mirror of https://github.com/MISP/MISP
Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules
chrisr3d
commit
93bf92b86b
|
|
@ -120,9 +120,11 @@ MISPvars () {
|
|||
|
||||
# GPG configuration
|
||||
GPG_REAL_NAME='Autogenerated Key'
|
||||
# On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97
|
||||
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
||||
GPG_EMAIL_ADDRESS='admin@admin.test'
|
||||
GPG_KEY_LENGTH='2048'
|
||||
# 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices
|
||||
GPG_KEY_LENGTH='3072'
|
||||
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
||||
|
||||
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
||||
|
|
@ -381,19 +383,19 @@ ask_o () {
|
|||
|
||||
ANSWER=""
|
||||
|
||||
if [ -z ${1} ]; then
|
||||
if [ -z "${1}" ]; then
|
||||
echo "This function needs at least 1 parameter."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -z $2 ] && OPT1="y" || OPT1=$2
|
||||
[ -z $3 ] && OPT2="n" || OPT2=$3
|
||||
[ -z "${2}" ] && OPT1="y" || OPT1="${2}"
|
||||
[ -z "${3}" ] && OPT2="n" || OPT2="${3}"
|
||||
|
||||
while true; do
|
||||
case $ANSWER in ${OPT1} | ${OPT2}) break ;; esac
|
||||
case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac
|
||||
echo -n "${1} (${OPT1}/${OPT2}) "
|
||||
read ANSWER
|
||||
ANSWER=$(echo $ANSWER | tr '[:upper:]' '[:lower:]')
|
||||
ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]')
|
||||
done
|
||||
|
||||
}
|
||||
|
|
@ -875,6 +877,7 @@ genRCLOCAL () {
|
|||
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
sed -i -e '$i \[ -f /etc/init.d/firstBoot ] && bash /etc/init.d/firstBoot\n' /etc/rc.local
|
||||
}
|
||||
|
||||
# Run PyMISP tests
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
; Generated by RHash v1.3.8 on 2019-06-14 at 22:52.36
|
||||
; Generated by RHash v1.3.8 on 2019-06-15 at 11:59.41
|
||||
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
|
||||
;
|
||||
; 94592 22:52.36 2019-06-14 INSTALL.sh
|
||||
INSTALL.sh D9B9052B1A36F9508133A30FA0CF032C8CC8ED2A BC04A3389E86FF6AAD8CF2A65EC90B9B9D67BAE8AE587D7D41FEC604622E4FE5 7368C27CFACEE38F698E2B6A1DEF9AB7C94E2FBD9DB6970BF14ED5F666A7DFB2C7D3CAAF5A464D1E3249929D60C56504 39CED06A3E493DA6309C2362056E90821CAF9215D644FF351ED76E7E76F7655FDBE7EC4F47BA6D04ABE6E084707C2B21C4F0F689CFE579EC7BA561137FE8538B
|
||||
; 94958 11:59.41 2019-06-15 INSTALL.sh
|
||||
INSTALL.sh AD8916A355616615634DD364BB78945301039BDD E12BB967B309DB78E723476B79AC6F1001F02248A0001593B5EFA5C18D0BEBB6 37BC162A792BDBC86AEC04F629E5C410D754C92CA76D796F8FA9F11272A35064D6D3371165A330F747E5C71BF69311F0 71C1FF6F5FB0C2A61A9C0AACE2D017C7EA4A7094B49F22CD22E5723702CFAC27F66D05C52368F169FD8F40166AFC493F5512E078EDF5C279939AB85110A27EBD
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
d9b9052b1a36f9508133a30fa0cf032c8cc8ed2a INSTALL.sh
|
||||
ad8916a355616615634dd364bb78945301039bdd INSTALL.sh
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
bc04a3389e86ff6aad8cf2a65ec90b9b9d67bae8ae587d7d41fec604622e4fe5 INSTALL.sh
|
||||
e12bb967b309db78e723476b79ac6f1001f02248a0001593b5efa5c18d0bebb6 INSTALL.sh
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
7368c27cfacee38f698e2b6a1def9ab7c94e2fbd9db6970bf14ed5f666a7dfb2c7d3caaf5a464d1e3249929d60c56504 INSTALL.sh
