MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

CakePHP Coding Standards 

http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html

Eclipse:
Window->Preferences
	General->Editors->Text Editors
		Displayed tab width:	4
		Insert spaces for tabs	NOT
	PHP->Code Style->Formatter
		Tab policy:	Tabs
File->Convert Line Delimeters To->Unix [default]

http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/

Not yet done is all camel caps format.
pull/61/head
noud 2012-09-18 15:30:32 +02:00
parent 0f4a0dffea
commit 94a367c2f5
54 changed files with 4398 additions and 4396 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Console/Command/PasswordShell.php
View File

@ -6,6 +6,7 @@
* arg1 = new password
*/
class PasswordShell extends AppShell {
public $uses = array('User');
public function main() {

91
app/Controller/AppController.php
View File

@ -52,7 +52,6 @@ class AppController extends Controller {
)
);
public function isAuthorized($user) {
if (self::_isAdmin()) {
return true; // admin can access every action on every controller
@ -60,8 +59,7 @@ class AppController extends Controller {
return false; // The rest don't
}
function beforeFilter() {
public function beforeFilter() {
// REST things
if ($this->_isRest()) {
// disable CSRF for REST access
@ -96,22 +94,21 @@ class AppController extends Controller {
$this->set('isAdmin', $this->_isAdmin());
}
protected function _isRest() {
return (isset($this->RequestHandler) && $this->RequestHandler->isXml());
}
/**
/**
* Convert an array to the same array but with the values also as index instead of an interface_exists
*/
function _arrayToValuesIndexArray($old_array) {
public function _arrayToValuesIndexArray($old_array) {
$new_array = Array();
foreach ($old_array as $value)
$new_array[$value] = $value;
return $new_array;
}
/**
/**
* checks if the currently logged user is an administrator
*/
public function _isAdmin() {
@ -122,27 +119,28 @@ class AppController extends Controller {
return false;
}
/**
/**
* Refreshes the Auth session with new/updated data
* @return void
*/
function _refreshAuth() {
public function _refreshAuth() {
if (isset($this->User)) {
$user = $this->User->read(false, $this->Auth->user('id'));
} else {
$user= ClassRegistry::init('User')->findById($this->Auth->user('id'));
$user = ClassRegistry::init('User')->findById($this->Auth->user('id'));
}
$this->Auth->login($user['User']);
}
/**
/**
* Updates the missing fields from v0.1 to v0.2 of CyDefSIG
* First you will need to manually update the database to the new schema.
* Log in as admin user and
* Then run this function by setting debug = 1 (or more) and call /events/migrate01to02
*
* @throws NotFoundException
*/
function migrate01to02() {
public function migrate01to02() {
if (!self::_isAdmin()) throw new NotFoundException();
// generate uuids for events who have no uuid
@ -158,7 +156,7 @@ class AppController extends Controller {
foreach ($events as $event) {
$this->Event->id = $event['Event']['id'];
$this->Event->saveField('uuid', String::uuid());
echo $event['Event']['id'].' ';
echo $event['Event']['id'] . ' ';
}
echo "</p>";
// generate uuids for attributes who have no uuid
@ -173,19 +171,18 @@ class AppController extends Controller {
foreach ($attributes as $attribute) {
$this->Attribute->id = $attribute['Attribute']['id'];
$this->Attribute->saveField('uuid', String::uuid());
echo $attribute['Attribute']['id'].' ';
echo $attribute['Attribute']['id'] . ' ';
}
echo "</p>";
}
/**
/**
* Updates the missing fields from v0.2 to v0.2.1 of CyDefSIG
* First you will need to manually update the database to the new schema.
* Log in as admin user and
* Then run this function by setting debug = 1 (or more) and call /events/migrate02to021
*/
function _explodeValueToValues() {
public function _explodeValueToValues() {
// search for composite value1 fields and explode it to value1 and value2
$this->loadModel('Attribute');
$params = array(
@ -201,10 +198,10 @@ class AppController extends Controller {
echo '<h2>Exploding composite fields in 2 columns: </h2><ul>';
foreach ($attributes as $attribute) {
$pieces = explode('|', $attribute['Attribute']['value1']);
if (2 != sizeof($pieces)) continue; // do nothing if not 2 pieces
if (2 != count($pieces)) continue; // do nothing if not 2 pieces
$this->Attribute->id = $attribute['Attribute']['id'];
echo '<li>'.$attribute['Attribute']['id'].' --> '.$attribute['Attribute']['value1'].' --> '.$pieces[0].' --> '.$pieces[1].'</li> ';
echo '<li>' . $attribute['Attribute']['id'] . ' --> ' . $attribute['Attribute']['value1'] . ' --> ' . $pieces[0] . ' --> ' . $pieces[1] . '</li> ';
$this->Attribute->saveField('value1', $pieces[0]);
$this->Attribute->id = $attribute['Attribute']['id'];
$this->Attribute->saveField('value2', $pieces[1]);
@ -212,15 +209,16 @@ class AppController extends Controller {
echo "</ul> DONE.";
}
function migrate02to021() {
if (!self::_isAdmin()) throw new NotFoundException();
public function migrate02to021() {
if (!self::_isAdmin()) {
throw new NotFoundException();
}
// search for composite value1 fields and explode it to value1 and value2
$this->_explodeValueToValues();
}
function migrate021to022() {
public function migrate021to022() {
if (!self::_isAdmin()) throw new NotFoundException();
// replace description by comment
@ -248,12 +246,12 @@ class AppController extends Controller {
// echo "</ul> DONE</p>";
// search for incompatible combination of category / type
}
function migratemisp02to10() {
if (!self::_isAdmin()) throw new NotFoundException();
public function migratemisp02to10() {
if (!self::_isAdmin()) {
throw new NotFoundException();
}
// add missing columns, rename other columns
$queries = array(
@ -287,12 +285,13 @@ class AppController extends Controller {
// execute the queries
foreach ($queries as &$query) {
$result = $this->{$this->modelClass}->query($query);
}
}
function migratemisp10to11() {
if (!self::_isAdmin()) throw new NotFoundException();
public function migratemisp10to11() {
if (!self::_isAdmin()) {
throw new NotFoundException();
}
// add missing columns, rename other columns
$queries = array(
@ -303,11 +302,10 @@ class AppController extends Controller {
// execute the queries
foreach ($queries as &$query) {
$result = $this->{$this->modelClass}->query($query);
}
}
function generateCorrelation() {
public function generateCorrelation() {
if (!self::_isAdmin()) throw new NotFoundException();
$this->loadModel('Correlation');
@ -317,21 +315,20 @@ class AppController extends Controller {
$attributes = $this->Attribute->find('all',array('recursive' => 0));
// for all attributes..
foreach ($attributes as $attribute) {
$this->Attribute->setRelatedAttributes($attribute['Attribute'], $fields=array());
$this->Attribute->setRelatedAttributes($attribute['Attribute'], $fields = array());
// // i want to keep this in repo for a moment
// $relatedAttributes = $this->Attribute->getRelatedAttributes($attribute['Attribute'], $fields);
// if ($relatedAttributes) {
// foreach ($relatedAttributes as $relatedAttribute) {
// // // and store into table
// $this->Correlation->create();
// $this->Correlation->save(array('Correlation' => array(
// '1_event_id' => $attribute['Attribute']['event_id'], '1_attribute_id' => $attribute['Attribute']['id'],
// 'event_id' => $relatedAttribute['Attribute']['event_id'], 'attribute_id' => $relatedAttribute['Attribute']['id'],
// 'date' => $relatedAttribute['Event']['date'])));
// }
// }
//// i want to keep this in repo for a moment
//$relatedAttributes = $this->Attribute->getRelatedAttributes($attribute['Attribute'], $fields);
//if ($relatedAttributes) {
// foreach ($relatedAttributes as $relatedAttribute) {
// // and store into table
// $this->Correlation->create();
// $this->Correlation->save(array('Correlation' => array(
// '1_event_id' => $attribute['Attribute']['event_id'], '1_attribute_id' => $attribute['Attribute']['id'],
// 'event_id' => $relatedAttribute['Attribute']['event_id'], 'attribute_id' => $relatedAttribute['Attribute']['id'],
// 'date' => $relatedAttribute['Event']['date'])));
// }
//}
}
}
}

100
app/Controller/AttributesController.php
View File

@ -11,13 +11,15 @@ App::uses('File', 'Utility');
class AttributesController extends AppController {
public $components = array('Security', 'RequestHandler');
public $paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
);
public $helpers = array('Js' => array('Jquery'));
function beforeFilter() {
public function beforeFilter() {
parent::beforeFilter();
// permit reuse of CSRF tokens on the search page.
@ -41,7 +43,6 @@ class AttributesController extends AppController {
}
}
public function isAuthorized($user) {
// Admins can access everything
if (parent::isAuthorized($user)) {
@ -75,7 +76,6 @@ class AttributesController extends AppController {
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
}
/**
@ -90,12 +90,11 @@ class AttributesController extends AppController {
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
// TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
if(isset($this->request->data['Attribute']['type']) && $this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
if (isset($this->request->data['Attribute']['type']) && $this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
}
// remove the published flag from the event
$this->Event->id = $this->request->data['Attribute']['event_id'];
$this->Event->saveField('published', 0);
@ -117,27 +116,25 @@ class AttributesController extends AppController {
$this->Attribute->create();
$this->request->data['Attribute']['value'] = $attribute; // set the value as the content of the single line
if ($this->Attribute->save($this->request->data)) {
$successes .= " ".($key+1);
$successes .= " " . ($key + 1);
} else {
$fails .= " ".($key+1);
$fails .= " " . ($key + 1);
}
}
// we added all the attributes,
if ($fails) {
// list the ones that failed
$this->Session->setFlash(__('The lines'.$fails.' could not be saved. Please, try again.', true), 'default', array(), 'error');
$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. Please, try again.', true), 'default', array(), 'error');
}
if ($successes) {
// list the ones that succeeded
$this->Session->setFlash(__('The lines'.$successes.' have been saved', true));
$this->Session->setFlash(__('The lines' . $successes . ' have been saved', true));
}
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
}
else {
} else {
//
// single attribute
//
@ -171,7 +168,6 @@ class AttributesController extends AppController {
$this->set('category_definitions', $this->Attribute->category_definitions);
}
public function download($id = null) {
$this->Attribute->id = $id;
if (!$this->Attribute->exists()) {
@ -179,13 +175,13 @@ class AttributesController extends AppController {
}
$this->Attribute->read();
$file = new File(APP.DS."files".DS.$this->Attribute->data['Attribute']['event_id'].DS.$this->Attribute->data['Attribute']['id']);
$file = new File(APP . DS . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']);
$filename = '';
if('attachment' == $this->Attribute->data['Attribute']['type']) {
$filename= $this->Attribute->data['Attribute']['value'];
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
$filename = $this->Attribute->data['Attribute']['value'];
$file_ext = pathinfo($filename, PATHINFO_EXTENSION);
$filename= substr($filename,0,strlen($filename)-strlen($file_ext)-1);
} elseif ('malware-sample'== $this->Attribute->data['Attribute']['type']) {
$filename = substr($filename, 0, strlen($filename) - strlen($file_ext) - 1);
} elseif ('malware-sample' == $this->Attribute->data['Attribute']['type']) {
$filename_hash = explode('|', $this->Attribute->data['Attribute']['value']);
$filename = $filename_hash[0];
$file_ext = "zip";
@ -208,6 +204,7 @@ class AttributesController extends AppController {
* add_attachment method
*
* @return void
* @throws InternalErrorException
*/
public function add_attachment($event_id = null) {
if ($this->request->is('post')) {
@ -221,7 +218,7 @@ class AttributesController extends AppController {
if ((isset($this->request->data['Attribute']['value']['error']) && $this->request->data['Attribute']['value']['error'] == 0) ||
(!empty( $this->request->data['Attribute']['value']['tmp_name']) && $this->request->data['Attribute']['value']['tmp_name'] != 'none')
) {
if(!is_uploaded_file($tmpfile->path))
if (!is_uploaded_file($tmpfile->path))
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
} else {
$this->Session->setFlash(__('There was a problem to upload the file.', true), 'default', array(), 'error');
@ -234,12 +231,11 @@ class AttributesController extends AppController {
// save the file-info in the database
$this->Attribute->create();
if($this->request->data['Attribute']['malware']) {
if ($this->request->data['Attribute']['malware']) {
$this->request->data['Attribute']['type'] = "malware-sample";
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
}
else {
} else {
$this->request->data['Attribute']['type'] = "attachment";
$this->request->data['Attribute']['value'] = $filename;
$this->request->data['Attribute']['to_ids'] = 0;
@ -257,22 +253,22 @@ class AttributesController extends AppController {
// no errors in file upload, entry already in db, now move the file where needed and zip it if required.
// no sanitization is required on the filename, path or type as we save
// create directory structure
$root_dir = APP.DS."files".DS.$this->request->data['Attribute']['event_id'];
$root_dir = APP . DS . "files" . DS . $this->request->data['Attribute']['event_id'];
$dir = new Folder($root_dir, true);
// move the file to the correct location
$destpath = $root_dir.DS.$this->Attribute->id; // id of the new attribute in the database
$destpath = $root_dir . DS . $this->Attribute->id; // id of the new attribute in the database
$file = new File ($destpath);
$zipfile = new File ($destpath.'.zip');
$file_in_zip = new File($root_dir.DS.$filename); // FIXME do sanitization of the filename
$zipfile = new File ($destpath . '.zip');
$file_in_zip = new File($root_dir . DS . $filename); // FIXME do sanitization of the filename
if($file->exists() || $zipfile->exists() || $file_in_zip->exists()) {
if ($file->exists() || $zipfile->exists() || $file_in_zip->exists()) {
// this should never happen as the attribute id should be unique
$this->Session->setFlash(__('Attachment with this name already exist in this event.', true), 'default', array(), 'error');
// remove the entry from the database
$this->Attribute->delete();
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
}
if(!move_uploaded_file($tmpfile->path, $file->path)) {
if (!move_uploaded_file($tmpfile->path, $file->path)) {
$this->Session->setFlash(__('Problem with uploading attachment. Cannot move it to its final location.', true), 'default', array(), 'error');
// remove the entry from the database
$this->Attribute->delete();
@ -280,13 +276,14 @@ class AttributesController extends AppController {
}
// zip and password protect the malware files
if($this->request->data['Attribute']['malware']) {
if ($this->request->data['Attribute']['malware']) {
// TODO check if CakePHP has no easy/safe wrapper to execute commands
$exec_retval = ''; $exec_output = array();
$exec_retval = '';
$exec_output = array();
rename($file->path, $file_in_zip->path); // TODO check if no workaround exists for the current filtering mechanisms
exec("zip -j -P infected ".$zipfile->path.' "'.addslashes($file_in_zip->path).'"', $exec_output, $exec_retval);
if($exec_retval != 0) { // not EXIT_SUCCESS
$this->Session->setFlash(__('Problem with zipping the attachment. Please report to administrator. '.$exec_output, true), 'default', array(), 'error');
exec("zip -j -P infected " . $zipfile->path . ' "' . addslashes($file_in_zip->path) . '"', $exec_output, $exec_retval);
if ($exec_retval != 0) { // not EXIT_SUCCESS
$this->Session->setFlash(__('Problem with zipping the attachment. Please report to administrator. ' . $exec_output, true), 'default', array(), 'error');
// remove the entry from the database
$this->Attribute->delete();
$file_in_zip->delete();
@ -340,6 +337,7 @@ class AttributesController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function edit($id = null) {
$this->Attribute->id = $id;
@ -350,8 +348,8 @@ class AttributesController extends AppController {
$this->Attribute->read();
$event_id = $this->Attribute->data['Attribute']['event_id'];
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
if ('attachment' == $this->Attribute->data['Attribute']['type'] ||
'malware-sample' == $this->Attribute->data['Attribute']['type'] ) {
$this->set('attachment', true);
// TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
@ -362,7 +360,7 @@ class AttributesController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) {
// say what fields are to be updated
$fieldList=array('category', 'type', 'value1', 'value2', 'to_ids', 'private');
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private');
if ($this->Attribute->save($this->request->data)) {
$this->Session->setFlash(__('The attribute has been saved'));
@ -371,7 +369,6 @@ class AttributesController extends AppController {
$this->Event->id = $event_id;
$this->Event->saveField('published', 0);
$this->redirect(array('controller' => 'events', 'action' => 'view', $event_id));
} else {
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
@ -394,12 +391,13 @@ class AttributesController extends AppController {
$this->set('category_definitions', $this->Attribute->category_definitions);
}
/**
* delete method
*
* @param string $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function delete($id = null) {
if (!$this->request->is('post') && !$this->_isRest()) {
@ -435,17 +433,17 @@ class AttributesController extends AppController {
else $this->redirect(array('action' => 'index'));
}
/**
/**
* Deletes this specific attribute from all remote servers
* TODO move this to a component(?)
*/
function _deleteAttributeFromServers($uuid) {
public function _deleteAttributeFromServers($uuid) {
$result = $this->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $uuid)));
$id = $result['Attribute']['id'];
// make sure we have all the data of the Attribute
$this->Attribute->id=$id;
$this->Attribute->recursive=1;
$this->Attribute->id = $id;
$this->Attribute->recursive = 1;
$this->Attribute->read();
// get a list of the servers
@ -453,7 +451,7 @@ class AttributesController extends AppController {
$servers = $this->Server->find('all', array());
// iterate over the servers and upload the attribute
if(empty($servers))
if (empty($servers))
return;
App::uses('HttpSocket', 'Network/Http');
@ -464,7 +462,6 @@ class AttributesController extends AppController {
}
public function search() {
$fullAddress = '/attributes/search';
if ($this->request->here == $fullAddress) {
@ -483,13 +480,13 @@ class AttributesController extends AppController {
// search the db
$conditions = array();
if($keyword) {
$conditions['Attribute.value LIKE'] = '%'.$keyword.'%';
if ($keyword) {
$conditions['Attribute.value LIKE'] = '%' . $keyword . '%';
}
if($type != 'ALL') {
if ($type != 'ALL') {
$conditions['Attribute.type ='] = $type;
}
if($category != 'ALL') {
if ($category != 'ALL') {
$conditions['Attribute.category ='] = $category;
}
$this->Attribute->recursive = 0;
@ -534,21 +531,20 @@ class AttributesController extends AppController {
}
}
/**
/**
* event method (bluntly copied from EventsController.view()
*
* @param int $id
* @return void
*/
public function event($id = null) {
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
// search the db
$conditions = array();
if(isset($this->params['named']['event'])) {
if (isset($this->params['named']['event'])) {
$attribute_id = $this->params['named']['event'];
} else {
$attribute_id = $id;

