mirror of https://github.com/MISP/MISP
Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules
commit
93bf92b86b
|
@ -120,9 +120,11 @@ MISPvars () {
|
||||||
|
|
||||||
# GPG configuration
|
# GPG configuration
|
||||||
GPG_REAL_NAME='Autogenerated Key'
|
GPG_REAL_NAME='Autogenerated Key'
|
||||||
|
# On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97
|
||||||
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
||||||
GPG_EMAIL_ADDRESS='admin@admin.test'
|
GPG_EMAIL_ADDRESS='admin@admin.test'
|
||||||
GPG_KEY_LENGTH='2048'
|
# 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices
|
||||||
|
GPG_KEY_LENGTH='3072'
|
||||||
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
||||||
|
|
||||||
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
||||||
|
@ -381,19 +383,19 @@ ask_o () {
|
||||||
|
|
||||||
ANSWER=""
|
ANSWER=""
|
||||||
|
|
||||||
if [ -z ${1} ]; then
|
if [ -z "${1}" ]; then
|
||||||
echo "This function needs at least 1 parameter."
|
echo "This function needs at least 1 parameter."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[ -z $2 ] && OPT1="y" || OPT1=$2
|
[ -z "${2}" ] && OPT1="y" || OPT1="${2}"
|
||||||
[ -z $3 ] && OPT2="n" || OPT2=$3
|
[ -z "${3}" ] && OPT2="n" || OPT2="${3}"
|
||||||
|
|
||||||
while true; do
|
while true; do
|
||||||
case $ANSWER in ${OPT1} | ${OPT2}) break ;; esac
|
case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac
|
||||||
echo -n "${1} (${OPT1}/${OPT2}) "
|
echo -n "${1} (${OPT1}/${OPT2}) "
|
||||||
read ANSWER
|
read ANSWER
|
||||||
ANSWER=$(echo $ANSWER | tr '[:upper:]' '[:lower:]')
|
ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]')
|
||||||
done
|
done
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -875,6 +877,7 @@ genRCLOCAL () {
|
||||||
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||||
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||||
|
sed -i -e '$i \[ -f /etc/init.d/firstBoot ] && bash /etc/init.d/firstBoot\n' /etc/rc.local
|
||||||
}
|
}
|
||||||
|
|
||||||
# Run PyMISP tests
|
# Run PyMISP tests
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
; Generated by RHash v1.3.8 on 2019-06-14 at 22:52.36
|
; Generated by RHash v1.3.8 on 2019-06-15 at 11:59.41
|
||||||
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
|
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
|
||||||
;
|
;
|
||||||
; 94592 22:52.36 2019-06-14 INSTALL.sh
|
; 94958 11:59.41 2019-06-15 INSTALL.sh
|
||||||
INSTALL.sh D9B9052B1A36F9508133A30FA0CF032C8CC8ED2A BC04A3389E86FF6AAD8CF2A65EC90B9B9D67BAE8AE587D7D41FEC604622E4FE5 7368C27CFACEE38F698E2B6A1DEF9AB7C94E2FBD9DB6970BF14ED5F666A7DFB2C7D3CAAF5A464D1E3249929D60C56504 39CED06A3E493DA6309C2362056E90821CAF9215D644FF351ED76E7E76F7655FDBE7EC4F47BA6D04ABE6E084707C2B21C4F0F689CFE579EC7BA561137FE8538B
|
INSTALL.sh AD8916A355616615634DD364BB78945301039BDD E12BB967B309DB78E723476B79AC6F1001F02248A0001593B5EFA5C18D0BEBB6 37BC162A792BDBC86AEC04F629E5C410D754C92CA76D796F8FA9F11272A35064D6D3371165A330F747E5C71BF69311F0 71C1FF6F5FB0C2A61A9C0AACE2D017C7EA4A7094B49F22CD22E5723702CFAC27F66D05C52368F169FD8F40166AFC493F5512E078EDF5C279939AB85110A27EBD
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
d9b9052b1a36f9508133a30fa0cf032c8cc8ed2a INSTALL.sh
|
ad8916a355616615634dd364bb78945301039bdd INSTALL.sh
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
bc04a3389e86ff6aad8cf2a65ec90b9b9d67bae8ae587d7d41fec604622e4fe5 INSTALL.sh
|
e12bb967b309db78e723476b79ac6f1001f02248a0001593b5efa5c18d0bebb6 INSTALL.sh
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
7368c27cfacee38f698e2b6a1def9ab7c94e2fbd9db6970bf14ed5f666a7dfb2c7d3caaf5a464d1e3249929d60c56504 INSTALL.sh
|
37bc162a792bdbc86aec04f629e5c410d754c92ca76d796f8fa9f11272a35064d6d3371165a330f747e5c71bf69311f0 INSTALL.sh
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
39ced06a3e493da6309c2362056e90821caf9215d644ff351ed76e7e76f7655fdbe7ec4f47ba6d04abe6e084707c2b21c4f0f689cfe579ec7ba561137fe8538b INSTALL.sh
|
71c1ff6f5fb0c2a61a9c0aace2d017c7ea4a7094b49f22cd22e5723702cfac27f66d05c52368f169fd8f40166afc493f5512e078edf5c279939ab85110a27ebd INSTALL.sh
|
||||||
|
|
|
@ -192,6 +192,15 @@ class Server extends AppModel
|
||||||
'type' => 'boolean',
|
'type' => 'boolean',
|
||||||
'null' => true
|
'null' => true
|
||||||
),
|
),
|
||||||
|
'server_settings_skip_backup_rotate' => array(
|
||||||
|
'level' => 1,
|
||||||
|
'description' => __('Enable this setting to directly save the config.php file without first creating a temporary file and moving it to avoid concurency issues. Generally not recommended, but useful when for example other tools modify/maintain the config.php file.'),
|
||||||
|
'value' => false,
|
||||||
|
'errorMessage' => '',
|
||||||
|
'test' => 'testBool',
|
||||||
|
'type' => 'boolean',
|
||||||
|
'null' => true
|
||||||
|
),
|
||||||
'python_bin' => array(
|
'python_bin' => array(
|
||||||
'level' => 1,
|
'level' => 1,
|
||||||
'description' => __('It is highly recommended to install all the python dependencies in a virtualenv. The recommended location is: %s/venv', ROOT),
|
'description' => __('It is highly recommended to install all the python dependencies in a virtualenv. The recommended location is: %s/venv', ROOT),
|
||||||
|
@ -3076,6 +3085,9 @@ class Server extends AppModel
|
||||||
|
|
||||||
public function testForBinExec($value)
|
public function testForBinExec($value)
|
||||||
{
|
{
|
||||||
|
if (substr($value, 0, 7) === "phar://") {
|
||||||
|
return 'Phar protocol not allowed.';
|
||||||
|
}
|
||||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||||
if ($value === '') {
|
if ($value === '') {
|
||||||
return true;
|
return true;
|
||||||
|
@ -3094,6 +3106,9 @@ class Server extends AppModel
|
||||||
|
|
||||||
public function testForWritableDir($value)
|
public function testForWritableDir($value)
|
||||||
{
|
{
|
||||||
|
if (substr($value, 0, 7) === "phar://") {
|
||||||
|
return 'Phar protocol not allowed.';
|
||||||
|
}
|
||||||
if (!is_dir($value)) {
|
if (!is_dir($value)) {
|
||||||
return 'Not a valid directory.';
|
return 'Not a valid directory.';
|
||||||
}
|
}
|
||||||
|
@ -3724,26 +3739,30 @@ class Server extends AppModel
|
||||||
if (function_exists('opcache_reset')) {
|
if (function_exists('opcache_reset')) {
|
||||||
opcache_reset();
|
opcache_reset();
|
||||||
}
|
}
|
||||||
$randomFilename = $this->generateRandomFileName();
|
if (empty(Configure::read('MISP.server_settings_skip_backup_rotate'))) {
|
||||||
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
$randomFilename = $this->generateRandomFileName();
|
||||||
file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString);
|
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
||||||
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString);
|
||||||
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
||||||
// if the saved config file is empty, restore the backup.
