mirror of https://github.com/MISP/MISP
new: [freetext] Convert `[at]` to `@` and `hxtp` and `htxp` to `http`
Fixes #4908 and #4805pull/6097/head
parent
73ccbd1f83
commit
9150c2be85
|
@ -4,7 +4,7 @@ class ComplexTypeTool
|
|||
{
|
||||
private $__refangRegexTable = array(
|
||||
array(
|
||||
'from' => '/^hxxp/i',
|
||||
'from' => '/^(hxxp|hxtp|htxp)/i',
|
||||
'to' => 'http',
|
||||
'types' => array('link', 'url')
|
||||
),
|
||||
|
@ -49,7 +49,7 @@ class ComplexTypeTool
|
|||
'types' => array('link', 'url')
|
||||
),
|
||||
array(
|
||||
'from' => '/[\@]/',
|
||||
'from' => '/[\@]|\[at\]/',
|
||||
'to' => '@',
|
||||
'types' => array('email-src', 'email-dst')
|
||||
),
|
||||
|
@ -181,6 +181,7 @@ class ComplexTypeTool
|
|||
{
|
||||
$delimiter = !empty($settings['delimiter']) ? $settings['delimiter'] : ",";
|
||||
$rows = str_getcsv($input, "\n");
|
||||
unset($input);
|
||||
$data = array();
|
||||
foreach ($rows as $k => $row) {
|
||||
if (empty($row[0]) || $row[0] === '#') {
|
||||
|
@ -193,7 +194,6 @@ class ComplexTypeTool
|
|||
}
|
||||
}
|
||||
unset($rows);
|
||||
unset($input);
|
||||
$values = !empty($settings['value']) ? $settings['value'] : array();
|
||||
if (!is_array($values)) {
|
||||
$values = explode(',', $values);
|
||||
|
|
|
@ -14,6 +14,7 @@ class ComplexTypeToolTest extends TestCase
|
|||
$this->assertEquals('ip-dst', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/6009
|
||||
public function testCheckFreeTextIpv6(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
|
@ -59,6 +60,7 @@ class ComplexTypeToolTest extends TestCase
|
|||
$this->assertEquals('domain', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/657
|
||||
public function testCheckFreeTextPunycode(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
|
@ -68,6 +70,7 @@ class ComplexTypeToolTest extends TestCase
|
|||
$this->assertEquals('domain', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/657
|
||||
public function testCheckFreeTextPunycodeTld(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
|
@ -77,4 +80,82 @@ class ComplexTypeToolTest extends TestCase
|
|||
$this->assertEquals('xn--lbrs59br5a.xn--fiqs8s', $results[0]['value']);
|
||||
$this->assertEquals('domain', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/3580
|
||||
public function testCheckFreeTextDate(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('2018-08-21');
|
||||
$this->assertCount(0, $results);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextEmail(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('test@example.com');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('test@example.com', $results[0]['value']);
|
||||
$this->assertEquals('email-src', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextEmailBracket(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('test[@]example.com');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('test@example.com', $results[0]['value']);
|
||||
$this->assertEquals('email-src', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/4805
|
||||
public function testCheckFreeTextEmailBracketAt(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('test[at]example.com');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('test@example.com', $results[0]['value']);
|
||||
$this->assertEquals('email-src', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextUrlHttp(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('http://example.com');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('http://example.com', $results[0]['value']);
|
||||
$this->assertEquals('url', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
public function testCheckFreeTextUrlHttps(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
$results = $complexTypeTool->checkFreeText('https://example.com');
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('https://example.com', $results[0]['value']);
|
||||
$this->assertEquals('url', $results[0]['default_type']);
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/4908
|
||||
public function testCheckFreeTextUrlReplace(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
foreach (['hxxp://example.com', 'hxtp://example.com', 'htxp://example.com'] as $test) {
|
||||
$results = $complexTypeTool->checkFreeText($test);
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('http://example.com', $results[0]['value']);
|
||||
$this->assertEquals('url', $results[0]['default_type']);
|
||||
}
|
||||
}
|
||||
|
||||
// Issue https://github.com/MISP/MISP/issues/4908
|
||||
public function testCheckFreeTextUrlReplaceHttps(): void
|
||||
{
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
foreach (['hxxps://example.com', 'hxtps://example.com', 'htxps://example.com'] as $test) {
|
||||
$results = $complexTypeTool->checkFreeText($test);
|
||||
$this->assertCount(1, $results);
|
||||
$this->assertEquals('https://example.com', $results[0]['value']);
|
||||
$this->assertEquals('url', $results[0]['default_type']);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue