618bd0f744a433cbc442dae17cc35028906db20fb2c56da2d6 INSTALL.sh

2
INSTALL/INSTALL.sh.sha384
View File

@ -1 +1 @@
1eeea5e9c5fc2ddf6198442e8b301cb30dec443798bd597b9d6da3c8fd5f1c77ab5eb0f44988876bba7314b3bec4c297 INSTALL.sh
ce625d7eb46fcc9b0228bfdd1af62b9fc78f1d53b14caba881c19c115f3e8f8d031eef6a07e6e08a3b1f1d28c4ee8335 INSTALL.sh

2
INSTALL/INSTALL.sh.sha512
View File

@ -1 +1 @@
8c950f3c6a5a8d5cccc298551555cdc7c631e2a93177df7bea2e5c0a80d651c2d459a4328832be96cdeb874c3cc2214fab9da0fa1b97dd642e7488adb558e748 INSTALL.sh
84d8940c178bfcfda1a218d7ad7defa27ea62486dc7e06e165f1be2c7738dcd384a95e62a95f7203aedad8593f648302e963bc3c00cca987a415952a86192bc8 INSTALL.sh

16
INSTALL/INSTALL.tpl.sh
View File

@ -324,8 +324,9 @@ installSupported () {
progress 4
# Install Viper - functionLocation('generic/viper-debian.md')
[[ -n $VIPER ]] || [[ -n $ALL ]] && viper
progress 4
## FIXME: The current stat of Viper is broken, disabling any use.
##[[ -n $VIPER ]] || [[ -n $ALL ]] && viper
##progress 4
# Install ssdeep - functionLocation('generic/ssdeep-debian.md')
[[ -n $SSDEEP ]] || [[ -n $ALL ]] && ssdeep
@ -600,8 +601,9 @@ installMISPonKali () {
debug "Installing misp-modules"
mispmodules
debug "Installing Viper"
viper
## FIXME: The current stat of Viper is broken, disabling any use.
##debug "Installing Viper"
##viper
debug "Installing ssdeep"
ssdeep
@ -678,8 +680,14 @@ x86_64-fedora-30
x86_64-debian-stretch
x86_64-debian-buster
x86_64-ubuntu-bionic
x86_64-kali-2019.1
x86_64-kali-2019.2
x86_64-kali-2019.3
x86_64-kali-2019.4
x86_64-kali-2020.1
x86_64-kali-2020.2
x86_64-kali-2020.3
x86_64-kali-2020.4
armv6l-raspbian-stretch
armv7l-raspbian-stretch
armv7l-debian-jessie

2
PyMISP

@ -1 +1 @@
Subproject commit eabc6481d039940ad30b7342a477ccf56c878419
Subproject commit cb718b97f1e36e11a06870adb5368309e1c14912

5
app/Console/Command/EventShell.php
View File

@ -359,7 +359,6 @@ class EventShell extends AppShell
public function cachebro()
{
$timeStart = time();
$broHeader = "#fields\tindicator\tindicator_type\tmeta.source\tmeta.desc\tmeta.url\tmeta.do_notice\tmeta.if_in\n";
$userId = $this->args[0];
$user = $this->User->getAuthUser($userId);
$id = $this->args[1];
@ -377,8 +376,10 @@ class EventShell extends AppShell
}
$file->write('');
$skipHeader = false;
foreach ($types as $k => $type) {
$final = $this->Attribute->bro($user, $type);
$final = $this->Attribute->bro($user, $type, false, false, false, false, false, false, $skipHeader);
$skipHeader = true;
foreach ($final as $attribute) {
$file->append($attribute . PHP_EOL);
}

4
app/Controller/AppController.php
View File

@ -47,7 +47,7 @@ class AppController extends Controller
public $helpers = array('Utility', 'OrgImg', 'FontAwesome', 'UserName');
private $__queryVersion = '97';
public $pyMispVersion = '2.4.120';
public $pyMispVersion = '2.4.121';
public $phpmin = '7.2';
public $phprec = '7.4';
public $pythonmin = '3.6';
@ -1162,7 +1162,6 @@ class AppController extends Controller
public function restSearch()
{
$ordered_url_params = func_get_args();
if (empty($this->RestSearch->paramArray[$this->modelClass])) {
throw new NotFoundException(__('RestSearch is not implemented (yet) for this scope.'));
}
@ -1185,7 +1184,6 @@ class AppController extends Controller
if ($filters === false) {
return $exception;
}
$list = array();
$key = empty($filters['key']) ? $filters['returnFormat'] : $filters['key'];
$user = $this->_getApiAuthUser($key, $exception);
if ($user === false) {

3
app/Controller/Component/ACLComponent.php
View File

@ -552,7 +552,8 @@ class ACLComponent extends Component
'delete' => array('perm_admin'),
'downloadTerms' => array('*'),
'edit' => array('*'),
'fetchPGPKey' => array('*'),
'searchGpgKey' => array('*'),
'fetchGpgKey' => array('*'),
'histogram' => array('*'),
'initiatePasswordReset' => array('perm_admin'),
'login' => array('*'),