|
||||
37bc162a792bdbc86aec04f629e5c410d754c92ca76d796f8fa9f11272a35064d6d3371165a330f747e5c71bf69311f0 INSTALL.sh
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
39ced06a3e493da6309c2362056e90821caf9215d644ff351ed76e7e76f7655fdbe7ec4f47ba6d04abe6e084707c2b21c4f0f689cfe579ec7ba561137fe8538b INSTALL.sh
|
||||
71c1ff6f5fb0c2a61a9c0aace2d017c7ea4a7094b49f22cd22e5723702cfac27f66d05c52368f169fd8f40166afc493f5512e078edf5c279939ab85110a27ebd INSTALL.sh
|
||||
|
|
|
|||
|
|
@ -192,6 +192,15 @@ class Server extends AppModel
|
|||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
'server_settings_skip_backup_rotate' => array(
|
||||
'level' => 1,
|
||||
'description' => __('Enable this setting to directly save the config.php file without first creating a temporary file and moving it to avoid concurency issues. Generally not recommended, but useful when for example other tools modify/maintain the config.php file.'),
|
||||
'value' => false,
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
'python_bin' => array(
|
||||
'level' => 1,
|
||||
'description' => __('It is highly recommended to install all the python dependencies in a virtualenv. The recommended location is: %s/venv', ROOT),
|
||||
|
|
@ -3076,6 +3085,9 @@ class Server extends AppModel
|
|||
|
||||
public function testForBinExec($value)
|
||||
{
|
||||
if (substr($value, 0, 7) === "phar://") {
|
||||
return 'Phar protocol not allowed.';
|
||||
}
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
if ($value === '') {
|
||||
return true;
|
||||
|
|
@ -3094,6 +3106,9 @@ class Server extends AppModel
|
|||
|
||||
public function testForWritableDir($value)
|
||||
{
|
||||
if (substr($value, 0, 7) === "phar://") {
|
||||
return 'Phar protocol not allowed.';
|
||||
}
|
||||
if (!is_dir($value)) {
|
||||
return 'Not a valid directory.';
|
||||
}
|
||||
|
|
@ -3724,26 +3739,30 @@ class Server extends AppModel
|
|||
if (function_exists('opcache_reset')) {
|
||||
opcache_reset();
|
||||
}
|
||||
$randomFilename = $this->generateRandomFileName();
|
||||
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
||||
file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString);
|
||||
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
||||
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
||||
// if the saved config file is empty, restore the backup.
|
||||
if (strlen($config_saved) < 20) {
|
||||
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'Server',
|
||||
'model_id' => $id,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'error',
|
||||
'user_id' => 0,
|
||||
'title' => 'Error: Something went wrong saving the config file, reverted to backup file.',
|
||||
));
|
||||
return false;
|
||||
if (empty(Configure::read('MISP.server_settings_skip_backup_rotate'))) {
|
||||
$randomFilename = $this->generateRandomFileName();
|
||||
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
||||
file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString);
|
||||
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
||||
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
||||
// if the saved config file is empty, restore the backup.