|
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
||||||
if (strlen($config_saved) < 20) {
|
// if the saved config file is empty, restore the backup.
|
||||||
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
if (strlen($config_saved) < 20) {
|
||||||
$this->Log = ClassRegistry::init('Log');
|
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
||||||
$this->Log->create();
|
$this->Log = ClassRegistry::init('Log');
|
||||||
$this->Log->save(array(
|
$this->Log->create();
|
||||||
'org' => 'SYSTEM',
|
$this->Log->save(array(
|
||||||
'model' => 'Server',
|
'org' => 'SYSTEM',
|
||||||
'model_id' => $id,
|
'model' => 'Server',
|
||||||
'email' => 'SYSTEM',
|
'model_id' => $id,
|
||||||
'action' => 'error',
|
'email' => 'SYSTEM',
|
||||||
'user_id' => 0,
|
'action' => 'error',
|
||||||
'title' => 'Error: Something went wrong saving the config file, reverted to backup file.',
|
'user_id' => 0,
|
||||||
));
|
'title' => 'Error: Something went wrong saving the config file, reverted to backup file.',
|
||||||
return false;
|
));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
file_put_contents(APP . 'Config' . DS . 'config.php', $settingsString);
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -210,11 +210,13 @@ class StixParser():
|
||||||
# Return type & value of an ip address attribute
|
# Return type & value of an ip address attribute
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def handle_address(properties):
|
def handle_address(properties):
|
||||||
if properties.is_source:
|
if properties.category == 'e-mail':
|
||||||
ip_type = "ip-src"
|
attribute_type = 'email-src'
|
||||||
|
relation = 'from'
|
||||||
else:
|
else:
|
||||||
ip_type = "ip-dst"
|
attribute_type = "ip-src" if properties.is_source else "ip-dst"
|
||||||
return ip_type, properties.address_value.value, "ip"
|
relation = 'ip'
|
||||||
|
return attribute_type, properties.address_value.value, relation
|
||||||
|
|
||||||
def handle_as(self, properties):
|
def handle_as(self, properties):
|
||||||
attributes = self.fetch_attributes_with_partial_key_parsing(properties, stix2misp_mapping._as_mapping)
|
attributes = self.fetch_attributes_with_partial_key_parsing(properties, stix2misp_mapping._as_mapping)
|
||||||
|
@ -1103,12 +1105,14 @@ class ExternalStixParser(StixParser):
|
||||||
self.handle_object_case(attribute_type, attribute_value, compl_data, to_ids=True, object_uuid=uuid)
|
self.handle_object_case(attribute_type, attribute_value, compl_data, to_ids=True, object_uuid=uuid)
|
||||||
except AttributeError:
|
except AttributeError:
|
||||||
self.parse_description(indicator)
|
self.parse_description(indicator)
|
||||||
|
elif hasattr(observable, 'observable_composition') and observable.observable_composition:
|
||||||
|
self.parse_external_observable(observable.observable_composition.observables, to_ids=True)
|
||||||
if hasattr(indicator, 'related_indicators') and indicator.related_indicators:
|
if hasattr(indicator, 'related_indicators') and indicator.related_indicators:
|
||||||
for related_indicator in indicator.related_indicators:
|
for related_indicator in indicator.related_indicators:
|
||||||
self.parse_external_single_indicator(related_indicator.item)
|
self.parse_external_single_indicator(related_indicator.item)
|
||||||
|
|
||||||
# Parse observables of an external STIX document
|