15
app/Controller/Component/HidsMd5ExportComponent.php
View File

@ -4,20 +4,17 @@ class HidsMd5ExportComponent extends Component {
public $rules = array();
function explain() {
public function explain() {
// unshift add in reverse order
array_unshift($this->rules, '# ');
array_unshift($this->rules, '# Keep in mind MD5 is not collision resistant');
array_unshift($this->rules, '# These HIDS export contains MD5 checksums.');
}
function suricataRules($items) {
public function suricataRules($items) {
$itemsDone = array();
foreach ($items as &$item) {
# md5
$rule_format = '%s';
@ -40,7 +37,6 @@ class HidsMd5ExportComponent extends Component {
default:
break;
}
}
@ -49,18 +45,15 @@ class HidsMd5ExportComponent extends Component {
$this->explain();
return $this->rules;
}
function checksumRule($rule_format, $attribute) {
public function checksumRule($rule_format, $attribute) {
$this->rules[] = sprintf($rule_format,
$attribute['value1'] // md5
);
}
function partRule($rule_format, $attribute) {
public function partRule($rule_format, $attribute) {
$this->rules[] = sprintf($rule_format,
$attribute['value2'] // md5
);

13
app/Controller/Component/HidsSha1ExportComponent.php
View File

@ -4,19 +4,18 @@ class HidsSha1ExportComponent extends Component {
public $rules = array();
function explain() {
public function explain() {
// unshift add in reverse order
array_unshift($this->rules, '# ');
array_unshift($this->rules, '# Keep in mind SHA-1 still has a theoretical collision possibility');
array_unshift($this->rules, '# These HIDS export contains SHA-1 checksums.');
}
function suricataRules($items) {
public function suricataRules($items) {
$itemsDone = array();
foreach ($items as &$item) {
# sha-1
$rule_format = '%s';
@ -38,7 +37,6 @@ class HidsSha1ExportComponent extends Component {
default:
break;
}
}
@ -47,18 +45,15 @@ class HidsSha1ExportComponent extends Component {
$this->explain();
return $this->rules;
}
function checksumRule($rule_format, $attribute) {
public function checksumRule($rule_format, $attribute) {
$this->rules[] = sprintf($rule_format,
$attribute['value1'] // md5
);
}
function partRule($rule_format, $attribute) {
public function partRule($rule_format, $attribute) {
$this->rules[] = sprintf($rule_format,
$attribute['value2'] // md5
);

133
app/Controller/Component/NidsExportComponent.php
View File

@ -3,9 +3,10 @@
class NidsExportComponent extends Component {
public $rules = array();
public $classtype = 'trojan-activity';
function explain() {
public function explain() {
$this->rules[] = '# These NIDS rules contain some variables that need to exist in your configuration.';
$this->rules[] = '# Make sure you have set:';
$this->rules[] = '#';
@ -16,7 +17,7 @@ class NidsExportComponent extends Component {
$this->rules[] = '# ';
}
function suricataRules($items, $start_sid) {
public function suricataRules($items, $start_sid) {
$this->whitelist = $this->populateWhitelist();
$this->explain();
@ -40,11 +41,11 @@ class NidsExportComponent extends Component {
}
# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
$rule_format_msg = 'msg: "CyDefSIG e'.$item['Event']['id'].' %s"';
$rule_format_reference = 'reference:url,'.Configure::read('CyDefSIG.baseurl').'/events/view/'.$item['Event']['id'];
$rule_format = '%salert %s %s %s %s %s %s ('.$rule_format_msg.'; %s %s classtype:'.$this->classtype.'; sid:%d; rev:%d; priority:'.$priority.'; '.$rule_format_reference.';) ';
$rule_format_msg = 'msg: "CyDefSIG e' . $item['Event']['id'] . ' %s"';
$rule_format_reference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id'];
$rule_format = '%salert %s %s %s %s %s %s (' . $rule_format_msg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $rule_format_reference . ';) ';
$sid = $start_sid+($item['Attribute']['id']*10); // leave 9 possible rules per attribute type
$sid = $start_sid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type
$attribute = &$item['Attribute'];
$sid++;
@ -86,20 +87,14 @@ class NidsExportComponent extends Component {
$this->snortRule($rule_format, $attribute, $sid, $rule_format_msg, $rule_format_reference);
default:
break;
}
}
return $this->rules;
}
function ipDstRule($rule_format, $attribute, &$sid) {
public function ipDstRule($rule_format, $attribute, &$sid) {
$overruled = in_array($attribute['value'], $this->whitelist);
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
@ -109,16 +104,15 @@ class NidsExportComponent extends Component {
'->', // direction
$attribute['value'], // dst_ip
'any', // dst_port
'Outgoing To IP: '.$attribute['value'], // msg
'Outgoing To IP: ' . $attribute['value'], // msg
'', // rule_content
'', // tag
$sid, // sid
1 // rev
);
}
function ipSrcRule($rule_format, $attribute, &$sid) {
public function ipSrcRule($rule_format, $attribute, &$sid) {
$overruled = in_array($attribute['value'], $this->whitelist);
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
@ -128,7 +122,7 @@ class NidsExportComponent extends Component {
'->', // direction
'$HOME_NET', // dst_ip
'any', // dst_port
'Incoming From IP: '.$attribute['value'], // msg
'Incoming From IP: ' . $attribute['value'], // msg
'', // rule_content
'', // tag
$sid, // sid
@ -136,8 +130,8 @@ class NidsExportComponent extends Component {
);
}
function emailSrcRule($rule_format, $attribute, &$sid) {
$content = 'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
public function emailSrcRule($rule_format, $attribute, &$sid) {
$content = 'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
$this->rules[] = sprintf($rule_format,
(false) ? '#OVERRULED BY WHITELIST# ' : '',
'tcp', // proto
@ -146,7 +140,7 @@ class NidsExportComponent extends Component {
'<>', // direction
'$SMTP_SERVERS', // dst_ip
'25', // dst_port
'Source Email Address: '.$attribute['value'], // msg
'Source Email Address: ' . $attribute['value'], // msg
$content, // rule_content
'tag:session,600,seconds;', // tag
$sid, // sid
@ -154,8 +148,8 @@ class NidsExportComponent extends Component {
);
}
function emailDstRule($rule_format, $attribute, &$sid) {
$content = 'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
public function emailDstRule($rule_format, $attribute, &$sid) {
$content = 'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
$this->rules[] = sprintf($rule_format,
(false) ? '#OVERRULED BY WHITELIST# ' : '',
'tcp', // proto
@ -164,7 +158,7 @@ class NidsExportComponent extends Component {
'<>', // direction
'$SMTP_SERVERS', // dst_ip
'25', // dst_port
'Destination Email Address: '.$attribute['value'],// msg
'Destination Email Address: ' . $attribute['value'],// msg
$content, // rule_content
'tag:session,600,seconds;', // tag
$sid, // sid
@ -172,9 +166,9 @@ class NidsExportComponent extends Component {
);
}
function emailSubjectRule($rule_format, $attribute, &$sid) {
public function emailSubjectRule($rule_format, $attribute, &$sid) {
// LATER nids - email-subject rule might not match because of line-wrapping
$content = 'flow:established,to_server; content:"Subject|3a|"; nocase; content:"'.$attribute['value'].'"; nocase;';
$content = 'flow:established,to_server; content:"Subject|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;';
$this->rules[] = sprintf($rule_format,
(false) ? '#OVERRULED BY WHITELIST# ' : '',
'tcp', // proto
@ -191,9 +185,9 @@ class NidsExportComponent extends Component {
);
}
function emailAttachmentRule($rule_format, $attribute, &$sid) {
public function emailAttachmentRule($rule_format, $attribute, &$sid) {
// LATER nids - email-attachment rule might not match because of line-wrapping
$content = 'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"'.$attribute['value'].'|22|";';
$content = 'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"' . $attribute['value'] . '|22|";';
$this->rules[] = sprintf($rule_format,
(false) ? '#OVERRULED BY WHITELIST# ' : '',
'tcp', // proto
@ -210,9 +204,9 @@ class NidsExportComponent extends Component {
);
}
function hostnameRule($rule_format, $attribute, &$sid) {
public function hostnameRule($rule_format, $attribute, &$sid) {
$overruled = $this->checkNames($attribute['value']);
$content = 'content:"'.$this->dnsNameToRawFormat($attribute['value'], 'hostname').'"; nocase;';
$content = 'content:"' . $this->dnsNameToRawFormat($attribute['value'], 'hostname') . '"; nocase;';
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
'udp', // proto
@ -221,7 +215,7 @@ class NidsExportComponent extends Component {
'->', // direction
'any', // dst_ip
'53', // dst_port
'Hostname: '.$attribute['value'], // msg
'Hostname: ' . $attribute['value'], // msg
$content, // rule_content
'', // tag
$sid, // sid
@ -236,7 +230,7 @@ class NidsExportComponent extends Component {
'->', // direction
'any', // dst_ip
'53', // dst_port
'Hostname: '.$attribute['value'], // msg
'Hostname: ' . $attribute['value'], // msg
$content, // rule_content
'', // tag
$sid, // sid
@ -245,7 +239,7 @@ class NidsExportComponent extends Component {
$sid++;
// also do http requests
// warning: only suricata compatible
$content = 'flow:to_server,established; content: "Host: '.$attribute['value'].'"; nocase; http_header; pcre: "/[^A-Za-z0-9-]'.preg_quote($attribute['value']).'[^A-Za-z0-9-]/";';
$content = 'flow:to_server,established; content: "Host: ' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";';
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
'http', // proto
@ -254,7 +248,7 @@ class NidsExportComponent extends Component {
'->', // direction
'$EXTERNAL_NET', // dst_ip
'any', // dst_port
'Outgoing HTTP Hostname: '.$attribute['value'], // msg
'Outgoing HTTP Hostname: ' . $attribute['value'], // msg
$content, // rule_content
'tag:session,600,seconds;', // tag
$sid, // sid
@ -262,9 +256,9 @@ class NidsExportComponent extends Component {
);
}
function domainRule($rule_format, $attribute, &$sid) {
public function domainRule($rule_format, $attribute, &$sid) {
$overruled = $this->checkNames($attribute['value']);
$content = 'content:"'.$this->dnsNameToRawFormat($attribute['value']).'"; nocase;';
$content = 'content:"' . $this->dnsNameToRawFormat($attribute['value']) . '"; nocase;';
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
'udp', // proto
@ -273,7 +267,7 @@ class NidsExportComponent extends Component {
'->', // direction
'any', // dst_ip
'53', // dst_port
'Domain: '.$attribute['value'], // msg
'Domain: ' . $attribute['value'], // msg
$content, // rule_content
'', // tag
$sid, // sid
@ -288,7 +282,7 @@ class NidsExportComponent extends Component {
'->', // direction
'any', // dst_ip
'53', // dst_port
'Domain: '.$attribute['value'], // msg
'Domain: ' . $attribute['value'], // msg
$content, // rule_content
'', // tag
$sid, // sid
@ -297,7 +291,7 @@ class NidsExportComponent extends Component {
$sid++;
// also do http requests,
// warning: only suricata compatible
$content = 'flow:to_server,established; content: "Host:"; nocase; http_header; content:"'.$attribute['value'].'"; nocase; http_header; pcre: "/[^A-Za-z0-9-]'.preg_quote($attribute['value']).'[^A-Za-z0-9-]/";';
$content = 'flow:to_server,established; content: "Host:"; nocase; http_header; content:"' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";';
$this->rules[] = sprintf($rule_format,
($overruled) ? '#OVERRULED BY WHITELIST# ' : '',
'http', // proto
@ -306,7 +300,7 @@ class NidsExportComponent extends Component {
'->', // direction
'$EXTERNAL_NET', // dst_ip
'any', // dst_port
'Outgoing HTTP Domain: '.$attribute['value'], // msg
'Outgoing HTTP Domain: ' . $attribute['value'], // msg
$content, // rule_content
'tag:session,600,seconds;', // tag
$sid, // sid
@ -314,12 +308,12 @@ class NidsExportComponent extends Component {
);
}
function urlRule($rule_format, $attribute, &$sid) {
public function urlRule($rule_format, $attribute, &$sid) {
// TODO in hindsight, an url should not be excluded given a host or domain name.
// $hostpart = parse_url($attribute['value'], PHP_URL_HOST);
// $overruled = $this->checkNames($hostpart);
//$hostpart = parse_url($attribute['value'], PHP_URL_HOST);
//$overruled = $this->checkNames($hostpart);
// warning: only suricata compatible
$content = 'flow:to_server,established; content:"'.$attribute['value'].'"; nocase; http_uri;';
$content = 'flow:to_server,established; content:"' . $attribute['value'] . '"; nocase; http_uri;';
$this->rules[] = sprintf($rule_format,
(false) ? '#OVERRULED BY WHITELIST# ' : '',
'http', // proto
@ -328,7 +322,7 @@ class NidsExportComponent extends Component {
'->', // direction
'$EXTERNAL_NET', // dst_ip
'any', // dst_port
'Outgoing HTTP URL: '.$attribute['value'], // msg
'Outgoing HTTP URL: ' . $attribute['value'], // msg
$content, // rule_content
'tag:session,600,seconds;', // tag
$sid, // sid
@ -336,12 +330,11 @@ class NidsExportComponent extends Component {
);
}
function userAgentRule($rule_format, $attribute, &$sid) {
public function userAgentRule($rule_format, $attribute, &$sid) {
// TODO nids - write snort user-agent rule
}
function snortRule($rule_format, $attribute, &$sid, $rule_format_msg, $rule_format_reference) {
public function snortRule($rule_format, $attribute, &$sid, $rule_format_msg, $rule_format_reference) {
// LATER nids - test using lots of snort rules.
$tmp_rule = $attribute['value'];
@ -352,44 +345,42 @@ class NidsExportComponent extends Component {
// msg - '/msg\s*:\s*".*?"\s*;/'
// reference - '/reference\s*:\s*.+?;/'
// tag - '/tag\s*:\s*.+?;/'
$replace_count=array();
$tmp_rule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:'.$sid.';', $tmp_rule, -1, $replace_count['sid']);
$replace_count = array();
$tmp_rule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:' . $sid . ';', $tmp_rule, -1, $replace_count['sid']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
$tmp_rule = preg_replace('/rev\s*:\s*[0-9]+\s*;/', 'rev:1;', $tmp_rule, -1, $replace_count['rev']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
$tmp_rule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:'.$this->classtype.';', $tmp_rule, -1, $replace_count['classtype']);
$tmp_rule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:' . $this->classtype . ';', $tmp_rule, -1, $replace_count['classtype']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
$tmp_message = sprintf($rule_format_msg, 'snort-rule');
$tmp_rule = preg_replace('/msg\s*:\s*".*?"\s*;/', $tmp_message.';', $tmp_rule, -1, $replace_count['msg']);
$tmp_rule = preg_replace('/msg\s*:\s*".*?"\s*;/', $tmp_message . ';', $tmp_rule, -1, $replace_count['msg']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference.';', $tmp_rule, -1, $replace_count['reference']);
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference . ';', $tmp_rule, -1, $replace_count['reference']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference.';', $tmp_rule, -1, $replace_count['reference']);
$tmp_rule = preg_replace('/reference\s*:\s*.+?;/', $rule_format_reference . ';', $tmp_rule, -1, $replace_count['reference']);
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
// FIXME nids - implement priority overwriting
// some values were not replaced, so we need to add them ourselves, and insert them in the rule
$extra_for_rule="";
$extra_for_rule = "";
if (0 == $replace_count['sid']) {
$extra_for_rule .= 'sid:'.$sid.';';
$extra_for_rule .= 'sid:' . $sid . ';';
} if (0 == $replace_count['rev']) {
$extra_for_rule .= 'rev:1;';
} if (0 == $replace_count['classtype']) {
$extra_for_rule .= 'classtype:'.$this->classtype.';';
$extra_for_rule .= 'classtype:' . $this->classtype . ';';
} if (0 == $replace_count['msg']) {
$extra_for_rule .= $tmp_message.';';
$extra_for_rule .= $tmp_message . ';';
} if (0 == $replace_count['reference']) {
$extra_for_rule .= $rule_format_reference.';';
$extra_for_rule .= $rule_format_reference . ';';
}
$tmp_rule = preg_replace('/;\s*\)/', '; '.$extra_for_rule.')', $tmp_rule);
$tmp_rule = preg_replace('/;\s*\)/', '; ' . $extra_for_rule . ')', $tmp_rule);
// finally the rule is cleaned up and can be outputed
$this->rules[] = $tmp_rule;
}
/**
/**
* Converts a DNS name to a raw format usable in NIDS like Snort.
* example host: foobar.com becomes |00||06|foobar|03|com|00|
* example domain: foobar.com becomes |06|foobar|03|com|00|
@ -397,7 +388,7 @@ class NidsExportComponent extends Component {
* @param string $type the type of dns name - domain (default) or hostname
* @return string raw snort compatible format of the dns name
*/
function dnsNameToRawFormat($name, $type='domain') {
public function dnsNameToRawFormat($name, $type='domain') {
$rawName = "";
if ('hostname' == $type) $rawName = '|00|';
// explode using the dot
@ -408,8 +399,8 @@ class NidsExportComponent extends Component {
$length = strlen($explodedName);
if ($length > 255) exit('ERROR: dns name is to long for RFC'); // LATER log correctly without dying
$hexLength = dechex($length);
if (1 == strlen($hexLength)) $hexLength = '0'.$hexLength;
$rawName .= '|'.$hexLength.'|'.$explodedName;
if (1 == strlen($hexLength)) $hexLength = '0' . $hexLength;
$rawName .= '|' . $hexLength . '|' . $explodedName;
}
// put all together
$rawName .= '|00|';
@ -417,14 +408,14 @@ class NidsExportComponent extends Component {
return $rawName;
}
/**
/**
* Converts a DNS name to a MS DNS log format.
* Practical usage is to use these strings to search in logfiles
* example: foobar.com becomes (6)foobar(3)com(0)
* @param string $name dns name to be converted
* @return string raw snort compatible format of the dns name
*/
function dnsNameToMSDNSLogFormat($name) {
public function dnsNameToMSDNSLogFormat($name) {
$rawName = "";
// in MS DNS log format we can't use (0) to distinguish between hostname and domain (including subdomains)
// explode using the dot
@ -435,7 +426,7 @@ class NidsExportComponent extends Component {
$length = strlen($explodedName);
if ($length > 255) exit('ERROR: dns name is to long for RFC'); // LATER log correctly without dying
$hexLength = dechex($length);
$rawName .= '('.$hexLength.')'.$explodedName;
$rawName .= '(' . $hexLength . ')' . $explodedName;
}
// put all together
$rawName .= '(0)';
@ -445,7 +436,7 @@ class NidsExportComponent extends Component {
public $whitelist = array();
function populateWhitelist() {
public function populateWhitelist() {
$whitelistCheck = array();
$this->Whitelist = ClassRegistry::init('Whitelist');
@ -465,12 +456,12 @@ class NidsExportComponent extends Component {
return $whitelistCheck;
}
function nametoipl($name) {
public function nametoipl($name) {
if (!$ips = gethostbynamel($name)) $ips = array();
return $ips;
}
function checkNames($name) {
public function checkNames($name) {
$ipl = $this->nametoipl($name);
$ipl[] = $name;
$overruled = false;

6
app/Controller/Component/SecureAuthComponent.php
View File

@ -4,8 +4,7 @@ App::uses('AuthComponent', 'Controller/Component');
class SecureAuthComponent extends AuthComponent {
/**
/**
* Log a user in using anti-brute-force protection.
* If a $user is provided that data will be stored as the logged in user. If `$user` is empty or not
* specified, the request will be used to identify a user. If the identification was successful,
@ -15,6 +14,7 @@ class SecureAuthComponent extends AuthComponent {
* @param mixed $user Either an array of user data, or null to identify a user using the current request.
* @return boolean True on login success, false on failure
* @link http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
* @throws ForbiddenException
*/
public function login($user = null) {
$this->_setDefaults();
@ -36,7 +36,7 @@ class SecureAuthComponent extends AuthComponent {
}
} else {
// user - ip combination has reached the amount of maximum attempts in the timeframe
throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait '.Configure::read('SecureAuth.expire').' seconds and try again.');
throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait ' . Configure::read('SecureAuth.expire') . ' seconds and try again.');
}
} else {
// user didn't fill in all the form fields, nothing to do

305
app/Controller/EventsController.php
View File

@ -9,12 +9,11 @@ App::uses('Xml', 'Utility');
*/
class EventsController extends AppController {
/**
/**
* Components
*
* @var array
*/
public $components = array(
'Security',
'Email',
@ -23,6 +22,7 @@ class EventsController extends AppController {
'HidsSha1Export',
'NidsExport'
);
public $paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
@ -31,7 +31,7 @@ class EventsController extends AppController {
)
);
function beforeFilter() {
public function beforeFilter() {
parent::beforeFilter();
// what pages are allowed for non-logged-in users
@ -72,12 +72,12 @@ class EventsController extends AppController {
return true;
}
/**
/**
* index method
*
* @return void
*/
function index() {
public function index() {
// list the events
$this->Event->recursive = 0;
$this->set('events', $this->paginate());
@ -88,11 +88,12 @@ class EventsController extends AppController {
$this->set('event_descriptions', $this->Event->field_descriptions);
}
/**
/**
* view method
*
* @param int $id
* @return void
* @throws NotFoundException
*/
public function view($id = null) {
$this->Event->id = $id;
@ -118,8 +119,7 @@ class EventsController extends AppController {
'recursive' => 0));
if (empty($relatedAttributes2)) {
$relatedEvents = null;
}
else {
} else {
foreach ($relatedAttributes2 as $relatedAttribute2) {
$relatedAttributes[$relatedAttribute2['Correlation']['1_attribute_id']][] = array('Attribute' => $relatedAttribute2['Correlation']);
}
@ -216,7 +216,7 @@ class EventsController extends AppController {
$this->set('category_definitions', $this->Attribute->category_definitions);
}
/**
/**
* add method
*
* @return void
@ -246,7 +246,7 @@ class EventsController extends AppController {
$this->set('event_descriptions', $this->Event->field_descriptions);
}
/**
/**
* Low level functino to add an Event based on an Event $data array
*
* @return bool true if success
@ -274,19 +274,19 @@ class EventsController extends AppController {
if (isset($data['Event']['uuid'])) { // TODO here we should start RESTful dialog
// check if the uuid already exists
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid' => $data['Event']['uuid'])));
if ($existingEventCount > 0) {
$existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
$existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid' => $data['Event']['uuid'])));
$data['Event']['id'] = $existingEvent['Event']['id'];
$data['Event']['org'] = $existingEvent['Event']['org'];
// attributes..
$c = 0;
if (isset($data['Attribute'])) {
foreach ($data['Attribute'] as $attribute){
foreach ($data['Attribute'] as $attribute) {
// ..do some
$existingAttributeCount = $this->Event->Attribute->find('count', array('conditions' => array('Attribute.uuid'=>$attribute['uuid'])));
$existingAttributeCount = $this->Event->Attribute->find('count', array('conditions' => array('Attribute.uuid' => $attribute['uuid'])));
if ($existingAttributeCount > 0) {
$existingAttribute = $this->Event->Attribute->find('first', array('conditions' => array('Attribute.uuid'=>$attribute['uuid'])));
$existingAttribute = $this->Event->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $attribute['uuid'])));
$data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
}
$c++;
@ -315,11 +315,12 @@ class EventsController extends AppController {
}
}
/**
/**
* edit method
*
* @param int $id
* @return void
* @throws NotFoundException
*/
public function edit($id = null) {
$this->Event->id = $id;
@ -363,7 +364,7 @@ class EventsController extends AppController {
}
// say what fields are to be updated
$fieldList=array('date', 'risk', 'info', 'published', 'private');
$fieldList = array('date', 'risk', 'info', 'published', 'private');
// always force the org, but do not force it for admins
if ($this->_isAdmin()) {
// set the same org as existed before
@ -391,12 +392,13 @@ class EventsController extends AppController {
$this->set('event_descriptions', $this->Event->field_descriptions);
}
/**
/**
* delete method
*
* @param int $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function delete($id = null) {
if (!$this->request->is('post') && !$this->_isRest()) {
@ -428,15 +430,14 @@ class EventsController extends AppController {
$this->redirect(array('action' => 'index'));
}
/**
/**
* Uploads this specific event to all remote servers
* TODO move this to a component
*/
function _uploadEventToServers($id) {
private function _uploadEventToServers($id) {
// make sure we have all the data of the Event
$this->Event->id=$id;
$this->Event->recursive=1;
$this->Event->id = $id;
$this->Event->recursive = 1;
$this->Event->read();
// get a list of the servers
@ -456,12 +457,11 @@ class EventsController extends AppController {
}
}
/**
/**
* Delets this specific event to all remote servers
* TODO move this to a component(?)
*/
function _deleteEventFromServers($uuid) {
private function _deleteEventFromServers($uuid) {
// get a list of the servers
$this->loadModel('Server');
$servers = $this->Server->find('all', array());
@ -477,12 +477,12 @@ class EventsController extends AppController {
}
}
/**
/**
* Performs all the actions required to publish an event
*
* @param unknown_type $id
*/
function _publish($id) {
private function _publish($id) {
$this->Event->id = $id;
$this->Event->recursive = 0;
//$this->Event->read();
@ -495,10 +495,12 @@ class EventsController extends AppController {
$this->_uploadEventToServers($id);
}
/**
/**
* Publishes the event without sending an alert email
*
* @throws NotFoundException
*/
function publish($id = null) {
public function publish($id = null) {
$this->Event->id = $id;
if (!$this->Event->exists()) {
throw new NotFoundException(__('Invalid event'));
@ -517,11 +519,13 @@ class EventsController extends AppController {
}
}
/**
/**
* Send out an alert email to all the users that wanted to be notified.
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
*
* @throws NotFoundException
*/
function alert($id = null) {
public function alert($id = null) {
$this->Event->id = $id;
$this->Event->recursive = 0;
if (!$this->Event->exists()) {
@ -560,29 +564,29 @@ class EventsController extends AppController {
// The mail body, h() is NOT needed as we are sending plain-text mails.
$body = "";
$appendlen = 20;
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id']."\n";
$body .= 'Event : '.$event['Event']['id']."\n";
$body .= 'Date : '.$event['Event']['date']."\n";
$body .= 'URL : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
$body .= 'Event : ' . $event['Event']['id'] . "\n";
$body .= 'Date : ' . $event['Event']['date'] . "\n";
if ('true' == Configure::read('CyDefSIG.showorg')) {
$body .= 'Reported by : '.$event['Event']['org']."\n";
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : '.$event['Event']['risk']."\n";
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$relatedEvents = $this->Event->getRelatedEvents($id);
if (!empty($relatedEvents)) {
foreach ($relatedEvents as &$relatedEvent){
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
foreach ($relatedEvents as &$relatedEvent) {
$body .= 'Related to : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ')' . "\n";
}
}
$body .= 'Info : '."\n";
$body .= $event['Event']['info']."\n";
$body .= 'Info : ' . "\n";
$body .= $event['Event']['info'] . "\n";
$body .= "\n";
$body .= 'Attributes :'."\n";
$body .= 'Attributes :' . "\n";
$body_temp_other = "";
if (isset($event['Attribute'])) {
foreach ($event['Attribute'] as &$attribute){
$line = '- '.$attribute['type'].str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])).': '.$attribute['value']."\n";
foreach ($event['Attribute'] as &$attribute) {
$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])) . ': ' . $attribute['value'] . "\n";
if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
$body_temp_other .= $line;
else $body .= $line;
@ -618,7 +622,7 @@ class EventsController extends AppController {
$this->Email->from = Configure::read('CyDefSIG.email');
//$this->Email->to = "CyDefSIG <sig@cyber-defence.be>"; TODO check if it doesn't break things to not set a to , like being spammed away
$this->Email->bcc = $alert_emails;
$this->Email->subject = "[".Configure::read('CyDefSIG.name')."] Event ".$id." - ".$event['Event']['risk']." - TLP Amber";
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
$this->Email->template = 'body';
$this->Email->sendAs = 'text'; // both text or html
$this->set('body', $body_signed);
@ -643,7 +647,7 @@ class EventsController extends AppController {
// send the email
$this->Email->from = Configure::read('CyDefSIG.email');
$this->Email->to = $user['User']['email'];
$this->Email->subject = "[".Configure::read('CyDefSIG.name')."] Event ".$id." - ".$event['Event']['risk']." - TLP Amber";
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
$this->Email->template = 'body';
$this->Email->sendAs = 'text'; // both text or html
@ -677,14 +681,13 @@ class EventsController extends AppController {
// LATER check if sending email succeeded and return appropriate result
return true;
}
/**
/**
* Send out an contact email to the person who posted the event.
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
*
* @throws NotFoundException
*/
public function contact($id = null) {
$this->Event->id = $id;
@ -709,9 +712,7 @@ class EventsController extends AppController {
}
}
/**
/**
*
* Sends out an email to all people within the same org
* with the request to be contacted about a specific event.
@ -729,45 +730,45 @@ class EventsController extends AppController {
// The mail body, h() is NOT needed as we are sending plain-text mails.
$body = "";
$body .="Hello, \n";
$body .="\n";
$body .="Someone wants to get in touch with you concerning a CyDefSIG event. \n";
$body .="\n";
$body .="You can reach him at ".$this->Auth->user('email')."\n";
$body .= "Hello, \n";
$body .= "\n";
$body .= "Someone wants to get in touch with you concerning a CyDefSIG event. \n";
$body .= "\n";
$body .= "You can reach him at " . $this->Auth->user('email') . "\n";
if (!$this->Auth->user('gpgkey'))
$body .="His GPG/PGP key is added as attachment to this email. \n";
$body .="\n";
$body .="He wrote the following message: \n";
$body .=$message."\n";
$body .="\n";
$body .="\n";
$body .="The event is the following: \n";
$body .= "His GPG/PGP key is added as attachment to this email. \n";
$body .= "\n";
$body .= "He wrote the following message: \n";
$body .= $message . "\n";
$body .= "\n";
$body .= "\n";
$body .= "The event is the following: \n";
// print the event in mail-format
// LATER place event-to-email-layout in a function
$appendlen = 20;
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id']."\n";
$body .= 'Event : '.$event['Event']['id']."\n";
$body .= 'Date : '.$event['Event']['date']."\n";
$body .= 'URL : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
$body .= 'Event : ' . $event['Event']['id'] . "\n";
$body .= 'Date : ' . $event['Event']['date'] . "\n";
if ('true' == Configure::read('CyDefSIG.showorg')) {
$body .= 'Reported by : '.$event['Event']['org']."\n";
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : '.$event['Event']['risk']."\n";
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$relatedEvents = $this->Event->getRelatedEvents($id);
if (!empty($relatedEvents)) {
foreach ($relatedEvents as &$relatedEvent){
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
foreach ($relatedEvents as &$relatedEvent) {
$body .= 'Related to : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ')' . "\n";
}
}
$body .= 'Info : '."\n";
$body .= $event['Event']['info']."\n";
$body .= 'Info : ' . "\n";
$body .= $event['Event']['info'] . "\n";
$body .= "\n";
$body .= 'Attributes :'."\n";
$body .= 'Attributes :' . "\n";
$body_temp_other = "";
if (!empty($event['Attribute'])) {
foreach ($event['Attribute'] as &$attribute){
$line = '- '.$attribute['type'].str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])).': '.$attribute['value']."\n";
foreach ($event['Attribute'] as &$attribute) {
$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen( $attribute['type'])) . ': ' . $attribute['value'] . "\n";
if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
$body_temp_other .= $line;
else $body .= $line;
@ -782,7 +783,6 @@ class EventsController extends AppController {
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
$body_signed = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
// Add the GPG key of the user as attachment
// LATER sign the attached GPG key
if (!empty($me_user['gpgkey'])) {
@ -820,7 +820,7 @@ class EventsController extends AppController {
// prepare the email
$this->Email->from = Configure::read('CyDefSIG.email');
$this->Email->to = $reporter['User']['email'];
$this->Email->subject = "[".Configure::read('CyDefSIG.name'). "] Need info about event ".$id." - TLP Amber";
$this->Email->subject = "[" . Configure::read('CyDefSIG.name') . "] Need info about event " . $id . " - TLP Amber";
//$this->Email->delivery = 'debug'; // do not really send out mails, only display it on the screen
$this->Email->template = 'body';
$this->Email->sendAs = 'text'; // both text or html
@ -848,17 +848,14 @@ class EventsController extends AppController {
return $result;
}
public function export() {
// Simply display a static view
// generate the list of Attribute types
$this->loadModel('Attribute');
$this->set('sig_types', array_keys($this->Attribute->type_definitions));
}
public function xml($key, $eventid=null) {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
@ -894,13 +891,12 @@ class EventsController extends AppController {
$this->set('results', $results);
}
public function nids($key) {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
// no input sanitization necessary, it's done by model
// do not fetch recursive
$this->User->recursive=0;
$this->User->recursive = 0;
$user = $this->User->findByAuthkey($key);
if (empty($user)) {
throw new UnauthorizedException('Incorrect authentication key');
@ -924,20 +920,18 @@ class EventsController extends AppController {
print "#<pre> \n";
foreach ($rules as &$rule)
print $rule."\n";
print $rule . "\n";
print "#</pre>\n";
$this->set('rules', $rules);
}
public function hids_md5($key) {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
// no input sanitization necessary, it's done by model
// do not fetch recursive
$this->User->recursive=0;
$this->User->recursive = 0;
$user = $this->User->findByAuthkey($key);
if (empty($user)) {
throw new UnauthorizedException('Incorrect authentication key');
@ -962,7 +956,7 @@ class EventsController extends AppController {
print "#<pre> \n";
foreach ($rules as &$rule)
print $rule."\n";
print $rule . "\n";
print "#</pre>\n";
$this->set('rules', $rules);
@ -970,16 +964,14 @@ class EventsController extends AppController {
print "Not any MD5 found to export\n";
}
$this->render('hids');
}
public function hids_sha1($key) {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
// no input sanitization necessary, it's done by model
// do not fetch recursive
$this->User->recursive=0;
$this->User->recursive = 0;
$user = $this->User->findByAuthkey($key);
if (empty($user)) {
throw new UnauthorizedException('Incorrect authentication key');
@ -1003,8 +995,9 @@ class EventsController extends AppController {
print ("#<h1>This part is not finished and might be buggy. Please report any issues.</h1>\n");
print "#<pre> \n";
foreach ($rules as &$rule)
print $rule."\n";
foreach ($rules as &$rule) {
print $rule . "\n";
}
print "#</pre>\n";
$this->set('rules', $rules);
@ -1012,10 +1005,8 @@ class EventsController extends AppController {
print "Not any SHA-1 found to export\n";
}
$this->render('hids');
}
public function text($key, $type="") {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
@ -1026,7 +1017,7 @@ class EventsController extends AppController {
}
$this->response->type('txt'); // set the content type
$this->header('Content-Disposition: inline; filename="cydefsig.'.$type.'.txt"');
$this->header('Content-Disposition: inline; filename="cydefsig.' . $type . '.txt"');
$this->layout = 'text/default';
$this->loadModel('Attribute');
@ -1042,69 +1033,65 @@ class EventsController extends AppController {
$this->set('attributes', $attributes);
}
//public function dot($key) {
// // check if the key is valid -> search for users based on key
// $this->loadModel('User');
// // no input sanitization necessary, it's done by model
// $this->User->recursive=0;
// $user = $this->User->findByAuthkey($key);
// if (empty($user)) {
// throw new UnauthorizedException('Incorrect authentication key');
// }
// // display the full snort rulebase
// $this->response->type('txt'); // set the content type
// $this->header('Content-Disposition: inline; filename="cydefsig.rules"');
// $this->layout = 'text/default';
// public function dot($key) {
// // check if the key is valid -> search for users based on key
// $this->loadModel('User');
// // no input sanitization necessary, it's done by model
// $this->User->recursive=0;
// $user = $this->User->findByAuthkey($key);
// if (empty($user)) {
// throw new UnauthorizedException('Incorrect authentication key');
// }
// // display the full snort rulebase
// $this->response->type('txt'); // set the content type
// $this->header('Content-Disposition: inline; filename="cydefsig.rules"');
// $this->layout = 'text/default';
// $rules= array();
// $this->loadModel('Attribute');
// $params = array(
// 'recursive' => 0,
// 'fields' => array('Attribute.*')
// );
// $items = $this->Attribute->find('all', $params);
// $composite_types = $this->Attribute->getCompositeTypes();
// // rebuild the array with the correct data
// foreach ($items as &$item) {
// if (in_array($item['Attribute']['type'], $composite_types)) {
// // create a new item that will contain value2
// $new_item = $item;
// // set the correct type for the first item
// $pieces = explode('|', $item['Attribute']['type']);
// $item['Attribute']['type'] = $pieces[0];
// // set the correct data for the new item
// $new_item['Attribute']['type'] = (isset($pieces[1]))? $pieces[1] : 'md5';
// $new_item['Attribute']['value'] = $item['Attribute']['value2'];
// unset($new_item['Attribute']['value1']);
// unset($new_item['Attribute']['value2']);
// // store the new item
// $items[] = $new_item;
// }
// // set the correct fields for the attribute
// if (isset($item['Attribute']['value1'])) {
// $item['Attribute']['value'] = $item['Attribute']['value1'];
// }
// unset($item['Attribute']['value1']);
// unset($item['Attribute']['value2']);
// }
// debug($items);
// // iterate over the array to build the GV links
// require_once 'Image/GraphViz.php';
// $gv = new Image_GraphViz();
// $gv->addEdge(array('wake up' => 'visit bathroom'));
// $gv->addEdge(array('visit bathroom' => 'make coffee'));
// foreach ($items as &$item) {
// $gv->addNode('Node 1',
// array(''));
// }
// debug($gv);
// $gv->image();
// }
// $rules= array();
// $this->loadModel('Attribute');
// $params = array(
// 'recursive' => 0,
// 'fields' => array('Attribute.*')
// );
// $items = $this->Attribute->find('all', $params);
// $composite_types = $this->Attribute->getCompositeTypes();
// // rebuild the array with the correct data
// foreach ($items as &$item) {
// if (in_array($item['Attribute']['type'], $composite_types)) {
// // create a new item that will contain value2
// $new_item = $item;
// // set the correct type for the first item
// $pieces = explode('|', $item['Attribute']['type']);
// $item['Attribute']['type'] = $pieces[0];
// // set the correct data for the new item
// $new_item['Attribute']['type'] = (isset($pieces[1]))? $pieces[1] : 'md5';
// $new_item['Attribute']['value'] = $item['Attribute']['value2'];
// unset($new_item['Attribute']['value1']);
// unset($new_item['Attribute']['value2']);
// // store the new item
// $items[] = $new_item;
// }
// // set the correct fields for the attribute
// if (isset($item['Attribute']['value1'])) {
// $item['Attribute']['value'] = $item['Attribute']['value1'];
// }
// unset($item['Attribute']['value1']);
// unset($item['Attribute']['value2']);
// }
// debug($items);
// // iterate over the array to build the GV links
// require_once 'Image/GraphViz.php';
// $gv = new Image_GraphViz();
// $gv->addEdge(array('wake up' => 'visit bathroom'));
// $gv->addEdge(array('visit bathroom' => 'make coffee'));
// foreach ($items as &$item) {
// $gv->addNode('Node 1',
// array(''));
// }
// debug($gv);
// $gv->image();
//}
}

28
app/Controller/ServersController.php
View File

@ -10,6 +10,7 @@ App::uses('Xml', 'Utility');
class ServersController extends AppController {
public $components = array('Security' ,'RequestHandler');
public $paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
@ -20,7 +21,7 @@ class ServersController extends AppController {
public $uses = array('Server', 'Event');
function beforeFilter() {
public function beforeFilter() {
parent::beforeFilter();
// Disable this feature if the sync configuration option is not active
@ -88,6 +89,7 @@ class ServersController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function edit($id = null) {
$this->Server->id = $id;
@ -98,7 +100,7 @@ class ServersController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) {
// say what fields are to be updated
$fieldList=array('url', 'push', 'pull', 'organization');
$fieldList = array('url', 'push', 'pull', 'organization');
if ("" != $this->request->data['Server']['authkey'])
$fieldList[] = 'authkey';
// Save the data
@ -120,6 +122,8 @@ class ServersController extends AppController {
*
* @param string $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function delete($id = null) {
if (!$this->request->is('post')) {
@ -137,7 +141,6 @@ class ServersController extends AppController {
$this->redirect(array('action' => 'index'));
}
public function pull($id = null, $full=false) {
// TODO should we de-activate data validation for type and category / and or mapping? Maybe other instances have other configurations that are incompatible.
@ -157,7 +160,7 @@ class ServersController extends AppController {
$this->redirect(array('action' => 'index'));
}
if ("full"==$full) {
if ("full" == $full) {
// get a list of the event_ids on the server
$event_ids = $this->Event->getEventIdsFromServer($this->Server->data);
@ -174,10 +177,10 @@ class ServersController extends AppController {
if (null != $event) {
// we have an Event array
$event['Event']['private'] = true;
$event['Event']['info'] .= "\n Imported from ".$this->Server->data['Server']['url'];
$event['Event']['info'] .= "\n Imported from " . $this->Server->data['Server']['url'];
$eventsController = new EventsController();
try {
$result = $eventsController->_add($event, $this->Auth, $fromXml=true, $this->Server->data['Server']['organization']);
$result = $eventsController->_add($event, $this->Auth, $fromXml = true, $this->Server->data['Server']['organization']);
} catch (MethodNotAllowedException $e) {
if ($e->getMessage() == 'Event already exists') {
//$successes[] = $event_id; // commented given it's in a catch..
@ -193,7 +196,7 @@ class ServersController extends AppController {
}
}
if (sizeof($fails) > 0) {
if (count($fails) > 0) {
// there are fails, take the lowest fail
$lastpulledid = min(array_keys($fails));
} else {
@ -205,7 +208,6 @@ class ServersController extends AppController {
}
} else {
// TODO incremental pull
// lastpulledid
@ -218,7 +220,6 @@ class ServersController extends AppController {
$this->set('fails', $fails);
}
public function push($id = null, $full=false) {
if (!$this->request->is('post')) {
throw new MethodNotAllowedException();
@ -236,21 +237,21 @@ class ServersController extends AppController {
$this->redirect(array('action' => 'index'));
}
if ("full"==$full) $lastpushedid = 0;
if ("full" == $full) $lastpushedid = 0;
else $lastpushedid = $this->Server->data['Server']['lastpushedid'];
$find_params = array(
'conditions' => array(
'Event.id >' => $lastpushedid,
'Event.private' => 0,
'Event.published' =>1
'Event.published' => 1
), //array of conditions
'recursive' => 1, //int
'fields' => array('Event.*'), //array of field names
);
$events = $this->Event->find('all', $find_params);
// FIXME now all events are uploaded, even if they exist on the remote server. No merging is done
// FIXME now all events are uploaded, even if they exist on the remote server. No merging is done
$successes = array();
$fails = array();
@ -272,7 +273,7 @@ class ServersController extends AppController {
$fails[$event['Event']['id']] = $result;
}
}
if (sizeof($fails) > 0) {
if (count($fails) > 0) {
// there are fails, take the lowest fail
$lastpushedid = min(array_keys($fails));
} else {
@ -287,5 +288,4 @@ class ServersController extends AppController {
$this->set('fails', $fails);
}
}

