mirror of https://github.com/MISP/MISP
CakePHP Coding Standards
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.pull/61/head
parent
0f4a0dffea
commit
94a367c2f5
|
@ -6,6 +6,7 @@
|
|||
* arg1 = new password
|
||||
*/
|
||||
class PasswordShell extends AppShell {
|
||||
|
||||
public $uses = array('User');
|
||||
|
||||
public function main() {
|
||||
|
|
|
@ -52,7 +52,6 @@ class AppController extends Controller {
|
|||
)
|
||||
);
|
||||
|
||||
|
||||
public function isAuthorized($user) {
|
||||
if (self::_isAdmin()) {
|
||||
return true; // admin can access every action on every controller
|
||||
|
@ -60,8 +59,7 @@ class AppController extends Controller {
|
|||
return false; // The rest don't
|
||||
}
|
||||
|
||||
function beforeFilter() {
|
||||
|
||||
public function beforeFilter() {
|
||||
// REST things
|
||||
if ($this->_isRest()) {
|
||||
// disable CSRF for REST access
|
||||
|
@ -96,22 +94,21 @@ class AppController extends Controller {
|
|||
$this->set('isAdmin', $this->_isAdmin());
|
||||
}
|
||||
|
||||
|
||||
protected function _isRest() {
|
||||
return (isset($this->RequestHandler) && $this->RequestHandler->isXml());
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Convert an array to the same array but with the values also as index instead of an interface_exists
|
||||
*/
|
||||
function _arrayToValuesIndexArray($old_array) {
|
||||
public function _arrayToValuesIndexArray($old_array) {
|
||||
$new_array = Array();
|
||||
foreach ($old_array as $value)
|
||||
$new_array[$value] = $value;
|
||||
return $new_array;
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* checks if the currently logged user is an administrator
|
||||
*/
|
||||
public function _isAdmin() {
|
||||
|
@ -122,27 +119,28 @@ class AppController extends Controller {
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Refreshes the Auth session with new/updated data
|
||||
* @return void
|
||||
*/
|
||||
function _refreshAuth() {
|
||||
public function _refreshAuth() {
|
||||
if (isset($this->User)) {
|
||||
$user = $this->User->read(false, $this->Auth->user('id'));
|
||||
} else {
|
||||
$user= ClassRegistry::init('User')->findById($this->Auth->user('id'));
|
||||
$user = ClassRegistry::init('User')->findById($this->Auth->user('id'));
|
||||
}
|
||||
$this->Auth->login($user['User']);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Updates the missing fields from v0.1 to v0.2 of CyDefSIG
|
||||
* First you will need to manually update the database to the new schema.
|
||||
* Log in as admin user and
|
||||
* Then run this function by setting debug = 1 (or more) and call /events/migrate01to02
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
function migrate01to02() {
|
||||
public function migrate01to02() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
|
||||
// generate uuids for events who have no uuid
|
||||
|
@ -158,7 +156,7 @@ class AppController extends Controller {
|
|||
foreach ($events as $event) {
|
||||
$this->Event->id = $event['Event']['id'];
|
||||
$this->Event->saveField('uuid', String::uuid());
|
||||
echo $event['Event']['id'].' ';
|
||||
echo $event['Event']['id'] . ' ';
|
||||
}
|
||||
echo "</p>";
|
||||
// generate uuids for attributes who have no uuid
|
||||
|
@ -173,19 +171,18 @@ class AppController extends Controller {
|
|||
foreach ($attributes as $attribute) {
|
||||
$this->Attribute->id = $attribute['Attribute']['id'];
|
||||
$this->Attribute->saveField('uuid', String::uuid());
|
||||
echo $attribute['Attribute']['id'].' ';
|
||||
echo $attribute['Attribute']['id'] . ' ';
|
||||
}
|
||||
echo "</p>";
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Updates the missing fields from v0.2 to v0.2.1 of CyDefSIG
|
||||
* First you will need to manually update the database to the new schema.
|
||||
* Log in as admin user and
|
||||
* Then run this function by setting debug = 1 (or more) and call /events/migrate02to021
|
||||
*/
|
||||
function _explodeValueToValues() {
|
||||
public function _explodeValueToValues() {
|
||||
// search for composite value1 fields and explode it to value1 and value2
|
||||
$this->loadModel('Attribute');
|
||||
$params = array(
|
||||
|
@ -201,10 +198,10 @@ class AppController extends Controller {
|
|||
echo '<h2>Exploding composite fields in 2 columns: </h2><ul>';
|
||||
foreach ($attributes as $attribute) {
|
||||
$pieces = explode('|', $attribute['Attribute']['value1']);
|
||||
if (2 != sizeof($pieces)) continue; // do nothing if not 2 pieces
|
||||
if (2 != count($pieces)) continue; // do nothing if not 2 pieces
|
||||
|
||||
$this->Attribute->id = $attribute['Attribute']['id'];
|
||||
echo '<li>'.$attribute['Attribute']['id'].' --> '.$attribute['Attribute']['value1'].' --> '.$pieces[0].' --> '.$pieces[1].'</li> ';
|
||||
echo '<li>' . $attribute['Attribute']['id'] . ' --> ' . $attribute['Attribute']['value1'] . ' --> ' . $pieces[0] . ' --> ' . $pieces[1] . '</li> ';
|
||||
$this->Attribute->saveField('value1', $pieces[0]);
|
||||
$this->Attribute->id = $attribute['Attribute']['id'];
|
||||
$this->Attribute->saveField('value2', $pieces[1]);
|
||||
|
@ -212,15 +209,16 @@ class AppController extends Controller {
|
|||
echo "</ul> DONE.";
|
||||
}
|
||||
|
||||
function migrate02to021() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
public function migrate02to021() {
|
||||
if (!self::_isAdmin()) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
// search for composite value1 fields and explode it to value1 and value2
|
||||
$this->_explodeValueToValues();
|
||||
|
||||
}
|
||||
|
||||
function migrate021to022() {
|
||||
public function migrate021to022() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
|
||||
// replace description by comment
|
||||
|
@ -248,12 +246,12 @@ class AppController extends Controller {
|
|||
// echo "</ul> DONE</p>";
|
||||
|
||||
// search for incompatible combination of category / type
|
||||
|
||||
|
||||
}
|
||||
|
||||
function migratemisp02to10() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
public function migratemisp02to10() {
|
||||
if (!self::_isAdmin()) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
// add missing columns, rename other columns
|
||||
$queries = array(
|
||||
|
@ -287,12 +285,13 @@ class AppController extends Controller {
|
|||
// execute the queries
|
||||
foreach ($queries as &$query) {
|
||||
$result = $this->{$this->modelClass}->query($query);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
function migratemisp10to11() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
public function migratemisp10to11() {
|
||||
if (!self::_isAdmin()) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
// add missing columns, rename other columns
|
||||
$queries = array(
|
||||
|
@ -303,11 +302,10 @@ class AppController extends Controller {
|
|||
// execute the queries
|
||||
foreach ($queries as &$query) {
|
||||
$result = $this->{$this->modelClass}->query($query);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
function generateCorrelation() {
|
||||
public function generateCorrelation() {
|
||||
if (!self::_isAdmin()) throw new NotFoundException();
|
||||
|
||||
$this->loadModel('Correlation');
|
||||
|
@ -317,21 +315,20 @@ class AppController extends Controller {
|
|||
$attributes = $this->Attribute->find('all',array('recursive' => 0));
|
||||
// for all attributes..
|
||||
foreach ($attributes as $attribute) {
|
||||
$this->Attribute->setRelatedAttributes($attribute['Attribute'], $fields=array());
|
||||
$this->Attribute->setRelatedAttributes($attribute['Attribute'], $fields = array());
|
||||
|
||||
// // i want to keep this in repo for a moment
|
||||
// $relatedAttributes = $this->Attribute->getRelatedAttributes($attribute['Attribute'], $fields);
|
||||
// if ($relatedAttributes) {
|
||||
// foreach ($relatedAttributes as $relatedAttribute) {
|
||||
// // // and store into table
|
||||
// $this->Correlation->create();
|
||||
// $this->Correlation->save(array('Correlation' => array(
|
||||
// '1_event_id' => $attribute['Attribute']['event_id'], '1_attribute_id' => $attribute['Attribute']['id'],
|
||||
// 'event_id' => $relatedAttribute['Attribute']['event_id'], 'attribute_id' => $relatedAttribute['Attribute']['id'],
|
||||
// 'date' => $relatedAttribute['Event']['date'])));
|
||||
// }
|
||||
// }
|
||||
//// i want to keep this in repo for a moment
|
||||
//$relatedAttributes = $this->Attribute->getRelatedAttributes($attribute['Attribute'], $fields);
|
||||
//if ($relatedAttributes) {
|
||||
// foreach ($relatedAttributes as $relatedAttribute) {
|
||||
// // and store into table
|
||||
// $this->Correlation->create();
|
||||
// $this->Correlation->save(array('Correlation' => array(
|
||||
// '1_event_id' => $attribute['Attribute']['event_id'], '1_attribute_id' => $attribute['Attribute']['id'],
|
||||
// 'event_id' => $relatedAttribute['Attribute']['event_id'], 'attribute_id' => $relatedAttribute['Attribute']['id'],
|
||||
// 'date' => $relatedAttribute['Event']['date'])));
|
||||
// }
|
||||
//}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -11,13 +11,15 @@ App::uses('File', 'Utility');
|
|||
class AttributesController extends AppController {
|
||||
|
||||
public $components = array('Security', 'RequestHandler');
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
|
||||
);
|
||||
|
||||
public $helpers = array('Js' => array('Jquery'));
|
||||
|
||||
function beforeFilter() {
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
||||
// permit reuse of CSRF tokens on the search page.
|
||||
|
@ -41,7 +43,6 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public function isAuthorized($user) {
|
||||
// Admins can access everything
|
||||
if (parent::isAuthorized($user)) {
|
||||
|
@ -75,7 +76,6 @@ class AttributesController extends AppController {
|
|||
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
|
||||
$this->set('type_definitions', $this->Attribute->type_definitions);
|
||||
$this->set('category_definitions', $this->Attribute->category_definitions);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -90,12 +90,11 @@ class AttributesController extends AppController {
|
|||
|
||||
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
|
||||
// TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
|
||||
if(isset($this->request->data['Attribute']['type']) && $this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
|
||||
if (isset($this->request->data['Attribute']['type']) && $this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
|
||||
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||
}
|
||||
|
||||
|
||||
// remove the published flag from the event
|
||||
$this->Event->id = $this->request->data['Attribute']['event_id'];
|
||||
$this->Event->saveField('published', 0);
|
||||
|
@ -117,27 +116,25 @@ class AttributesController extends AppController {
|
|||
$this->Attribute->create();
|
||||
$this->request->data['Attribute']['value'] = $attribute; // set the value as the content of the single line
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
$successes .= " ".($key+1);
|
||||
$successes .= " " . ($key + 1);
|
||||
} else {
|
||||
$fails .= " ".($key+1);
|
||||
$fails .= " " . ($key + 1);
|
||||
}
|
||||
|
||||
}
|
||||
// we added all the attributes,
|
||||
if ($fails) {
|
||||
// list the ones that failed
|
||||
$this->Session->setFlash(__('The lines'.$fails.' could not be saved. Please, try again.', true), 'default', array(), 'error');
|
||||
$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. Please, try again.', true), 'default', array(), 'error');
|
||||
}
|
||||
if ($successes) {
|
||||
// list the ones that succeeded
|
||||
$this->Session->setFlash(__('The lines'.$successes.' have been saved', true));
|
||||
$this->Session->setFlash(__('The lines' . $successes . ' have been saved', true));
|
||||
}
|
||||
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||
|
||||
}
|
||||
|
||||
else {
|
||||
} else {
|
||||
//
|
||||
// single attribute
|
||||
//
|
||||
|
@ -171,7 +168,6 @@ class AttributesController extends AppController {
|
|||
$this->set('category_definitions', $this->Attribute->category_definitions);
|
||||
}
|
||||
|
||||
|
||||
public function download($id = null) {
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
|
@ -179,13 +175,13 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
$this->Attribute->read();
|
||||
$file = new File(APP.DS."files".DS.$this->Attribute->data['Attribute']['event_id'].DS.$this->Attribute->data['Attribute']['id']);
|
||||
$file = new File(APP . DS . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']);
|
||||
$filename = '';
|
||||
if('attachment' == $this->Attribute->data['Attribute']['type']) {
|
||||
$filename= $this->Attribute->data['Attribute']['value'];
|
||||
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
|
||||
$filename = $this->Attribute->data['Attribute']['value'];
|
||||
$file_ext = pathinfo($filename, PATHINFO_EXTENSION);
|
||||
$filename= substr($filename,0,strlen($filename)-strlen($file_ext)-1);
|
||||
} elseif ('malware-sample'== $this->Attribute->data['Attribute']['type']) {
|
||||
$filename = substr($filename, 0, strlen($filename) - strlen($file_ext) - 1);
|
||||
} elseif ('malware-sample' == $this->Attribute->data['Attribute']['type']) {
|
||||
$filename_hash = explode('|', $this->Attribute->data['Attribute']['value']);
|
||||
$filename = $filename_hash[0];
|
||||
$file_ext = "zip";
|
||||
|
@ -208,6 +204,7 @@ class AttributesController extends AppController {
|
|||
* add_attachment method
|
||||
*
|
||||
* @return void
|
||||
* @throws InternalErrorException
|
||||
*/
|
||||
public function add_attachment($event_id = null) {
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -221,7 +218,7 @@ class AttributesController extends AppController {
|
|||
if ((isset($this->request->data['Attribute']['value']['error']) && $this->request->data['Attribute']['value']['error'] == 0) ||
|
||||
(!empty( $this->request->data['Attribute']['value']['tmp_name']) && $this->request->data['Attribute']['value']['tmp_name'] != 'none')
|
||||
) {
|
||||
if(!is_uploaded_file($tmpfile->path))
|
||||
if (!is_uploaded_file($tmpfile->path))
|
||||
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
|
||||
} else {
|
||||
$this->Session->setFlash(__('There was a problem to upload the file.', true), 'default', array(), 'error');
|
||||
|
@ -234,12 +231,11 @@ class AttributesController extends AppController {
|
|||
|
||||
// save the file-info in the database
|
||||
$this->Attribute->create();
|
||||
if($this->request->data['Attribute']['malware']) {
|
||||
if ($this->request->data['Attribute']['malware']) {
|
||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$this->request->data['Attribute']['type'] = "attachment";
|
||||
$this->request->data['Attribute']['value'] = $filename;
|
||||
$this->request->data['Attribute']['to_ids'] = 0;
|
||||
|
@ -257,22 +253,22 @@ class AttributesController extends AppController {
|
|||
// no errors in file upload, entry already in db, now move the file where needed and zip it if required.
|
||||
// no sanitization is required on the filename, path or type as we save
|
||||
// create directory structure
|
||||
$root_dir = APP.DS."files".DS.$this->request->data['Attribute']['event_id'];
|
||||
$root_dir = APP . DS . "files" . DS . $this->request->data['Attribute']['event_id'];
|
||||
$dir = new Folder($root_dir, true);
|
||||
// move the file to the correct location
|
||||
$destpath = $root_dir.DS.$this->Attribute->id; // id of the new attribute in the database
|
||||
$destpath = $root_dir . DS . $this->Attribute->id; // id of the new attribute in the database
|
||||
$file = new File ($destpath);
|
||||
$zipfile = new File ($destpath.'.zip');
|
||||
$file_in_zip = new File($root_dir.DS.$filename); // FIXME do sanitization of the filename
|
||||
$zipfile = new File ($destpath . '.zip');
|
||||
$file_in_zip = new File($root_dir . DS . $filename); // FIXME do sanitization of the filename
|
||||
|
||||
if($file->exists() || $zipfile->exists() || $file_in_zip->exists()) {
|
||||
if ($file->exists() || $zipfile->exists() || $file_in_zip->exists()) {
|
||||
// this should never happen as the attribute id should be unique
|
||||
$this->Session->setFlash(__('Attachment with this name already exist in this event.', true), 'default', array(), 'error');
|
||||
// remove the entry from the database
|
||||
$this->Attribute->delete();
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||
}
|
||||
if(!move_uploaded_file($tmpfile->path, $file->path)) {
|
||||
if (!move_uploaded_file($tmpfile->path, $file->path)) {
|
||||
$this->Session->setFlash(__('Problem with uploading attachment. Cannot move it to its final location.', true), 'default', array(), 'error');
|
||||
// remove the entry from the database
|
||||
$this->Attribute->delete();
|
||||
|
@ -280,13 +276,14 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
// zip and password protect the malware files
|
||||
if($this->request->data['Attribute']['malware']) {
|
||||
if ($this->request->data['Attribute']['malware']) {
|
||||
// TODO check if CakePHP has no easy/safe wrapper to execute commands
|
||||
$exec_retval = ''; $exec_output = array();
|
||||
$exec_retval = '';
|
||||
$exec_output = array();
|
||||
rename($file->path, $file_in_zip->path); // TODO check if no workaround exists for the current filtering mechanisms
|
||||
exec("zip -j -P infected ".$zipfile->path.' "'.addslashes($file_in_zip->path).'"', $exec_output, $exec_retval);
|
||||
if($exec_retval != 0) { // not EXIT_SUCCESS
|
||||
$this->Session->setFlash(__('Problem with zipping the attachment. Please report to administrator. '.$exec_output, true), 'default', array(), 'error');
|
||||
exec("zip -j -P infected " . $zipfile->path . ' "' . addslashes($file_in_zip->path) . '"', $exec_output, $exec_retval);
|
||||
if ($exec_retval != 0) { // not EXIT_SUCCESS
|
||||
$this->Session->setFlash(__('Problem with zipping the attachment. Please report to administrator. ' . $exec_output, true), 'default', array(), 'error');
|
||||
// remove the entry from the database
|
||||
$this->Attribute->delete();
|
||||
$file_in_zip->delete();
|
||||
|
@ -340,6 +337,7 @@ class AttributesController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function edit($id = null) {
|
||||
$this->Attribute->id = $id;
|
||||
|
@ -350,8 +348,8 @@ class AttributesController extends AppController {
|
|||
|
||||
$this->Attribute->read();
|
||||
$event_id = $this->Attribute->data['Attribute']['event_id'];
|
||||
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
|
||||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
|
||||
if ('attachment' == $this->Attribute->data['Attribute']['type'] ||
|
||||
'malware-sample' == $this->Attribute->data['Attribute']['type'] ) {
|
||||
$this->set('attachment', true);
|
||||
// TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
|
||||
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
|
||||
|
@ -362,7 +360,7 @@ class AttributesController extends AppController {
|
|||
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
// say what fields are to be updated
|
||||
$fieldList=array('category', 'type', 'value1', 'value2', 'to_ids', 'private');
|
||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private');
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The attribute has been saved'));
|
||||
|
||||
|
@ -371,7 +369,6 @@ class AttributesController extends AppController {
|
|||
$this->Event->id = $event_id;
|
||||
$this->Event->saveField('published', 0);
|
||||
|
||||
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $event_id));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
|
@ -394,12 +391,13 @@ class AttributesController extends AppController {
|
|||
$this->set('category_definitions', $this->Attribute->category_definitions);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* delete method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
if (!$this->request->is('post') && !$this->_isRest()) {
|
||||
|
@ -435,17 +433,17 @@ class AttributesController extends AppController {
|
|||
else $this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Deletes this specific attribute from all remote servers
|
||||
* TODO move this to a component(?)