|
||||
if (strlen($config_saved) < 20) {
|
||||
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'Server',
|
||||
'model_id' => $id,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'error',
|
||||
'user_id' => 0,
|
||||
'title' => 'Error: Something went wrong saving the config file, reverted to backup file.',
|
||||
));
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
file_put_contents(APP . 'Config' . DS . 'config.php', $settingsString);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -210,11 +210,13 @@ class StixParser():
|
|||
# Return type & value of an ip address attribute
|
||||
@staticmethod
|
||||
def handle_address(properties):
|
||||
if properties.is_source:
|
||||
ip_type = "ip-src"
|
||||
if properties.category == 'e-mail':
|
||||
attribute_type = 'email-src'
|
||||
relation = 'from'
|
||||
else:
|
||||
ip_type = "ip-dst"
|
||||
return ip_type, properties.address_value.value, "ip"
|
||||
attribute_type = "ip-src" if properties.is_source else "ip-dst"
|
||||
relation = 'ip'
|
||||
return attribute_type, properties.address_value.value, relation
|
||||
|
||||
def handle_as(self, properties):
|
||||
attributes = self.fetch_attributes_with_partial_key_parsing(properties, stix2misp_mapping._as_mapping)
|
||||
|
|
@ -1103,12 +1105,14 @@ class ExternalStixParser(StixParser):
|
|||
self.handle_object_case(attribute_type, attribute_value, compl_data, to_ids=True, object_uuid=uuid)
|
||||
except AttributeError:
|
||||
self.parse_description(indicator)
|
||||
elif hasattr(observable, 'observable_composition') and observable.observable_composition:
|
||||
self.parse_external_observable(observable.observable_composition.observables, to_ids=True)
|
||||
if hasattr(indicator, 'related_indicators') and indicator.related_indicators:
|
||||
for related_indicator in indicator.related_indicators:
|
||||
self.parse_external_single_indicator(related_indicator.item)
|
||||
|
||||
# Parse observables of an external STIX document
|
||||
def parse_external_observable(self, observables):
|
||||
def parse_external_observable(self, observables, to_ids=False):
|
||||
for observable in observables:
|
||||
title = observable.title
|
||||
observable_object = observable.object_
|
||||
|
|
@ -1126,7 +1130,7 @@ class ExternalStixParser(StixParser):
|
|||
object_uuid = self.fetch_uuid(observable_object.id_)
|
||||
if isinstance(attribute_value, (str, int)):
|
||||
# if the returned value is a simple value, we build an attribute
|
||||
attribute = {'to_ids': False, 'uuid': object_uuid}
|
||||
attribute = {'to_ids': to_ids, 'uuid': object_uuid}
|
||||
if hasattr(observable, 'handling') and observable.handling:
|
||||
attribute['Tag'] = []
|
||||
for handling in observable.handling:
|
||||
|
|
|
|||
|
|
@ -57,9 +57,11 @@ MISPvars () {
|
|||
|
||||
# GPG configuration
|
||||
GPG_REAL_NAME='Autogenerated Key'
|
||||
# On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97
|
||||
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
||||
GPG_EMAIL_ADDRESS='admin@admin.test'
|
||||
GPG_KEY_LENGTH='2048'
|
||||
# 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices
|
||||
GPG_KEY_LENGTH='3072'
|
||||
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
||||
|
||||
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
||||
|
|
|
|||
|
|
@ -229,19 +229,19 @@ ask_o () {
|
|||
|
||||
ANSWER=""
|
||||
|
||||
if [ -z ${1} ]; then
|
||||
if [ -z "${1}" ]; then
|
||||
echo "This function needs at least 1 parameter."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -z $2 ] && OPT1="y" || OPT1=$2
|
||||
[ -z $3 ] && OPT2="n" || OPT2=$3
|
||||
[ -z "${2}" ] && OPT1="y" || OPT1="${2}"
|
||||
[ -z "${3}" ] && OPT2="n" || OPT2="${3}"
|
||||
|
||||
while true; do
|
||||
case $ANSWER in ${OPT1} | ${OPT2}) break ;; esac
|
||||
case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac
|
||||
echo -n "${1} (${OPT1}/${OPT2}) "
|
||||
read ANSWER
|
||||
ANSWER=$(echo $ANSWER | tr '[:upper:]' '[:lower:]')
|
||||
ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]')
|
||||
done
|
||||
|
||||
}
|
||||
|
|
@ -727,6 +727,7 @@ genRCLOCAL () {
|
|||
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
sed -i -e '$i \[ -f /etc/init.d/firstBoot ] && bash /etc/init.d/firstBoot\n' /etc/rc.local
|
||||
}
|
||||
|
||||
# Run PyMISP tests
|
||||
|
|
|
|||
Loading…
Reference in New Issue