62
app/Controller/UsersController.php
View File

@ -10,6 +10,7 @@ class UsersController extends AppController {
public $newkey;
public $components = array('Security');
public $paginate = array(
'limit' => 60,
'order' => array(
@ -17,7 +18,7 @@ class UsersController extends AppController {
)
);
function beforeFilter() {
public function beforeFilter() {
parent::beforeFilter();
// what pages are allowed for non-logged-in users
@ -42,12 +43,12 @@ class UsersController extends AppController {
return true;
}
/**
* view method
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function view($id = null) {
if ("me" == $id) $id = $this->Auth->user('id');
@ -59,12 +60,12 @@ class UsersController extends AppController {
$this->set('user', $this->User->read(null, $id));
}
/**
* edit method
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function edit($id = null) {
if ("me" == $id) $id = $this->Auth->user('id');
@ -75,7 +76,7 @@ class UsersController extends AppController {
// Only own profile verified by isAuthorized
if ($this->request->is('post') || $this->request->is('put')) {
// What fields should be saved (allowed to be saved)
$fieldList=array('email', 'autoalert', 'gpgkey', 'nids_sid' );
$fieldList = array('email', 'autoalert', 'gpgkey', 'nids_sid' );
if ("" != $this->request->data['User']['password'])
$fieldList[] = 'password';
// Save the data
@ -87,12 +88,12 @@ class UsersController extends AppController {
$this->Session->setFlash(__('The profile could not be updated. Please, try again.'));
}
} else {
$this->User->recursive=0;
$this->User->recursive = 0;
$this->User->read(null, $id);
$this->User->set('password', '');
$this->request->data = $this->User->data;
}
$this->request->data['User']['org']=$this->Auth->user('org');
$this->request->data['User']['org'] = $this->Auth->user('org');
}
/**
@ -100,6 +101,8 @@ class UsersController extends AppController {
*
* @param string $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function delete($id = null) {
if ("me" == $id) $id = $this->Auth->user('id');
@ -110,11 +113,11 @@ class UsersController extends AppController {
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
// Replaced by isAuthorized
// // Only own profile
// if ($this->Auth->user('id') != $id) {
// throw new ForbiddenException('You are not authorized to delete this profile.');
// }
//Replaced by isAuthorized
//// Only own profile
//if ($this->Auth->user('id') != $id) {
// throw new ForbiddenException('You are not authorized to delete this profile.');
//}
if ($this->User->delete()) {
$this->Session->setFlash(__('User deleted'));
$this->redirect(array('action' => 'index'));
@ -137,6 +140,7 @@ class UsersController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function admin_view($id = null) {
$this->User->id = $id;
@ -174,6 +178,7 @@ class UsersController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function admin_edit($id = null) {
$this->User->id = $id;
@ -195,7 +200,7 @@ class UsersController extends AppController {
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
}
} else {
$this->User->recursive=0;
$this->User->recursive = 0;
$this->User->read(null, $id);
$this->User->set('password', '');
$this->request->data = $this->User->data;
@ -208,6 +213,8 @@ class UsersController extends AppController {
*
* @param string $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function admin_delete($id = null) {
if (!$this->request->is('post')) {
@ -225,13 +232,12 @@ class UsersController extends AppController {
$this->redirect(array('action' => 'index'));
}
public function login() {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {
// don't display authError before first login attempt
if (str_replace("//","/",$this->webroot.$this->Session->read('Auth.redirect')) == $this->webroot && $this->Session->read('Message.auth.message') == $this->Auth->authError) {
if (str_replace("//","/",$this->webroot . $this->Session->read('Auth.redirect')) == $this->webroot && $this->Session->read('Message.auth.message') == $this->Auth->authError) {
$this->Session->delete('Message.auth');
}
// don't display "invalid user" before first login attempt
@ -262,19 +268,18 @@ class UsersController extends AppController {
$this->redirect($this->Auth->logout());
}
public function resetauthkey($id = null) {
if (!$id) {
$this->Session->setFlash(__('Invalid id for user', true), 'default', array(), 'error');
$this->redirect(array('action'=>'index'));
$this->redirect(array('action' => 'index'));
}
if ('me' == $id ) $id = $this->Auth->user('id');
// Replaced by isAuthorized
// // only allow reset key for own account, except for admins
// if (!$this->_isAdmin() && $id != $this->Auth->user('id')) {
// throw new ForbiddenException('Not authorized to reset the key for this user');
// }
//Replaced by isAuthorized
//// only allow reset key for own account, except for admins
//if (!$this->_isAdmin() && $id != $this->Auth->user('id')) {
// throw new ForbiddenException('Not authorized to reset the key for this user');
//}
// reset the key
$this->User->id = $id;
@ -317,24 +322,24 @@ class UsersController extends AppController {
$graph_fields = '';
foreach ($sig_types as &$sig_type) {
if ($graph_fields != "") $graph_fields .= ", ";
$graph_fields .= "'".$sig_type."'";
$graph_fields .= "'" . $sig_type . "'";
}
$this->set('graph_fields', $graph_fields);
$replace = array('-', '|');
$graph_data=array();
$graph_data = array();
$prev_row_org = "";
$i = -1;
foreach ($types_histogram as &$row) {
if ($prev_row_org != $row['Event']['org']) {
$i++; $graph_data[] = "";
$i++;
$graph_data[] = "";
$prev_row_org = $row['Event']['org'];
$graph_data[$i] .= "org: '".$row['Event']['org']."'";
$graph_data[$i] .= "org: '" . $row['Event']['org'] . "'";
}
$graph_data[$i] .= ', '.str_replace($replace, "_", $row['Attribute']['type']).': '.$row[0]['num_types'];
$graph_data[$i] .= ', ' . str_replace($replace, "_", $row['Attribute']['type']) . ': ' . $row[0]['num_types'];
}
$this->set('graph_data', $graph_data);
}
public function terms() {
@ -355,7 +360,4 @@ class UsersController extends AppController {
$this->_refreshAuth(); // refresh auth info
}
}

5
app/Controller/WhitelistsController.php
View File

@ -7,7 +7,6 @@ App::uses('AppController', 'Controller');
*/
class WhitelistsController extends AppController {
/**
* index method
*
@ -23,6 +22,7 @@ class WhitelistsController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function admin_view($id = null) {
$this->Whitelist->id = $id;
@ -54,6 +54,7 @@ class WhitelistsController extends AppController {
*
* @param string $id
* @return void
* @throws NotFoundException
*/
public function admin_edit($id = null) {
$this->Whitelist->id = $id;
@ -77,6 +78,8 @@ class WhitelistsController extends AppController {
*
* @param string $id
* @return void
* @throws MethodNotAllowedException
* @throws NotFoundException
*/
public function admin_delete($id = null) {
if (!$this->request->is('post')) {

187
app/Model/Attribute.php
View File

@ -9,6 +9,7 @@ App::uses('File', 'Utility');
* @property Event $Event
*/
class Attribute extends AppModel {
/**
* Display field
*
@ -27,17 +28,14 @@ IF (Attribute.category="Persistence mechanism", "f",
IF (Attribute.category="Network activity", "g",
IF (Attribute.category="Payload type", "h",
IF (Attribute.category="Attribution", "i",
IF (Attribute.category="External analysis", "j", "k"))))))))))'
); // TODO hardcoded
IF (Attribute.category="External analysis", "j", "k"))))))))))'); // TODO hardcoded
/**
* Description field
* explanations of certain fields to be used in various views
*
* @var array
*/
// explanations of certain fields to be used in various views
public $field_descriptions = array(
'signature' => array('desc' => 'Is this attribute eligible to automatically create an IDS signature (network IDS or host IDS) out of it ?'),
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
@ -144,8 +142,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
)
);
var $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
public $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
/**
* Validation rules
@ -276,11 +273,18 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
)
);
function beforeSave() {
/**
* beforeSave
*
* @throws InternalErrorException
* @return bool always true
*/
public function beforeSave() {
// increment the revision number
if (empty($this->data['Attribute']['revision'])) $this->data['Attribute']['revision'] = 0;
$this->data['Attribute']['revision'] = 1 + $this->data['Attribute']['revision'] ;
if (empty($this->data['Attribute']['revision'])) {
$this->data['Attribute']['revision'] = 0;
}
$this->data['Attribute']['revision'] = 1 + $this->data['Attribute']['revision'];
// explode value of composite type in value1 and value2
// or copy value to value1 if not composite type
@ -289,7 +293,9 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
// explode composite types in value1 and value2
$pieces = explode('|', $this->data['Attribute']['value']);
if (in_array($this->data['Attribute']['type'], $composite_types)) {
if (2 != sizeof($pieces)) throw new InternalErrorException('Composite type, but value not explodable');
if (2 != count($pieces)) {
throw new InternalErrorException('Composite type, but value not explodable');
}
$this->data['Attribute']['value1'] = $pieces[0];
$this->data['Attribute']['value2'] = $pieces[1];
} else {
@ -303,7 +309,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
return true;
}
function afterSave() {
public function afterSave() {
if ('db' == Configure::read('CyDefSIG.correlation')) {
// update correlation..
$this->_afterSaveCorrelation($this->data['Attribute']);
@ -317,15 +323,15 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
return $result;
}
function beforeDelete() {
public function beforeDelete() {
// delete attachments from the disk
$this->read(); // first read the attribute from the db
if($this->typeIsAttachment($this->data['Attribute']['type'])) {
if ($this->typeIsAttachment($this->data['Attribute']['type'])) {
// FIXME secure this filesystem access/delete by not allowing to change directories or go outside of the directory container.
// only delete the file if it exists
$filepath = APP."files".DS.$this->data['Attribute']['event_id'].DS.$this->data['Attribute']['id'];
$filepath = APP . "files" . DS . $this->data['Attribute']['event_id'] . DS . $this->data['Attribute']['id'];
$file = new File ($filepath);
if($file->exists()) {
if ($file->exists()) {
if (!$file->delete()) {
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
}
@ -338,7 +344,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
}
}
function beforeValidate() {
public function beforeValidate() {
// remove leading and trailing blanks
$this->data['Attribute']['value'] = trim($this->data['Attribute']['value']);
@ -357,19 +363,20 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
case 'filename|md5':
case 'filename|sha1':
$pieces = explode('|', $this->data['Attribute']['value']);
$this->data['Attribute']['value'] = $pieces[0].'|'.strtolower($pieces[1]);
$this->data['Attribute']['value'] = $pieces[0] . '|' . strtolower($pieces[1]);
break;
}
// generate UUID if it doesn't exist
if (empty($this->data['Attribute']['uuid']))
$this->data['Attribute']['uuid']= String::uuid();
if (empty($this->data['Attribute']['uuid'])) {
$this->data['Attribute']['uuid'] = String::uuid();
}
// always return true, otherwise the object cannot be saved
return true;
}
function valueIsUnique ($fields) {
public function valueIsUnique ($fields) {
$value = $fields['value'];
$event_id = $this->data['Attribute']['event_id'];
$type = $this->data['Attribute']['type'];
@ -382,56 +389,64 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
'Attribute.category' => $category,
'Attribute.value' => $value
);
if (isset($this->data['Attribute']['id']))
if (isset($this->data['Attribute']['id'])) {
$conditions['Attribute.id !='] = $this->data['Attribute']['id'];
}
$params = array('recursive' => 0,
'conditions' => $conditions,
);
if (0 != $this->find('count', $params) )
if (0 != $this->find('count', $params)) {
return false;
}
// Say everything is fine
return true;
}
function validateTypeValue($fields) {
public function validateTypeValue($fields) {
$category = $this->data['Attribute']['category'];
if (isset($this->category_definitions[$category]['types']))
if (isset($this->category_definitions[$category]['types'])) {
return in_array($fields['type'], $this->category_definitions[$category]['types']);
}
return false;
}
function validateAttributeValue ($fields) {
public function validateAttributeValue ($fields) {
$value = $fields['value'];
// check data validation
switch($this->data['Attribute']['type']) {
case 'md5':
if (preg_match("#^[0-9a-f]{32}$#", $value))
if (preg_match("#^[0-9a-f]{32}$#", $value)) {
return true;
}
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
break;
case 'sha1':
if (preg_match("#^[0-9a-f]{40}$#", $value))
if (preg_match("#^[0-9a-f]{40}$#", $value)) {
return true;
}
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
break;
case 'filename':
// no newline
if (preg_match("#\n#", $value))
if (preg_match("#\n#", $value)) {
return true;
}
break;
case 'filename|md5':
// no newline
if (preg_match("#^.+\|[0-9a-f]{32}$#", $value))
if (preg_match("#^.+\|[0-9a-f]{32}$#", $value)) {
return true;
}
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
break;
case 'filename|sha1':
// no newline
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value))
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value)) {
return true;
}
return 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
break;
case 'ip-src':
@ -442,12 +457,15 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
// ipv4 and ipv6 matching
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
// ip is validated, now check if we have a valid network mask
if (empty($parts[1]))
if (empty($parts[1])) {
return true;
else if(is_numeric($parts[1]) && $parts[1] < 129)
} else {
if (is_numeric($parts[1]) && $parts[1] < 129) {
return true;
}
}
}
}
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
break;
case 'ip-dst':
@ -458,61 +476,73 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
// ipv4 and ipv6 matching
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
// ip is validated, now check if we have a valid network mask
if (empty($parts[1]))
if (empty($parts[1])) {
return true;
else if(is_numeric($parts[1]) && $parts[1] < 129)
} else {
if (is_numeric($parts[1]) && $parts[1] < 129) {
return true;
}
}
}
}
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
break;
case 'hostname':
case 'domain':
if(preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
if (preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
return true;
}
return 'Domain name has invalid format. Please double check the value or select "other" for a type.';
break;
case 'email-src':
// we don't use the native function to prevent issues with partial email addresses
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
return true;
}
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
break;
case 'email-dst':
// we don't use the native function to prevent issues with partial email addresses
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
return true;
}
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
break;
case 'email-subject':
// no newline
if (!preg_match("#\n#", $value))
if (!preg_match("#\n#", $value)) {
return true;
}
break;
case 'email-attachment':
// no newline
if (!preg_match("#\n#", $value))
if (!preg_match("#\n#", $value)) {
return true;
}
break;
case 'url':
// no newline
if (!preg_match("#\n#", $value))
if (!preg_match("#\n#", $value)) {
return true;
}
break;
case 'user-agent':
// no newline
if (!preg_match("#\n#", $value))
if (!preg_match("#\n#", $value)) {
return true;
}
break;
case 'regkey':
// no newline
if (!preg_match("#\n#", $value))
if (!preg_match("#\n#", $value)) {
return true;
}
break;
case 'regkey|value':
// no newline
if (!preg_match("#.+\|.+#", $value))
if (!preg_match("#.+\|.+#", $value)) {
return true;
}
break;
case 'snort':
// no validation yet. TODO implement data validation on snort attribute type
@ -523,17 +553,18 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
// default action is to return false
return true;
}
function getCompositeTypes() {
public function getCompositeTypes() {
// build the list of composite Attribute.type dynamically by checking if type contains a |
// default composite types
$composite_types = array('malware-sample'); // TODO hardcoded composite
// dynamically generated list
foreach (array_keys($this->type_definitions) as $type) {
$pieces = explode('|', $type);
if (2 == sizeof($pieces)) $composite_types[] = $type;
if (2 == count($pieces)) {
$composite_types[] = $type;
}
}
return $composite_types;
}
@ -544,7 +575,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
return $this->data['Event']['org'] === $org;
}
function getRelatedAttributes($attribute, $fields=array()) {
public function getRelatedAttributes($attribute, $fields=array()) {
// LATER getRelatedAttributes($attribute) this might become a performance bottleneck
// exclude these specific categories to be linked
@ -562,10 +593,11 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
// prepare the conditions
$conditions = array(
'Attribute.event_id !=' => $attribute['event_id'],
// 'Attribute.type' => $attribute['type'], // do not filter on type
//'Attribute.type' => $attribute['type'], // do not filter on type
);
if (empty($attribute['value1'])) // prevent issues with empty fields
if (empty($attribute['value1'])) { // prevent issues with empty fields
return null;
}
if (empty($attribute['value2'])) {
// no value2, only search for value 1
@ -594,31 +626,39 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
return $similar_events;
}
function typeIsMalware($type) {
if (in_array($type, $this->zipped_definitions)) return true;
else return false;
public function typeIsMalware($type) {
if (in_array($type, $this->zipped_definitions)) {
return true;
} else {
return false;
}
}
function typeIsAttachment($type) {
if ((in_array($type, $this->zipped_definitions)) || (in_array($type, $this->upload_definitions))) return true;
else return false;
public function typeIsAttachment($type) {
if ((in_array($type, $this->zipped_definitions)) || (in_array($type, $this->upload_definitions))) {
return true;
} else {
return false;
}
}
function base64EncodeAttachment($attribute) {
$filepath = APP."files".DS.$attribute['event_id'].DS.$attribute['id'];
public function base64EncodeAttachment($attribute) {
$filepath = APP . "files" . DS . $attribute['event_id'] . DS . $attribute['id'];
$file = new File($filepath);
if (!$file->exists()) return '';
if (!$file->exists()) {
return '';
}
$content = $file->read();
return base64_encode($content);
}
function saveBase64EncodedAttachment($attribute) {
$root_dir = APP.DS."files".DS.$attribute['event_id'];
public function saveBase64EncodedAttachment($attribute) {
$root_dir = APP . DS . "files" . DS . $attribute['event_id'];
$dir = new Folder($root_dir, true); // create directory structure
$destpath = $root_dir.DS.$attribute['id'];
$destpath = $root_dir . DS . $attribute['id'];
$file = new File ($destpath, true); // create the file
$decoded_data = base64_decode($attribute['data']); // decode
if ($file->write($decoded_data)){ // save the data
if ($file->write($decoded_data)) { // save the data
return true;
} else {
// error
@ -626,13 +666,13 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
}
}
function _afterSaveCorrelation($attribute) {
public function _afterSaveCorrelation($attribute) {
$this->_beforeDeleteCorrelation($attribute);
// re-add
$this->setRelatedAttributes($attribute, array('Attribute.id', 'Attribute.event_id', 'Event.date'));
}
function _beforeDeleteCorrelation($attribute) {
public function _beforeDeleteCorrelation($attribute) {
$this->Correlation = ClassRegistry::init('Correlation');
$dummy = $this->Correlation->deleteAll(array('OR' => array(
'Correlation.1_attribute_id' => $attribute,
@ -640,12 +680,12 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
);
}
/**
/**
* return an array containing 'double-values'
*
* @return array()
*/
function doubleAttributes() {
public function doubleAttributes() {
$doubleAttributes = array();
$similar_value1 = $this->find('all',array('conditions' => array(),
@ -676,7 +716,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
return $double;
}
function setRelatedAttributes($attribute, $fields=array()) {
public function setRelatedAttributes($attribute, $fields=array()) {
$this->Event = ClassRegistry::init('Event');
$relatedAttributes = $this->getRelatedAttributes($attribute, $fields);
if ($relatedAttributes) {
@ -700,16 +740,17 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
}
}
/**
/**
* Deletes the attribute from another Server
* TODO move this to a component
*
* @return bool true if success, error message if failed
*/
function deleteAttributeFromServer($attribute, $server, $HttpSocket=null) {
public function deleteAttributeFromServer($attribute, $server, $HttpSocket=null) {
// TODO private and delete
if (true ==$attribute['Attribute']['private']) // never upload private attributes
if (true == $attribute['Attribute']['private']) { // never upload private attributes
return "Attribute is private and non exportable";
}
$url = $server['Server']['url'];
$authkey = $server['Server']['authkey'];
@ -725,7 +766,7 @@ IF (Attribute.category="External analysis", "j", "k"))))))))))'
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
)
);
$uri = $url.'/attributes/0?uuid='.$attribute['Attribute']['uuid'];
$uri = $url . '/attributes/0?uuid=' . $attribute['Attribute']['uuid'];
// LATER validate HTTPS SSL certificate
$this->Dns = ClassRegistry::init('Dns');

15
app/Model/Bruteforce.php
View File

@ -8,8 +8,7 @@ App::uses('Sanitize', 'Utility');
*/
class Bruteforce extends AppModel {
function insert($ip, $username) {
public function insert($ip, $username) {
$expire = Configure::read('SecureAuth.expire');
// sanitize fields
$ip = Sanitize::clean($ip);
@ -17,21 +16,17 @@ class Bruteforce extends AppModel {
$this->query("INSERT INTO `bruteforces` (`ip` , `username` , `expire` ) VALUES ('$ip', '$username', TIMESTAMPADD(SECOND,$expire, NOW()));");
}
function clean() {
public function clean() {
$this->query("DELETE FROM `bruteforces` WHERE `expire`<=NOW();");
}
function isBlacklisted($ip,$username) {
public function isBlacklisted($ip,$username) {
// first remove old expired rows
$this->clean();
// count
$params = array(
'conditions' => array(
$params = array('conditions' => array(
'Bruteforce.ip' => $ip,
'Bruteforce.username' => $username
),
);
'Bruteforce.username' => $username),);
$count = $this->find('count', $params);
if ($count >= Configure::read('SecureAuth.amount')) return true;
else return false;

11
app/Model/Dns.php
View File

@ -6,7 +6,8 @@ App::uses('AppModel', 'Model');
* Domain Name System related
*/
class Dns extends AppModel {
var $useTable = false;
public $useTable = false;
/*
* Checks for a valid internet name
@ -16,16 +17,16 @@ class Dns extends AppModel {
* @param unknown_type $nametotest The Domain Host Name to check for existence.
* @return boolean
*/
function testipaddress ($nametotest) {
if(intval($nametotest)>0){
public function testipaddress ($nametotest) {
if (intval($nametotest) > 0) {
return true;
} else {
$ipaddress = $nametotest;
$ipaddress = gethostbyname($nametotest);
if ($ipaddress == $nametotest) {
return false;
}
else {
} else {
return true;
}
}

108
app/Model/Event.php
View File

@ -7,18 +7,19 @@ App::uses('AppModel', 'Model');
* @property Attribute $Attribute
*/
class Event extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'id';
/**
* Description field
*
* @var array
*/
public $field_descriptions = array(
'risk' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels:<br/>low: mass-malware<br/>medium: APT malware<br/>high: sophisticated APT malware or 0-day attack'),
'private' => array('desc' => 'This field tells if the event should be shared with other CyDefSIG servers'),
@ -109,14 +110,14 @@ class Event extends AppModel {
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
// 'classification' => array(
// 'rule' => array('inList', array('TLP:AMBER', 'TLP:GREEN:NeedToKnow', 'TLP:GREEN')),
// //'message' => 'Your custom message here',
// //'allowEmpty' => false,
// 'required' => true,
// //'last' => false, // Stop validation after this rule
// //'on' => 'create', // Limit validation to 'create' or 'update' operations
// ),
//'classification' => array(
// 'rule' => array('inList', array('TLP:AMBER', 'TLP:GREEN:NeedToKnow', 'TLP:GREEN')),
// //'message' => 'Your custom message here',
// //'allowEmpty' => false,
// 'required' => true,
// //'last' => false, // Stop validation after this rule
// //'on' => 'create', // Limit validation to 'create' or 'update' operations
//),
);
//The Associations below have been created with all possible keys, those that are not needed can be removed
@ -127,13 +128,13 @@ class Event extends AppModel {
* @var array
*/
public $belongsTo = array(
// 'Org' => array(
// 'className' => 'Org',
// 'foreignKey' => 'org',
// 'conditions' => '',
// 'fields' => '',
// 'order' => ''
// )
//'Org' => array(
// 'className' => 'Org',
// 'foreignKey' => 'org',
// 'conditions' => '',
// 'fields' => '',
// 'order' => ''
//)
'User' => array(
'className' => 'User',
'foreignKey' => 'user_id',
@ -164,37 +165,39 @@ class Event extends AppModel {
)
);
function beforeValidate() {
public function beforeValidate() {
// generate UUID if it doesn't exist
if (empty($this->data['Event']['uuid']))
$this->data['Event']['uuid']= String::uuid();
if (empty($this->data['Event']['uuid'])) {
$this->data['Event']['uuid'] = String::uuid();
}
}
public function isOwnedByOrg($eventid, $org) {
return $this->field('id', array('id' => $eventid, 'org' => $org)) === $eventid;
}
function getRelatedEvents() {
public function getRelatedEvents() {
// FIXME rewrite this to use the getRelatedAttributes function from the Attributes Model.
// only this way the code will be consistent
// first get a list of related event_ids
// then do a single query to search for all the events with that id
$relatedEventIds = Array();
foreach ($this->data['Attribute'] as &$attribute ) {
if ($attribute['type'] == 'other')
foreach ($this->data['Attribute'] as &$attribute) {
if ($attribute['type'] == 'other') {
continue; // sigs of type 'other' should not be matched against the others
}
$conditions = array('Attribute.value =' => $attribute['value'], 'Attribute.type =' => $attribute['type']);
$similar_attributes = $this->Attribute->find('all',array('conditions' => $conditions));
foreach ($similar_attributes as &$similar_attribute) {
if ($this->id == $similar_attribute['Attribute']['event_id'])
if ($this->id == $similar_attribute['Attribute']['event_id']) {
continue; // same as this event, not needed in the list
}
$relatedEventIds[] = $similar_attribute['Attribute']['event_id'];
}
}
$conditions = array("Event.id" => $relatedEventIds);
$relatedEvents= $this->find('all',
$relatedEvents = $this->find('all',
array('conditions' => $conditions,
'recursive' => 0,
'order' => 'Event.date DESC',
@ -204,8 +207,7 @@ class Event extends AppModel {
return $relatedEvents;
}
/**
/**
* Clean up an Event Array that was received by an XML request.
* The structure needs to be changed a little bit to be compatible with what CakePHP expects
*
@ -214,7 +216,7 @@ class Event extends AppModel {
*
* @param &$data The reference to the variable
*/
function cleanupEventArrayFromXML(&$data) {
public function cleanupEventArrayFromXML(&$data) {
// Workaround for different structure in XML/array than what CakePHP expects
if (is_array($data['Event']['Attribute'])) {
if (is_numeric(implode(array_keys($data['Event']['Attribute']), ''))) {
@ -227,20 +229,19 @@ class Event extends AppModel {
}
unset($data['Event']['Attribute']);
return $data;
}
/**
/**
* Uploads the event and the associated Attributes to another Server
* TODO move this to a component
*
* @return bool true if success, error message if failed
*/
function uploadEventToServer($event, $server, $HttpSocket=null) {
if (true ==$event['Event']['private']) // never upload private events
public function uploadEventToServer($event, $server, $HttpSocket=null) {
if (true == $event['Event']['private']) { // never upload private events
return "Event is private and non exportable";
}
$url = $server['Server']['url'];
$authkey = $server['Server']['authkey'];
@ -256,7 +257,7 @@ class Event extends AppModel {
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
)
);
$uri = $url.'/events';
$uri = $url . '/events';
// LATER try to do this using a separate EventsController and renderAs() function
$xmlArray = array();
@ -267,7 +268,7 @@ class Event extends AppModel {
// cleanup the array from things we do not want to expose
//unset($event['Event']['org']);
// remove value1 and value2 from the output
foreach($event['Event']['Attribute'] as $key => &$attribute) {
foreach ($event['Event']['Attribute'] as $key => &$attribute) {
// do not keep attributes that are private
if ($attribute['private']) {
unset($event['Event']['Attribute'][$key]);
@ -298,8 +299,7 @@ class Event extends AppModel {
if ($response->code == '200') { // 200 (OK) + entity-action-result
if ($response->isOk()) {
return true;
}
else {
} else {
try {
// parse the XML response and keep the reason why it failed
$xml_array = Xml::toArray(Xml::build($response->body));
@ -316,13 +316,13 @@ class Event extends AppModel {
}
}
/**
/**
* Deletes the event and the associated Attributes from another Server
* TODO move this to a component
*
* @return bool true if success, error message if failed
*/
function deleteEventFromServer($uuid, $server, $HttpSocket=null) {
public function deleteEventFromServer($uuid, $server, $HttpSocket=null) {
// TODO private and delete(?)
$url = $server['Server']['url'];
@ -339,7 +339,7 @@ class Event extends AppModel {
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
)
);
$uri = $url.'/events/0?uuid='.$uuid;
$uri = $url . '/events/0?uuid=' . $uuid;
// LATER validate HTTPS SSL certificate
$this->Dns = ClassRegistry::init('Dns');
@ -351,12 +351,12 @@ class Event extends AppModel {
}
}
/**
/**
* Download a specific event from a Server
* TODO move this to a component
* @return array|NULL
*/
function downloadEventFromServer($event_id, $server, $HttpSocket=null) {
public function downloadEventFromServer($event_id, $server, $HttpSocket=null) {
$url = $server['Server']['url'];
$authkey = $server['Server']['authkey'];
if (null == $HttpSocket) {
@ -371,25 +371,24 @@ class Event extends AppModel {
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
)
);
$uri = $url.'/events/'.$event_id;
$uri = $url . '/events/' . $event_id;
// LATER validate HTTPS SSL certificate
$response = $HttpSocket->get($uri, $data='', $request);
$response = $HttpSocket->get($uri, $data = '', $request);
if ($response->isOk()) {
$xml_array = Xml::toArray(Xml::build($response->body));
return $xml_array['response'];
}
else {
} else {
// TODO parse the XML response and keep the reason why it failed
return null;
}
}
/**
/**
* Get an array of event_ids that are present on the remote server
* TODO move this to a component
* @return array of event_ids
*/
function getEventIdsFromServer($server, $HttpSocket=null) {
public function getEventIdsFromServer($server, $HttpSocket=null) {
$url = $server['Server']['url'];
$authkey = $server['Server']['authkey'];
@ -405,17 +404,19 @@ class Event extends AppModel {
//'Connection' => 'keep-alive' // LATER followup cakephp ticket 2854 about this problem http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2854
)
);
$uri = $url.'/events/index/sort:id/direction:desc/limit:999'; // LATER verify if events are missing because we only selected the last 999
$uri = $url . '/events/index/sort:id/direction:desc/limit:999'; // LATER verify if events are missing because we only selected the last 999
$this->Dns = ClassRegistry::init('Dns');
if ($this->Dns->testipaddress(parse_url($uri, PHP_URL_HOST))) {
$response = $HttpSocket->get($uri, $data='', $request);
$response = $HttpSocket->get($uri, $data = '', $request);
if ($response->isOk()) {
$xml = Xml::build($response->body);
$eventArray = Xml::toArray($xml);
$event_ids=array();
$event_ids = array();
foreach ($eventArray['response']['Event'] as &$event) {
if (1 != $event['published']) continue; // do not keep non-published events
if (1 != $event['published']) {
continue; // do not keep non-published events
}
$event_ids[] = $event['id'];
}
return $event_ids;
@ -425,7 +426,4 @@ class Event extends AppModel {
return null;
}
}

6
app/Model/Server.php
View File

@ -5,12 +5,14 @@ App::uses('AppModel', 'Model');
*
*/
class Server extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'url';
/**
* Validation rules
*
@ -25,7 +27,7 @@ class Server extends AppModel {
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
)
),
'authkey' => array(
'notempty' => array(
@ -89,9 +91,7 @@ class Server extends AppModel {
),
);
public function isOwnedByOrg($serverid, $org) {
return $this->field('id', array('id' => $serverid, 'org' => $org)) === $serverid;
}
}

34
app/Model/User.php
View File

@ -9,12 +9,14 @@ App::uses('AuthComponent', 'Controller/Component');
* @property Event $Event
*/
class User extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'email';
/**
* Validation rules
*
@ -188,17 +190,17 @@ class User extends AppModel {
return true;
}
/**
/**
* Checks if the GPG key is a valid key
* But also import it in the keychain.
*/
function validateGpgkey($check) {
public function validateGpgkey($check) {
// LATER first remove the old gpgkey from the keychain
// empty value
if (empty($check['gpgkey']))
if (empty($check['gpgkey'])) {
return true;
}
// key is entered
require_once 'Crypt/GPG.php';
@ -214,8 +216,7 @@ class User extends AppModel {
}
}
function complexPassword($check) {
public function complexPassword($check) {
/*
6 characters minimum
1 or more upper-case letters
@ -228,28 +229,27 @@ class User extends AppModel {
return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value);
}
function identicalFieldValues( $field=array(), $compare_field=null )
{
foreach( $field as $key => $value ){
public function identicalFieldValues($field=array(), $compare_field=null) {
foreach ($field as $key => $value) {
$v1 = $value;
$v2 = $this->data[$this->name][ $compare_field ];
if($v1 !== $v2) {
return FALSE;
$v2 = $this->data[$this->name][$compare_field];
if ($v1 !== $v2) {
return false;
} else {
continue;
}
}
return TRUE;
return true;
}
/**
/**
* Generates an authentication key for each user
*/
function generateAuthKey() {
public function generateAuthKey() {
//$key = sha1(mt_rand(30, 30).time());
$length = 40;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$char_len = strlen($characters)-1;
$char_len = strlen($characters) - 1;
$key = '';
for ($p = 0; $p < $length; $p++) {
$key .= $characters[rand(0, $char_len)];
@ -258,6 +258,4 @@ class User extends AppModel {
return $key;
}
}

8
app/Model/Whitelist.php
View File

@ -5,18 +5,21 @@ App::uses('AppModel', 'Model');
*
*/
class Whitelist extends AppModel {
/**
* Use table
*
* @var mixed False or table name
*/
public $useTable = 'whitelist';
/**
* Display field
*
* @var string
*/
public $displayField = 'name';
/**
* Validation rules
*
@ -51,7 +54,7 @@ class Whitelist extends AppModel {
),
);
function validateValue ($fields) {
public function validateValue ($fields) {
$value = $fields['name'];
// check data validation
@ -74,10 +77,9 @@ class Whitelist extends AppModel {
}
}
return false;
}
function valueIsUnique ($fields) {
public function valueIsUnique ($fields) {
$value = $fields['name'];
$whitelist = $this->find('all', array('recursive' => 0,'fields' => 'name'));

48
app/View/Attributes/add.ctp
View File

@ -3,40 +3,40 @@
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Add Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv')),
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv')),
echo $this->Form->input('type', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('private', array(
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
));
}
echo $this->Form->input('to_ids', array(
}
echo $this->Form->input('to_ids', array(
'checked' => true,
'before' => $this->Html->div('forminfo', isset($attr_descriptions['signature']['formdesc']) ? $attr_descriptions['signature']['formdesc'] : $attr_descriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
echo $this->Form->input('value', array(
));
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
echo $this->Form->input('batch_import', array(
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
));
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
?>
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
@ -52,12 +52,12 @@
var category_type_mapping = new Array();
<?php
foreach ($category_definitions as $category => $def) {
echo "category_type_mapping['".addslashes($category)."'] = {";
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false ;
if ($first) $first = false;
else echo ', ';
echo "'".addslashes($type)."' : '".addslashes($type)."'";
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
@ -83,11 +83,11 @@ var formInfoValues = new Array();
<?php
foreach ($type_definitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['".addslashes($type)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($category_definitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['".addslashes($category)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
@ -110,4 +110,4 @@ $('#AttributeType').prop('disabled', true);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

40
app/View/Attributes/add_attachment.ctp
View File

@ -2,25 +2,25 @@
<?php echo $this->Form->create('Attribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("AttributeMalware").removeAttribute("disabled");'));?>
<fieldset>
<legend><?php echo __('Add Attachment'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
echo $this->Form->file('value', array(
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
echo $this->Form->file('value', array(
'error' => array('escape' => false),
));
echo $this->Form->input('malware', array(
));
echo $this->Form->input('malware', array(
'type' => 'checkbox',
'checked' => false,
'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
));
if ('true' == Configure::read('CyDefSIG.sync')) {
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('private', array(
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),));
}
// link an onchange event to the form elements
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
?>
}
// link an onchange event to the form elements
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
?>
</fieldset>
<?php echo $this->Form->end(__('Upload'));?>
</div>
@ -33,15 +33,15 @@
<script type="text/javascript">
var formInfoValues = new Array();
<?php
foreach ($category_definitions as $category => $def) {
foreach ($category_definitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['$category'] = \"$info\";\n";
}
}
?>
var formZipTypeValues = new Array();
<?php
foreach ($category_definitions as $category => $def) {
foreach ($category_definitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
@ -53,12 +53,12 @@ var formZipTypeValues = new Array();
if (!$alreadySet) {
echo "formZipTypeValues['$category'] = \"false\";\n";
}
}
}
?>
var formAttTypeValues = new Array();
<?php
foreach ($category_definitions as $category => $def) {
foreach ($category_definitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
@ -70,7 +70,7 @@ var formAttTypeValues = new Array();
if (!$alreadySet) {
echo "formAttTypeValues['$category'] = \"false\";\n";
}
}
}
?>
function showFormType(id) {
@ -126,4 +126,4 @@ $(function(){
);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

60
app/View/Attributes/edit.ctp
View File

@ -2,37 +2,37 @@
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
if($attachment) {
echo $this->Form->hidden('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
echo "<BR>Type: ".$this->Form->value('Attribute.type');
} else {
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
}
if ('true' == Configure::read('CyDefSIG.sync')) {
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
if ($attachment) {
echo $this->Form->hidden('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
echo "<BR>Type: " . $this->Form->value('Attribute.type');
} else {
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
}
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('private', array(
'before' => $this->Html->div('forminfo', isset($attr_descriptions['private']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
));
}
echo $this->Form->input('to_ids', array(
}
echo $this->Form->input('to_ids', array(
'before' => $this->Html->div('forminfo', isset($attr_descriptions['signature']['formdesc']) ? $attr_descriptions['private']['formdesc'] : $attr_descriptions['private']['desc']),
'label' => 'IDS Signature?'
));
if($attachment) {
));
if ($attachment) {
echo $this->Form->hidden('value');
echo "<BR>Value: ".$this->Form->value('Attribute.value');
} else {
echo "<BR>Value: " . $this->Form->value('Attribute.value');
} else {
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
}
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
}
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
?>
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
@ -51,14 +51,14 @@
var category_type_mapping = new Array();
<?php
foreach ($category_definitions as $category => $def) {
echo "category_type_mapping['".addslashes($category)."'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false ;
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'".addslashes($type)."' : '".addslashes($type)."'";
}
echo "}; \n";
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
@ -82,11 +82,11 @@ var formInfoValues = new Array();
<?php
foreach ($type_definitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['".addslashes($type)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($category_definitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['".addslashes($category)."'] = \"".addslashes($info)."\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
@ -111,4 +111,4 @@ formCategoryChanged("#AttributeCategory");
$('#AttributeType').val(type_value);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

63
app/View/Attributes/event.ctp
View File

@ -68,16 +68,16 @@
<div class="related">
<h3>Related Events</h3>
<ul>
<?php foreach ($relatedEvents as $relatedEvent): ?>
<li><?php
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
$link_text = $relatedEvent['date'].' ('.$relatedEvent['id'].')';
<?php foreach ($relatedEvents as $relatedEvent): ?>
<li><?php
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
$link_text = $relatedEvent['date'] . ' (' . $relatedEvent['id'] . ')';
echo $this->Html->link($link_text, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['id']));
} else {
$link_text = $relatedEvent['Event']['date'].' ('.$relatedEvent['Event']['id'].')';
} else {
$link_text = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
echo $this->Html->link($link_text, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['Event']['id']));
}
?></li>
}
?></li>
<?php endforeach; ?>
</ul>
</div>
@ -104,41 +104,42 @@
foreach ($categories as $category):
$first = 1;
foreach ($attributes as $attribute):
if($attribute['Attribute']['category'] != $category) continue;
if ($attribute['Attribute']['category'] != $category) continue;
?>
<tr>
<td class="short" title="<?php if('' != $attribute['Attribute']['category']) echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>"><?php
if ($first) {
<td class="short" title="<?php if ('' != $attribute['Attribute']['category']) echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>"><?php
if ($first) {
if ('' == $attribute['Attribute']['category']) echo '(no category)';
echo $attribute['Attribute']['category'];
} else {
} else {
echo '&nbsp;';
}
?></td>
<td class="short" title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>"><?php echo $attribute['Attribute']['type'];?></td>
}
?></td>
<td class="short" title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>">
<?php echo $attribute['Attribute']['type'];?></td>
<td><?php
$sig_display = nl2br(h($attribute['Attribute']['value']));
if('attachment' == $attribute['Attribute']['type'] ||
$sig_display = nl2br(h($attribute['Attribute']['value']));
if ('attachment' == $attribute['Attribute']['type'] ||
'malware-sample' == $attribute['Attribute']['type'] ) {
$filename_hash = explode('|', h($attribute['Attribute']['value']));
echo $this->Html->link($filename_hash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
$filename_hash = explode('|', h($attribute['Attribute']['value']));
echo $filename_hash[0];
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
echo $this->Html->link($sig_display, 'http://www.google.com/search?q='.$sig_display, array('target'=> '_blank'));
} elseif ('link' == $attribute['Attribute']['type']) {
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
echo $this->Html->link($sig_display, 'http://www.google.com/search?q=' . $sig_display, array('target' => '_blank'));
} elseif ('link' == $attribute['Attribute']['type']) {
echo $this->Html->link($sig_display, $sig_display);
} else {
} else {
echo $sig_display;
}
?></td>
}
?></td>
<td class="short" style="text-align: center;">
<?php
$first = 0;
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
<?php
$first = 0;
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
foreach ($relatedAttributes[$attribute['Attribute']['id']] as $relatedAttribute) {
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
echo $this->Html->link($relatedAttribute['Correlation']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Correlation']['event_id']));
@ -147,8 +148,8 @@
}
echo ' ';
}
}
?>&nbsp;
}
?>&nbsp;
</td>
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No';?></td>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>

37
app/View/Attributes/index.ctp
View File

@ -6,7 +6,8 @@
<th><?php echo $this->Paginator->sort('category');?></th>
<th><?php echo $this->Paginator->sort('type');?></th>
<th><?php echo $this->Paginator->sort('value');?></th>
<th<?php echo ' title="' . $attr_descriptions['signature']['desc'] . '"';?>><?php echo $this->Paginator->sort('signature');?></th>
<th<?php echo ' title="' . $attr_descriptions['signature']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('signature');?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
<?php
@ -15,32 +16,32 @@
<td class="short">
<?php echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id'])); ?>
</td>
<td title="<?php echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
<td title="<?php echo $category_definitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['category']); ?>&nbsp;</td>
<td title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
<td title="<?php echo $type_definitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['type']); ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
<?php
$sig_display = nl2br(h($attribute['Attribute']['value']));
if('attachment' == $attribute['Attribute']['type'] ||
'malware-sample' == $attribute['Attribute']['type']) {
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php
$sig_display = nl2br(h($attribute['Attribute']['value']));
if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
echo $this->Html->link($sig_display, array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
} elseif ('link' == $attribute['Attribute']['type']) {
} elseif ('link' == $attribute['Attribute']['type']) {
echo $this->Html->link($sig_display, $sig_display);
} else {
} else {
echo $sig_display;
}
?>&nbsp;</td>
<td class="short" style="text-align: center;" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true) ;?>';">
}
?>&nbsp;</td>
<td class="short" style="text-align: center;" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="actions"><?php
if ($isAdmin || $attribute['Event']['org'] == $me['org']) {
if ($isAdmin || $attribute['Event']['org'] == $me['org']) {
echo $this->Html->link(__('Edit'), array('action' => 'edit', $attribute['Attribute']['id']));
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $attribute['Attribute']['id']), null, __('Are you sure you want to delete this attribute?'));
}
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']));
?>
}
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']));
?>
</td>
</tr>
<?php endforeach; ?>