|
||||
*/
|
||||
function _deleteAttributeFromServers($uuid) {
|
||||
public function _deleteAttributeFromServers($uuid) {
|
||||
$result = $this->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $uuid)));
|
||||
$id = $result['Attribute']['id'];
|
||||
|
||||
// make sure we have all the data of the Attribute
|
||||
$this->Attribute->id=$id;
|
||||
$this->Attribute->recursive=1;
|
||||
$this->Attribute->id = $id;
|
||||
$this->Attribute->recursive = 1;
|
||||
$this->Attribute->read();
|
||||
|
||||
// get a list of the servers
|
||||
|
@ -453,7 +451,7 @@ class AttributesController extends AppController {
|
|||
$servers = $this->Server->find('all', array());
|
||||
|
||||
// iterate over the servers and upload the attribute
|
||||
if(empty($servers))
|
||||
if (empty($servers))
|
||||
return;
|
||||
|
||||
App::uses('HttpSocket', 'Network/Http');
|
||||
|
@ -464,7 +462,6 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
public function search() {
|
||||
|
||||
$fullAddress = '/attributes/search';
|
||||
|
||||
if ($this->request->here == $fullAddress) {
|
||||
|
@ -483,13 +480,13 @@ class AttributesController extends AppController {
|
|||
|
||||
// search the db
|
||||
$conditions = array();
|
||||
if($keyword) {
|
||||
$conditions['Attribute.value LIKE'] = '%'.$keyword.'%';
|
||||
if ($keyword) {
|
||||
$conditions['Attribute.value LIKE'] = '%' . $keyword . '%';
|
||||
}
|
||||
if($type != 'ALL') {
|
||||
if ($type != 'ALL') {
|
||||
$conditions['Attribute.type ='] = $type;
|
||||
}
|
||||
if($category != 'ALL') {
|
||||
if ($category != 'ALL') {
|
||||
$conditions['Attribute.category ='] = $category;
|
||||
}
|
||||
$this->Attribute->recursive = 0;
|
||||
|
@ -534,21 +531,20 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* event method (bluntly copied from EventsController.view()
|
||||
*
|
||||
* @param int $id
|
||||
* @return void
|
||||
*/
|
||||
public function event($id = null) {
|
||||
|
||||
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
|
||||
$this->set('type_definitions', $this->Attribute->type_definitions);
|
||||
$this->set('category_definitions', $this->Attribute->category_definitions);
|
||||
|
||||
// search the db
|
||||
$conditions = array();
|
||||
if(isset($this->params['named']['event'])) {
|
||||
if (isset($this->params['named']['event'])) {
|
||||
$attribute_id = $this->params['named']['event'];
|
||||
} else {
|
||||
$attribute_id = $id;
|
||||
|
|
|
@ -4,20 +4,17 @@ class HidsMd5ExportComponent extends Component {
|
|||
|
||||
public $rules = array();
|
||||
|
||||
|
||||
function explain() {
|
||||
public function explain() {
|
||||
// unshift add in reverse order
|
||||
array_unshift($this->rules, '# ');
|
||||
array_unshift($this->rules, '# Keep in mind MD5 is not collision resistant');
|
||||
array_unshift($this->rules, '# These HIDS export contains MD5 checksums.');
|
||||
}
|
||||
|
||||
function suricataRules($items) {
|
||||
|
||||
public function suricataRules($items) {
|
||||
$itemsDone = array();
|
||||
foreach ($items as &$item) {
|
||||
|
||||
|
||||
# md5
|
||||
$rule_format = '%s';
|
||||
|
||||
|
@ -40,7 +37,6 @@ class HidsMd5ExportComponent extends Component {
|
|||
default:
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -49,18 +45,15 @@ class HidsMd5ExportComponent extends Component {
|
|||
$this->explain();
|
||||
|
||||
return $this->rules;
|
||||
|
||||
|
||||
}
|
||||
|
||||
function checksumRule($rule_format, $attribute) {
|
||||
public function checksumRule($rule_format, $attribute) {
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
$attribute['value1'] // md5
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
function partRule($rule_format, $attribute) {
|
||||
public function partRule($rule_format, $attribute) {
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
$attribute['value2'] // md5
|
||||
);
|
||||
|
|
|
@ -4,19 +4,18 @@ class HidsSha1ExportComponent extends Component {
|
|||
|
||||
public $rules = array();
|
||||
|
||||
function explain() {
|
||||
public function explain() {
|
||||
// unshift add in reverse order
|
||||
array_unshift($this->rules, '# ');
|
||||
array_unshift($this->rules, '# Keep in mind SHA-1 still has a theoretical collision possibility');
|
||||
array_unshift($this->rules, '# These HIDS export contains SHA-1 checksums.');
|
||||
}
|
||||
function suricataRules($items) {
|
||||
|
||||
public function suricataRules($items) {
|
||||
$itemsDone = array();
|
||||
|
||||
foreach ($items as &$item) {
|
||||
|
||||
|
||||
# sha-1
|
||||
$rule_format = '%s';
|
||||
|
||||
|
@ -38,7 +37,6 @@ class HidsSha1ExportComponent extends Component {
|
|||
default:
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -47,18 +45,15 @@ class HidsSha1ExportComponent extends Component {
|
|||
$this->explain();
|
||||
|
||||
return $this->rules;
|
||||
|
||||
|
||||
}
|
||||
|
||||
function checksumRule($rule_format, $attribute) {
|
||||
public function checksumRule($rule_format, $attribute) {
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
$attribute['value1'] // md5
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
function partRule($rule_format, $attribute) {
|
||||
public function partRule($rule_format, $attribute) {
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
$attribute['value2'] // md5
|
||||
);
|
||||
|
|
|
@ -3,9 +3,10 @@
|
|||
class NidsExportComponent extends Component {
|
||||
|
||||
public $rules = array();
|
||||
|
||||
public $classtype = 'trojan-activity';
|
||||
|
||||
function explain() {
|
||||
public function explain() {
|
||||
$this->rules[] = '# These NIDS rules contain some variables that need to exist in your configuration.';
|
||||
$this->rules[] = '# Make sure you have set:';
|
||||
$this->rules[] = '#';
|
||||
|
@ -16,7 +17,7 @@ class NidsExportComponent extends Component {
|
|||
$this->rules[] = '# ';
|
||||
}
|
||||
|
||||
function suricataRules($items, $start_sid) {
|
||||
public function suricataRules($items, $start_sid) {
|
||||
$this->whitelist = $this->populateWhitelist();
|
||||
|
||||
$this->explain();
|
||||
|
@ -40,11 +41,11 @@ class NidsExportComponent extends Component {
|
|||
}
|
||||
|
||||
# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
|
||||
$rule_format_msg = 'msg: "CyDefSIG e'.$item['Event']['id'].' %s"';
|
||||
$rule_format_reference = 'reference:url,'.Configure::read('CyDefSIG.baseurl').'/events/view/'.$item['Event']['id'];
|
||||
$rule_format = '%salert %s %s %s %s %s %s ('.$rule_format_msg.'; %s %s classtype:'.$this->classtype.'; sid:%d; rev:%d; priority:'.$priority.'; '.$rule_format_reference.';) ';
|
||||
$rule_format_msg = 'msg: "CyDefSIG e' . $item['Event']['id'] . ' %s"';
|
||||
$rule_format_reference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id'];
|
||||
$rule_format = '%salert %s %s %s %s %s %s (' . $rule_format_msg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $rule_format_reference . ';) ';
|
||||
|
||||
$sid = $start_sid+($item['Attribute']['id']*10); // leave 9 possible rules per attribute type
|
||||
$sid = $start_sid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type
|
||||
$attribute = &$item['Attribute'];
|
||||
|
||||
$sid++;
|
||||
|
@ -86,20 +87,14 @@ class NidsExportComponent extends Component {
|
|||
$this->snortRule($rule_format, $attribute, $sid, $rule_format_msg, $rule_format_reference);
|
||||
default:
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
return $this->rules;
|
||||
|
||||
|
||||
}
|
||||
|
||||
function ipDstRule($rule_format, $attribute, &$sid) {
|
||||
public function ipDstRule($rule_format, $attribute, &$sid) {
|
||||
$overruled = in_array($attribute['value'], $this->whitelist);
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
|
@ -109,16 +104,15 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
$attribute['value'], // dst_ip
|
||||
'any', // dst_port
|
||||
'Outgoing To IP: '.$attribute['value'], // msg
|
||||
'Outgoing To IP: ' . $attribute['value'], // msg
|
||||
'', // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
1 // rev
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
function ipSrcRule($rule_format, $attribute, &$sid) {
|
||||
public function ipSrcRule($rule_format, $attribute, &$sid) {
|
||||
$overruled = in_array($attribute['value'], $this->whitelist);
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
|
@ -128,7 +122,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'$HOME_NET', // dst_ip
|
||||
'any', // dst_port
|
||||
'Incoming From IP: '.$attribute['value'], // msg
|
||||
'Incoming From IP: ' . $attribute['value'], // msg
|
||||
'', // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
|
@ -136,8 +130,8 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function emailSrcRule($rule_format, $attribute, &$sid) {
|
||||
$content = 'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
|
||||
public function emailSrcRule($rule_format, $attribute, &$sid) {
|
||||
$content = 'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
(false) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'tcp', // proto
|
||||
|
@ -146,7 +140,7 @@ class NidsExportComponent extends Component {
|
|||
'<>', // direction
|
||||
'$SMTP_SERVERS', // dst_ip
|
||||
'25', // dst_port
|
||||
'Source Email Address: '.$attribute['value'], // msg
|
||||
'Source Email Address: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'tag:session,600,seconds;', // tag
|
||||
$sid, // sid
|
||||
|
@ -154,8 +148,8 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function emailDstRule($rule_format, $attribute, &$sid) {
|
||||
$content = 'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
|
||||
public function emailDstRule($rule_format, $attribute, &$sid) {
|
||||
$content = 'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
(false) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'tcp', // proto
|
||||
|
@ -164,7 +158,7 @@ class NidsExportComponent extends Component {
|
|||
'<>', // direction
|
||||
'$SMTP_SERVERS', // dst_ip
|
||||
'25', // dst_port
|
||||
'Destination Email Address: '.$attribute['value'],// msg
|
||||
'Destination Email Address: ' . $attribute['value'],// msg
|
||||
$content, // rule_content
|
||||
'tag:session,600,seconds;', // tag
|
||||
$sid, // sid
|
||||
|
@ -172,9 +166,9 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function emailSubjectRule($rule_format, $attribute, &$sid) {
|
||||
public function emailSubjectRule($rule_format, $attribute, &$sid) {
|
||||
// LATER nids - email-subject rule might not match because of line-wrapping
|
||||
$content = 'flow:established,to_server; content:"Subject|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
|
||||
$content = 'flow:established,to_server; content:"Subject|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
(false) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'tcp', // proto
|
||||
|
@ -191,9 +185,9 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function emailAttachmentRule($rule_format, $attribute, &$sid) {
|
||||
public function emailAttachmentRule($rule_format, $attribute, &$sid) {
|
||||
// LATER nids - email-attachment rule might not match because of line-wrapping
|
||||
$content = 'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"'.$attribute['value'].'|22|";';
|
||||
$content = 'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"' . $attribute['value'] . '|22|";';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
(false) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'tcp', // proto
|
||||
|
@ -210,9 +204,9 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function hostnameRule($rule_format, $attribute, &$sid) {
|
||||
public function hostnameRule($rule_format, $attribute, &$sid) {
|
||||
$overruled = $this->checkNames($attribute['value']);
|
||||
$content = 'content:"'.$this->dnsNameToRawFormat($attribute['value'], 'hostname').'"; nocase;';
|
||||
$content = 'content:"' . $this->dnsNameToRawFormat($attribute['value'], 'hostname') . '"; nocase;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'udp', // proto
|
||||
|
@ -221,7 +215,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'any', // dst_ip
|
||||
'53', // dst_port
|
||||
'Hostname: '.$attribute['value'], // msg
|
||||
'Hostname: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
|
@ -236,7 +230,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'any', // dst_ip
|
||||
'53', // dst_port
|
||||
'Hostname: '.$attribute['value'], // msg
|
||||
'Hostname: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
|
@ -245,7 +239,7 @@ class NidsExportComponent extends Component {
|
|||
$sid++;
|
||||
// also do http requests
|
||||
// warning: only suricata compatible
|
||||
$content = 'flow:to_server,established; content: "Host: '.$attribute['value'].'"; nocase; http_header; pcre: "/[^A-Za-z0-9-]'.preg_quote($attribute['value']).'[^A-Za-z0-9-]/";';
|
||||
$content = 'flow:to_server,established; content: "Host: ' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'http', // proto
|
||||
|
@ -254,7 +248,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'$EXTERNAL_NET', // dst_ip
|
||||
'any', // dst_port
|
||||
'Outgoing HTTP Hostname: '.$attribute['value'], // msg
|
||||
'Outgoing HTTP Hostname: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'tag:session,600,seconds;', // tag
|
||||
$sid, // sid
|
||||
|
@ -262,9 +256,9 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function domainRule($rule_format, $attribute, &$sid) {
|
||||
public function domainRule($rule_format, $attribute, &$sid) {
|
||||
$overruled = $this->checkNames($attribute['value']);
|
||||
$content = 'content:"'.$this->dnsNameToRawFormat($attribute['value']).'"; nocase;';
|
||||
$content = 'content:"' . $this->dnsNameToRawFormat($attribute['value']) . '"; nocase;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'udp', // proto
|
||||
|
@ -273,7 +267,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'any', // dst_ip
|
||||
'53', // dst_port
|
||||
'Domain: '.$attribute['value'], // msg
|
||||
'Domain: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
|
@ -288,7 +282,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'any', // dst_ip
|
||||
'53', // dst_port
|
||||
'Domain: '.$attribute['value'], // msg
|
||||
'Domain: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'', // tag
|
||||
$sid, // sid
|
||||
|
@ -297,7 +291,7 @@ class NidsExportComponent extends Component {
|
|||
$sid++;
|
||||
// also do http requests,
|
||||
// warning: only suricata compatible
|
||||
$content = 'flow:to_server,established; content: "Host:"; nocase; http_header; content:"'.$attribute['value'].'"; nocase; http_header; pcre: "/[^A-Za-z0-9-]'.preg_quote($attribute['value']).'[^A-Za-z0-9-]/";';
|
||||
$content = 'flow:to_server,established; content: "Host:"; nocase; http_header; content:"' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'http', // proto
|
||||
|
@ -306,7 +300,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'$EXTERNAL_NET', // dst_ip
|
||||
'any', // dst_port
|
||||
'Outgoing HTTP Domain: '.$attribute['value'], // msg
|
||||
'Outgoing HTTP Domain: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'tag:session,600,seconds;', // tag
|
||||
$sid, // sid
|
||||
|
@ -314,12 +308,12 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function urlRule($rule_format, $attribute, &$sid) {
|
||||
public function urlRule($rule_format, $attribute, &$sid) {
|
||||
// TODO in hindsight, an url should not be excluded given a host or domain name.
|
||||
// $hostpart = parse_url($attribute['value'], PHP_URL_HOST);
|
||||
// $overruled = $this->checkNames($hostpart);
|
||||
//$hostpart = parse_url($attribute['value'], PHP_URL_HOST);
|
||||
//$overruled = $this->checkNames($hostpart);
|
||||
// warning: only suricata compatible
|
||||
$content = 'flow:to_server,established; content:"'.$attribute['value'].'"; nocase; http_uri;';
|
||||
$content = 'flow:to_server,established; content:"' . $attribute['value'] . '"; nocase; http_uri;';
|
||||
$this->rules[] = sprintf($rule_format,
|
||||
(false) ? '#OVERRULED BY WHITELIST# ' : '',
|
||||
'http', // proto
|
||||
|
@ -328,7 +322,7 @@ class NidsExportComponent extends Component {
|
|||
'->', // direction
|
||||
'$EXTERNAL_NET', // dst_ip
|
||||
'any', // dst_port
|
||||
'Outgoing HTTP URL: '.$attribute['value'], // msg
|
||||
'Outgoing HTTP URL: ' . $attribute['value'], // msg
|
||||
$content, // rule_content
|
||||
'tag:session,600,seconds;', // tag
|
||||
$sid, // sid
|
||||
|
@ -336,12 +330,11 @@ class NidsExportComponent extends Component {
|
|||
);
|
||||
}
|
||||
|
||||
function userAgentRule($rule_format, $attribute, &$sid) {
|
||||
public function userAgentRule($rule_format, $attribute, &$sid) {
|
||||
// TODO nids - write snort user-agent rule
|
||||
|
||||
}
|
||||
|
||||
function snortRule($rule_format, $attribute, &$sid, $rule_format_msg, $rule_format_reference) {
|
||||
public function snortRule($rule_format, $attribute, &$sid, $rule_format_msg, $rule_format_reference) {
|
||||
// LATER nids - test using lots of snort rules.
|
||||
$tmp_rule = $attribute['value'];
|
||||
|
||||
|
@ -352,44 +345,42 @@ class NidsExportComponent extends Component {
|
|||
// msg - '/msg\s*:\s*".*?"\s*;/'
|
||||
// reference - '/reference\s*:\s*.+?;/'
|
||||
// tag - '/tag\s*:\s*.+?;/'
|
||||
$replace_count=array();
|
||||
$tmp_rule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:'.$sid.';', $tmp_rule, -1, $replace_count['sid']);
|
||||
$replace_count = array();
|
||||
$tmp_rule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:' . $sid . ';', $tmp_rule, -1, $replace_count['sid']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
$tmp_rule = preg_replace('/rev\s*:\s*[0-9]+\s*;/', 'rev:1;', $tmp_rule, -1, $replace_count['rev']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
$tmp_rule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:'.$this->classtype.';', $tmp_rule, -1, $replace_count['classtype']);
|
||||
$tmp_rule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:' . $this->classtype . ';', $tmp_rule, -1, $replace_count['classtype']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
$tmp_message = sprintf($rule_format_msg, 'snort-rule');
|
||||
$tmp_rule = preg_replace('/msg\s*:\s*".*?"\s*;/', $tmp_message.';', $tmp_rule, -1, $replace_count['msg']);
|
||||
$tmp_rule = preg_replace('/msg\s*:\s*".*?"\s*;/', $tmp_message . ';', $tmp_rule, -1, $replace_count['msg']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference.';', $tmp_rule, -1, $replace_count['reference']);
|
||||
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference . ';', $tmp_rule, -1, $replace_count['reference']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference.';', $tmp_rule, -1, $replace_count['reference']);
|
||||
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference . ';', $tmp_rule, -1, $replace_count['reference']);
|
||||
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||
// FIXME nids - implement priority overwriting
|
||||
|
||||
// some values were not replaced, so we need to add them ourselves, and insert them in the rule
|
||||
$extra_for_rule="";
|
||||
$extra_for_rule = "";
|
||||
if (0 == $replace_count['sid']) {
|
||||
$extra_for_rule .= 'sid:'.$sid.';';
|
||||
$extra_for_rule .= 'sid:' . $sid . ';';
|
||||
} if (0 == $replace_count['rev']) {
|
||||
$extra_for_rule .= 'rev:1;';
|
||||
} if (0 == $replace_count['classtype']) {
|
||||
$extra_for_rule .= 'classtype:'.$this->classtype.';';
|
||||
$extra_for_rule .= 'classtype:' . $this->classtype . ';';
|
||||
} if (0 == $replace_count['msg']) {
|
||||
$extra_for_rule .= $tmp_message.';';
|
||||
$extra_for_rule .= $tmp_message . ';';
|
||||
} if (0 == $replace_count['reference']) {
|
||||
$extra_for_rule .= $rule_format_reference.';';
|
||||
$extra_for_rule .= $rule_format_reference . ';';
|
||||
}
|
||||
$tmp_rule = preg_replace('/;\s*\)/', '; '.$extra_for_rule.')', $tmp_rule);
|
||||
$tmp_rule = preg_replace('/;\s*\)/', '; ' . $extra_for_rule . ')', $tmp_rule);
|
||||
|
||||
// finally the rule is cleaned up and can be outputed
|
||||
$this->rules[] = $tmp_rule;
|
||||
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Converts a DNS name to a raw format usable in NIDS like Snort.
|
||||
* example host: foobar.com becomes |00||06|foobar|03|com|00|
|
||||
* example domain: foobar.com becomes |06|foobar|03|com|00|
|
||||
|
@ -397,7 +388,7 @@ class NidsExportComponent extends Component {
|
|||
* @param string $type the type of dns name - domain (default) or hostname
|
||||
* @return string raw snort compatible format of the dns name
|
||||
*/
|
||||
function dnsNameToRawFormat($name, $type='domain') {
|
||||
public function dnsNameToRawFormat($name, $type='domain') {
|
||||
$rawName = "";
|
||||
if ('hostname' == $type) $rawName = '|00|';
|
||||
// explode using the dot
|
||||
|
@ -408,8 +399,8 @@ class NidsExportComponent extends Component {
|
|||
$length = strlen($explodedName);
|
||||
if ($length > 255) exit('ERROR: dns name is to long for RFC'); // LATER log correctly without dying
|
||||
$hexLength = dechex($length);
|
||||
if (1 == strlen($hexLength)) $hexLength = '0'.$hexLength;
|
||||
$rawName .= '|'.$hexLength.'|'.$explodedName;
|
||||
if (1 == strlen($hexLength)) $hexLength = '0' . $hexLength;
|
||||
$rawName .= '|' . $hexLength . '|' . $explodedName;
|
||||
}
|
||||
// put all together
|
||||
$rawName .= '|00|';
|
||||
|
@ -417,14 +408,14 @@ class NidsExportComponent extends Component {
|
|||
return $rawName;
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Converts a DNS name to a MS DNS log format.
|
||||
* Practical usage is to use these strings to search in logfiles
|
||||
* example: foobar.com becomes (6)foobar(3)com(0)
|
||||
* @param string $name dns name to be converted
|
||||
* @return string raw snort compatible format of the dns name
|
||||
*/
|
||||
function dnsNameToMSDNSLogFormat($name) {
|
||||
public function dnsNameToMSDNSLogFormat($name) {
|
||||
$rawName = "";
|
||||
// in MS DNS log format we can't use (0) to distinguish between hostname and domain (including subdomains)
|
||||
// explode using the dot
|
||||
|
@ -435,7 +426,7 @@ class NidsExportComponent extends Component {
|
|||
$length = strlen($explodedName);
|
||||
if ($length > 255) exit('ERROR: dns name is to long for RFC'); // LATER log correctly without dying
|
||||
$hexLength = dechex($length);
|
||||
$rawName .= '('.$hexLength.')'.$explodedName;
|
||||
$rawName .= '(' . $hexLength . ')' . $explodedName;
|
||||
}
|
||||
// put all together
|
||||
$rawName .= '(0)';
|
||||
|
@ -445,7 +436,7 @@ class NidsExportComponent extends Component {
|
|||
|
||||
public $whitelist = array();
|
||||
|
||||
function populateWhitelist() {
|
||||
public function populateWhitelist() {
|
||||
$whitelistCheck = array();
|
||||
|
||||
$this->Whitelist = ClassRegistry::init('Whitelist');
|
||||
|
@ -465,12 +456,12 @@ class NidsExportComponent extends Component {
|
|||
return $whitelistCheck;
|
||||
}
|
||||
|
||||
function nametoipl($name) {
|
||||
public function nametoipl($name) {
|
||||
if (!$ips = gethostbynamel($name)) $ips = array();
|
||||
return $ips;
|
||||
}
|
||||
|
||||
function checkNames($name) {
|
||||
public function checkNames($name) {
|
||||
$ipl = $this->nametoipl($name);
|
||||
$ipl[] = $name;
|
||||
$overruled = false;
|
||||
|
|
|
@ -4,8 +4,7 @@ App::uses('AuthComponent', 'Controller/Component');
|
|||
|
||||
class SecureAuthComponent extends AuthComponent {
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Log a user in using anti-brute-force protection.
|
||||
* If a $user is provided that data will be stored as the logged in user. If `$user` is empty or not
|
||||
* specified, the request will be used to identify a user. If the identification was successful,
|
||||
|
@ -15,6 +14,7 @@ class SecureAuthComponent extends AuthComponent {
|
|||
* @param mixed $user Either an array of user data, or null to identify a user using the current request.
|
||||
* @return boolean True on login success, false on failure
|
||||
* @link http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
|
||||
* @throws ForbiddenException
|
||||
*/
|
||||
public function login($user = null) {
|
||||
$this->_setDefaults();
|
||||
|
@ -36,7 +36,7 @@ class SecureAuthComponent extends AuthComponent {
|
|||
}
|
||||
} else {
|
||||
// user - ip combination has reached the amount of maximum attempts in the timeframe
|
||||
throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait '.Configure::read('SecureAuth.expire').' seconds and try again.');
|
||||
throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait ' . Configure::read('SecureAuth.expire') . ' seconds and try again.');
|
||||
}
|
||||
} else {
|
||||
// user didn't fill in all the form fields, nothing to do
|
||||
|
|
|
@ -9,12 +9,11 @@ App::uses('Xml', 'Utility');
|
|||
*/
|
||||
class EventsController extends AppController {
|
||||
|
||||
/**
|
||||
/**
|
||||
* Components
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
|
||||
public $components = array(
|
||||
'Security',
|
||||
'Email',
|
||||
|
@ -23,6 +22,7 @@ class EventsController extends AppController {
|
|||
'HidsSha1Export',
|
||||
'NidsExport'
|
||||
);
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
|
||||
|
@ -31,7 +31,7 @@ class EventsController extends AppController {
|
|||
)
|
||||
);
|
||||
|
||||
function beforeFilter() {
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
||||
// what pages are allowed for non-logged-in users
|
||||
|
@ -72,12 +72,12 @@ class EventsController extends AppController {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* index method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
function index() {
|
||||
public function index() {
|
||||
// list the events
|
||||
$this->Event->recursive = 0;
|
||||
$this->set('events', $this->paginate());
|
||||
|
@ -88,11 +88,12 @@ class EventsController extends AppController {
|
|||
$this->set('event_descriptions', $this->Event->field_descriptions);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* view method
|
||||
*
|
||||
* @param int $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function view($id = null) {
|
||||
$this->Event->id = $id;
|
||||
|
@ -118,8 +119,7 @@ class EventsController extends AppController {
|
|||
'recursive' => 0));
|
||||
if (empty($relatedAttributes2)) {
|
||||
$relatedEvents = null;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
foreach ($relatedAttributes2 as $relatedAttribute2) {
|
||||
$relatedAttributes[$relatedAttribute2['Correlation']['1_attribute_id']][] = array('Attribute' => $relatedAttribute2['Correlation']);
|
||||
}
|
||||
|
@ -216,7 +216,7 @@ class EventsController extends AppController {
|
|||
$this->set('category_definitions', $this->Attribute->category_definitions);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* add method
|
||||
*
|
||||
* @return void
|
||||
|
@ -246,7 +246,7 @@ class EventsController extends AppController {
|
|||
$this->set('event_descriptions', $this->Event->field_descriptions);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Low level functino to add an Event based on an Event $data array
|
||||
*
|
||||
* @return bool true if success
|
||||
|
@ -274,19 +274,19 @@ class EventsController extends AppController {
|
|||
|
||||
if (isset($data['Event']['uuid'])) { // TODO here we should start RESTful dialog
|
||||
// check if the uuid already exists
|
||||
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
|
||||
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid' => $data['Event']['uuid'])));
|
||||
if ($existingEventCount > 0) {
|
||||
$existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
|
||||
$existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid' => $data['Event']['uuid'])));
|
||||
$data['Event']['id'] = $existingEvent['Event']['id'];
|
||||
$data['Event']['org'] = $existingEvent['Event']['org'];
|
||||
// attributes..
|
||||
$c = 0;
|
||||
if (isset($data['Attribute'])) {
|
||||
foreach ($data['Attribute'] as $attribute){
|
||||
foreach ($data['Attribute'] as $attribute) {
|
||||
// ..do some
|
||||
$existingAttributeCount = $this->Event->Attribute->find('count', array('conditions' => array('Attribute.uuid'=>$attribute['uuid'])));
|
||||
$existingAttributeCount = $this->Event->Attribute->find('count', array('conditions' => array('Attribute.uuid' => $attribute['uuid'])));
|
||||
if ($existingAttributeCount > 0) {
|
||||
$existingAttribute = $this->Event->Attribute->find('first', array('conditions' => array('Attribute.uuid'=>$attribute['uuid'])));
|
||||
$existingAttribute = $this->Event->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $attribute['uuid'])));
|
||||
$data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
|
||||
}
|
||||
$c++;
|
||||
|
@ -315,11 +315,12 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* edit method
|
||||
*
|
||||
* @param int $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function edit($id = null) {
|
||||
$this->Event->id = $id;
|
||||
|
@ -363,7 +364,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
// say what fields are to be updated
|
||||
$fieldList=array('date', 'risk', 'info', 'published', 'private');
|
||||
$fieldList = array('date', 'risk', 'info', 'published', 'private');
|
||||
// always force the org, but do not force it for admins
|
||||
if ($this->_isAdmin()) {
|
||||
// set the same org as existed before
|
||||
|
@ -391,12 +392,13 @@ class EventsController extends AppController {
|
|||
$this->set('event_descriptions', $this->Event->field_descriptions);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* delete method
|
||||
*
|
||||
* @param int $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
if (!$this->request->is('post') && !$this->_isRest()) {
|
||||
|
@ -428,15 +430,14 @@ class EventsController extends AppController {
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Uploads this specific event to all remote servers
|
||||
* TODO move this to a component
|
||||
*/
|
||||
function _uploadEventToServers($id) {
|
||||
private function _uploadEventToServers($id) {
|
||||
// make sure we have all the data of the Event
|
||||
$this->Event->id=$id;
|
||||
$this->Event->recursive=1;
|
||||
$this->Event->id = $id;
|
||||
$this->Event->recursive = 1;
|
||||
$this->Event->read();
|
||||
|
||||
// get a list of the servers
|
||||
|
@ -456,12 +457,11 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Delets this specific event to all remote servers
|
||||
* TODO move this to a component(?)
|
||||
*/
|
||||
function _deleteEventFromServers($uuid) {
|
||||
|
||||
private function _deleteEventFromServers($uuid) {
|
||||
// get a list of the servers
|
||||
$this->loadModel('Server');
|
||||
$servers = $this->Server->find('all', array());
|
||||
|
@ -477,12 +477,12 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Performs all the actions required to publish an event
|
||||
*
|
||||
* @param unknown_type $id
|
||||
*/
|
||||
function _publish($id) {
|
||||
private function _publish($id) {
|
||||
$this->Event->id = $id;
|
||||
$this->Event->recursive = 0;
|
||||
//$this->Event->read();
|
||||
|
@ -495,10 +495,12 @@ class EventsController extends AppController {
|
|||
$this->_uploadEventToServers($id);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Publishes the event without sending an alert email
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
function publish($id = null) {
|
||||
public function publish($id = null) {
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -517,11 +519,13 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Send out an alert email to all the users that wanted to be notified.
|
||||
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
function alert($id = null) {
|
||||
public function alert($id = null) {
|
||||
$this->Event->id = $id;
|
||||
$this->Event->recursive = 0;
|
||||
if (!$this->Event->exists()) {
|
||||
|
@ -560,29 +564,29 @@ class EventsController extends AppController {
|
|||
// The mail body, h() is NOT needed as we are sending plain-text mails.
|
||||
$body = "";
|
||||
$appendlen = 20;
|
||||
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id']."\n";
|
||||
$body .= 'Event : '.$event['Event']['id']."\n";
|
||||
$body .= 'Date : '.$event['Event']['date']."\n";
|
||||
$body .= 'URL : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
|
||||
$body .= 'Event : ' . $event['Event']['id'] . "\n";
|
||||
$body .= 'Date : ' . $event['Event']['date'] . "\n";
|
||||
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||
$body .= 'Reported by : '.$event['Event']['org']."\n";
|
||||
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
|
||||
}
|
||||
$body .= 'Risk : '.$event['Event']['risk']."\n";
|
||||
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
|
||||
$relatedEvents = $this->Event->getRelatedEvents($id);
|
||||
if (!empty($relatedEvents)) {
|
||||
foreach ($relatedEvents as &$relatedEvent){
|
||||
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
|
||||
foreach ($relatedEvents as &$relatedEvent) {
|
||||
$body .= 'Related to : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ')' . "\n";
|
||||
|
||||
}
|
||||
}
|
||||
$body .= 'Info : '."\n";
|
||||
$body .= $event['Event']['info']."\n";
|
||||
$body .= 'Info : ' . "\n";
|
||||
$body .= $event['Event']['info'] . "\n";
|
||||
$body .= "\n";
|
||||
$body .= 'Attributes :'."\n";
|
||||
$body .= 'Attributes :' . "\n";
|
||||
$body_temp_other = "";
|
||||
|
||||
if (isset($event['Attribute'])) {
|
||||
foreach ($event['Attribute'] as &$attribute){
|
||||
$line = '- '.$attribute['type'].str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])).': '.$attribute['value']."\n";
|
||||
foreach ($event['Attribute'] as &$attribute) {
|
||||
$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])) . ': ' . $attribute['value'] . "\n";
|
||||
if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
|
||||
$body_temp_other .= $line;
|
||||
else $body .= $line;
|
||||
|
@ -618,7 +622,7 @@ class EventsController extends AppController {
|
|||
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||
//$this->Email->to = "CyDefSIG <sig@cyber-defence.be>"; TODO check if it doesn't break things to not set a to , like being spammed away
|
||||
$this->Email->bcc = $alert_emails;
|
||||
$this->Email->subject = "[".Configure::read('CyDefSIG.name')."] Event ".$id." - ".$event['Event']['risk']." - TLP Amber";
|
||||
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
|
||||
$this->Email->template = 'body';
|
||||
$this->Email->sendAs = 'text'; // both text or html
|
||||
$this->set('body', $body_signed);
|
||||
|
@ -643,7 +647,7 @@ class EventsController extends AppController {
|
|||
// send the email
|
||||
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||
$this->Email->to = $user['User']['email'];
|
||||
$this->Email->subject = "[".Configure::read('CyDefSIG.name')."] Event ".$id." - ".$event['Event']['risk']." - TLP Amber";
|
||||
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
|
||||
$this->Email->template = 'body';
|
||||
$this->Email->sendAs = 'text'; // both text or html
|
||||
|
||||
|
@ -677,14 +681,13 @@ class EventsController extends AppController {
|
|||
|
||||
// LATER check if sending email succeeded and return appropriate result
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Send out an contact email to the person who posted the event.
|
||||
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function contact($id = null) {
|
||||
$this->Event->id = $id;
|
||||
|
@ -709,9 +712,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
*
|
||||
* Sends out an email to all people within the same org
|
||||
* with the request to be contacted about a specific event.
|
||||
|
@ -729,45 +730,45 @@ class EventsController extends AppController {
|
|||
|
||||
// The mail body, h() is NOT needed as we are sending plain-text mails.
|
||||
$body = "";
|
||||
$body .="Hello, \n";
|
||||
$body .="\n";
|
||||
$body .="Someone wants to get in touch with you concerning a CyDefSIG event. \n";
|
||||
$body .="\n";
|
||||
$body .="You can reach him at ".$this->Auth->user('email')."\n";
|
||||
$body .= "Hello, \n";
|
||||
$body .= "\n";
|
||||
$body .= "Someone wants to get in touch with you concerning a CyDefSIG event. \n";
|
||||
$body .= "\n";
|
||||
$body .= "You can reach him at " . $this->Auth->user('email') . "\n";
|
||||
if (!$this->Auth->user('gpgkey'))
|
||||
$body .="His GPG/PGP key is added as attachment to this email. \n";
|
||||
$body .="\n";
|
||||
$body .="He wrote the following message: \n";
|
||||
$body .=$message."\n";
|
||||
$body .="\n";
|
||||
$body .="\n";
|
||||
$body .="The event is the following: \n";
|
||||
$body .= "His GPG/PGP key is added as attachment to this email. \n";
|
||||
$body .= "\n";
|
||||
$body .= "He wrote the following message: \n";
|
||||
$body .= $message . "\n";
|
||||
$body .= "\n";
|
||||
$body .= "\n";
|
||||
$body .= "The event is the following: \n";
|
||||
|
||||
// print the event in mail-format
|
||||
// LATER place event-to-email-layout in a function
|
||||
$appendlen = 20;
|
||||
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id']."\n";
|
||||
$body .= 'Event : '.$event['Event']['id']."\n";
|
||||
$body .= 'Date : '.$event['Event']['date']."\n";
|
||||
$body .= 'URL : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
|
||||
$body .= 'Event : ' . $event['Event']['id'] . "\n";
|
||||
$body .= 'Date : ' . $event['Event']['date'] . "\n";
|
||||
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||
$body .= 'Reported by : '.$event['Event']['org']."\n";
|
||||
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
|
||||
}
|
||||
$body .= 'Risk : '.$event['Event']['risk']."\n";
|
||||
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
|
||||
$relatedEvents = $this->Event->getRelatedEvents($id);
|
||||
if (!empty($relatedEvents)) {
|
||||
foreach ($relatedEvents as &$relatedEvent){
|
||||
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
|
||||
foreach ($relatedEvents as &$relatedEvent) {
|
||||
$body .= 'Related to : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ')' . "\n";
|
||||
|
||||
}
|
||||
}
|
||||
$body .= 'Info : '."\n";
|
||||
$body .= $event['Event']['info']."\n";
|
||||
$body .= 'Info : ' . "\n";
|
||||
$body .= $event['Event']['info'] . "\n";
|
||||
$body .= "\n";
|
||||
$body .= 'Attributes :'."\n";
|
||||
$body .= 'Attributes :' . "\n";
|
||||
$body_temp_other = "";
|
||||
if (!empty($event['Attribute'])) {
|
||||
foreach ($event['Attribute'] as &$attribute){
|
||||
$line = '- '.$attribute['type'].str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])).': '.$attribute['value']."\n";
|
||||
foreach ($event['Attribute'] as &$attribute) {
|
||||
$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])) . ': ' . $attribute['value'] . "\n";
|
||||
if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
|
||||
$body_temp_other .= $line;
|
||||
else $body .= $line;
|
||||
|
@ -782,7 +783,6 @@ class EventsController extends AppController {
|
|||
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
|
||||
$body_signed = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
|
||||
|
||||
|
||||
// Add the GPG key of the user as attachment
|
||||
// LATER sign the attached GPG key
|
||||
if (!empty($me_user['gpgkey'])) {
|
||||
|
@ -820,7 +820,7 @@ class EventsController extends AppController {
|
|||
// prepare the email
|
||||
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||
$this->Email->to = $reporter['User']['email'];
|
||||
$this->Email->subject = "[".Configure::read('CyDefSIG.name'). "] Need info about event ".$id." - TLP Amber";
|
||||
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Need info about event " . $id . " - TLP Amber";
|
||||
//$this->Email->delivery = 'debug'; // do not really send out mails, only display it on the screen
|
||||
$this->Email->template = 'body';
|
||||
$this->Email->sendAs = 'text'; // both text or html
|
||||
|
@ -848,17 +848,14 @@ class EventsController extends AppController {
|
|||
return $result;
|
||||
}
|
||||
|
||||
|
||||
public function export() {
|
||||
// Simply display a static view
|
||||
|
||||
// generate the list of Attribute types
|
||||
$this->loadModel('Attribute');
|
||||
$this->set('sig_types', array_keys($this->Attribute->type_definitions));
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function xml($key, $eventid=null) {
|
||||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
|
@ -894,13 +891,12 @@ class EventsController extends AppController {
|
|||
$this->set('results', $results);
|
||||
}
|
||||
|
||||
|
||||
public function nids($key) {
|
||||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
// no input sanitization necessary, it's done by model
|
||||
// do not fetch recursive
|
||||
$this->User->recursive=0;
|
||||
$this->User->recursive = 0;
|
||||
$user = $this->User->findByAuthkey($key);
|
||||
if (empty($user)) {
|
||||
throw new UnauthorizedException('Incorrect authentication key');
|
||||
|
@ -924,20 +920,18 @@ class EventsController extends AppController {
|
|||
|
||||
print "#<pre> \n";
|
||||
foreach ($rules as &$rule)
|
||||
print $rule."\n";
|
||||
print $rule . "\n";
|
||||
print "#</pre>\n";
|
||||
|
||||
$this->set('rules', $rules);
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function hids_md5($key) {
|
||||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
// no input sanitization necessary, it's done by model
|
||||
// do not fetch recursive
|
||||
$this->User->recursive=0;
|
||||
$this->User->recursive = 0;
|
||||
$user = $this->User->findByAuthkey($key);
|
||||
if (empty($user)) {
|
||||
throw new UnauthorizedException('Incorrect authentication key');
|
||||
|
@ -962,7 +956,7 @@ class EventsController extends AppController {
|
|||
|
||||
print "#<pre> \n";
|
||||
foreach ($rules as &$rule)
|
||||
print $rule."\n";
|
||||
print $rule . "\n";
|
||||
print "#</pre>\n";
|
||||
|
||||
$this->set('rules', $rules);
|
||||
|
@ -970,16 +964,14 @@ class EventsController extends AppController {
|
|||
print "Not any MD5 found to export\n";
|
||||
}
|
||||
$this->render('hids');
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function hids_sha1($key) {
|
||||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
// no input sanitization necessary, it's done by model
|
||||
// do not fetch recursive
|
||||
$this->User->recursive=0;
|
||||
$this->User->recursive = 0;
|
||||
$user = $this->User->findByAuthkey($key);
|
||||
if (empty($user)) {
|
||||
throw new UnauthorizedException('Incorrect authentication key');
|
||||
|
@ -1003,8 +995,9 @@ class EventsController extends AppController {
|
|||
print ("#<h1>This part is not finished and might be buggy. Please report any issues.</h1>\n");
|
||||
|
||||
print "#<pre> \n";
|
||||
foreach ($rules as &$rule)
|
||||
print $rule."\n";
|
||||
foreach ($rules as &$rule) {
|
||||
print $rule . "\n";
|
||||
}
|
||||
print "#</pre>\n";
|
||||
|
||||
$this->set('rules', $rules);
|
||||
|
@ -1012,10 +1005,8 @@ class EventsController extends AppController {
|
|||
print "Not any SHA-1 found to export\n";
|
||||
}
|
||||
$this->render('hids');
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function text($key, $type="") {
|
||||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
|
@ -1026,7 +1017,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
$this->response->type('txt'); // set the content type
|
||||
$this->header('Content-Disposition: inline; filename="cydefsig.'.$type.'.txt"');
|
||||
$this->header('Content-Disposition: inline; filename="cydefsig.' . $type . '.txt"');
|
||||
$this->layout = 'text/default';
|
||||
|
||||
$this->loadModel('Attribute');
|
||||
|
@ -1042,69 +1033,65 @@ class EventsController extends AppController {
|
|||
$this->set('attributes', $attributes);
|
||||
}
|
||||
|
||||
//public function dot($key) {
|
||||
// // check if the key is valid -> search for users based on key
|
||||
// $this->loadModel('User');
|
||||
// // no input sanitization necessary, it's done by model
|
||||
// $this->User->recursive=0;
|
||||
// $user = $this->User->findByAuthkey($key);
|
||||
// if (empty($user)) {
|
||||
// throw new UnauthorizedException('Incorrect authentication key');
|
||||
// }
|
||||
// // display the full snort rulebase
|
||||
// $this->response->type('txt'); // set the content type
|
||||
// $this->header('Content-Disposition: inline; filename="cydefsig.rules"');
|
||||
// $this->layout = 'text/default';
|
||||
|
||||
// public function dot($key) {
|
||||
// // check if the key is valid -> search for users based on key
|
||||
// $this->loadModel('User');
|
||||
// // no input sanitization necessary, it's done by model
|
||||
// $this->User->recursive=0;
|
||||
// $user = $this->User->findByAuthkey($key);
|
||||
// if (empty($user)) {
|
||||
// throw new UnauthorizedException('Incorrect authentication key');
|
||||
// }
|
||||
// // display the full snort rulebase
|
||||
// $this->response->type('txt'); // set the content type
|
||||
// $this->header('Content-Disposition: inline; filename="cydefsig.rules"');
|
||||
// $this->layout = 'text/default';
|
||||
|
||||
// $rules= array();
|
||||
// $this->loadModel('Attribute');
|
||||
|
||||
// $params = array(
|
||||
// 'recursive' => 0,
|
||||
// 'fields' => array('Attribute.*')
|
||||
// );
|
||||
// $items = $this->Attribute->find('all', $params);
|
||||
|
||||
// $composite_types = $this->Attribute->getCompositeTypes();
|
||||
// // rebuild the array with the correct data
|
||||
// foreach ($items as &$item) {
|
||||
// if (in_array($item['Attribute']['type'], $composite_types)) {
|
||||
// // create a new item that will contain value2
|
||||
// $new_item = $item;
|
||||
// // set the correct type for the first item
|
||||
// $pieces = explode('|', $item['Attribute']['type']);
|
||||
// $item['Attribute']['type'] = $pieces[0];
|
||||
// // set the correct data for the new item
|
||||
// $new_item['Attribute']['type'] = (isset($pieces[1]))? $pieces[1] : 'md5';
|
||||
// $new_item['Attribute']['value'] = $item['Attribute']['value2'];
|
||||
// unset($new_item['Attribute']['value1']);
|
||||
// unset($new_item['Attribute']['value2']);
|
||||
// // store the new item
|
||||
// $items[] = $new_item;
|
||||
// }
|
||||
// // set the correct fields for the attribute
|
||||
// if (isset($item['Attribute']['value1'])) {
|
||||
// $item['Attribute']['value'] = $item['Attribute']['value1'];
|
||||
// }
|
||||
// unset($item['Attribute']['value1']);
|
||||
// unset($item['Attribute']['value2']);
|
||||
// }
|
||||
// debug($items);
|
||||
|
||||
// // iterate over the array to build the GV links
|
||||
// require_once 'Image/GraphViz.php';
|
||||
// $gv = new Image_GraphViz();
|
||||
// $gv->addEdge(array('wake up' => 'visit bathroom'));
|
||||
// $gv->addEdge(array('visit bathroom' => 'make coffee'));
|
||||
// foreach ($items as &$item) {
|
||||
// $gv->addNode('Node 1',
|
||||
// array(''));
|
||||
// }
|
||||
// debug($gv);
|
||||
// $gv->image();
|
||||
// }
|
||||
// $rules= array();
|
||||
// $this->loadModel('Attribute');
|
||||
|
||||
// $params = array(
|
||||
// 'recursive' => 0,
|
||||
// 'fields' => array('Attribute.*')
|
||||
// );
|
||||
// $items = $this->Attribute->find('all', $params);
|
||||
|
||||
// $composite_types = $this->Attribute->getCompositeTypes();
|
||||
// // rebuild the array with the correct data
|
||||
// foreach ($items as &$item) {
|
||||
// if (in_array($item['Attribute']['type'], $composite_types)) {
|
||||
// // create a new item that will contain value2
|
||||
// $new_item = $item;
|
||||
// // set the correct type for the first item
|
||||
// $pieces = explode('|', $item['Attribute']['type']);
|
||||
// $item['Attribute']['type'] = $pieces[0];
|
||||
// // set the correct data for the new item
|
||||
// $new_item['Attribute']['type'] = (isset($pieces[1]))? $pieces[1] : 'md5';
|
||||
// $new_item['Attribute']['value'] = $item['Attribute']['value2'];
|
||||
// unset($new_item['Attribute']['value1']);
|
||||
// unset($new_item['Attribute']['value2']);
|
||||
// // store the new item
|
||||
// $items[] = $new_item;
|
||||
// }
|
||||
// // set the correct fields for the attribute
|
||||
// if (isset($item['Attribute']['value1'])) {
|
||||
// $item['Attribute']['value'] = $item['Attribute']['value1'];
|
||||
// }
|
||||
// unset($item['Attribute']['value1']);
|
||||
// unset($item['Attribute']['value2']);
|
||||
// }
|
||||
// debug($items);
|
||||
|
||||
// // iterate over the array to build the GV links
|
||||
// require_once 'Image/GraphViz.php';
|
||||
// $gv = new Image_GraphViz();
|
||||
// $gv->addEdge(array('wake up' => 'visit bathroom'));
|
||||
// $gv->addEdge(array('visit bathroom' => 'make coffee'));
|
||||
// foreach ($items as &$item) {
|
||||
// $gv->addNode('Node 1',
|
||||
// array(''));
|
||||
// }
|
||||
// debug($gv);
|
||||
// $gv->image();
|
||||
//}
|
||||
}
|
||||
|
|
|
@ -10,6 +10,7 @@ App::uses('Xml', 'Utility');
|
|||
class ServersController extends AppController {
|
||||
|
||||
public $components = array('Security' ,'RequestHandler');
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
|
||||
|
@ -20,7 +21,7 @@ class ServersController extends AppController {
|
|||
|
||||
public $uses = array('Server', 'Event');
|
||||
|
||||
function beforeFilter() {
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
||||
// Disable this feature if the sync configuration option is not active
|
||||
|
@ -88,6 +89,7 @@ class ServersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function edit($id = null) {
|
||||
$this->Server->id = $id;
|
||||
|
@ -98,7 +100,7 @@ class ServersController extends AppController {
|
|||
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
// say what fields are to be updated
|
||||
$fieldList=array('url', 'push', 'pull', 'organization');
|
||||
$fieldList = array('url', 'push', 'pull', 'organization');
|
||||
if ("" != $this->request->data['Server']['authkey'])
|
||||
$fieldList[] = 'authkey';
|
||||
// Save the data
|
||||
|
@ -120,6 +122,8 @@ class ServersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
|
@ -137,7 +141,6 @@ class ServersController extends AppController {
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
|
||||
public function pull($id = null, $full=false) {
|
||||
// TODO should we de-activate data validation for type and category / and or mapping? Maybe other instances have other configurations that are incompatible.
|
||||
|
||||
|
@ -157,7 +160,7 @@ class ServersController extends AppController {
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
if ("full"==$full) {
|
||||
if ("full" == $full) {
|
||||
// get a list of the event_ids on the server
|
||||
$event_ids = $this->Event->getEventIdsFromServer($this->Server->data);
|
||||
|
||||
|
@ -174,10 +177,10 @@ class ServersController extends AppController {
|
|||
if (null != $event) {
|
||||
// we have an Event array
|
||||
$event['Event']['private'] = true;
|
||||
$event['Event']['info'] .= "\n Imported from ".$this->Server->data['Server']['url'];
|
||||
$event['Event']['info'] .= "\n Imported from " . $this->Server->data['Server']['url'];
|
||||
$eventsController = new EventsController();
|
||||
try {
|
||||
$result = $eventsController->_add($event, $this->Auth, $fromXml=true, $this->Server->data['Server']['organization']);
|
||||
$result = $eventsController->_add($event, $this->Auth, $fromXml = true, $this->Server->data['Server']['organization']);
|
||||
} catch (MethodNotAllowedException $e) {
|
||||
if ($e->getMessage() == 'Event already exists') {
|
||||
//$successes[] = $event_id; // commented given it's in a catch..