# Parse observables of an external STIX document
|
||||||
def parse_external_observable(self, observables):
|
def parse_external_observable(self, observables, to_ids=False):
|
||||||
for observable in observables:
|
for observable in observables:
|
||||||
title = observable.title
|
title = observable.title
|
||||||
observable_object = observable.object_
|
observable_object = observable.object_
|
||||||
|
@ -1126,7 +1130,7 @@ class ExternalStixParser(StixParser):
|
||||||
object_uuid = self.fetch_uuid(observable_object.id_)
|
object_uuid = self.fetch_uuid(observable_object.id_)
|
||||||
if isinstance(attribute_value, (str, int)):
|
if isinstance(attribute_value, (str, int)):
|
||||||
# if the returned value is a simple value, we build an attribute
|
# if the returned value is a simple value, we build an attribute
|
||||||
attribute = {'to_ids': False, 'uuid': object_uuid}
|
attribute = {'to_ids': to_ids, 'uuid': object_uuid}
|
||||||
if hasattr(observable, 'handling') and observable.handling:
|
if hasattr(observable, 'handling') and observable.handling:
|
||||||
attribute['Tag'] = []
|
attribute['Tag'] = []
|
||||||
for handling in observable.handling:
|
for handling in observable.handling:
|
||||||
|
|
|
@ -57,9 +57,11 @@ MISPvars () {
|
||||||
|
|
||||||
# GPG configuration
|
# GPG configuration
|
||||||
GPG_REAL_NAME='Autogenerated Key'
|
GPG_REAL_NAME='Autogenerated Key'
|
||||||
|
# On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97
|
||||||
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
|
||||||
GPG_EMAIL_ADDRESS='admin@admin.test'
|
GPG_EMAIL_ADDRESS='admin@admin.test'
|
||||||
GPG_KEY_LENGTH='2048'
|
# 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices
|
||||||
|
GPG_KEY_LENGTH='3072'
|
||||||
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
GPG_PASSPHRASE="$(openssl rand -hex 32)"
|
||||||
|
|
||||||
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
# debug alias to make sure people are not confused when blindly copy pasting blobs of code
|
||||||
|
|
|
@ -229,19 +229,19 @@ ask_o () {
|
||||||
|
|
||||||
ANSWER=""
|
ANSWER=""
|
||||||
|
|
||||||
if [ -z ${1} ]; then
|
if [ -z "${1}" ]; then
|
||||||
echo "This function needs at least 1 parameter."
|
echo "This function needs at least 1 parameter."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[ -z $2 ] && OPT1="y" || OPT1=$2
|
[ -z "${2}" ] && OPT1="y" || OPT1="${2}"
|
||||||
[ -z $3 ] && OPT2="n" || OPT2=$3
|
[ -z "${3}" ] && OPT2="n" || OPT2="${3}"
|
||||||
|
|
||||||
while true; do
|
while true; do
|
||||||
case $ANSWER in ${OPT1} | ${OPT2}) break ;; esac
|
case "${ANSWER}" in "${OPT1}" | "${OPT2}") break ;; esac
|
||||||
echo -n "${1} (${OPT1}/${OPT2}) "
|
echo -n "${1} (${OPT1}/${OPT2}) "
|
||||||
read ANSWER
|
read ANSWER
|
||||||
ANSWER=$(echo $ANSWER | tr '[:upper:]' '[:lower:]')
|
ANSWER=$(echo "${ANSWER}" | tr '[:upper:]' '[:lower:]')
|
||||||
done
|
done
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -727,6 +727,7 @@ genRCLOCAL () {
|
||||||
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||||
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||||
|
sed -i -e '$i \[ -f /etc/init.d/firstBoot ] && bash /etc/init.d/firstBoot\n' /etc/rc.local
|
||||||
}
|
}
|
||||||
|
|
||||||
# Run PyMISP tests
|
# Run PyMISP tests
|
||||||
|
|
Loading…
Reference in New Issue