13
app/Controller/TaxonomiesController.php
View File

@ -22,7 +22,18 @@ class TaxonomiesController extends AppController
public function index()
{
$this->paginate['recursive'] = -1;
$taxonomies = $this->paginate();
if ($this->_isRest()) {
$keepFields = array('conditions', 'contain', 'recursive', 'sort');
$searchParams = array();
foreach ($keepFields as $field) {
if (!empty($this->paginate[$field])) {
$searchParams[$field] = $this->paginate[$field];
}
}
$taxonomies = $this->Taxonomy->find('all', $searchParams);
} else {
$taxonomies = $this->paginate();
}
$this->loadModel('Tag');
foreach ($taxonomies as $key => $taxonomy) {
$total = 0;

22
app/Controller/UsersController.php
View File

@ -2128,14 +2128,14 @@ class UsersController extends AppController
$this->Auth->login($newUser['User']);
}
public function fetchPGPKey($email = false)
public function searchGpgKey($email = false)
{
if ($email == false) {
if (!$email) {
throw new NotFoundException('No email provided.');
}
$keys = $this->User->fetchPGPKey($email);
if (is_numeric($keys)) {
throw new NotFoundException('Could not retrieved any keys from the key server.');
$keys = $this->User->searchGpgKey($email);
if (empty($keys)) {
throw new NotFoundException('No keys found for given email at keyserver.');
}
$this->set('keys', $keys);
$this->autorender = false;
@ -2143,6 +2143,18 @@ class UsersController extends AppController
$this->render('ajax/fetchpgpkey');
}
public function fetchGpgKey($fingerprint = null)
{
if (!$fingerprint) {
throw new NotFoundException('No fingerprint provided.');
}
$key = $this->User->fetchGpgKey($fingerprint);
if (!$key) {
throw new NotFoundException('No key with given fingerprint found.');
}
return new CakeResponse(array('body' => $key));
}
public function dashboard()
{
$events = array();

96
app/Lib/Tools/GpgTool.php Normal file
View File

@ -0,0 +1,96 @@
<?php
class GpgTool
{
/**
* @param string $search
* @return array
* @throws Exception
*/
public function searchGpgKey($search)
{
$uri = 'https://pgp.circl.lu/pks/lookup?search=' . urlencode($search) . '&op=index&fingerprint=on&options=mr';
$response = $this->keyServerLookup($uri);
if ($response->code == 404) {
return array(); // no keys found
} else if ($response->code != 200) {
throw new Exception("Fetching the '$uri' failed with HTTP error {$response->code}: {$response->reasonPhrase}");
}
return $this->extractKeySearch($response->body);
}
/**
* @param string $fingerprint
* @return string|null
* @throws Exception
*/
public function fetchGpgKey($fingerprint)
{
$uri = 'https://pgp.circl.lu/pks/lookup?search=0x' . urlencode($fingerprint) . '&op=get&options=mr';
$response = $this->keyServerLookup($uri);
if ($response->code == 404) {
return null; // key with given fingerprint not found
} else if ($response->code != 200) {
throw new Exception("Fetching the '$uri' failed with HTTP error {$response->code}: {$response->reasonPhrase}");
}
$key = $response->body;
return $key;
}
/**
* @param string $body
* @return array
*/
private function extractKeySearch($body)
{
$final = array();
$lines = explode("\n", $body);
foreach ($lines as $line) {
$parts = explode(":", $line);
if ($parts[0] === 'pub') {
if (!empty($temp)) {
$final[] = $temp;
$temp = array();
}
if (strpos($parts[6], 'r') !== false || strpos($parts[6], 'd') !== false || strpos($parts[6], 'e') !== false) {
continue; // skip if key is expired, revoked or disabled
}
$temp = array(
'fingerprint' => $parts[1],
'key_id' => substr($parts[1], -8),
'date' => date('Y-m-d', $parts[4]),
);
} else if ($parts[0] === 'uid' && !empty($temp)) {
$temp['address'] = urldecode($parts[1]);
}
}
if (!empty($temp)) {
$final[] = $temp;
}
return $final;
}
/**
* @param string $uri
* @return HttpSocketResponse
* @throws Exception
*/
private function keyServerLookup($uri)
{
App::uses('SyncTool', 'Tools');
$syncTool = new SyncTool();
$HttpSocket = $syncTool->setupHttpSocket();
$response = $HttpSocket->get($uri);
if ($response === false) {
throw new Exception("Could not fetch '$uri'.");
}
return $response;
}
}

7
app/Model/AppModel.php
View File

@ -77,7 +77,7 @@ class AppModel extends Model
27 => false, 28 => false, 29 => false, 30 => false, 31 => false, 32 => false,
33 => false, 34 => false, 35 => false, 36 => false, 37 => false, 38 => false,
39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false,
45 => false, 46 => false
45 => false, 46 => false, 47 => false
);
public $advanced_updates_description = array(
@ -1319,6 +1319,11 @@ class AppModel extends Model
$sqlArray[] = "ALTER TABLE `events` ADD `sighting_timestamp` int(11) NOT NULL DEFAULT 0 AFTER `publish_timestamp`;";
$sqlArray[] = "ALTER TABLE `servers` ADD `push_sightings` tinyint(1) NOT NULL DEFAULT 0 AFTER `pull`;";
break;
case 47:
$this->__addIndex('tags', 'numerical_value');
$this->__addIndex('taxonomy_predicates', 'numerical_value');
$this->__addIndex('taxonomy_entries', 'numerical_value');
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