18
app/View/Attributes/search.ctp
View File

@ -4,8 +4,8 @@
<legend><?php echo __('Search Attribute'); ?></legend>
<?php
echo $this->Form->input('keyword');
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeTypeDiv'))));
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id'=> 'AttributeCategoryDiv'))));
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
?>
</fieldset>
<?php echo $this->Form->end(__('Search', true));?>
@ -19,17 +19,17 @@
var formInfoValues = new Array();
<?php
foreach ($type_definitions as $type => $def) {
foreach ($type_definitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['$type'] = \"$info\";\n";
}
}
foreach ($category_definitions as $category => $def) {
foreach ($category_definitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['$category'] = \"$info\";\n";
}
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
}
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
?>
formInfoValues['ALL'] = '';
@ -51,4 +51,4 @@ $('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

2
app/View/Elements/actions_menu.ctp
View File

@ -25,4 +25,4 @@
<li>&nbsp;</li>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<?php endif; ?>
<?php endif;

2
app/View/Emails/text/new_event.ctp
View File

@ -14,4 +14,4 @@ Attributes :
Extra info :
<?php echo h($event['Event']['info']); ?>
<?php //endforeach; ?>
<?php //endforeach;

14
app/View/Events/add.ctp
View File

@ -2,17 +2,17 @@
<?php echo $this->Form->create('Event');?>
<fieldset>
<legend><?php echo __('Add Event'); ?></legend>
<?php
echo $this->Form->input('date');
if ('true' == Configure::read('CyDefSIG.sync')) {
<?php
echo $this->Form->input('date');
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('private', array(
'before' => $this->Html->div('forminfo', isset($event_descriptions['private']['formdesc']) ? $event_descriptions['private']['formdesc'] : $event_descriptions['private']['desc']),));
}
echo $this->Form->input('risk', array(
}
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', isset($event_descriptions['risk']['formdesc']) ? $event_descriptions['risk']['formdesc'] : $event_descriptions['risk']['desc'])));
echo $this->Form->input('info');
echo $this->Form->input('info');
?>
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
</div>

4
app/View/Events/contact.ctp
View File

@ -1,12 +1,12 @@
<div class="events form">
<?php echo $this->Form->create('Event');?>
<fieldset>
<legend><?php echo 'Contact reporter of event '.$this->Form->value('Event.id'); ?></legend>
<legend><?php echo 'Contact reporter of event ' . $this->Form->value('Event.id'); ?></legend>
<p>You are about to contact the person who reported event <?php echo $this->Form->value('Event.id'); ?>.<br/>
Feel free to add a custom message that will be sent to the reporter. <br/>
Your email address and details about the event will be added automagically to the message.</p>
<?php
echo $this->Form->input('message', array('type'=> 'textarea'));
echo $this->Form->input('message', array('type' => 'textarea'));
?>
<?php echo $this->Form->end(__('Submit', true));?>
</fieldset>

16
app/View/Events/edit.ctp
View File

@ -2,17 +2,17 @@
<?php echo $this->Form->create('Event');?>
<fieldset>
<legend><?php echo __('Edit Event'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('date');
echo $this->Form->input('risk', array(
<?php
echo $this->Form->input('id');
echo $this->Form->input('date');
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', isset($event_descriptions['risk']['formdesc']) ? $event_descriptions['risk']['formdesc'] : $event_descriptions['risk']['desc'])));
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('private', array(
'before' => $this->Html->div('forminfo', isset($event_descriptions['private']['formdesc']) ? $event_descriptions['private']['formdesc'] : $event_descriptions['private']['desc']),));
}
echo $this->Form->input('info');
?>
}
echo $this->Form->input('info');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
</div>

2
app/View/Events/export.ctp
View File

@ -36,7 +36,7 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
<p>You can configure your tools to automatically download the following files:</p>
<pre>
<?php foreach ($sig_types as $sig_type):?>
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type."\n";?>
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type . "\n";?>
<?php endforeach;?>
</pre>
<p></p>

33
app/View/Events/index.ctp
View File

@ -10,10 +10,12 @@
<th><?php echo $this->Paginator->sort('user_id', 'Email');?></th>
<?php endif; ?>
<th><?php echo $this->Paginator->sort('date');?></th>
<th<?php echo ' title="' . $event_descriptions['risk']['desc'] . '"';?>><?php echo $this->Paginator->sort('risk');?></th>
<th<?php echo ' title="' . $event_descriptions['risk']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('risk');?></th>
<th><?php echo $this->Paginator->sort('info');?></th>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<th<?php echo ' title="' . $event_descriptions['private']['desc'] . '"';?>><?php echo $this->Paginator->sort('private');?></th>
<th<?php echo ' title="' . $event_descriptions['private']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('private');?></th>
<?php endif; ?>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
@ -22,9 +24,9 @@
?>
<tr>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php
echo $this->Html->image('orgs/'.h($event['Event']['org']).'.png', array('alt' => h($event['Event']['org']),'width'=>'50','hight'=>'50'));
echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '50','hight' => '50'));
?>
&nbsp;</td>
<?php endif; ?>
@ -33,17 +35,17 @@
&nbsp;</td>
<?php if ('true' == Configure::read('CyDefSIG.showowner') || $isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo h($event['User']['email']); ?>&nbsp;</td>
<?php endif; ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['date']; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['risk']; ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;</td>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo ($event['Event']['private'])? 'Private' : ''; ?>&nbsp;</td>
<?php endif; ?>
<td class="actions">
@ -52,12 +54,12 @@
echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?');
elseif (0 == $event['Event']['published']) echo 'Not published';
?>
<?php
if ($isAdmin || $event['Event']['org'] == $me['org']) {
<?php
if ($isAdmin || $event['Event']['org'] == $me['org']) {
echo $this->Html->link(__('Edit', true), array('action' => 'edit', $event['Event']['id']));
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id']));
}
?>
}
?>
<?php echo $this->Html->link(__('View', true), array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
</td>
</tr>
@ -71,9 +73,8 @@
?> </p>
<div class="paging">
<?php echo $this->Paginator->prev('<< ' . __('previous', true), array(), null, array('class'=>'disabled'));?>
| <?php echo $this->Paginator->numbers();?>
|
<?php echo $this->Paginator->prev('<< ' . __('previous', true), array(), null, array('class' => 'disabled'));?>
<?php echo $this->Paginator->numbers();?>
<?php echo $this->Paginator->next(__('next', true) . ' >>', array(), null, array('class' => 'disabled'));?>
</div>
</div>

1
app/View/Events/text.ctp
View File

@ -3,4 +3,3 @@ foreach ($attributes as $attribute) {
echo $attribute['Attribute']['value'];
echo "\n";
}
?>

51
app/View/Events/view.ctp
View File

@ -16,7 +16,7 @@
</div>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<?php echo $this->Html->image('orgs/'.h($event['Event']['org']).'.png', array('alt' => h($event['Event']['org']),'width'=>'50','hight'=>'50', 'style' => 'float:right;')); ?>
<?php echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '50','hight' => '50', 'style' => 'float:right;')); ?>
<?php endif; ?>
<h2>Event</h2>
<dl>
@ -73,7 +73,7 @@
<ul>
<?php foreach ($relatedEvents as $relatedEvent): ?>
<li><?php
$link_text = $relatedEvent['Event']['date'].' ('.$relatedEvent['Event']['id'].')';
$link_text = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
echo $this->Html->link($link_text, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']));
?></li>
<?php endforeach; ?>
@ -102,47 +102,48 @@
foreach ($categories as $category):
$first = 1;
foreach ($event['Attribute'] as $attribute):
if($attribute['category'] != $category) continue;
if ($attribute['category'] != $category) continue;
?>
<tr>
<td class="short" title="<?php if('' != $attribute['category']) echo $category_definitions[$attribute['category']]['desc'];?>"><?php
if ($first) {
<td class="short" title="<?php if ('' != $attribute['category']) echo $category_definitions[$attribute['category']]['desc'];?>">
<?php if ($first) {
if ('' == $attribute['category']) echo '(no category)';
echo $attribute['category'];
} else {
} else {
echo '&nbsp;';
}
?></td>
<td class="short" title="<?php echo $type_definitions[$attribute['type']]['desc'];?>"><?php echo $attribute['type'];?></td>
}
?></td>
<td class="short" title="<?php echo $type_definitions[$attribute['type']]['desc'];?>">
<?php echo $attribute['type'];?></td>
<td><?php
$sig_display = nl2br(h($attribute['value']));
if('attachment' == $attribute['type'] ||
$sig_display = nl2br(h($attribute['value']));
if ('attachment' == $attribute['type'] ||
'malware-sample' == $attribute['type'] ) {
$filename_hash = explode('|', h($attribute['value']));
echo $this->Html->link($filename_hash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
} elseif (strpos($attribute['type'], '|') !== false) {
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
} elseif (strpos($attribute['type'], '|') !== false) {
$filename_hash = explode('|', h($attribute['value']));
echo $filename_hash[0];
if (isset($filename_hash[1])) echo ' | '.$filename_hash[1];
} elseif ('vulnerability' == $attribute['type']) {
echo $this->Html->link($sig_display, 'http://www.google.com/search?q='.$sig_display, array('target'=> '_blank'));
} elseif ('link' == $attribute['type']) {
if (isset($filename_hash[1])) echo ' | ' . $filename_hash[1];
} elseif ('vulnerability' == $attribute['type']) {
echo $this->Html->link($sig_display, 'http://www.google.com/search?q=' . $sig_display, array('target' => '_blank'));
} elseif ('link' == $attribute['type']) {
echo $this->Html->link($sig_display, $sig_display);
} else {
} else {
echo $sig_display;
}
?></td>
}
?></td>
<td class="short" style="text-align: center;">
<?php
$first = 0;
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
<?php
$first = 0;
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
echo $this->Html->link($relatedAttribute['Attribute']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Attribute']['event_id']));
echo ' ';
}
}
?>&nbsp;
}
?>&nbsp;
</td>
<td class="short" style="text-align: center;"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>

4
app/View/Events/xml/view.ctp
View File

@ -6,7 +6,7 @@ unset($event['Attribute']);
// cleanup the array from things we do not want to expose
// remove value1 and value2 from the output
foreach($event['Event']['Attribute'] as $key => $value) {
foreach ($event['Event']['Attribute'] as $key => $value) {
unset($event['Event']['Attribute'][$key]['value1']);
unset($event['Event']['Attribute'][$key]['value2']);
}
@ -14,7 +14,7 @@ foreach($event['Event']['Attribute'] as $key => $value) {
// hide the private fields is we are not in sync mode
if ('true' != Configure::read('CyDefSIG.sync')) {
unset($event['Event']['private']);
foreach($event['Event']['Attribute'] as $key => $value) {
foreach ($event['Event']['Attribute'] as $key => $value) {
unset($event['Event']['Attribute'][$key]['private']);
}
}

6
app/View/Pages/documentation.ctp
View File

@ -163,21 +163,21 @@ $attr = new Attribute();
<table>
<tr>
<th>Category</th>
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
<th style="width:5%; text-align:center; white-space:normal"><?php echo $cat; ?></th>
<?php endforeach;?>
</tr>
<?php foreach ($attr->type_definitions as $type => $def): ?>
<tr>
<td><?php echo $type; ?></td>
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
<td style="text-align:center"><?php echo in_array($type, $cat_def['types'])? 'X' : ''; ?></td>
<?php endforeach;?>
<?php endforeach;?>
</tr>
<tr>
<th>Category</th>
<?php foreach ($attr->category_definitions as $cat => $cat_def ): ?>
<?php foreach ($attr->category_definitions as $cat => $cat_def): ?>
<th style="width:5%; text-align:center; white-space:normal"><?php echo $cat; ?></th>
<?php endforeach;?>
</tr>

8
app/View/Servers/pull.ctp
View File

@ -1,18 +1,18 @@
<div class="servers index">
<h2>Failed pulls</h2>
<?php if (0==sizeof($fails)):?>
<?php if (0 == count($fails)):?>
<p>No failed pulls</p>
<?php else:?>
<ul>
<?php foreach ($fails as $key => $value) echo '<li>'.$key.' : '.h($value).'</li>'; ?>
<?php foreach ($fails as $key => $value) echo '<li>' . $key . ' : ' . h($value) . '</li>'; ?>
</ul>
<?php endif;?>
<h2>Succeeded pulls</h2>
<?php if (0==sizeof($successes)):?>
<?php if (0 == count($successes)):?>
<p>No succeeded pulls</p>
<?php else:?>
<ul>
<?php foreach ($successes as $success) echo '<li>'.$success.'</li>'; ?>
<?php foreach ($successes as $success) echo '<li>' . $success . '</li>'; ?>
</ul>
<?php endif;?>
</div>

8
app/View/Servers/push.ctp
View File

@ -1,18 +1,18 @@
<div class="servers index">
<h2>Failed pushes</h2>
<?php if (0==sizeof($fails)):?>
<?php if (0 == count($fails)):?>
<p>No failed pushes</p>
<?php else:?>
<ul>
<?php foreach ($fails as $key => $value) echo '<li>'.$key.' : '.h($value).'</li>'; ?>
<?php foreach ($fails as $key => $value) echo '<li>' . $key . ' : ' . h($value) . '</li>'; ?>
</ul>
<?php endif;?>
<h2>Succeeded pushes</h2>
<?php if (0==sizeof($successes)):?>
<?php if (0 == count($successes)):?>
<p>No succeeded pushes</p>
<?php else:?>
<ul>
<?php foreach ($successes as $success) echo '<li>'.$success.'</li>'; ?>
<?php foreach ($successes as $success) echo '<li>' . $success . '</li>'; ?>
</ul>
<?php endif;?>
</div>

16
app/View/Users/admin_index.ctp
View File

@ -15,21 +15,21 @@
<?php
foreach ($users as $user): ?>
<tr>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['id']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['org']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['email']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['autoalert']? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['gpgkey']? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['nids_sid']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['termsaccepted']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true) ;?>';">
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['newsread']); ?>&nbsp;</td>
<td class="actions">
<?php echo $this->Html->link(__('View'), array('admin' => true, 'action' => 'view', $user['User']['id'])); ?>

1
app/View/Users/login.ctp
View File

@ -8,4 +8,3 @@ echo $this->Form->inputs(array(
));
echo $this->Form->end('Login');
?>

8
app/View/Users/memberslist.ctp
View File

@ -28,10 +28,10 @@
var store = Ext.create('Ext.data.JsonStore', {
fields: [<?php echo $graph_fields;?>],
data: [<?php
foreach ($graph_data as $row) {
echo '{'.$row.'},';
}
?>]
foreach ($graph_data as $row) {
echo '{' . $row . '},';
}
?>]
});
var panel1 = Ext.create('widget.panel', {
width: 800,

2
app/View/Users/terms.ctp
View File

@ -39,7 +39,7 @@ holder or other party has been advised of the possibility of such damages.</li>
<?php
if (!$termsaccepted) {
echo $this->Form->create('User');
echo $this->Form->hidden('termsaccepted', array('default'=> '1'));
echo $this->Form->hidden('termsaccepted', array('default' => '1'));
echo $this->Form->end(__('Accept Terms', true));
}
?>