|
||||
|
@ -193,7 +196,7 @@ class ServersController extends AppController {
|
|||
}
|
||||
|
||||
}
|
||||
if (sizeof($fails) > 0) {
|
||||
if (count($fails) > 0) {
|
||||
// there are fails, take the lowest fail
|
||||
$lastpulledid = min(array_keys($fails));
|
||||
} else {
|
||||
|
@ -205,7 +208,6 @@ class ServersController extends AppController {
|
|||
|
||||
}
|
||||
|
||||
|
||||
} else {
|
||||
// TODO incremental pull
|
||||
// lastpulledid
|
||||
|
@ -218,7 +220,6 @@ class ServersController extends AppController {
|
|||
$this->set('fails', $fails);
|
||||
}
|
||||
|
||||
|
||||
public function push($id = null, $full=false) {
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException();
|
||||
|
@ -236,21 +237,21 @@ class ServersController extends AppController {
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
if ("full"==$full) $lastpushedid = 0;
|
||||
if ("full" == $full) $lastpushedid = 0;
|
||||
else $lastpushedid = $this->Server->data['Server']['lastpushedid'];
|
||||
|
||||
$find_params = array(
|
||||
'conditions' => array(
|
||||
'Event.id >' => $lastpushedid,
|
||||
'Event.private' => 0,
|
||||
'Event.published' =>1
|
||||
'Event.published' => 1
|
||||
), //array of conditions
|
||||
'recursive' => 1, //int
|
||||
'fields' => array('Event.*'), //array of field names
|
||||
);
|
||||
$events = $this->Event->find('all', $find_params);
|
||||
|
||||
// FIXME now all events are uploaded, even if they exist on the remote server. No merging is done
|
||||
// FIXME now all events are uploaded, even if they exist on the remote server. No merging is done
|
||||
|
||||
$successes = array();
|
||||
$fails = array();
|
||||
|
@ -272,7 +273,7 @@ class ServersController extends AppController {
|
|||
$fails[$event['Event']['id']] = $result;
|
||||
}
|
||||
}
|
||||
if (sizeof($fails) > 0) {
|
||||
if (count($fails) > 0) {
|
||||
// there are fails, take the lowest fail
|
||||
$lastpushedid = min(array_keys($fails));
|
||||
} else {
|
||||
|
@ -287,5 +288,4 @@ class ServersController extends AppController {
|
|||
$this->set('fails', $fails);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -10,6 +10,7 @@ class UsersController extends AppController {
|
|||
public $newkey;
|
||||
|
||||
public $components = array('Security');
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
|
@ -17,7 +18,7 @@ class UsersController extends AppController {
|
|||
)
|
||||
);
|
||||
|
||||
function beforeFilter() {
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
||||
// what pages are allowed for non-logged-in users
|
||||
|
@ -42,12 +43,12 @@ class UsersController extends AppController {
|
|||
return true;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* view method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function view($id = null) {
|
||||
if ("me" == $id) $id = $this->Auth->user('id');
|
||||
|
@ -59,12 +60,12 @@ class UsersController extends AppController {
|
|||
$this->set('user', $this->User->read(null, $id));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* edit method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function edit($id = null) {
|
||||
if ("me" == $id) $id = $this->Auth->user('id');
|
||||
|
@ -75,7 +76,7 @@ class UsersController extends AppController {
|
|||
// Only own profile verified by isAuthorized
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
// What fields should be saved (allowed to be saved)
|
||||
$fieldList=array('email', 'autoalert', 'gpgkey', 'nids_sid' );
|
||||
$fieldList = array('email', 'autoalert', 'gpgkey', 'nids_sid' );
|
||||
if ("" != $this->request->data['User']['password'])
|
||||
$fieldList[] = 'password';
|
||||
// Save the data
|
||||
|
@ -87,12 +88,12 @@ class UsersController extends AppController {
|
|||
$this->Session->setFlash(__('The profile could not be updated. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->User->recursive=0;
|
||||
$this->User->recursive = 0;
|
||||
$this->User->read(null, $id);
|
||||
$this->User->set('password', '');
|
||||
$this->request->data = $this->User->data;
|
||||
}
|
||||
$this->request->data['User']['org']=$this->Auth->user('org');
|
||||
$this->request->data['User']['org'] = $this->Auth->user('org');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -100,6 +101,8 @@ class UsersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function delete($id = null) {
|
||||
if ("me" == $id) $id = $this->Auth->user('id');
|
||||
|
@ -110,11 +113,11 @@ class UsersController extends AppController {
|
|||
if (!$this->User->exists()) {
|
||||
throw new NotFoundException(__('Invalid user'));
|
||||
}
|
||||
// Replaced by isAuthorized
|
||||
// // Only own profile
|
||||
// if ($this->Auth->user('id') != $id) {
|
||||
// throw new ForbiddenException('You are not authorized to delete this profile.');
|
||||
// }
|
||||
//Replaced by isAuthorized
|
||||
//// Only own profile
|
||||
//if ($this->Auth->user('id') != $id) {
|
||||
// throw new ForbiddenException('You are not authorized to delete this profile.');
|
||||
//}
|
||||
if ($this->User->delete()) {
|
||||
$this->Session->setFlash(__('User deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
|
@ -137,6 +140,7 @@ class UsersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_view($id = null) {
|
||||
$this->User->id = $id;
|
||||
|
@ -174,6 +178,7 @@ class UsersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_edit($id = null) {
|
||||
$this->User->id = $id;
|
||||
|
@ -195,7 +200,7 @@ class UsersController extends AppController {
|
|||
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->User->recursive=0;
|
||||
$this->User->recursive = 0;
|
||||
$this->User->read(null, $id);
|
||||
$this->User->set('password', '');
|
||||
$this->request->data = $this->User->data;
|
||||
|
@ -208,6 +213,8 @@ class UsersController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
|
@ -225,13 +232,12 @@ class UsersController extends AppController {
|
|||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
|
||||
public function login() {
|
||||
if ($this->Auth->login()) {
|
||||
$this->redirect($this->Auth->redirect());
|
||||
} else {
|
||||
// don't display authError before first login attempt
|
||||
if (str_replace("//","/",$this->webroot.$this->Session->read('Auth.redirect')) == $this->webroot && $this->Session->read('Message.auth.message') == $this->Auth->authError) {
|
||||
if (str_replace("//","/",$this->webroot . $this->Session->read('Auth.redirect')) == $this->webroot && $this->Session->read('Message.auth.message') == $this->Auth->authError) {
|
||||
$this->Session->delete('Message.auth');
|
||||
}
|
||||
// don't display "invalid user" before first login attempt
|
||||
|
@ -262,19 +268,18 @@ class UsersController extends AppController {
|
|||
$this->redirect($this->Auth->logout());
|
||||
}
|
||||
|
||||
|
||||
public function resetauthkey($id = null) {
|
||||
if (!$id) {
|
||||
$this->Session->setFlash(__('Invalid id for user', true), 'default', array(), 'error');
|
||||
$this->redirect(array('action'=>'index'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
if ('me' == $id ) $id = $this->Auth->user('id');
|
||||
|
||||
// Replaced by isAuthorized
|
||||
// // only allow reset key for own account, except for admins
|
||||
// if (!$this->_isAdmin() && $id != $this->Auth->user('id')) {
|
||||
// throw new ForbiddenException('Not authorized to reset the key for this user');
|
||||
// }
|
||||
//Replaced by isAuthorized
|
||||
//// only allow reset key for own account, except for admins
|
||||
//if (!$this->_isAdmin() && $id != $this->Auth->user('id')) {
|
||||
// throw new ForbiddenException('Not authorized to reset the key for this user');
|
||||
//}
|
||||
|
||||
// reset the key
|
||||
$this->User->id = $id;
|
||||
|
@ -317,24 +322,24 @@ class UsersController extends AppController {
|
|||
$graph_fields = '';
|
||||
foreach ($sig_types as &$sig_type) {
|
||||
if ($graph_fields != "") $graph_fields .= ", ";
|
||||
$graph_fields .= "'".$sig_type."'";
|
||||
$graph_fields .= "'" . $sig_type . "'";
|
||||
}
|
||||
$this->set('graph_fields', $graph_fields);
|
||||
|
||||
$replace = array('-', '|');
|
||||
$graph_data=array();
|
||||
$graph_data = array();
|
||||
$prev_row_org = "";
|
||||
$i = -1;
|
||||
foreach ($types_histogram as &$row) {
|
||||
if ($prev_row_org != $row['Event']['org']) {
|
||||
$i++; $graph_data[] = "";
|
||||
$i++;
|
||||
$graph_data[] = "";
|
||||
$prev_row_org = $row['Event']['org'];
|
||||
$graph_data[$i] .= "org: '".$row['Event']['org']."'";
|
||||
$graph_data[$i] .= "org: '" . $row['Event']['org'] . "'";
|
||||
}
|
||||
$graph_data[$i] .= ', '.str_replace($replace, "_", $row['Attribute']['type']).': '.$row[0]['num_types'];
|
||||
$graph_data[$i] .= ', ' . str_replace($replace, "_", $row['Attribute']['type']) . ': ' . $row[0]['num_types'];
|
||||
}
|
||||
$this->set('graph_data', $graph_data);
|
||||
|
||||
}
|
||||
|
||||
public function terms() {
|
||||
|
@ -355,7 +360,4 @@ class UsersController extends AppController {
|
|||
$this->_refreshAuth(); // refresh auth info
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -7,7 +7,6 @@ App::uses('AppController', 'Controller');
|
|||
*/
|
||||
class WhitelistsController extends AppController {
|
||||
|
||||
|
||||
/**
|
||||
* index method
|
||||
*
|
||||
|
@ -23,6 +22,7 @@ class WhitelistsController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_view($id = null) {
|
||||
$this->Whitelist->id = $id;
|
||||
|
@ -54,6 +54,7 @@ class WhitelistsController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_edit($id = null) {
|
||||
$this->Whitelist->id = $id;
|
||||
|
@ -77,6 +78,8 @@ class WhitelistsController extends AppController {
|
|||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
|
|
|
@ -9,6 +9,7 @@ App::uses('File', 'Utility');
|
|||
* @property Event $Event
|
||||
*/
|
||||
class Attribute extends AppModel {
|
||||
|
||||
/**
|
||||
* Display field
|
||||
*
|
||||
|
@ -27,17 +28,14 @@ IF (Attribute.category="Persistence mechanism", "f",
|
|||
IF (Attribute.category="Network activity", "g",
|
||||
IF (Attribute.category="Payload type", "h",
|
||||
IF (Attribute.category="Attribution", "i",
|
||||
IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
||||
); // TODO hardcoded
|
||||
IF (Attribute.category="External analysis", "j", "k"))))))))))'); // TODO hardcoded
|
||||
|
||||
/**
|
||||
* Description field
|
||||
* explanations of certain fields to be used in various views
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
|
||||
// explanations of certain fields to be used in various views
|
||||
|
||||
public $field_descriptions = array(
|
||||
'signature' => array('desc' => 'Is this attribute eligible to automatically create an IDS signature (network IDS or host IDS) out of it ?'),
|
||||
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
|
||||
|
@ -144,8 +142,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
)
|
||||
);
|
||||
|
||||
var $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
|
||||
|
||||
public $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
|
@ -276,11 +273,18 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
)
|
||||
);
|
||||
|
||||
|
||||
function beforeSave() {
|
||||
/**
|
||||
* beforeSave
|
||||
*
|
||||
* @throws InternalErrorException
|
||||
* @return bool always true
|
||||
*/
|
||||
public function beforeSave() {
|
||||
// increment the revision number
|
||||
if (empty($this->data['Attribute']['revision'])) $this->data['Attribute']['revision'] = 0;
|
||||
$this->data['Attribute']['revision'] = 1 + $this->data['Attribute']['revision'] ;
|
||||
if (empty($this->data['Attribute']['revision'])) {
|
||||
$this->data['Attribute']['revision'] = 0;
|
||||
}
|
||||
$this->data['Attribute']['revision'] = 1 + $this->data['Attribute']['revision'];
|
||||
|
||||
// explode value of composite type in value1 and value2
|
||||
// or copy value to value1 if not composite type
|
||||
|
@ -289,7 +293,9 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
// explode composite types in value1 and value2
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
if (in_array($this->data['Attribute']['type'], $composite_types)) {
|
||||
if (2 != sizeof($pieces)) throw new InternalErrorException('Composite type, but value not explodable');
|
||||
if (2 != count($pieces)) {
|
||||
throw new InternalErrorException('Composite type, but value not explodable');
|
||||
}
|
||||
$this->data['Attribute']['value1'] = $pieces[0];
|
||||
$this->data['Attribute']['value2'] = $pieces[1];
|
||||
} else {
|
||||
|
@ -303,7 +309,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
return true;
|
||||
}
|
||||
|
||||
function afterSave() {
|
||||
public function afterSave() {
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) {
|
||||
// update correlation..
|
||||
$this->_afterSaveCorrelation($this->data['Attribute']);
|
||||
|
@ -317,15 +323,15 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
return $result;
|
||||
}
|
||||
|
||||
function beforeDelete() {
|
||||
public function beforeDelete() {
|
||||
// delete attachments from the disk
|
||||
$this->read(); // first read the attribute from the db
|
||||
if($this->typeIsAttachment($this->data['Attribute']['type'])) {
|
||||
if ($this->typeIsAttachment($this->data['Attribute']['type'])) {
|
||||
// FIXME secure this filesystem access/delete by not allowing to change directories or go outside of the directory container.
|
||||
// only delete the file if it exists
|
||||
$filepath = APP."files".DS.$this->data['Attribute']['event_id'].DS.$this->data['Attribute']['id'];
|
||||
$filepath = APP . "files" . DS . $this->data['Attribute']['event_id'] . DS . $this->data['Attribute']['id'];
|
||||
$file = new File ($filepath);
|
||||
if($file->exists()) {
|
||||
if ($file->exists()) {
|
||||
if (!$file->delete()) {
|
||||
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
|
||||
}
|
||||
|
@ -338,7 +344,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
}
|
||||
}
|
||||
|
||||
function beforeValidate() {
|
||||
public function beforeValidate() {
|
||||
// remove leading and trailing blanks
|
||||
$this->data['Attribute']['value'] = trim($this->data['Attribute']['value']);
|
||||
|
||||
|
@ -357,19 +363,20 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
case 'filename|md5':
|
||||
case 'filename|sha1':
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
$this->data['Attribute']['value'] = $pieces[0].'|'.strtolower($pieces[1]);
|
||||
$this->data['Attribute']['value'] = $pieces[0] . '|' . strtolower($pieces[1]);
|
||||
break;
|
||||
}
|
||||
|
||||
// generate UUID if it doesn't exist
|
||||
if (empty($this->data['Attribute']['uuid']))
|
||||
$this->data['Attribute']['uuid']= String::uuid();
|
||||
if (empty($this->data['Attribute']['uuid'])) {
|
||||
$this->data['Attribute']['uuid'] = String::uuid();
|
||||
}
|
||||
|
||||
// always return true, otherwise the object cannot be saved
|
||||
return true;
|
||||
}
|
||||
|
||||
function valueIsUnique ($fields) {
|
||||
public function valueIsUnique ($fields) {
|
||||
$value = $fields['value'];
|
||||
$event_id = $this->data['Attribute']['event_id'];
|
||||
$type = $this->data['Attribute']['type'];
|
||||
|
@ -382,56 +389,64 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
'Attribute.category' => $category,
|
||||
'Attribute.value' => $value
|
||||
);
|
||||
if (isset($this->data['Attribute']['id']))
|
||||
if (isset($this->data['Attribute']['id'])) {
|
||||
$conditions['Attribute.id !='] = $this->data['Attribute']['id'];
|
||||
}
|
||||
|
||||
$params = array('recursive' => 0,
|
||||
'conditions' => $conditions,
|
||||
);
|
||||
if (0 != $this->find('count', $params) )
|
||||
if (0 != $this->find('count', $params)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Say everything is fine
|
||||
return true;
|
||||
}
|
||||
|
||||
function validateTypeValue($fields) {
|
||||
public function validateTypeValue($fields) {
|
||||
$category = $this->data['Attribute']['category'];
|
||||
if (isset($this->category_definitions[$category]['types']))
|
||||
if (isset($this->category_definitions[$category]['types'])) {
|
||||
return in_array($fields['type'], $this->category_definitions[$category]['types']);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function validateAttributeValue ($fields) {
|
||||
public function validateAttributeValue ($fields) {
|
||||
$value = $fields['value'];
|
||||
|
||||
// check data validation
|
||||
switch($this->data['Attribute']['type']) {
|
||||
case 'md5':
|
||||
if (preg_match("#^[0-9a-f]{32}$#", $value))
|
||||
if (preg_match("#^[0-9a-f]{32}$#", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'sha1':
|
||||
if (preg_match("#^[0-9a-f]{40}$#", $value))
|
||||
if (preg_match("#^[0-9a-f]{40}$#", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'filename':
|
||||
// no newline
|
||||
if (preg_match("#\n#", $value))
|
||||
if (preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'filename|md5':
|
||||
// no newline
|
||||
if (preg_match("#^.+\|[0-9a-f]{32}$#", $value))
|
||||
if (preg_match("#^.+\|[0-9a-f]{32}$#", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'filename|sha1':
|
||||
// no newline
|
||||
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value))
|
||||
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'ip-src':
|
||||
|
@ -442,12 +457,15 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
// ipv4 and ipv6 matching
|
||||
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
|
||||
// ip is validated, now check if we have a valid network mask
|
||||
if (empty($parts[1]))
|
||||
if (empty($parts[1])) {
|
||||
return true;
|
||||
else if(is_numeric($parts[1]) && $parts[1] < 129)
|
||||
} else {
|
||||
if (is_numeric($parts[1]) && $parts[1] < 129) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'ip-dst':
|
||||
|
@ -458,61 +476,73 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
// ipv4 and ipv6 matching
|
||||
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
|
||||
// ip is validated, now check if we have a valid network mask
|
||||
if (empty($parts[1]))
|
||||
if (empty($parts[1])) {
|
||||
return true;
|
||||
else if(is_numeric($parts[1]) && $parts[1] < 129)
|
||||
} else {