12
app/Model/Attribute.php
View File

@ -2666,7 +2666,7 @@ class Attribute extends AppModel
return $values;
}
public function bro($user, $type, $tags = false, $eventId = false, $from = false, $to = false, $last = false, $enforceWarninglist = false)
public function bro($user, $type, $tags = false, $eventId = false, $from = false, $to = false, $last = false, $enforceWarninglist = false, $skipHeader = false)
{
App::uses('BroExport', 'Export');
$export = new BroExport();
@ -2734,7 +2734,9 @@ class Attribute extends AppModel
}
natsort($intel);
$intel = array_unique($intel);
array_unshift($intel, $export->header);
if (empty($skipHeader)) {
array_unshift($intel, $export->header);
}
return $intel;
}
@ -2749,7 +2751,8 @@ class Attribute extends AppModel
'fields' => array('Attribute.id', 'Attribute.event_id', 'Attribute.type', 'Attribute.category', 'Attribute.comment', 'Attribute.to_ids', 'Attribute.value', 'Attribute.value' . $valueField),
'contain' => array('Event' => array('fields' => array('Event.id', 'Event.threat_level_id', 'Event.orgc_id', 'Event.uuid'))),
'group' => array('Attribute.type', 'Attribute.value' . $valueField), // fields to GROUP BY
'enforceWarninglist' => $enforceWarninglist
'enforceWarninglist' => $enforceWarninglist,
'flatten' => 1
)
);
$orgs = $this->Event->Orgc->find('list', array(
@ -4546,7 +4549,8 @@ class Attribute extends AppModel
$loop = false;
if (empty($params['limit'])) {
$memory_in_mb = $this->convert_to_memory_limit_to_mb(ini_get('memory_limit'));
$memory_scaling_factor = isset($exportTool->memory_scaling_factor) ? $exportTool->memory_scaling_factor : 80;
$default_attribute_memory_coefficient = Configure::check('MISP.default_attribute_memory_coefficient') ? Configure::read('MISP.default_attribute_memory_coefficient') : 80;
$memory_scaling_factor = isset($exportTool->memory_scaling_factor) ? $exportTool->memory_scaling_factor : $default_attribute_memory_coefficient;
$params['limit'] = $memory_in_mb * $memory_scaling_factor;
$loop = true;
$params['page'] = 1;

52
app/Model/Event.php
View File

@ -6590,6 +6590,10 @@ class Event extends AppModel
}
}
if (isset($filters['tag']) and !isset($filters['tags'])) {
$filters['tags'] = $filters['tag'];
}
$subqueryElements = $this->harvestSubqueryElements($filters);
$filters = $this->addFiltersFromSubqueryElements($filters, $subqueryElements);
@ -6672,33 +6676,49 @@ class Event extends AppModel
private function __clusterEventIds($exportTool, $eventIds)
{
$memory_in_mb = $this->Attribute->convert_to_memory_limit_to_mb(ini_get('memory_limit'));
$memory_scaling_factor = isset($exportTool->memory_scaling_factor) ? $exportTool->memory_scaling_factor : 100;
$default_attribute_memory_coefficient = Configure::check('MISP.default_attribute_memory_coefficient') ? Configure::read('MISP.default_attribute_memory_coefficient') : 80;
$default_event_memory_divisor = Configure::check('MISP.default_event_memory_multiplier') ? Configure::read('MISP.default_event_memory_divisor') : 3;
$memory_scaling_factor = isset($exportTool->memory_scaling_factor) ? $exportTool->memory_scaling_factor : $default_attribute_memory_coefficient;
// increase the cost per attribute to account for the overhead of object metadata
$memory_scaling_factor = $memory_scaling_factor / $default_event_memory_divisor;
$limit = $memory_in_mb * $memory_scaling_factor;
$eventIdList = array();
$continue = true;
$i = 0;
$current_chunk_size = 0;
while (!empty($eventIds)) {
foreach ($eventIds as $id => $count) {
if ($current_chunk_size == 0 && $count > $limit) {
$largest_event = 0;
foreach ($eventIds as $id => $count) {
if ($count > $largest_event) {
$largest_event = $count;
}
if ($current_chunk_size == 0 && $count > $limit) {
$eventIdList[$i][] = $id;
$current_chunk_size = $count;
$i++;
} else {
if (($current_chunk_size + $count) > $limit) {
$i++;
$eventIdList[$i][] = $id;
$current_chunk_size = $count;
unset($eventIds[$id]);
$i++;
break;
} else {
if (($current_chunk_size + $count) > $limit) {
$i++;
$current_chunk_size = 0;
break;
} else {
$current_chunk_size += $count;
$eventIdList[$i][] = $id;
unset($eventIds[$id]);
}
$current_chunk_size += $count;
$eventIdList[$i][] = $id;
}
}
}
if ($largest_event/$memory_scaling_factor > $memory_in_mb) {
$this->Log = ClassRegistry::init('Log');
$this->Log->create();
$this->Log->save(array(
'org' => 'SYSTEM',
'model' => 'Event',
'model_id' => 0,
'email' => 'SYSTEM',
'action' => 'error',
'title' => sprintf('Event fetch potential memory exhaustion. During the fetching of events, a large event was detected that exceeds the available PHP memory. Consider rasing the PHP max_memory setting to at least %sM', ceil($largest_event/$memory_scaling_factor)),
'change' => null,
));
}
return $eventIdList;
}

2
app/Model/Log.php
View File

@ -88,7 +88,7 @@ class Log extends AppModel
public $logMetaAdmin = array(
'update' => array('values' => array('update_database'), 'name' => 'MISP Update results'),
'settings' => array('values' => array('serverSettingsEdit', 'remove_dead_workers'), 'name' => 'Setting changes'),
'errors' => array('values' => array('warning', 'errors', 'version_warning'), 'name' => 'Warnings and errors'),
'errors' => array('values' => array('warning', 'error', 'version_warning'), 'name' => 'Warnings and errors'),
'email' => array('values' => array('admin_email'))
);

72
app/Model/Server.php
View File

@ -200,6 +200,24 @@ class Server extends AppModel
'optionsSource' => 'AvailableLanguages',
'afterHook' => 'cleanCacheFiles'
),
'default_attribute_memory_coefficient' => array(
'level' => 1,
'description' => __('This values controls the internal fetcher\'s memory envelope when it comes to attributes. The number provided is the amount of attributes that can be loaded for each MB of PHP memory available in one shot. Consider lowering this number if your instance has a lot of attribute tags / attribute galaxies attached.'),
'value' => 80,
'errorMessage' => '',
'test' => 'testForNumeric',
'type' => 'numeric',
'null' => true
),
'default_event_memory_divisor' => array(
'level' => 1,
'description' => __('This value controls the divisor for attribute weighting when it comes to loading full events. Meaning that it will load coefficient / divisor number of attributes per MB of memory available. Consider raising this number if you have a lot of correlations or highly contextualised events (large number of event level galaxies/tags).'),
'value' => 3,
'errorMessage' => '',
'test' => 'testForNumeric',
'type' => 'numeric',
'null' => true
),
'enable_advanced_correlations' => array(
'level' => 0,
'description' => __('Enable some performance heavy correlations (currently CIDR correlation)'),
@ -2552,7 +2570,7 @@ class Server extends AppModel
return $final;
}
$filter_rules = json_decode($filter_rules, true);
$url_params = null;
$url_params = array();
foreach ($filter_rules as $field => $rules) {
$temp = array();
if ($field === 'url_params') {
@ -2574,7 +2592,9 @@ class Server extends AppModel
}
}
}
$final = array_merge_recursive($final, $url_params);
if (!empty($url_params)) {
$final = array_merge_recursive($final, $url_params);
}
return $final;
}
@ -4370,7 +4390,7 @@ class Server extends AppModel
$dbExpectedSchema = $this->getExpectedDBSchema();
if ($dbExpectedSchema !== false) {
$db_schema_comparison = $this->compareDBSchema($dbActualSchema['schema'], $dbExpectedSchema['schema']);
$db_indexes_comparison = $this->compareDBIndexes($dbActualSchema['indexes'], $dbExpectedSchema['indexes']);
$db_indexes_comparison = $this->compareDBIndexes($dbActualSchema['indexes'], $dbExpectedSchema['indexes'], $dbExpectedSchema);
$schemaDiagnostic['checked_table_column'] = $dbActualSchema['column'];
$schemaDiagnostic['diagnostic'] = $db_schema_comparison;
$schemaDiagnostic['diagnostic_index'] = $db_indexes_comparison;
@ -4645,23 +4665,53 @@ class Server extends AppModel
return $dbDiff;
}
public function compareDBIndexes($actualIndex, $expectedIndex)
public function compareDBIndexes($actualIndex, $expectedIndex, $dbExpectedSchema)
{
$defaultIndexKeylength = 255;
$whitelistTables = array();
$indexDiff = array();
foreach($expectedIndex as $tableName => $indexes) {
if (!array_key_exists($tableName, $actualIndex)) {
// If table does not exists, it is covered by the schema diagnostic
continue; // If table does not exists, it is covered by the schema diagnostic
} elseif(in_array($tableName, $whitelistTables)) {
continue; // Ignore whitelisted tables
} else {
$tableIndexDiff = array_diff($indexes, $actualIndex[$tableName]); // check for missing indexes
if (count($tableIndexDiff) > 0) {
foreach($tableIndexDiff as $columnDiff) {
$indexDiff[$tableName][$columnDiff] = sprintf(__('Column `%s` should be indexed'), $columnDiff);
$columnData = Hash::extract($dbExpectedSchema['schema'][$tableName], sprintf('{n}[column_name=%s]', $columnDiff))[0];
$message = sprintf(__('Column `%s` should be indexed'), $columnDiff);
if ($columnData['data_type'] == 'varchar') {
$keyLength = sprintf('(%s)', $columnData['character_maximum_length'] < $defaultIndexKeylength ? $columnData['character_maximum_length'] : $defaultIndexKeylength);
} elseif ($columnData['data_type'] == 'text') {
$keyLength = sprintf('(%s)', $defaultIndexKeylength);
} else {
$keyLength = '';
}
$sql = sprintf('CREATE INDEX `%s` ON `%s` (%s%s);',
$columnDiff,
$tableName,
$columnDiff,
$keyLength
);
$indexDiff[$tableName][$columnDiff] = array(
'message' => $message,
'sql' => $sql
);
}
}
$tableIndexDiff = array_diff($actualIndex[$tableName], $indexes); // check for additional indexes
if (count($tableIndexDiff) > 0) {
foreach($tableIndexDiff as $columnDiff) {
$indexDiff[$tableName][$columnDiff] = sprintf(__('Column `%s` is indexed but should not'), $columnDiff);
$message = sprintf(__('Column `%s` is indexed but should not'), $columnDiff);
$sql = sprintf('DROP INDEX `%s` ON %s;',
$columnDiff,
$tableName
);
$indexDiff[$tableName][$columnDiff] = array(
'message' => $message,
'sql' => $sql
);
}
}
}
@ -4764,7 +4814,7 @@ class Server extends AppModel
public function stixDiagnostics(&$diagnostic_errors, &$stixVersion, &$cyboxVersion, &$mixboxVersion, &$maecVersion, &$stix2Version, &$pymispVersion)
{
$result = array();
$expected = array('stix' => '>1.2.0.6', 'cybox' => '>2.1.0.18.dev0', 'mixbox' => '1.0.3', 'maec' => '>4.1.0.14', 'stix2' => '>1.2.0', 'pymisp' => '>2.4.93');
$expected = array('stix' => '>1.2.0.6', 'cybox' => '>2.1.0.18.dev0', 'mixbox' => '1.0.3', 'maec' => '>4.1.0.14', 'stix2' => '>1.2.0', 'pymisp' => '>2.4.120');
// check if the STIX and Cybox libraries are working using the test script stixtest.py
$scriptResult = shell_exec($this->getPythonVersion() . ' ' . APP . 'files' . DS . 'scripts' . DS . 'stixtest.py');
$scriptResult = json_decode($scriptResult, true);
@ -5241,15 +5291,15 @@ class Server extends AppModel
public function extensionDiagnostics()
{
$results = array();
$extensions = array('redis', 'gd');
$extensions = array('redis', 'gd', 'ssdeep');
foreach ($extensions as $extension) {
$results['web']['extensions'][$extension] = extension_loaded($extension);
}
if (!is_readable(APP . '/files/scripts/selftest.php')) {
$results['cli'] = false;
} else {
$results['cli'] = exec('php ' . APP . '/files/scripts/selftest.php');
$results['cli'] = json_decode($results['cli'], true);
$execResult = exec('php ' . APP . '/files/scripts/selftest.php');
$results['cli'] = json_decode($execResult, true);
}
return $results;
}

59
app/Model/User.php
View File

@ -2,6 +2,7 @@
App::uses('AppModel', 'Model');
App::uses('AuthComponent', 'Controller/Component');
App::uses('RandomTool', 'Tools');
App::uses('GpgTool', 'Tools');
/**
* @property Log $Log
@ -1038,52 +1039,26 @@ class User extends AppModel
return $message;
}
public function fetchPGPKey($email)
/**
* @param string $email
* @return array
* @throws Exception
*/
public function searchGpgKey($email)
{
App::uses('SyncTool', 'Tools');
$syncTool = new SyncTool();
$HttpSocket = $syncTool->setupHttpSocket();
$response = $HttpSocket->get('https://pgp.circl.lu/pks/lookup?search=' . urlencode($email) . '&op=index&fingerprint=on&options=mr');
if ($response->code != 200) {
return $response->code;
}
return $this->__extractPGPInfo($response->body);
$gpgTool = new GpgTool();
return $gpgTool->searchGpgKey($email);
}
private function __extractPGPInfo($body)
/**
* @param string $fingerprint
* @return string|null
* @throws Exception
*/
public function fetchGpgKey($fingerprint)
{
$final = array();
$lines = explode("\n", $body);
foreach ($lines as $line) {
$parts = explode(":", $line);
if ($parts[0] === 'pub') {
if (!empty($temp)) {
$final[] = $temp;
$temp = array();
}
if (strpos($parts[6], 'r') !== false || strpos($parts[6], 'd') !== false || strpos($parts[6], 'e') !== false) {
continue; // skip if key is expired, revoked or disabled
}
$temp = array(
'fingerprint' => chunk_split($parts[1], 4, ' '),
'key_id' => substr($parts[1], -8),
'date' => date('Y-m-d', $parts[4]),
'uri' => '/pks/lookup?op=get&search=0x' . $parts[1],
);
} else if ($parts[0] === 'uid' && !empty($temp)) {
$temp['address'] = urldecode($parts[1]);
}
}
if (!empty($temp)) {
$final[] = $temp;
}
return $final;
$gpgTool = new GpgTool();
return $gpgTool->fetchGpgKey($fingerprint);
}
public function describeAuthFields()

24
app/View/Elements/healthElements/db_indexes_diagnostic.ctp
View File

@ -19,6 +19,7 @@
<th>Column name</th>
<th>Indexed</th>
<th>Description</th>
<th>Action</th>
</tr>
</thead>
<tbody>
@ -30,15 +31,23 @@
<?php foreach($columnArray as $columnName): ?>
<?php
$columnIndexed = !empty($indexes[$tableName]) && in_array($columnName, $indexes[$tableName]);
$warning = isset($diagnostic[$tableName][$columnName]);
if ($warning) {
$warningArray = isset($diagnostic[$tableName][$columnName]);
if ($warningArray) {
$columnCount++;
}
$rowHtml .= sprintf('%s%s%s%s%s',
sprintf('<tr class="%s">', $warning ? 'error' : 'indexInfo hidden'),
$rowHtml .= sprintf('%s%s%s%s%s%s',
sprintf('<tr class="%s">', $warningArray ? 'error' : 'indexInfo hidden'),
sprintf('<td>%s</td>', h($columnName)),
sprintf('<td><i class="bold fa %s"></i></td>', $columnIndexed ? 'green fa-check' : 'red fa-times'),
sprintf('<td>%s</td>', $warning ? h($diagnostic[$tableName][$columnName]) : ''),
sprintf('<td>%s</td>', $warningArray ? h($diagnostic[$tableName][$columnName]['message']) : ''),
sprintf('<td>%s</td>', $warningArray ?
sprintf(
'<i class="fa fa-wrench useCursorPointer" onclick="quickFixIndexSchema(this, \'%s\')" title="%s" data-query="%s"></i>',
h($diagnostic[$tableName][$columnName]['sql']),
__('Fix Database Index Schema'),
h($diagnostic[$tableName][$columnName]['sql'])
) : ''
),
'</tr>'
);
?>
@ -59,4 +68,9 @@
$('#containerDBIndexes').toggle();
})
})
function quickFixIndexSchema(clicked, sqlQuery) {
var message = "<?php echo sprintf('<div class=\"alert alert-error\" style=\"margin-bottom: 5px;\"><h5>%s</h5> %s</div>', __('Warning'), __('Executing this query might take some time and may harm your database. Please review the query below or backup your database in case of doubt.')) ?>"
message += "<div class=\"well\"><kbd>" + sqlQuery + "</kbd></div>"
openPopover(clicked, message, undefined, 'left');
}
</script>

2
app/View/Elements/healthElements/db_schema_diagnostic.ctp
View File

@ -158,7 +158,7 @@
$updateLocked ? __('Updates are locked') : __('Updates are not locked'),
$updateLocked ? (
$updateFailNumberReached ?
__('Update are locked due to to many update fails') : sprintf(__('Update unlocked in %s'), h($humanReadableTime)))
__('Updates are locked due to to many update fails') : sprintf(__('Updates unlocked in %s'), h($humanReadableTime)))
: __('Updates are not locked'),
$updateLocked ? 'times' : 'check'
);

2
app/View/Events/export.ctp
View File

@ -158,7 +158,7 @@
echo sprintf(
'<li class="actions" style="text-align:center; width: auto; padding: 7px 2px;">%s</li>',
$background ?
$this->Html->link($sigType, array('action' => 'downloadExport', $k, $sigType), array('class' => 'btn btn-inverse btn-small btn.active qet')) :
$this->Html->link($sigType, array('action' => 'downloadExport', 'text', $sigType), array('class' => 'btn btn-inverse btn-small btn.active qet')) :
sprintf(
'<a href="%s" class="btn btn-inverse btn-small">%s</a>',
$baseurl . '/attributes/restSearch/returnFormat:text/type:' . $sigType . '.json',

2
app/View/Events/merge.ctp
View File

@ -1,7 +1,7 @@
<div class="eventmerge form">
<?php echo $this->Form->create('Event', array('enctype' => 'multipart/form-data'));?>
<fieldset>
<legend><?php echo __('Merge events'); ?></legend>
<legend><?php echo __('Merge events - WARNING: this feature is very outdated and should not be used anymore.'); ?></legend>
<?php
echo $this->Form->hidden('target_id');
echo $this->Form->input('source_id', array(

2
app/View/Servers/add.ctp
View File

@ -74,7 +74,7 @@
echo sprintf(
'<div id="AuthkeyContainer"><p class="red clear" style="width:50%%;">%s</p>%s</div>',
__('Ask the owner of the remote instance for a sync account on their instance, log into their MISP using the sync user\'s credentials and retrieve your API key by navigating to Global actions -> My profile. This key is used to authenticate with the remote instance.'),
$this->Form->input('authkey', array())
$this->Form->input('authkey', array('autocomplete' => 'off'))
);
echo '<div class = "input clear" style="width:100%;"><hr /></div>';
echo '<h4 class="input clear">' . __('Enabled synchronisation methods') . '</h4>';

4
app/View/Servers/update_progress.ctp
View File

@ -29,9 +29,9 @@ if (isset($updateProgress['preTestSuccess']) && $updateProgress['preTestSuccess'
<div style="display:flex;flex-direction: row;justify-content: space-between;">
<span>
<?php if ($updateFailNumberReached): ?>
<h5 style="margin: 5px 0px; display: inline-block"><?php echo __('Update are locked due to to many update fails'); ?></h5>
<h5 style="margin: 5px 0px; display: inline-block"><?php echo __('Updates are locked due to to many update fails'); ?></h5>
<?php else: ?>
<h5 style="margin: 5px 0px; display: inline-block"><?php echo __('Update are locked due to an ongoing update process. Release lock only if you know what you are doing'); ?></h5>
<h5 style="margin: 5px 0px; display: inline-block"><?php echo __('Updates are locked due to an ongoing update process. Release lock only if you know what you are doing.'); ?></h5>
<i>(<?php echo sprintf(__('automatically unlock in %smin %ssec'), '<span id="unlock_remaining_time_min">-</span>', '<span id="unlock_remaining_time_sec">-</span>'); ?>)</i>
<?php endif; ?>
</span>

25
app/View/Users/ajax/fetchpgpkey.ctp
View File

@ -1,5 +1,9 @@
<div class="popover_choice">
<legend><?php echo __('Choose the key that you would like to use'); ?></legend>
<p style="padding:0.3em 10px">
<?php echo __("Do not blindly trust fetched keys and check the fingerprint from other source.") ?>
<a href="https://evil32.com" target="_blank"><?php echo __("And do not check just Key ID, but whole fingerprint.") ?></a>
</p>
<div class="popover_choice_main" id ="popover_choice_main">
<table style="width:100%;">
<tr>
@ -7,15 +11,13 @@
<th style="text-align:left;"><?php echo __('Creation date');?></th>
<th style="padding-right:10px; text-align:left;"><?php echo __('Associated E-mail addresses');?></th>
</tr>
<?php foreach ($keys as $k => $key): ?>
<tr style="border-bottom:1px solid black;" class="templateChoiceButton">
<td role="button" tabindex="0" aria-label="<?php echo __('Select GnuPG key');?>" style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['key_id']); ?></td>
<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')"><?php echo h($key['date']); ?></td>
<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>" onClick="pgpChoiceSelect('<?php echo h($key['uri']); ?>')">
<span class="bold">
<?php echo h($key['fingerprint']); ?>
</span><br />
<?php echo nl2br(h($key['address'])); ?>
<?php foreach ($keys as $key): ?>
<tr style="border-bottom:1px solid black;cursor:pointer;" class="templateChoiceButton" data-fingerprint="<?php echo h($key['fingerprint']); ?>">
<td role="button" tabindex="0" aria-label="<?php echo __('Select GnuPG key');?>" style="padding-left:10px; text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>"><?php echo h($key['key_id']); ?></td>
<td style="text-align:left;width:20%;" title="<?php echo h($key['fingerprint']); ?>"><?php echo h($key['date']); ?></td>
<td style="padding-right:10px; text-align:left;width:60%;" title="<?php echo h($key['fingerprint']); ?>">
<b><?php echo h(chunk_split($key['fingerprint'], 4, ' ')); ?></b><br />
<?php echo nl2br(h($key['address'])); ?>
</td>
</tr>
<?php endforeach; ?>
@ -26,6 +28,11 @@
<script type="text/javascript">
$(document).ready(function() {
resizePopoverBody();
$('tr[data-fingerprint]').click(function () {
var fingerprint = $(this).data('fingerprint');
gpgSelect(fingerprint);
});
});
$(window).resize(function() {

44
app/files/feed-metadata/defaults.json
View File

@ -450,7 +450,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -475,7 +475,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -500,7 +500,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -557,7 +557,7 @@
"tag_id": "615",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": true,
"event_id": "0",
"publish": false,
@ -589,7 +589,7 @@
"tag_id": "615",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": true,
"event_id": "0",
"publish": false,
@ -621,7 +621,7 @@
"tag_id": "615",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": true,
"event_id": "0",
"publish": false,
@ -915,7 +915,7 @@
"tag_id": "615",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": true,
"event_id": "0",
"publish": false,
@ -947,7 +947,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -971,7 +971,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -996,7 +996,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1021,7 +1021,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1046,7 +1046,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1071,7 +1071,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1096,7 +1096,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1121,7 +1121,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1146,7 +1146,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1171,7 +1171,7 @@
"tag_id": "0",
"default": false,
"source_format": "freetext",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1196,7 +1196,7 @@
"tag_id": "615",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1229,7 +1229,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1254,7 +1254,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1279,7 +1279,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
@ -1304,7 +1304,7 @@
"tag_id": "0",
"default": false,
"source_format": "csv",
"fixed_event": false,
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,

2
app/files/misp-galaxy

@ -1 +1 @@
Subproject commit 6d078a88dd9f715ba90ccda10365fab585ec9c0f
Subproject commit 33aa1c8f3f25a70b9ab393c48db0b9c6a1776971

2
app/files/misp-objects

@ -1 +1 @@
Subproject commit fa634803911d211f993049242d41eebaf342a9c4
Subproject commit 6c7a8f4524c7926ed722ccddc5d1d0a21c89791d

16
app/files/scripts/selftest.php
View File

@ -1,10 +1,8 @@
<?php
$extensions = array('redis', 'gd');
$results = array();
$results['phpversion'] = phpversion();
foreach ($extensions as $extension) {
$results['extensions'][$extension] = extension_loaded($extension);
}
echo json_encode($results);
?>
$extensions = array('redis', 'gd', 'ssdeep');
$results = array();
$results['phpversion'] = phpversion();
foreach ($extensions as $extension) {
$results['extensions'][$extension] = extension_loaded($extension);
}
echo json_encode($results);

2
app/files/taxonomies

@ -1 +1 @@
Subproject commit d5cc5db3d736e5acede93d514070636834f385d4
Subproject commit 90f77df5792109de3b810006616dcbc68e239a3b

2
app/files/warninglists

@ -1 +1 @@
Subproject commit eee124de3401f9f957bb30a5a4989d422324eca8
Subproject commit 659264240a82893e22df6dccdf8fbdced6398b43

18
app/webroot/js/misp.js
View File

@ -3361,27 +3361,31 @@ function getTextColour(hex) {
}
}
function pgpChoiceSelect(uri) {
function gpgSelect(fingerprint) {
$("#popover_form").fadeOut();
$("#gray_out").fadeOut();
$.ajax({
type: "get",
url: "https://pgp.circl.lu" + uri,
url: "/users/fetchGpgKey/" + fingerprint,
beforeSend: function () {
$(".loading").show();
},
success: function (data) {
var result = data.split("<pre>")[1].split("</pre>")[0];
$("#UserGpgkey").val(result);
$("#UserGpgkey").val(data);
showMessage('success', "Key found!");
},
error: function (data, textStatus, errorThrown) {
showMessage('fail', textStatus + ": " + errorThrown);
},
complete: function () {
$(".loading").hide();
$("#gray_out").fadeOut();
}
},
});
}
function lookupPGPKey(emailFieldName) {
simplePopup("/users/fetchPGPKey/" + $('#' + emailFieldName).val());
var email = $('#' + emailFieldName).val();
simplePopup("/users/searchGpgKey/" + email);
}
function zeroMQServerAction(action) {

20
app/webroot/js/network-distribution-graph.js
View File

@ -1,7 +1,3 @@
/*
*
*/
(function(factory) {
"use strict";
if (typeof define === 'function' && define.amd) {
@ -63,10 +59,10 @@
'root': {
shape: 'icon',
icon: {
face: 'FontAwesome',
code: '\uf10c',
face: '"Font Awesome 5 Free"',
code: '\uf111',
color: '#000000',
size: 50
size: 50,
},
font: {size: 30},
color: '#000000',
@ -74,7 +70,7 @@
'org-only': {
shape: 'icon',
icon: {
face: 'FontAwesome',
face: '"Font Awesome 5 Free"',
code: '\uf2c2',
color: '#ff0000',
size: 30
@ -89,7 +85,7 @@
'root-this-community': {
shape: 'icon',
icon: {
face: 'FontAwesome',
face: '"Font Awesome 5 Free"',
code: '\uf1e1',
color: '#ff9725',
size: 70
@ -116,7 +112,7 @@
'root-connected-community': {
shape: 'icon',
icon: {
face: 'FontAwesome',
face: '"Font Awesome 5 Free"',
code: '\uf0e8',
color: '#9b6e1b',
size: 70
@ -135,7 +131,7 @@
'web': {
shape: 'icon',
icon: {
face: 'FontAwesome',
face: '"Font Awesome 5 Free"',
code: '\uf0ac',
color: '#007d20',
size: 70
@ -150,7 +146,7 @@
'root-sharing-group': {
shape: 'icon',
icon: {
face: 'FontAwesome',
face: '"Font Awesome 5 Free"',
code: '\uf0c0',
color: '#1369a0',
size: 70

2
db_schema.json
View File

@ -5718,5 +5718,5 @@
"id"
]
},
"db_version": "46"
"db_version": "47"
}

5
docs/generic/supportFunctions.md
View File

@ -26,7 +26,8 @@ usage () {
echo -e "${SCRIPT_NAME} -c | Install ONLY ${LBLUE}MISP${NC} Core" # core
echo -e " -M | ${LBLUE}MISP${NC} modules" # modules
echo -e " -D | ${LBLUE}MISP${NC} dashboard" # dashboard
echo -e " -V | Viper" # viper
## FIXME: The current stat of Viper is broken, disabling any use.
##echo -e " -V | Viper" # viper
echo -e " -m | Mail 2 ${LBLUE}MISP${NC}" # mail2
echo -e " -S | Experimental ssdeep correlations" # ssdeep
echo -e " -A | Install ${YELLOW}all${NC} of the above" # all
@ -37,7 +38,7 @@ usage () {
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
echo -e "Options can be combined: ${SCRIPT_NAME} -c -D # Will install Core+Dashboard"
space
echo -e "Recommended is either a barebone MISP install (ideal for syncing from other instances) or"
echo -e "MISP + modules - ${SCRIPT_NAME} -c -M"

2
docs/generic/viper-debian.md
View File

@ -37,7 +37,7 @@ viper () {
$SUDO_CMD /usr/local/src/viper/venv/bin/pip install -r requirements.txt
echo "Launching viper-web"
$SUDO_CMD /usr/local/src/viper-web/viper-web -p 8888 -H 0.0.0.0 &
echo 'PATH="/home/misp/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee /etc/environment
echo 'PATH="/home/misp/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |sudo tee -a /etc/environment
echo ". /etc/environment" >> /home/${MISP_USER}/.profile
# TODO: Perms, MISP_USER_HOME, nasty hack cuz Kali on R00t

2
docs/xINSTALL.tsurugi.md
View File

@ -591,7 +591,7 @@ function installMISPonTsurugi() {
sed -i '1 s/^.*$/\#!\/usr\/local\/src\/viper\/venv\/bin\/python/' viper-web
$SUDO /usr/local/src/viper/viper-cli -h > /dev/null
$SUDO /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |tee /etc/environment
echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper:/var/www/MISP/app/Console"' |tee -a /etc/environment
echo ". /etc/environment" >> /home/${MISP_USER}/.profile
$SUDO sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" /home/${MISP_USER}/.viper/viper.conf
$SUDO sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" /home/${MISP_USER}/.viper/viper.conf