|
||||
if (is_numeric($parts[1]) && $parts[1] < 129) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'hostname':
|
||||
case 'domain':
|
||||
if(preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||
if (preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Domain name has invalid format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'email-src':
|
||||
// we don't use the native function to prevent issues with partial email addresses
|
||||
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||
if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'email-dst':
|
||||
// we don't use the native function to prevent issues with partial email addresses
|
||||
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||
if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
|
||||
return true;
|
||||
}
|
||||
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
|
||||
break;
|
||||
case 'email-subject':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value))
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'email-attachment':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value))
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'url':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value))
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'user-agent':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value))
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'regkey':
|
||||
// no newline
|
||||
if (!preg_match("#\n#", $value))
|
||||
if (!preg_match("#\n#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'regkey|value':
|
||||
// no newline
|
||||
if (!preg_match("#.+\|.+#", $value))
|
||||
if (!preg_match("#.+\|.+#", $value)) {
|
||||
return true;
|
||||
}
|
||||
break;
|
||||
case 'snort':
|
||||
// no validation yet. TODO implement data validation on snort attribute type
|
||||
|
@ -523,17 +553,18 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
|
||||
// default action is to return false
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
function getCompositeTypes() {
|
||||
public function getCompositeTypes() {
|
||||
// build the list of composite Attribute.type dynamically by checking if type contains a |
|
||||
// default composite types
|
||||
$composite_types = array('malware-sample'); // TODO hardcoded composite
|
||||
// dynamically generated list
|
||||
foreach (array_keys($this->type_definitions) as $type) {
|
||||
$pieces = explode('|', $type);
|
||||
if (2 == sizeof($pieces)) $composite_types[] = $type;
|
||||
if (2 == count($pieces)) {
|
||||
$composite_types[] = $type;
|
||||
}
|
||||
}
|
||||
return $composite_types;
|
||||
}
|
||||
|
@ -544,7 +575,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
return $this->data['Event']['org'] === $org;
|
||||
}
|
||||
|
||||
function getRelatedAttributes($attribute, $fields=array()) {
|
||||
public function getRelatedAttributes($attribute, $fields=array()) {
|
||||
// LATER getRelatedAttributes($attribute) this might become a performance bottleneck
|
||||
|
||||
// exclude these specific categories to be linked
|
||||
|
@ -562,10 +593,11 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
// prepare the conditions
|
||||
$conditions = array(
|
||||
'Attribute.event_id !=' => $attribute['event_id'],
|
||||
// 'Attribute.type' => $attribute['type'], // do not filter on type
|
||||
//'Attribute.type' => $attribute['type'], // do not filter on type
|
||||
);
|
||||
if (empty($attribute['value1'])) // prevent issues with empty fields
|
||||
if (empty($attribute['value1'])) { // prevent issues with empty fields
|
||||
return null;
|
||||
}
|
||||
|
||||
if (empty($attribute['value2'])) {
|
||||
// no value2, only search for value 1
|
||||
|
@ -594,31 +626,39 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
return $similar_events;
|
||||
}
|
||||
|
||||
function typeIsMalware($type) {
|
||||
if (in_array($type, $this->zipped_definitions)) return true;
|
||||
else return false;
|
||||
public function typeIsMalware($type) {
|
||||
if (in_array($type, $this->zipped_definitions)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function typeIsAttachment($type) {
|
||||
if ((in_array($type, $this->zipped_definitions)) || (in_array($type, $this->upload_definitions))) return true;
|
||||
else return false;
|
||||
public function typeIsAttachment($type) {
|
||||
if ((in_array($type, $this->zipped_definitions)) || (in_array($type, $this->upload_definitions))) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function base64EncodeAttachment($attribute) {
|
||||
$filepath = APP."files".DS.$attribute['event_id'].DS.$attribute['id'];
|
||||
public function base64EncodeAttachment($attribute) {
|
||||
$filepath = APP . "files" . DS . $attribute['event_id'] . DS . $attribute['id'];
|
||||
$file = new File($filepath);
|
||||
if (!$file->exists()) return '';
|
||||
if (!$file->exists()) {
|
||||
return '';
|
||||
}
|
||||
$content = $file->read();
|
||||
return base64_encode($content);
|
||||
}
|
||||
|
||||
function saveBase64EncodedAttachment($attribute) {
|
||||
$root_dir = APP.DS."files".DS.$attribute['event_id'];
|
||||
public function saveBase64EncodedAttachment($attribute) {
|
||||
$root_dir = APP . DS . "files" . DS . $attribute['event_id'];
|
||||
$dir = new Folder($root_dir, true); // create directory structure
|
||||
$destpath = $root_dir.DS.$attribute['id'];
|
||||
$destpath = $root_dir . DS . $attribute['id'];
|
||||
$file = new File ($destpath, true); // create the file
|
||||
$decoded_data = base64_decode($attribute['data']); // decode
|
||||
if ($file->write($decoded_data)){ // save the data
|
||||
if ($file->write($decoded_data)) { // save the data
|
||||
return true;
|
||||
} else {
|
||||
// error
|
||||
|
@ -626,13 +666,13 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
}
|
||||
}
|
||||
|
||||
function _afterSaveCorrelation($attribute) {
|
||||
public function _afterSaveCorrelation($attribute) {
|
||||
$this->_beforeDeleteCorrelation($attribute);
|
||||
// re-add
|
||||
$this->setRelatedAttributes($attribute, array('Attribute.id', 'Attribute.event_id', 'Event.date'));
|
||||
}
|
||||
|
||||
function _beforeDeleteCorrelation($attribute) {
|
||||
public function _beforeDeleteCorrelation($attribute) {
|
||||
$this->Correlation = ClassRegistry::init('Correlation');
|
||||
$dummy = $this->Correlation->deleteAll(array('OR' => array(
|
||||
'Correlation.1_attribute_id' => $attribute,
|
||||
|
@ -640,12 +680,12 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
);
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* return an array containing 'double-values'
|
||||
*
|
||||
* @return array()
|
||||
*/
|
||||
function doubleAttributes() {
|
||||
public function doubleAttributes() {
|
||||
$doubleAttributes = array();
|
||||
|
||||
$similar_value1 = $this->find('all',array('conditions' => array(),
|
||||
|
@ -676,7 +716,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
return $double;
|
||||
}
|
||||
|
||||
function setRelatedAttributes($attribute, $fields=array()) {
|
||||
public function setRelatedAttributes($attribute, $fields=array()) {
|
||||
$this->Event = ClassRegistry::init('Event');
|
||||
$relatedAttributes = $this->getRelatedAttributes($attribute, $fields);
|
||||
if ($relatedAttributes) {
|
||||
|
@ -700,16 +740,17 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Deletes the attribute from another Server
|
||||
* TODO move this to a component
|
||||
*
|
||||
* @return bool true if success, error message if failed
|
||||
*/
|
||||
function deleteAttributeFromServer($attribute, $server, $HttpSocket=null) {
|
||||
public function deleteAttributeFromServer($attribute, $server, $HttpSocket=null) {
|
||||
// TODO private and delete
|
||||
if (true ==$attribute['Attribute']['private']) // never upload private attributes
|
||||
if (true == $attribute['Attribute']['private']) { // never upload private attributes
|
||||
return "Attribute is private and non exportable";
|
||||
}
|
||||
|
||||
$url = $server['Server']['url'];
|
||||
$authkey = $server['Server']['authkey'];
|
||||
|
@ -725,7 +766,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
|
|||
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
|
||||
)
|
||||
);
|
||||
$uri = $url.'/attributes/0?uuid='.$attribute['Attribute']['uuid'];
|
||||
$uri = $url . '/attributes/0?uuid=' . $attribute['Attribute']['uuid'];
|
||||
|
||||
// LATER validate HTTPS SSL certificate
|
||||
$this->Dns = ClassRegistry::init('Dns');
|
||||
|
|
|
@ -8,8 +8,7 @@ App::uses('Sanitize', 'Utility');
|
|||
*/
|
||||
class Bruteforce extends AppModel {
|
||||
|
||||
|
||||
function insert($ip, $username) {
|
||||
public function insert($ip, $username) {
|
||||
$expire = Configure::read('SecureAuth.expire');
|
||||
// sanitize fields
|
||||
$ip = Sanitize::clean($ip);
|
||||
|
@ -17,21 +16,17 @@ class Bruteforce extends AppModel {
|
|||
$this->query("INSERT INTO `bruteforces` (`ip` , `username` , `expire` ) VALUES ('$ip', '$username', TIMESTAMPADD(SECOND,$expire, NOW()));");
|
||||
}
|
||||
|
||||
|
||||
function clean() {
|
||||
public function clean() {
|
||||
$this->query("DELETE FROM `bruteforces` WHERE `expire`<=NOW();");
|
||||
}
|
||||
|
||||
function isBlacklisted($ip,$username) {
|
||||
public function isBlacklisted($ip,$username) {
|
||||
// first remove old expired rows
|
||||
$this->clean();
|
||||
// count
|
||||
$params = array(
|
||||
'conditions' => array(
|
||||
$params = array('conditions' => array(
|
||||
'Bruteforce.ip' => $ip,
|
||||
'Bruteforce.username' => $username
|
||||
),
|
||||
);
|
||||
'Bruteforce.username' => $username),);
|
||||
$count = $this->find('count', $params);
|
||||
if ($count >= Configure::read('SecureAuth.amount')) return true;
|
||||
else return false;
|
||||
|
|
|
@ -6,7 +6,8 @@ App::uses('AppModel', 'Model');
|
|||
* Domain Name System related
|
||||
*/
|
||||
class Dns extends AppModel {
|
||||
var $useTable = false;
|
||||
|
||||
public $useTable = false;
|
||||
|
||||
/*
|
||||
* Checks for a valid internet name
|
||||
|
@ -16,16 +17,16 @@ class Dns extends AppModel {
|
|||
* @param unknown_type $nametotest The Domain Host Name to check for existence.
|
||||
* @return boolean
|
||||
*/
|
||||
function testipaddress ($nametotest) {
|
||||
if(intval($nametotest)>0){
|
||||
|
||||
public function testipaddress ($nametotest) {
|
||||
if (intval($nametotest) > 0) {
|
||||
return true;
|
||||
} else {
|
||||
$ipaddress = $nametotest;
|
||||
$ipaddress = gethostbyname($nametotest);
|
||||
if ($ipaddress == $nametotest) {
|
||||
return false;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,18 +7,19 @@ App::uses('AppModel', 'Model');
|
|||
* @property Attribute $Attribute
|
||||
*/
|
||||
class Event extends AppModel {
|
||||
|
||||
/**
|
||||
* Display field
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $displayField = 'id';
|
||||
|
||||
/**
|
||||
* Description field
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
|
||||
public $field_descriptions = array(
|
||||
'risk' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels:<br/>low: mass-malware<br/>medium: APT malware<br/>high: sophisticated APT malware or 0-day attack'),
|
||||
'private' => array('desc' => 'This field tells if the event should be shared with other CyDefSIG servers'),
|
||||
|
@ -109,14 +110,14 @@ class Event extends AppModel {
|
|||
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
),
|
||||
),
|
||||
// 'classification' => array(
|
||||
// 'rule' => array('inList', array('TLP:AMBER', 'TLP:GREEN:NeedToKnow', 'TLP:GREEN')),
|
||||
// //'message' => 'Your custom message here',
|
||||
// //'allowEmpty' => false,
|
||||
// 'required' => true,
|
||||
// //'last' => false, // Stop validation after this rule
|
||||
// //'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
// ),
|
||||
//'classification' => array(
|
||||
// 'rule' => array('inList', array('TLP:AMBER', 'TLP:GREEN:NeedToKnow', 'TLP:GREEN')),
|
||||
// //'message' => 'Your custom message here',
|
||||
// //'allowEmpty' => false,
|
||||
// 'required' => true,
|
||||
// //'last' => false, // Stop validation after this rule
|
||||
// //'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
//),
|
||||
);
|
||||
|
||||
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
||||
|
@ -127,13 +128,13 @@ class Event extends AppModel {
|
|||
* @var array
|
||||
*/
|
||||
public $belongsTo = array(
|
||||
// 'Org' => array(
|
||||
// 'className' => 'Org',
|
||||
// 'foreignKey' => 'org',
|
||||
// 'conditions' => '',
|
||||
// 'fields' => '',
|
||||
// 'order' => ''
|
||||
// )
|
||||
//'Org' => array(
|
||||
// 'className' => 'Org',
|
||||
// 'foreignKey' => 'org',
|
||||
// 'conditions' => '',
|
||||
// 'fields' => '',
|
||||
// 'order' => ''
|
||||
//)
|
||||
'User' => array(
|
||||
'className' => 'User',
|
||||
'foreignKey' => 'user_id',
|
||||
|
@ -164,37 +165,39 @@ class Event extends AppModel {
|
|||
)
|
||||
);
|
||||
|
||||
|
||||
function beforeValidate() {
|
||||
public function beforeValidate() {
|
||||
// generate UUID if it doesn't exist
|
||||
if (empty($this->data['Event']['uuid']))
|
||||
$this->data['Event']['uuid']= String::uuid();
|
||||
if (empty($this->data['Event']['uuid'])) {
|
||||
$this->data['Event']['uuid'] = String::uuid();
|
||||
}
|
||||
}
|
||||
|
||||
public function isOwnedByOrg($eventid, $org) {
|
||||
return $this->field('id', array('id' => $eventid, 'org' => $org)) === $eventid;
|
||||
}
|
||||
|
||||
function getRelatedEvents() {
|
||||
public function getRelatedEvents() {
|
||||
// FIXME rewrite this to use the getRelatedAttributes function from the Attributes Model.
|
||||
// only this way the code will be consistent
|
||||
|
||||
// first get a list of related event_ids
|
||||
// then do a single query to search for all the events with that id
|
||||
$relatedEventIds = Array();
|
||||
foreach ($this->data['Attribute'] as &$attribute ) {
|
||||
if ($attribute['type'] == 'other')
|
||||
foreach ($this->data['Attribute'] as &$attribute) {
|
||||
if ($attribute['type'] == 'other') {
|
||||
continue; // sigs of type 'other' should not be matched against the others
|
||||
}
|
||||
$conditions = array('Attribute.value =' => $attribute['value'], 'Attribute.type =' => $attribute['type']);
|
||||
$similar_attributes = $this->Attribute->find('all',array('conditions' => $conditions));
|
||||
foreach ($similar_attributes as &$similar_attribute) {
|
||||
if ($this->id == $similar_attribute['Attribute']['event_id'])
|
||||
if ($this->id == $similar_attribute['Attribute']['event_id']) {
|
||||
continue; // same as this event, not needed in the list
|
||||
}
|
||||
$relatedEventIds[] = $similar_attribute['Attribute']['event_id'];
|
||||
}
|
||||
}
|
||||
$conditions = array("Event.id" => $relatedEventIds);
|
||||
$relatedEvents= $this->find('all',
|
||||
$relatedEvents = $this->find('all',
|
||||
array('conditions' => $conditions,
|
||||
'recursive' => 0,
|
||||
'order' => 'Event.date DESC',
|
||||
|
@ -204,8 +207,7 @@ class Event extends AppModel {
|
|||
return $relatedEvents;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Clean up an Event Array that was received by an XML request.
|
||||
* The structure needs to be changed a little bit to be compatible with what CakePHP expects
|
||||
*
|
||||
|
@ -214,7 +216,7 @@ class Event extends AppModel {
|
|||
*
|
||||
* @param &$data The reference to the variable
|
||||
*/
|
||||
function cleanupEventArrayFromXML(&$data) {
|
||||
public function cleanupEventArrayFromXML(&$data) {
|
||||
// Workaround for different structure in XML/array than what CakePHP expects
|
||||
if (is_array($data['Event']['Attribute'])) {
|
||||
if (is_numeric(implode(array_keys($data['Event']['Attribute']), ''))) {
|
||||
|
@ -227,20 +229,19 @@ class Event extends AppModel {
|
|||
}
|
||||
unset($data['Event']['Attribute']);
|
||||
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Uploads the event and the associated Attributes to another Server
|
||||
* TODO move this to a component
|
||||
*
|
||||
* @return bool true if success, error message if failed
|
||||
*/
|
||||
function uploadEventToServer($event, $server, $HttpSocket=null) {
|
||||
if (true ==$event['Event']['private']) // never upload private events
|
||||
public function uploadEventToServer($event, $server, $HttpSocket=null) {
|
||||
if (true == $event['Event']['private']) { // never upload private events
|
||||
return "Event is private and non exportable";
|
||||
}
|
||||
|
||||
$url = $server['Server']['url'];
|
||||
$authkey = $server['Server']['authkey'];
|
||||
|
@ -256,7 +257,7 @@ class Event extends AppModel {
|
|||
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
|
||||
)
|
||||
);
|
||||
$uri = $url.'/events';
|
||||
$uri = $url . '/events';
|
||||
|
||||
// LATER try to do this using a separate EventsController and renderAs() function
|
||||
$xmlArray = array();
|
||||
|
@ -267,7 +268,7 @@ class Event extends AppModel {
|
|||
// cleanup the array from things we do not want to expose
|
||||
//unset($event['Event']['org']);
|
||||
// remove value1 and value2 from the output
|
||||
foreach($event['Event']['Attribute'] as $key => &$attribute) {
|
||||
foreach ($event['Event']['Attribute'] as $key => &$attribute) {
|
||||
// do not keep attributes that are private
|
||||
if ($attribute['private']) {
|
||||
unset($event['Event']['Attribute'][$key]);
|
||||
|
@ -298,8 +299,7 @@ class Event extends AppModel {
|
|||
if ($response->code == '200') { // 200 (OK) + entity-action-result
|
||||
if ($response->isOk()) {
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
try {
|
||||
// parse the XML response and keep the reason why it failed
|
||||
$xml_array = Xml::toArray(Xml::build($response->body));
|
||||
|
@ -316,13 +316,13 @@ class Event extends AppModel {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Deletes the event and the associated Attributes from another Server
|
||||
* TODO move this to a component
|
||||
*
|
||||
* @return bool true if success, error message if failed
|
||||
*/
|
||||
function deleteEventFromServer($uuid, $server, $HttpSocket=null) {
|
||||
public function deleteEventFromServer($uuid, $server, $HttpSocket=null) {
|
||||
// TODO private and delete(?)
|
||||
|
||||
$url = $server['Server']['url'];
|
||||
|
@ -339,7 +339,7 @@ class Event extends AppModel {
|
|||
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
|
||||
)
|
||||
);
|
||||
$uri = $url.'/events/0?uuid='.$uuid;
|
||||
$uri = $url . '/events/0?uuid=' . $uuid;
|
||||
|
||||
// LATER validate HTTPS SSL certificate
|
||||
$this->Dns = ClassRegistry::init('Dns');
|
||||
|
@ -351,12 +351,12 @@ class Event extends AppModel {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Download a specific event from a Server
|
||||
* TODO move this to a component
|
||||
* @return array|NULL
|
||||
*/
|
||||
function downloadEventFromServer($event_id, $server, $HttpSocket=null) {
|
||||
public function downloadEventFromServer($event_id, $server, $HttpSocket=null) {
|
||||
$url = $server['Server']['url'];
|
||||
$authkey = $server['Server']['authkey'];
|
||||
if (null == $HttpSocket) {
|
||||
|
@ -371,25 +371,24 @@ class Event extends AppModel {
|
|||
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
|
||||
)
|
||||
);
|
||||
$uri = $url.'/events/'.$event_id;
|
||||
$uri = $url . '/events/' . $event_id;
|
||||
// LATER validate HTTPS SSL certificate
|
||||
$response = $HttpSocket->get($uri, $data='', $request);
|
||||
$response = $HttpSocket->get($uri, $data = '', $request);
|
||||
if ($response->isOk()) {
|
||||
$xml_array = Xml::toArray(Xml::build($response->body));
|
||||
return $xml_array['response'];
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
// TODO parse the XML response and keep the reason why it failed
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Get an array of event_ids that are present on the remote server
|
||||
* TODO move this to a component
|
||||
* @return array of event_ids
|
||||
*/
|
||||
function getEventIdsFromServer($server, $HttpSocket=null) {
|
||||
public function getEventIdsFromServer($server, $HttpSocket=null) {
|
||||
$url = $server['Server']['url'];
|
||||
$authkey = $server['Server']['authkey'];
|
||||
|
||||
|
@ -405,17 +404,19 @@ class Event extends AppModel {
|
|||
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
|
||||
)
|
||||
);
|
||||
$uri = $url.'/events/index/sort:id/direction:desc/limit:999'; // LATER verify if events are missing because we only selected the last 999
|
||||
$uri = $url . '/events/index/sort:id/direction:desc/limit:999'; // LATER verify if events are missing because we only selected the last 999
|
||||
$this->Dns = ClassRegistry::init('Dns');
|
||||
if ($this->Dns->testipaddress(parse_url($uri, PHP_URL_HOST))) {
|
||||
$response = $HttpSocket->get($uri, $data='', $request);
|
||||
$response = $HttpSocket->get($uri, $data = '', $request);
|
||||
|
||||
if ($response->isOk()) {
|
||||
$xml = Xml::build($response->body);
|
||||
$eventArray = Xml::toArray($xml);
|
||||
$event_ids=array();
|
||||
$event_ids = array();
|
||||
foreach ($eventArray['response']['Event'] as &$event) {
|
||||
if (1 != $event['published']) continue; // do not keep non-published events
|
||||
if (1 != $event['published']) {
|
||||
continue; // do not keep non-published events
|
||||
}
|
||||
$event_ids[] = $event['id'];
|
||||
}
|
||||
return $event_ids;
|
||||
|
@ -425,7 +426,4 @@ class Event extends AppModel {
|
|||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -5,12 +5,14 @@ App::uses('AppModel', 'Model');
|
|||
*
|
||||
*/
|
||||
class Server extends AppModel {
|
||||
|
||||
/**
|
||||
* Display field
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $displayField = 'url';
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
|
@ -25,7 +27,7 @@ class Server extends AppModel {
|
|||
//'required' => false,
|
||||
//'last' => false, // Stop validation after this rule
|
||||
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
),
|
||||
)
|
||||
),
|
||||
'authkey' => array(
|
||||
'notempty' => array(
|
||||
|
@ -89,9 +91,7 @@ class Server extends AppModel {
|
|||
),
|
||||
);
|
||||
|
||||
|
||||
public function isOwnedByOrg($serverid, $org) {
|
||||
return $this->field('id', array('id' => $serverid, 'org' => $org)) === $serverid;
|
||||
}
|
||||
|
||||
}
|
|
@ -9,12 +9,14 @@ App::uses('AuthComponent', 'Controller/Component');
|
|||
* @property Event $Event
|
||||
*/
|
||||
class User extends AppModel {
|
||||
|
||||
/**
|
||||
* Display field
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $displayField = 'email';
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
|
@ -188,17 +190,17 @@ class User extends AppModel {
|
|||
return true;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
/**
|
||||
* Checks if the GPG key is a valid key
|
||||
* But also import it in the keychain.
|
||||
*/
|
||||
function validateGpgkey($check) {
|
||||
public function validateGpgkey($check) {
|
||||
// LATER first remove the old gpgkey from the keychain
|
||||
|
||||
// empty value
|
||||
if (empty($check['gpgkey']))
|
||||
if (empty($check['gpgkey'])) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// key is entered
|
||||
require_once 'Crypt/GPG.php';
|
||||
|
@ -214,8 +216,7 @@ class User extends AppModel {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
function complexPassword($check) {
|
||||
public function complexPassword($check) {
|
||||
/*
|
||||
6 characters minimum
|
||||
1 or more upper-case letters
|
||||
|
@ -228,28 +229,27 @@ class User extends AppModel {
|
|||
return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value);
|
||||
}
|
||||
|
||||
function identicalFieldValues( $field=array(), $compare_field=null )
|
||||
{
|
||||
foreach( $field as $key => $value ){
|
||||
public function identicalFieldValues($field=array(), $compare_field=null) {
|
||||
foreach ($field as $key => $value) {
|
||||
$v1 = $value;
|
||||
$v2 = $this->data[$this->name][ $compare_field ];
|
||||
if($v1 !== $v2) {
|
||||
return FALSE;
|
||||
$v2 = $this->data[$this->name][$compare_field];
|
||||
if ($v1 !== $v2) {
|
||||
return false;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
return TRUE;
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Generates an authentication key for each user
|
||||
*/
|
||||
function generateAuthKey() {
|
||||
public function generateAuthKey() {
|
||||
//$key = sha1(mt_rand(30, 30).time());
|
||||
$length = 40;
|
||||
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
||||
$char_len = strlen($characters)-1;
|
||||
$char_len = strlen($characters) - 1;
|
||||
$key = '';
|
||||
for ($p = 0; $p < $length; $p++) {
|
||||
$key .= $characters[rand(0, $char_len)];
|
||||
|
@ -258,6 +258,4 @@ class User extends AppModel {
|
|||
return $key;
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -5,18 +5,21 @@ App::uses('AppModel', 'Model');
|
|||
*
|
||||
*/
|
||||
class Whitelist extends AppModel {
|
||||
|
||||
/**
|
||||
* Use table
|
||||
*
|
||||
* @var mixed False or table name
|
||||
*/
|
||||
public $useTable = 'whitelist';
|
||||
|
||||
/**
|
||||
* Display field
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $displayField = 'name';
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
|
@ -51,7 +54,7 @@ class Whitelist extends AppModel {
|
|||
),
|
||||
);
|
||||
|
||||
function validateValue ($fields) {
|
||||
public function validateValue ($fields) {
|
||||
$value = $fields['name'];
|
||||
|
||||
// check data validation
|
||||
|
@ -74,10 +77,9 @@ class Whitelist extends AppModel {
|
|||
}
|
||||
}
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
function valueIsUnique ($fields) {
|
||||
public function valueIsUnique ($fields) {
|
||||
$value = $fields['name'];
|
||||
|
||||
$whitelist = $this->find('all', array('recursive' => 0,'fields' => 'name'));
|
||||
|
|
|
@ -3,40 +3,40 @@
|
|||
<?php echo $this->Form->create('Attribute');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Add Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->hidden('event_id');
|
||||
echo $this->Form->input('category', array(
|
||||
'between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv')),
|
||||
<?php
|
||||
echo $this->Form->hidden('event_id');
|
||||
echo $this->Form->input('category', array(
|
||||
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
|
||||
'empty' => '(choose one)'
|
||||
));
|
||||
echo $this->Form->input('type', array(
|
||||
'between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv')),
|
||||
echo $this->Form->input('type', array(
|
||||
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
|
||||
'empty' => '(first choose category)'
|
||||
));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
|
||||
));
|
||||
}
|
||||
echo $this->Form->input('to_ids', array(
|
||||
}
|
||||
echo $this->Form->input('to_ids', array(
|
||||
'checked' => true,
|
||||
'before' => $this->Html->div('forminfo', isset($attr_descriptions['signature']['formdesc']) ? $attr_descriptions['signature']['formdesc'] : $attr_descriptions['signature']['desc']),
|
||||
'label' => 'IDS Signature?'
|
||||
));
|
||||
echo $this->Form->input('value', array(
|
||||
));
|
||||
echo $this->Form->input('value', array(
|
||||
'type' => 'textarea',
|
||||
'error' => array('escape' => false),
|
||||
));
|
||||
echo $this->Form->input('batch_import', array(
|
||||
));
|
||||
echo $this->Form->input('batch_import', array(
|
||||
'type' => 'checkbox',
|
||||
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
|
||||
));
|
||||
));
|
||||
|
||||
// link an onchange event to the form elements
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
// link an onchange event to the form elements
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
|
||||
?>
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Submit'));?>
|
||||
</div>
|
||||
|
@ -52,12 +52,12 @@
|
|||
var category_type_mapping = new Array();
|
||||
<?php
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
echo "category_type_mapping['".addslashes($category)."'] = {";
|
||||
echo "category_type_mapping['" . addslashes($category) . "'] = {";
|
||||
$first = true;
|
||||
foreach ($def['types'] as $type) {
|
||||
if ($first) $first = false ;
|
||||
if ($first) $first = false;
|
||||
else echo ', ';
|
||||
echo "'".addslashes($type)."' : '".addslashes($type)."'";
|
||||
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
|
||||
}
|
||||
echo "}; \n";
|
||||
}
|
||||
|
@ -83,11 +83,11 @@ var formInfoValues = new Array();
|
|||
<?php
|
||||
foreach ($type_definitions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['".addslashes($type)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
|
||||
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['".addslashes($category)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
|
||||
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
?>
|
||||
|
||||
|
@ -110,4 +110,4 @@ $('#AttributeType').prop('disabled', true);
|
|||
|
||||
|
||||
</script>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts
|
|
@ -2,25 +2,25 @@
|
|||
<?php echo $this->Form->create('Attribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("AttributeMalware").removeAttribute("disabled");'));?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Add Attachment'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->hidden('event_id');
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
|
||||
echo $this->Form->file('value', array(
|
||||
<?php
|
||||
echo $this->Form->hidden('event_id');
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
|
||||
echo $this->Form->file('value', array(
|
||||
'error' => array('escape' => false),
|
||||
));
|
||||
echo $this->Form->input('malware', array(
|
||||
));
|
||||
echo $this->Form->input('malware', array(
|
||||
'type' => 'checkbox',
|
||||
'checked' => false,
|
||||
'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
|
||||
));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),));
|
||||
}
|
||||
// link an onchange event to the form elements
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
|
||||
?>
|
||||
}
|
||||
// link an onchange event to the form elements
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Upload'));?>
|
||||
</div>
|
||||
|
@ -33,15 +33,15 @@
|
|||
<script type="text/javascript">
|
||||
var formInfoValues = new Array();
|
||||
<?php
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['$category'] = \"$info\";\n";
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
var formZipTypeValues = new Array();
|
||||
<?php
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$types = $def['types'];
|
||||
$alreadySet = false;
|
||||
foreach ($types as $type) {
|
||||
|
@ -53,12 +53,12 @@ var formZipTypeValues = new Array();
|
|||
if (!$alreadySet) {
|
||||
echo "formZipTypeValues['$category'] = \"false\";\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
var formAttTypeValues = new Array();
|
||||
<?php
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$types = $def['types'];
|
||||
$alreadySet = false;
|
||||
foreach ($types as $type) {
|
||||
|
@ -70,7 +70,7 @@ var formAttTypeValues = new Array();
|
|||
if (!$alreadySet) {
|
||||
echo "formAttTypeValues['$category'] = \"false\";\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
function showFormType(id) {
|
||||
|
@ -126,4 +126,4 @@ $(function(){
|
|||
);
|
||||
|
||||
</script>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts
|
|
@ -2,37 +2,37 @@
|
|||
<?php echo $this->Form->create('Attribute');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Edit Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
|
||||
if($attachment) {
|
||||
echo $this->Form->hidden('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
|
||||
echo "<BR>Type: ".$this->Form->value('Attribute.type');
|
||||
} else {
|
||||
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
|
||||
}
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
|
||||
if ($attachment) {
|
||||
echo $this->Form->hidden('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
|
||||
echo "<BR>Type: " . $this->Form->value('Attribute.type');
|
||||
} else {
|
||||
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
|
||||
}
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
|
||||
));
|
||||
}
|
||||
echo $this->Form->input('to_ids', array(
|
||||
}
|
||||
echo $this->Form->input('to_ids', array(
|
||||
'before' => $this->Html->div('forminfo', isset($attr_descriptions['signature']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
|
||||
'label' => 'IDS Signature?'
|
||||
));
|
||||
if($attachment) {
|
||||
));
|
||||
if ($attachment) {
|
||||
echo $this->Form->hidden('value');
|
||||
echo "<BR>Value: ".$this->Form->value('Attribute.value');
|
||||
} else {
|
||||
echo "<BR>Value: " . $this->Form->value('Attribute.value');
|
||||
} else {
|
||||
echo $this->Form->input('value', array(
|
||||
'type' => 'textarea',
|
||||
'error' => array('escape' => false),
|
||||
));
|
||||
}
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
}
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
|
||||
?>
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Submit'));?>
|
||||
</div>
|
||||
|
@ -51,14 +51,14 @@
|
|||
var category_type_mapping = new Array();
|
||||
<?php
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
echo "category_type_mapping['".addslashes($category)."'] = {";
|
||||
$first = true;
|
||||
foreach ($def['types'] as $type) {
|
||||
if ($first) $first = false ;
|
||||
echo "category_type_mapping['" . addslashes($category) . "'] = {";
|
||||
$first = true;
|
||||
foreach ($def['types'] as $type) {
|
||||
if ($first) $first = false;
|
||||
else echo ', ';
|
||||
echo "'".addslashes($type)."' : '".addslashes($type)."'";
|
||||
}
|
||||
echo "}; \n";
|
||||
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
|
||||
}
|
||||
echo "}; \n";
|
||||
}
|
||||
?>
|
||||
|
||||
|
@ -82,11 +82,11 @@ var formInfoValues = new Array();
|
|||
<?php
|
||||
foreach ($type_definitions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['".addslashes($type)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
|
||||
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['".addslashes($category)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
|
||||
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
?>
|
||||
|
||||
|
@ -111,4 +111,4 @@ formCategoryChanged("#AttributeCategory");
|
|||
$('#AttributeType').val(type_value);
|
||||
|
||||
</script>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts
|
|
@ -68,16 +68,16 @@
|
|||
<div class="related">
|
||||
<h3>Related Events</h3>
|
||||
<ul>
|
||||
<?php foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
$link_text = $relatedEvent['date'].' ('.$relatedEvent['id'].')';
|
||||
<?php foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
$link_text = $relatedEvent['date'] . ' (' . $relatedEvent['id'] . ')';
|
||||
echo $this->Html->link($link_text, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['id']));
|
||||
} else {
|
||||
$link_text = $relatedEvent['Event']['date'].' ('.$relatedEvent['Event']['id'].')';
|
||||
} else {
|
||||
$link_text = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
|
||||
echo $this->Html->link($link_text, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['Event']['id']));
|
||||
}
|
||||
?></li>
|
||||
}
|
||||
?></li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
</div>
|
||||
|
@ -104,41 +104,42 @@
|
|||
foreach ($categories as $category):
|
||||
$first = 1;
|
||||
foreach ($attributes as $attribute):
|
||||
if($attribute['Attribute']['category'] != $category) continue;
|
||||
if ($attribute['Attribute']['category'] != $category) continue;
|
||||
?>
|
||||
<tr>
|
||||
<td class="short" title="<?php if('' != $attribute['Attribute']['category']) echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>"><?php
|
||||
if ($first) {
|
||||
<td class="short" title="<?php if ('' != $attribute['Attribute']['category']) echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>"><?php
|
||||
if ($first) {
|
||||
if ('' == $attribute['Attribute']['category']) echo '(no category)';
|
||||
echo $attribute['Attribute']['category'];
|
||||
} else {
|
||||
} else {
|
||||
echo ' ';
|
||||
}
|
||||
?></td>
|
||||
<td class="short" title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>"><?php echo $attribute['Attribute']['type'];?></td>
|
||||
}
|
||||
?></td>
|
||||
<td class="short" title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>">
|
||||
<?php echo $attribute['Attribute']['type'];?></td>
|
||||
<td><?php
|
||||
$sig_display = nl2br(h($attribute['Attribute']['value']));
|
||||
if('attachment' == $attribute['Attribute']['type'] ||
|
||||
$sig_display = nl2br(h($attribute['Attribute']['value']));
|
||||
if ('attachment' == $attribute['Attribute']['type'] ||
|
||||
'malware-sample' == $attribute['Attribute']['type'] ) {
|
||||
$filename_hash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $this->Html->link($filename_hash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
|
||||
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
|
||||
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
|
||||
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
|
||||
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
|
||||
$filename_hash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $filename_hash[0];
|
||||
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
|
||||
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sig_display, 'http://www.google.com/search?q='.$sig_display, array('target'=> '_blank'));
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
|
||||
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sig_display, 'http://www.google.com/search?q=' . $sig_display, array('target' => '_blank'));
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sig_display, $sig_display);
|
||||
} else {
|
||||
} else {
|
||||
echo $sig_display;
|
||||
}
|
||||
?></td>
|
||||
}
|
||||
?></td>
|
||||
<td class="short" style="text-align: center;">
|
||||
<?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
|
||||
<?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
|
||||
foreach ($relatedAttributes[$attribute['Attribute']['id']] as $relatedAttribute) {
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
echo $this->Html->link($relatedAttribute['Correlation']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Correlation']['event_id']));
|
||||
|
@ -147,8 +148,8 @@
|
|||
}
|
||||
echo ' ';
|
||||
}
|
||||
}
|
||||
?>
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No';?></td>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
|
|
|
@ -6,7 +6,8 @@
|
|||
<th><?php echo $this->Paginator->sort('category');?></th>
|
||||
<th><?php echo $this->Paginator->sort('type');?></th>
|
||||
<th><?php echo $this->Paginator->sort('value');?></th>
|
||||
<th<?php echo ' title="' . $attr_descriptions['signature']['desc'] . '"';?>><?php echo $this->Paginator->sort('signature');?></th>
|
||||
<th<?php echo ' title="' . $attr_descriptions['signature']['desc'] . '"';?>>
|
||||
<?php echo $this->Paginator->sort('signature');?></th>
|
||||
<th class="actions"><?php echo __('Actions');?></th>
|
||||
</tr>
|
||||
<?php
|
||||
|
@ -15,32 +16,32 @@
|
|||
<td class="short">
|
||||
<?php echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id'])); ?>
|
||||
</td>
|
||||
<td title="<?php echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
|
||||
<td title="<?php echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='
|
||||
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
|
||||
<?php echo h($attribute['Attribute']['category']); ?> </td>
|
||||
<td title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
|
||||
<td title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='
|
||||
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
|
||||
<?php echo h($attribute['Attribute']['type']); ?> </td>
|
||||
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
|
||||
<?php
|
||||
$sig_display = nl2br(h($attribute['Attribute']['value']));
|
||||
if('attachment' == $attribute['Attribute']['type'] ||
|
||||
'malware-sample' == $attribute['Attribute']['type']) {
|
||||
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
|
||||
<?php
|
||||
$sig_display = nl2br(h($attribute['Attribute']['value']));
|
||||
if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sig_display, array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sig_display, $sig_display);
|
||||
|
||||
} else {
|
||||
} else {
|
||||
echo $sig_display;
|
||||
}
|
||||
?> </td>
|
||||
<td class="short" style="text-align: center;" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
|
||||
}
|
||||
?> </td>
|
||||
<td class="short" style="text-align: center;" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
|
||||
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?> </td>
|
||||
<td class="actions"><?php
|
||||
if ($isAdmin || $attribute['Event']['org'] == $me['org']) {
|
||||
if ($isAdmin || $attribute['Event']['org'] == $me['org']) {
|
||||
echo $this->Html->link(__('Edit'), array('action' => 'edit', $attribute['Attribute']['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $attribute['Attribute']['id']), null, __('Are you sure you want to delete this attribute?'));
|
||||
}
|
||||
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']));
|
||||
?>
|
||||
}
|
||||
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']));
|
||||
?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
|
|
|
@ -4,8 +4,8 @@
|
|||
<legend><?php echo __('Search Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('keyword');
|
||||
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
|
||||
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
|
||||
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Search', true));?>
|
||||
|
@ -19,17 +19,17 @@
|
|||
|
||||
var formInfoValues = new Array();
|
||||
<?php
|
||||
foreach ($type_definitions as $type => $def) {
|
||||
foreach ($type_definitions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['$type'] = \"$info\";\n";
|
||||
}
|
||||
}
|
||||
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
foreach ($category_definitions as $category => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['$category'] = \"$info\";\n";
|
||||
}
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
|
||||
}
|
||||
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
|
||||
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
|
||||
?>
|
||||
|
||||
formInfoValues['ALL'] = '';
|
||||
|
@ -51,4 +51,4 @@ $('#AttributeTypeDiv').hide();
|
|||
$('#AttributeCategoryDiv').hide();
|
||||
|
||||
</script>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
|
||||
<?php echo $this->Js->writeBuffer(); // Write cached scripts
|
|
@ -25,4 +25,4 @@
|
|||
<li> </li>
|
||||
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
|
||||
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
|
||||
<?php endif; ?>
|
||||
<?php endif;
|
|
@ -14,4 +14,4 @@ Attributes :
|
|||
Extra info :
|
||||
<?php echo h($event['Event']['info']); ?>
|
||||
|
||||
<?php //endforeach; ?>
|
||||
<?php //endforeach;
|
|
@ -2,17 +2,17 @@
|
|||
<?php echo $this->Form->create('Event');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Add Event'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('date');
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
<?php
|
||||
echo $this->Form->input('date');
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($event_descriptions['private']['formdesc']) ? $event_descriptions['private']['formdesc'] : $event_descriptions['private']['desc']),));
|
||||
}
|
||||
echo $this->Form->input('risk', array(
|
||||
}
|
||||
echo $this->Form->input('risk', array(
|
||||
'before' => $this->Html->div('forminfo', isset($event_descriptions['risk']['formdesc']) ? $event_descriptions['risk']['formdesc'] : $event_descriptions['risk']['desc'])));
|
||||
echo $this->Form->input('info');
|
||||
echo $this->Form->input('info');
|
||||
|
||||
?>
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Submit', true));?>
|
||||
</div>
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
<div class="events form">
|
||||
<?php echo $this->Form->create('Event');?>
|
||||
<fieldset>
|
||||
<legend><?php echo 'Contact reporter of event '.$this->Form->value('Event.id'); ?></legend>
|
||||
<legend><?php echo 'Contact reporter of event ' . $this->Form->value('Event.id'); ?></legend>
|
||||
<p>You are about to contact the person who reported event <?php echo $this->Form->value('Event.id'); ?>.<br/>
|
||||
Feel free to add a custom message that will be sent to the reporter. <br/>
|
||||
Your email address and details about the event will be added automagically to the message.</p>
|
||||
<?php
|
||||
echo $this->Form->input('message', array('type'=> 'textarea'));
|
||||
echo $this->Form->input('message', array('type' => 'textarea'));
|
||||
?>
|
||||
<?php echo $this->Form->end(__('Submit', true));?>
|
||||
</fieldset>
|
||||
|
|
|
@ -2,17 +2,17 @@
|
|||
<?php echo $this->Form->create('Event');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Edit Event'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('date');
|
||||
echo $this->Form->input('risk', array(
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('date');
|
||||
echo $this->Form->input('risk', array(
|
||||
'before' => $this->Html->div('forminfo', isset($event_descriptions['risk']['formdesc']) ? $event_descriptions['risk']['formdesc'] : $event_descriptions['risk']['desc'])));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($event_descriptions['private']['formdesc']) ? $event_descriptions['private']['formdesc'] : $event_descriptions['private']['desc']),));
|
||||
}
|
||||
echo $this->Form->input('info');
|
||||
?>
|
||||
}
|
||||
echo $this->Form->input('info');
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Submit', true));?>
|
||||
</div>
|
||||
|
|
|
@ -36,7 +36,7 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
|
|||
<p>You can configure your tools to automatically download the following files:</p>
|
||||
<pre>
|
||||
<?php foreach ($sig_types as $sig_type):?>
|
||||
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type."\n";?>
|
||||
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type . "\n";?>
|
||||
<?php endforeach;?>
|
||||
</pre>
|
||||
<p></p>
|
||||
|
|
|
@ -10,10 +10,12 @@
|
|||
<th><?php echo $this->Paginator->sort('user_id', 'Email');?></th>
|
||||
<?php endif; ?>
|
||||
<th><?php echo $this->Paginator->sort('date');?></th>
|
||||
<th<?php echo ' title="' . $event_descriptions['risk']['desc'] . '"';?>><?php echo $this->Paginator->sort('risk');?></th>
|
||||
<th<?php echo ' title="' . $event_descriptions['risk']['desc'] . '"';?>>
|
||||
<?php echo $this->Paginator->sort('risk');?></th>
|
||||
<th><?php echo $this->Paginator->sort('info');?></th>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<th<?php echo ' title="' . $event_descriptions['private']['desc'] . '"';?>><?php echo $this->Paginator->sort('private');?></th>
|
||||
<th<?php echo ' title="' . $event_descriptions['private']['desc'] . '"';?>>
|
||||
<?php echo $this->Paginator->sort('private');?></th>
|
||||
<?php endif; ?>
|
||||
<th class="actions"><?php echo __('Actions');?></th>
|
||||
</tr>
|
||||
|
@ -22,9 +24,9 @@
|
|||
?>
|
||||
<tr>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php
|
||||
echo $this->Html->image('orgs/'.h($event['Event']['org']).'.png', array('alt' => h($event['Event']['org']),'width'=>'50','hight'=>'50'));
|
||||
echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '50','hight' => '50'));
|
||||
?>
|
||||
</td>
|
||||
<?php endif; ?>
|
||||
|
@ -33,17 +35,17 @@
|
|||
</td>
|
||||
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showowner') || $isAdmin): ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo h($event['User']['email']); ?> </td>
|
||||
<?php endif; ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo $event['Event']['date']; ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo $event['Event']['risk']; ?> </td>
|
||||
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo nl2br(h($event['Event']['info'])); ?> </td>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo ($event['Event']['private'])? 'Private' : ''; ?> </td>
|
||||
<?php endif; ?>
|
||||
<td class="actions">
|
||||
|
@ -52,12 +54,12 @@
|
|||
echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?');
|
||||
elseif (0 == $event['Event']['published']) echo 'Not published';
|
||||
?>
|
||||
<?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
||||
<?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
||||
echo $this->Html->link(__('Edit', true), array('action' => 'edit', $event['Event']['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id']));
|
||||
}
|
||||
?>
|
||||
}
|
||||
?>
|
||||
<?php echo $this->Html->link(__('View', true), array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -71,9 +73,8 @@
|
|||
?> </p>
|
||||
|
||||
<div class="paging">
|
||||
<?php echo $this->Paginator->prev('<< ' . __('previous', true), array(), null, array('class'=>'disabled'));?>
|
||||
| <?php echo $this->Paginator->numbers();?>
|
||||
|
|
||||
<?php echo $this->Paginator->prev('<< ' . __('previous', true), array(), null, array('class' => 'disabled'));?>
|
||||
<?php echo $this->Paginator->numbers();?>
|
||||
<?php echo $this->Paginator->next(__('next', true) . ' >>', array(), null, array('class' => 'disabled'));?>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -3,4 +3,3 @@ foreach ($attributes as $attribute) {
|
|||
echo $attribute['Attribute']['value'];
|
||||
echo "\n";
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
</div>
|
||||
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||
<?php echo $this->Html->image('orgs/'.h($event['Event']['org']).'.png', array('alt' => h($event['Event']['org']),'width'=>'50','hight'=>'50', 'style' => 'float:right;')); ?>
|
||||
<?php echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '50','hight' => '50', 'style' => 'float:right;')); ?>
|
||||
<?php endif; ?>
|
||||
<h2>Event</h2>
|
||||
<dl>
|
||||
|
@ -73,7 +73,7 @@
|
|||
<ul>
|
||||
<?php foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
$link_text = $relatedEvent['Event']['date'].' ('.$relatedEvent['Event']['id'].')';
|
||||
$link_text = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
|
||||
echo $this->Html->link($link_text, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']));
|
||||
?></li>
|
||||
<?php endforeach; ?>
|
||||
|
@ -102,47 +102,48 @@
|
|||
foreach ($categories as $category):
|
||||
$first = 1;
|
||||
foreach ($event['Attribute'] as $attribute):
|
||||
if($attribute['category'] != $category) continue;
|
||||
if ($attribute['category'] != $category) continue;
|
||||
?>
|
||||
<tr>
|
||||
<td class="short" title="<?php if('' != $attribute['category']) echo $category_definitions[$attribute['category']]['desc'];?>"><?php
|
||||
if ($first) {
|
||||
<td class="short" title="<?php if ('' != $attribute['category']) echo $category_definitions[$attribute['category']]['desc'];?>">
|
||||
<?php if ($first) {
|
||||
if ('' == $attribute['category']) echo '(no category)';
|
||||
echo $attribute['category'];
|
||||
} else {
|
||||
} else {
|
||||
echo ' ';
|
||||
}
|
||||
?></td>
|
||||
<td class="short" title="<?php echo $type_definitions[$attribute['type']]['desc'];?>"><?php echo $attribute['type'];?></td>
|
||||
}
|
||||
?></td>
|
||||
<td class="short" title="<?php echo $type_definitions[$attribute['type']]['desc'];?>">
|
||||
<?php echo $attribute['type'];?></td>
|
||||
<td><?php
|
||||
$sig_display = nl2br(h($attribute['value']));
|
||||
if('attachment' == $attribute['type'] ||
|
||||
$sig_display = nl2br(h($attribute['value']));
|
||||
if ('attachment' == $attribute['type'] ||
|
||||
'malware-sample' == $attribute['type'] ) {
|
||||
$filename_hash = explode('|', h($attribute['value']));
|
||||
echo $this->Html->link($filename_hash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
|
||||
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
|
||||
} elseif (strpos($attribute['type'], '|') !== false) {
|
||||
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
|
||||
} elseif (strpos($attribute['type'], '|') !== false) {
|
||||
$filename_hash = explode('|', h($attribute['value']));
|
||||
echo $filename_hash[0];
|
||||
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
|
||||
} elseif ('vulnerability' == $attribute['type']) {
|
||||
echo $this->Html->link($sig_display, 'http://www.google.com/search?q='.$sig_display, array('target'=> '_blank'));
|
||||
} elseif ('link' == $attribute['type']) {
|
||||
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
|
||||
} elseif ('vulnerability' == $attribute['type']) {
|
||||
echo $this->Html->link($sig_display, 'http://www.google.com/search?q=' . $sig_display, array('target' => '_blank'));
|
||||
} elseif ('link' == $attribute['type']) {
|
||||
echo $this->Html->link($sig_display, $sig_display);
|
||||
} else {
|
||||
} else {
|
||||
echo $sig_display;
|
||||
}
|
||||
?></td>
|
||||
}
|
||||
?></td>
|
||||
<td class="short" style="text-align: center;">
|
||||
<?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
|
||||
<?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
|
||||
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
|
||||
echo $this->Html->link($relatedAttribute['Attribute']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Attribute']['event_id']));
|
||||
echo ' ';
|
||||
}
|
||||
}
|
||||
?>
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
|
|
|
@ -6,7 +6,7 @@ unset($event['Attribute']);
|
|||
|
||||
// cleanup the array from things we do not want to expose
|
||||
// remove value1 and value2 from the output
|
||||
foreach($event['Event']['Attribute'] as $key => $value) {
|
||||
foreach ($event['Event']['Attribute'] as $key => $value) {
|
||||
unset($event['Event']['Attribute'][$key]['value1']);
|
||||
unset($event['Event']['Attribute'][$key]['value2']);
|
||||
}
|
||||
|
@ -14,7 +14,7 @@ foreach($event['Event']['Attribute'] as $key => $value) {
|
|||
// hide the private fields is we are not in sync mode
|
||||
if ('true' != Configure::read('CyDefSIG.sync')) {
|
||||
unset($event['Event']['private']);
|
||||
foreach($event['Event']['Attribute'] as $key => $value) {
|
||||
foreach ($event['Event']['Attribute'] as $key => $value) {
|
||||
unset($event['Event']['Attribute'][$key]['private']);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -163,21 +163,21 @@ $attr = new Attribute();
|
|||
<table>
|
||||
<tr>
|
||||
<th>Category</th>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
|
||||
<th style="width:5%; text-align:center; white-space:normal"><?php echo $cat; ?></th>
|
||||
<?php endforeach;?>
|
||||
</tr>
|
||||
<?php foreach ($attr->type_definitions as $type => $def): ?>
|
||||
<tr>
|
||||
<td><?php echo $type; ?></td>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
|
||||
<td style="text-align:center"><?php echo in_array($type, $cat_def['types'])? 'X' : ''; ?></td>
|
||||
<?php endforeach;?>
|
||||
<?php endforeach;?>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Category</th>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
|
||||
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
|
||||
<th style="width:5%; text-align:center; white-space:normal"><?php echo $cat; ?></th>
|
||||
<?php endforeach;?>
|
||||
</tr>
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
<div class="servers index">
|
||||
<h2>Failed pulls</h2>
|
||||
<?php if (0==sizeof($fails)):?>
|
||||
<?php if (0 == count($fails)):?>
|
||||
<p>No failed pulls</p>
|
||||
<?php else:?>
|
||||
<ul>
|
||||
<?php foreach ($fails as $key => $value) echo '<li>'.$key.' : '.h($value).'</li>'; ?>
|
||||
<?php foreach ($fails as $key => $value) echo '<li>' . $key . ' : ' . h($value) . '</li>'; ?>
|
||||
</ul>
|
||||
<?php endif;?>
|
||||
<h2>Succeeded pulls</h2>
|
||||
<?php if (0==sizeof($successes)):?>
|
||||
<?php if (0 == count($successes)):?>
|
||||
<p>No succeeded pulls</p>
|
||||
<?php else:?>
|
||||
<ul>
|
||||
<?php foreach ($successes as $success) echo '<li>'.$success.'</li>'; ?>
|
||||
<?php foreach ($successes as $success) echo '<li>' . $success . '</li>'; ?>
|
||||
</ul>
|
||||
<?php endif;?>
|
||||
</div>
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
<div class="servers index">
|
||||
<h2>Failed pushes</h2>
|
||||
<?php if (0==sizeof($fails)):?>
|
||||
<?php if (0 == count($fails)):?>
|
||||
<p>No failed pushes</p>
|
||||
<?php else:?>
|
||||
<ul>
|
||||
<?php foreach ($fails as $key => $value) echo '<li>'.$key.' : '.h($value).'</li>'; ?>
|
||||
<?php foreach ($fails as $key => $value) echo '<li>' . $key . ' : ' . h($value) . '</li>'; ?>
|
||||
</ul>
|
||||
<?php endif;?>
|
||||
<h2>Succeeded pushes</h2>
|
||||
<?php if (0==sizeof($successes)):?>
|
||||
<?php if (0 == count($successes)):?>
|
||||
<p>No succeeded pushes</p>
|
||||
<?php else:?>
|
||||
<ul>
|
||||
<?php foreach ($successes as $success) echo '<li>'.$success.'</li>'; ?>
|
||||
<?php foreach ($successes as $success) echo '<li>' . $success . '</li>'; ?>
|
||||
</ul>
|
||||
<?php endif;?>
|
||||
</div>
|
||||
|
|
|
@ -15,21 +15,21 @@
|
|||
<?php
|
||||
foreach ($users as $user): ?>
|
||||
<tr>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['id']); ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['org']); ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['email']); ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo $user['User']['autoalert']? 'Yes' : 'No'; ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo $user['User']['gpgkey']? 'Yes' : 'No'; ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['nids_sid']); ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['termsaccepted']); ?> </td>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['newsread']); ?> </td>
|
||||
<td class="actions">
|
||||
<?php echo $this->Html->link(__('View'), array('admin' => true, 'action' => 'view', $user['User']['id'])); ?>
|
||||
|
|
|
@ -8,4 +8,3 @@ echo $this->Form->inputs(array(
|
|||
));
|
||||
|
||||
echo $this->Form->end('Login');
|
||||
?>
|
||||
|
|
|
@ -28,10 +28,10 @@
|
|||
var store = Ext.create('Ext.data.JsonStore', {
|
||||
fields: [<?php echo $graph_fields;?>],
|
||||
data: [<?php
|
||||
foreach ($graph_data as $row) {
|
||||
echo '{'.$row.'},';
|
||||
}
|
||||
?>]
|
||||
foreach ($graph_data as $row) {
|
||||
echo '{' . $row . '},';
|
||||
}
|
||||
?>]
|
||||
});
|
||||
var panel1 = Ext.create('widget.panel', {
|
||||
width: 800,
|
||||
|
|
|
@ -39,7 +39,7 @@ holder or other party has been advised of the possibility of such damages.</li>
|
|||
<?php
|
||||
if (!$termsaccepted) {
|
||||
echo $this->Form->create('User');
|
||||
echo $this->Form->hidden('termsaccepted', array('default'=> '1'));
|
||||
echo $this->Form->hidden('termsaccepted', array('default' => '1'));
|
||||
echo $this->Form->end(__('Accept Terms', true));
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue