MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' into 2.4

pull/7483/head v2.4.144
iglocska 2021-06-07 17:26:35 +02:00
parent c4de737aa7 943f7e6a0e
commit a61caa3a6a
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
60 changed files with 8426 additions and 239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Pipfile
View File

@ -10,7 +10,8 @@ mixbox = "*"
cybox = "*"
stix = "*"
maec = "*"
pymisp = {git = "https://github.com/MISP/PyMISP.git", ref = "a68bd80ab9dceaee9674bd9a2b0bffc4f387fcdc", extras=["fileobjects"]}
pymisp = {path = "./PyMISP", extras=["fileobjects"]}
stix2 = {git = "https://github.com/MISP/cti-python-stix2", ref = "61e9fc0748691f6b768acf47c18ef01b5dc0a854"}
pydeep = {git = "https://github.com/kbandla/pydeep.git"}
python-dateutil = "*"
urllib3 = ">=1.26.5"

244
Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "c927ad078b97ebe317e66dbdddb57f5288db85a0d954dfa88f3d724ae9f954db"
"sha256": "2ed2877b6c9e8cfec7a9956bb7b739928eca2eea89d839d7717b854cf268d289"
},
"pipfile-spec": 6,
"requires": {},
@ -33,9 +33,62 @@
"hashes": [
"sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee",
"sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8"
],
"version": "==2021.5.30"
},
"cffi": {
"hashes": [
"sha256:005a36f41773e148deac64b08f233873a4d0c18b053d37da83f6af4d9087b813",
"sha256:04c468b622ed31d408fea2346bec5bbffba2cc44226302a0de1ade9f5ea3d373",
"sha256:06d7cd1abac2ffd92e65c0609661866709b4b2d82dd15f611e602b9b188b0b69",
"sha256:06db6321b7a68b2bd6df96d08a5adadc1fa0e8f419226e25b2a5fbf6ccc7350f",
"sha256:0857f0ae312d855239a55c81ef453ee8fd24136eaba8e87a2eceba644c0d4c06",
"sha256:0f861a89e0043afec2a51fd177a567005847973be86f709bbb044d7f42fc4e05",
"sha256:1071534bbbf8cbb31b498d5d9db0f274f2f7a865adca4ae429e147ba40f73dea",
"sha256:158d0d15119b4b7ff6b926536763dc0714313aa59e320ddf787502c70c4d4bee",
"sha256:1bf1ac1984eaa7675ca8d5745a8cb87ef7abecb5592178406e55858d411eadc0",
"sha256:1f436816fc868b098b0d63b8920de7d208c90a67212546d02f84fe78a9c26396",
"sha256:24a570cd11895b60829e941f2613a4f79df1a27344cbbb82164ef2e0116f09c7",
"sha256:24ec4ff2c5c0c8f9c6b87d5bb53555bf267e1e6f70e52e5a9740d32861d36b6f",
"sha256:2894f2df484ff56d717bead0a5c2abb6b9d2bf26d6960c4604d5c48bbc30ee73",
"sha256:29314480e958fd8aab22e4a58b355b629c59bf5f2ac2492b61e3dc06d8c7a315",
"sha256:293e7ea41280cb28c6fcaaa0b1aa1f533b8ce060b9e701d78511e1e6c4a1de76",
"sha256:34eff4b97f3d982fb93e2831e6750127d1355a923ebaeeb565407b3d2f8d41a1",
"sha256:35f27e6eb43380fa080dccf676dece30bef72e4a67617ffda586641cd4508d49",
"sha256:3c3f39fa737542161d8b0d680df2ec249334cd70a8f420f71c9304bd83c3cbed",
"sha256:3d3dd4c9e559eb172ecf00a2a7517e97d1e96de2a5e610bd9b68cea3925b4892",
"sha256:43e0b9d9e2c9e5d152946b9c5fe062c151614b262fda2e7b201204de0b99e482",
"sha256:48e1c69bbacfc3d932221851b39d49e81567a4d4aac3b21258d9c24578280058",
"sha256:51182f8927c5af975fece87b1b369f722c570fe169f9880764b1ee3bca8347b5",
"sha256:58e3f59d583d413809d60779492342801d6e82fefb89c86a38e040c16883be53",
"sha256:5de7970188bb46b7bf9858eb6890aad302577a5f6f75091fd7cdd3ef13ef3045",
"sha256:65fa59693c62cf06e45ddbb822165394a288edce9e276647f0046e1ec26920f3",
"sha256:681d07b0d1e3c462dd15585ef5e33cb021321588bebd910124ef4f4fb71aef55",
"sha256:69e395c24fc60aad6bb4fa7e583698ea6cc684648e1ffb7fe85e3c1ca131a7d5",
"sha256:6c97d7350133666fbb5cf4abdc1178c812cb205dc6f41d174a7b0f18fb93337e",
"sha256:6e4714cc64f474e4d6e37cfff31a814b509a35cb17de4fb1999907575684479c",
"sha256:72d8d3ef52c208ee1c7b2e341f7d71c6fd3157138abf1a95166e6165dd5d4369",
"sha256:8ae6299f6c68de06f136f1f9e69458eae58f1dacf10af5c17353eae03aa0d827",
"sha256:8b198cec6c72df5289c05b05b8b0969819783f9418e0409865dac47288d2a053",
"sha256:99cd03ae7988a93dd00bcd9d0b75e1f6c426063d6f03d2f90b89e29b25b82dfa",
"sha256:9cf8022fb8d07a97c178b02327b284521c7708d7c71a9c9c355c178ac4bbd3d4",
"sha256:9de2e279153a443c656f2defd67769e6d1e4163952b3c622dcea5b08a6405322",
"sha256:9e93e79c2551ff263400e1e4be085a1210e12073a31c2011dbbda14bda0c6132",
"sha256:9ff227395193126d82e60319a673a037d5de84633f11279e336f9c0f189ecc62",
"sha256:a465da611f6fa124963b91bf432d960a555563efe4ed1cc403ba5077b15370aa",
"sha256:ad17025d226ee5beec591b52800c11680fca3df50b8b29fe51d882576e039ee0",
"sha256:afb29c1ba2e5a3736f1c301d9d0abe3ec8b86957d04ddfa9d7a6a42b9367e396",
"sha256:b85eb46a81787c50650f2392b9b4ef23e1f126313b9e0e9013b35c15e4288e2e",
"sha256:bb89f306e5da99f4d922728ddcd6f7fcebb3241fc40edebcb7284d7514741991",
"sha256:cbde590d4faaa07c72bf979734738f328d239913ba3e043b1e98fe9a39f8b2b6",
"sha256:cc5a8e069b9ebfa22e26d0e6b97d6f9781302fe7f4f2b8776c3e1daea35f1adc",
"sha256:cd2868886d547469123fadc46eac7ea5253ea7fcb139f12e1dfc2bbd406427d1",
"sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406",
"sha256:df5052c5d867c1ea0b311fb7c3cd28b19df469c056f7fdcfe88c7473aa63e333",
"sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d",
"sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c"
],
"version": "==1.14.5"
},
"chardet": {
"hashes": [
"sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa",
@ -44,6 +97,36 @@
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==4.0.0"
},
"colorclass": {
"hashes": [
"sha256:b05c2a348dfc1aff2d502527d78a5b7b7e2f85da94a96c5081210d8e9ee8e18b"
],
"version": "==2.2.0"
},
"compressed-rtf": {
"hashes": [
"sha256:c1c827f1d124d24608981a56e8b8691eb1f2a69a78ccad6440e7d92fde1781dd"
],
"version": "==1.0.6"
},
"cryptography": {
"hashes": [
"sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d",
"sha256:1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959",
"sha256:240f5c21aef0b73f40bb9f78d2caff73186700bf1bc6b94285699aff98cc16c6",
"sha256:26965837447f9c82f1855e0bc8bc4fb910240b6e0d16a664bb722df3b5b06873",
"sha256:37340614f8a5d2fb9aeea67fd159bfe4f5f4ed535b1090ce8ec428b2f15a11f2",
"sha256:3d10de8116d25649631977cb37da6cbdd2d6fa0e0281d014a5b7d337255ca713",
"sha256:3d8427734c781ea5f1b41d6589c293089704d4759e34597dce91014ac125aad1",
"sha256:7ec5d3b029f5fa2b179325908b9cd93db28ab7b85bb6c1db56b10e0b54235177",
"sha256:8e56e16617872b0957d1c9742a3f94b43533447fd78321514abbe7db216aa250",
"sha256:de4e5f7f68220d92b7637fc99847475b59154b7a1b3868fb7385337af54ac9ca",
"sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d",
"sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9"
],
"markers": "python_version >= '3.6'",
"version": "==3.4.7"
},
"cybox": {
"hashes": [
"sha256:19a588bcdce8f3a088f7d5edd3e8862c11b701bb3d64257b18f3092deb9c3b7a",
@ -52,6 +135,34 @@
"index": "pypi",
"version": "==2.1.0.21"
},
"deprecated": {
"hashes": [
"sha256:08452d69b6b5bc66e8330adde0a4f8642e969b9e1702904d137eeb29c8ffc771",
"sha256:6d2de2de7931a968874481ef30208fd4e08da39177d61d3d4ebdf4366e7dbca1"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==1.2.12"
},
"easygui": {
"hashes": [
"sha256:073f728ca88a77b74f404446fb8ec3004945427677c5618bd00f70c1b999fef2",
"sha256:8d38764803c27bbccab2771e6c021cb20647049b36617f765fac79f01af07a27"
],
"version": "==0.98.2"
},
"ebcdic": {
"hashes": [
"sha256:33b4cb729bc2d0bf46cc1847b0e5946897cb8d3f53520c5b9aa5fa98d7e735f1"
],
"version": "==1.1.1"
},
"extract-msg": {
"hashes": [
"sha256:6ad2702bef86e6c1b8505e2993c7f3d37a1f3d140903138ee2df4a299dd2a29c",
"sha256:7ebdbd7863a3699080a69f71ec0cd30ed9bfee70bad9acc6a8e6abe9523c78c0"
],
"version": "==0.28.7"
},
"idna": {
"hashes": [
"sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6",
@ -60,6 +171,13 @@
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.10"
},
"imapclient": {
"hashes": [
"sha256:3eeb97b9aa8faab0caa5024d74bfde59408fbd542781246f6960873c7bf0dd01",
"sha256:60ba79758cc9f13ec910d7a3df9acaaf2bb6c458720d9a02ec33a41352fd1b99"
],
"version": "==2.1.0"
},
"jsonschema": {
"hashes": [
"sha256:4e5b3cf8216f577bee9ce139cbe72eca3ea4f292ec60928ff24758ce626cd163",
@ -67,6 +185,44 @@
],
"version": "==3.2.0"
},
"lark-parser": {
"hashes": [
"sha256:e29ca814a98bb0f81674617d878e5f611cb993c19ea47f22c80da3569425f9bd"
],
"version": "==0.11.3"
},
"lief": {
"hashes": [
"sha256:17314177c0124ccd450554bbcb203b8cd2660c94e36bdc05a6eba04bb0af3954",
"sha256:1cca100e77382f4137a3b1283769efa0e68a965fa4f3e21e64e3f67b6e22fdc8",
"sha256:208294f208354f57ded772efc4c3b2ea61fae35325a048d38c21571cb35e4bfc",
"sha256:3f510836d19cee407015ee565ea566e444471f0ecb3028a5c5e2219a7583f3c4",
"sha256:44bd7804a39837ff46cd543154f6e4a28e2d4fafa312752ca6deea1c849995ce",
"sha256:5122e4e70fecc32e7fdf2e9cd9b580ddd63fb4509eae373be78b3c11d67175b8",
"sha256:544b0f8a587bc5f6fd39cf47d9785af2714f982682efcd1dd3291604e7cb6351",
"sha256:5a0da170943aaf7019b27b9a7199b860298426c0455f88add392f472605c39ee",
"sha256:5f5fb42461b5d5d5b2ccf7fe17e8f26bd632afcbaedf29a9d30819eeea5dab29",
"sha256:621ad19f77884a008d61e05b92aed8309a8460e93916f4722439beaa529ca37d",
"sha256:710112ebc642bf5287a7b25c54c8a4e1079cbb403d4e844a364e1c3cbed52486",
"sha256:8b219ce4a41b0734fe9a7fbfde7d23a92bc005c8684882662808fc438568c1b5",
"sha256:8fd1ecdb3001e8e19df7278b77df5d6394ad6071354e177d11ad08b0a727d390",
"sha256:932ba495388fb52b4ba056a0b00abe0bda3567ad3ebc6d726be1e87b8be08b3f",
"sha256:9c6cc9da3e3a56ad29fc4e77e7109e960bd0cae3e3ba5307e3ae5c65d85fbdc4",
"sha256:a1f7792f1d811a898d3d676c32731d6b055573a2c3e67988ab1b32917db3de96",
"sha256:a4bb649a2f5404b8e2e4b8beb3772466430e7382fc5f7f014f3f778137133987",
"sha256:b275a542b5ef173ec9602d2f511a895c4228db63bbbc58699859da4afe8bfd58",
"sha256:bfc0246af63361e22a952f8babd542477d64288d993c5a053a72f9e3f59da795",
"sha256:c672dcd78dbbe2c0746721cdb1593b237a8b983d039e73713b055449e4a58207",
"sha256:c773eaee900f398cc98a9c8501d9ab7465af9729979841bb78f4aaa8b821fd9a",
"sha256:e6d9621c1db852ca4de37efe98151838edf0a976fe03cace471b3a761861f95e",
"sha256:e743345290649f54efcf2c1ea530f3520a7b22583fb8b0772df48b1901ecb1ea",
"sha256:eb8c2ae617ff54c4ea73dbd055544681b3cfeafbdbf0fe4535fac494515ab65b",
"sha256:f4e8a878615a46ef4ae016261a59152b8c019a35adb865e26a37c8ef25200d7e",
"sha256:fd41077526e30bfcafa3d03bff8466a4a9ae4bbe21cadd6a09168a62ce18710c"
],
"markers": "python_version >= '3.6'",
"version": "==0.11.5"
},
"lxml": {
"hashes": [
"sha256:079f3ae844f38982d156efce585bc540c16a926d4436712cf4baee0cce487a3d",
@ -135,6 +291,28 @@
"index": "pypi",
"version": "==1.0.5"
},
"msoffcrypto-tool": {
"hashes": [
"sha256:234f85ef59945fa1ebb618ca029f31f0cb43a637344dbda5c1bb8578b2d96a68",
"sha256:7f04b621365e3753f8cef8ba40536acc23d0d201c0ad2dcb1b3d82c83056b7ff"
],
"markers": "python_version >= '3' and platform_python_implementation != 'PyPy' or (platform_system != 'Windows' and platform_system != 'Darwin')",
"version": "==4.12.0"
},
"olefile": {
"hashes": [
"sha256:133b031eaf8fd2c9399b78b8bc5b8fcbe4c31e85295749bb17a87cba8f3c3964"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==0.46"
},
"oletools": {
"hashes": [
"sha256:bad54d3ced34f3475a5bffc0122f8481c66c3f3e09ad946dbda6ec80b75f72cb",
"sha256:dfad0328ac83b4f8db9f47e706cbd64db739ae4ebf9d98b2dcc465728a35f4a6"
],
"version": "==0.60"
},
"ordered-set": {
"hashes": [
"sha256:ba93b2df055bca202116ec44b9bead3df33ea63a7d5827ff8e16738b97f33a95"
@ -142,6 +320,21 @@
"markers": "python_version >= '3.5'",
"version": "==4.0.2"
},
"pcodedmp": {
"hashes": [
"sha256:025f8c809a126f45a082ffa820893e6a8d990d9d7ddb68694b5a9f0a6dbcd955",
"sha256:4441f7c0ab4cbda27bd4668db3b14f36261d86e5059ce06c0828602cbe1c4278"
],
"version": "==1.2.6"
},
"pycparser": {
"hashes": [
"sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0",
"sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.20"
},
"pydeep": {
"git": "https://github.com/kbandla/pydeep.git",
"ref": "bc0d33bff4b45718b4c5f2c79d4715d92a427eda"
@ -150,8 +343,16 @@
"extras": [
"fileobjects"
],
"git": "https://github.com/MISP/PyMISP.git",
"ref": "a68bd80ab9dceaee9674bd9a2b0bffc4f387fcdc"
"path": "./PyMISP",
"version": "==2.4.102"
},
"pyparsing": {
"hashes": [
"sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1",
"sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"
],
"markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.4.7"
},
"pyrsistent": {
"hashes": [
@ -165,9 +366,17 @@
"sha256:73ebfe9dbf22e832286dafa60473e4cd239f8592f699aa5adaf10050e6e1823c",
"sha256:75bb3f31ea686f1197762692a9ee6a7550b59fc6ca3a1f4b5d7e32fb98e2da2a"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"index": "pypi",
"version": "==2.8.1"
},
"python-magic": {
"hashes": [
"sha256:4fec8ee805fea30c07afccd1592c0f17977089895bdfaae5fec870a84e997626",
"sha256:de800df9fb50f8ec5974761054a708af6e4246b03b4bdaee993f948947b0ebcf"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==0.4.24"
},
"pytz": {
"hashes": [
"sha256:83a4a90894bf38e243cf052c8b58f381bfe9a7a483f6a9cab140bc7f702ac4da",
@ -183,6 +392,14 @@
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==2.25.1"
},
"rtfde": {
"hashes": [
"sha256:18386e4f060cee12a2a8035b0acf0cc99689f5dff1bf347bab7e92351860a21d",
"sha256:b86b5d734950fe8745a5b89133f50554252dbd67c6d1b9265e23ee140e7ea8a2"
],
"markers": "python_version >= '3.6'",
"version": "==0.0.2"
},
"simplejson": {
"hashes": [
"sha256:034550078a11664d77bc1a8364c90bb7eef0e44c2dbb1fd0a4d92e3997088667",
@ -261,12 +478,23 @@
],
"version": "==1.3.2"
},
"tzlocal": {
"hashes": [
"sha256:643c97c5294aedc737780a49d9df30889321cbe1204eac2c2ec6134035a92e44",
"sha256:e2cb6c6b5b604af38597403e9852872d7f534962ae2954c7f35efcb1ccacf4a4"
],
"version": "==2.1"
},
"urllib3": {
"hashes": [
"sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c",
"sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098"
],
<<<<<<< HEAD
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'",
=======
"index": "pypi",
>>>>>>> develop
"version": "==1.26.5"
},
"weakrefmethod": {
@ -274,6 +502,12 @@
"sha256:37bc1fbb5575acf82172d4eb7b6fc4412d77d5a1d70dff2c1f8a4574301cda66"
],
"version": "==1.0.3"
},
"wrapt": {
"hashes": [
"sha256:b62ffa81fb85f4332a4f609cab4ac40709470da05643a082ec1eb88e6d9b97d7"
],
"version": "==1.12.1"
}
},
"develop": {}

2
PyMISP

@ -1 +1 @@
Subproject commit 3c289b971dbbf58b192ecf84b3acbe438a2a76e9
Subproject commit 7dbaf665d9288f2a2692bee3d6207bb6abe3c51f

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":4, "hotfix":143}
{"major":2, "minor":4, "hotfix":144}

55
app/Console/Command/ServerShell.php
View File

@ -212,6 +212,33 @@ class ServerShell extends AppShell
}
}
public function pushAll()
{
$this->ConfigLoad->execute();
$userId = $this->args[0];
$user = $this->User->getAuthUser($userId);
if (empty($user)) {
die('User ID do not match an existing user.' . PHP_EOL);
}
$servers = $this->Server->find('all', array(
'conditions' => array('Server.push' => 1),
'recursive' => -1,
'order' => 'Server.priority',
'fields' => array('Server.name', 'Server.id'),
));
foreach ($servers as $server) {
$jobId = CakeResque::enqueue(
'default',
'ServerShell',
array('push', $userId, $server['Server']['id'], $technique)
);
$this->out("Enqueued pushing from {$server['Server']['name']} server as job $jobId");
}
}
public function fetchFeed()
{
$this->ConfigLoad->execute();
@ -320,6 +347,34 @@ class ServerShell extends AppShell
echo $message . PHP_EOL;
}
public function cacheServerAll()
{
$this->ConfigLoad->execute();
$userId = $this->args[0];
$user = $this->User->getAuthUser($userId);
if (empty($user)) {
die('User ID do not match an existing user.' . PHP_EOL);
}
$servers = $this->Server->find('all', array(
'conditions' => array('Server.pull' => 1),
'recursive' => -1,
'order' => 'Server.priority',
'fields' => array('Server.name', 'Server.id'),
));
foreach ($servers as $server) {
$jobId = CakeResque::enqueue(
'default',
'ServerShell',
array('cacheServer', $userId, $server['Server']['id'])
);
$this->out("Enqueued cacheServer from {$server['Server']['name']} server as job $jobId");
}
}
public function cacheFeed()
{
$this->ConfigLoad->execute();

4
app/Controller/AppController.php
View File

@ -25,8 +25,8 @@ class AppController extends Controller
public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector');
private $__queryVersion = '129';
public $pyMispVersion = '2.4.143';
private $__queryVersion = '130';
public $pyMispVersion = '2.4.144';
public $phpmin = '7.2';
public $phprec = '7.4';
public $phptoonew = '8.0';

26
app/Controller/AuditLogsController.php
View File

@ -25,6 +25,7 @@ class AuditLogsController extends AppController
'CorrelationExclusion',
'Event',
'EventBlocklist',
'EventReport',
'Feed',
'DecayingModel',
'Object',
@ -490,18 +491,6 @@ class AuditLogsController extends AppController
$events = array_column(array_column($events, 'Event'), null, 'id');
}
$existingObjects = [];
foreach (['User', 'Organisation', 'Galaxy', 'GalaxyCluster', 'Warninglist', 'AuthKey', 'ObjectTemplate', 'Role'] as $modelName) {
if (isset($models[$modelName])) {
$this->loadModel($modelName);
$data = $this->{$modelName}->find('column', [
'conditions' => ['id' => array_unique($models[$modelName])],
'fields' => ['id'],
]);
$existingObjects[$modelName] = array_flip($data);
}
}
$links = [
'ObjectTemplate' => 'objectTemplates',
'AuthKey' => 'auth_keys',
@ -511,8 +500,21 @@ class AuditLogsController extends AppController
'Warninglist' => 'warninglists',
'User' => 'admin/user',
'Role' => 'roles',
'EventReport' => 'eventReports',
];
$existingObjects = [];
foreach ($links as $modelName => $foo) {
if (isset($models[$modelName])) {
$this->loadModel($modelName);
$data = $this->{$modelName}->find('column', [
'conditions' => ['id' => array_unique($models[$modelName])],
'fields' => ['id'],
]);
$existingObjects[$modelName] = array_flip($data);
}
}
foreach ($auditLogs as $k => $auditLog) {
$auditLog = $auditLog['AuditLog'];
$modelId = (int)$auditLog['model_id'];

1
app/Controller/AuthKeysController.php
View File

@ -51,6 +51,7 @@ class AuthKeysController extends AppController
return $this->restResponsePayload;
}
$this->set('title_for_layout', __('Auth Keys'));
$this->set('advancedEnabled', !empty(Configure::read('Security.advanced_authkeys')));
$this->set('keyUsageEnabled', $keyUsageEnabled);
$this->set('menuData', [
'menuList' => $this->_isSiteAdmin() ? 'admin' : 'globalActions',

5
app/Controller/Component/ACLComponent.php
View File

@ -310,6 +310,8 @@ class ACLComponent extends Component
'attachCluster' => array('perm_tagger'),
'attachMultipleClusters' => array('perm_tagger'),
'delete' => array(),
'disable' => array('perm_site_admin'),
'enable' => array('perm_site_admin'),
'export' => array('*'),
'forkTree' => array('*'),
'index' => array('*'),
@ -320,6 +322,7 @@ class ACLComponent extends Component
'selectGalaxyNamespace' => array('perm_tagger'),
'selectCluster' => array('perm_tagger'),
'showGalaxies' => array('*'),
'toggle' => array('perm_site_admin'),
'update' => array(),
'view' => array('*'),
'viewGraph' => array('*'),
@ -345,6 +348,7 @@ class ACLComponent extends Component
'unpublish' => array('perm_galaxy_editor'),
'updateCluster' => array('perm_galaxy_editor'),
'view' => array('*'),
'viewCyCatRelations' => array('*'),
'viewGalaxyMatrix' => array('*'),
'viewRelations' => array('*'),
'viewRelationTree' => array('*'),
@ -533,6 +537,7 @@ class ACLComponent extends Component
'resetRemoteAuthKey' => array(),
'removeOrphanedCorrelations' => array('perm_site_admin'),
'rest' => array('perm_auth'),
'openapi' => array('*'),
'restartDeadWorkers' => array(),
'restartWorkers' => array(),
'serverSettings' => array(),

6
app/Controller/DashboardsController.php
View File

@ -12,7 +12,7 @@ class DashboardsController extends AppController
public function beforeFilter()
{
parent::beforeFilter();
$this->Security->unlockedActions = array_merge(array('renderWidget', 'updateSettings', 'getForm'), $this->Security->unlockedActions);
$this->Security->unlockedActions = array_merge(array('renderWidget', 'getForm'), $this->Security->unlockedActions);
}
public $paginate = array(
@ -113,14 +113,14 @@ class DashboardsController extends AppController
{
if ($this->request->is('post')) {
$this->UserSetting = ClassRegistry::init('UserSetting');
if (!isset($this->request->data['value'])) {
if (!isset($this->request->data['Dashboard']['value'])) {
throw new InvalidArgumentException(__('No setting data found.'));
}
$data = array(
'UserSetting' => array(
'user_id' => $this->Auth->user('id'),
'setting' => 'dashboard',
'value' => $this->request->data['value']
'value' => $this->request->data['Dashboard']['value']
)
);
$result = $this->UserSetting->setSetting($this->Auth->user(), $data);

27
app/Controller/EventsController.php
View File

@ -41,7 +41,7 @@ class EventsController extends AppController
'proposal' => 0,
'correlation' => 0,
'warning' => 0,
'deleted' => 2,
'deleted' => 0,
'includeRelatedTags' => 0,
'includeDecayScore' => 0,
'toIDS' => 0,
@ -1130,13 +1130,12 @@ class EventsController extends AppController
$conditions['overrideLimit'] = 1;
}
if (isset($filters['deleted'])) {
$conditions['deleted'] = $filters['deleted'] == 2 ? 0 : [0, 1];
if ($filters['deleted'] == 2) { // not-deleted only
$conditions['deleted'] = 0;
} elseif ($filters['deleted'] == 1) { // deleted only
$conditions['deleted'] = 1;
} else { // both
if ($filters['deleted'] == 1) { // both
$conditions['deleted'] = [0, 1];
} elseif ($filters['deleted'] == 0) { // not-deleted only
$conditions['deleted'] = 1;
} else { // only deleted
$conditions['deleted'] = 0;
}
}
if (isset($filters['toIDS']) && $filters['toIDS'] != 0) {
@ -1283,7 +1282,7 @@ class EventsController extends AppController
}
$deleted = 0;
if (isset($filters['deleted'])) {
$deleted = $filters['deleted'] == 2 ? 0 : 1;
$deleted = $filters['deleted'] > 0 ? 1 : 0;
}
$this->set('includeSightingdb', (!empty($filters['includeSightingdb']) && Configure::read('Plugin.Sightings_sighting_db_enable')));
$this->set('deleted', $deleted);
@ -1626,7 +1625,15 @@ class EventsController extends AppController
if (($this->userRole['perm_sync'] && $this->_isRest() && !$this->userRole['perm_site_admin']) && $deleted == 1) {
$conditions['deleted'] = array(0,1);
} else {
$conditions['deleted'] = $deleted == 2 ? array(0,1) : $deleted;
if (is_array($deleted)) {
$conditions['deleted'] = $deleted;
} else if ($deleted == 1) { // both
$conditions['deleted'] = [0, 1];
} elseif ($deleted == 0) { // not-deleted only
$conditions['deleted'] = 0;
} else { // only deleted
$conditions['deleted'] = 1;
}
}
}
if (isset($this->params['named']['toIDS']) && $this->params['named']['toIDS'] != 0) {
@ -1728,7 +1735,7 @@ class EventsController extends AppController
return $this->__restResponse($event);
}
$this->set('deleted', isset($deleted) ? ($deleted == 2 ? 0 : 1) : 0);
$this->set('deleted', isset($deleted) ? ($deleted > 0 ? 1 : 0) : 0);
$this->set('includeRelatedTags', (!empty($this->params['named']['includeRelatedTags'])) ? 1 : 0);
$this->set('includeDecayScore', (!empty($this->params['named']['includeDecayScore'])) ? 1 : 0);

17
app/Controller/FeedsController.php
View File

@ -202,9 +202,6 @@ class FeedsController extends AppController
$tags = $this->Event->EventTag->Tag->find('list', array('fields' => array('Tag.name'), 'order' => array('lower(Tag.name) asc')));
$tags[0] = 'None';
$this->set('tags', $tags);
if (!isset($this->request->data['Feed']['fixed_event'])) {
$this->request->data['Feed']['fixed_event'] = 1;
}
$this->set('orgs', $this->Event->Orgc->find('list', array(
'fields' => array('id', 'name'),
'order' => 'LOWER(name)'
@ -221,6 +218,9 @@ class FeedsController extends AppController
}
}
}
if (!isset($this->request->data['Feed']['fixed_event'])) {
$this->request->data['Feed']['fixed_event'] = 1;
}
$error = false;
if (isset($this->request->data['Feed']['pull_rules'])) {
$this->request->data['Feed']['rules'] = $this->request->data['Feed']['pull_rules'];
@ -459,8 +459,15 @@ class FeedsController extends AppController
$this->Feed->data['Feed']['settings'] = json_decode($this->Feed->data['Feed']['settings'], true);
}
if (!$this->Feed->data['Feed']['enabled']) {
$this->Flash->error(__('Feed is currently not enabled. Make sure you enable it.'));
$this->redirect(array('action' => 'index'));
if ($this->_isRest()) {
return $this->RestResponse->viewData(
array('result' => __('Feed is currently not enabled. Make sure you enable it.')),
$this->response->type()
);
} else {
$this->Flash->error(__('Feed is currently not enabled. Make sure you enable it.'));
$this->redirect(array('action' => 'index'));
}
}
if (Configure::read('MISP.background_jobs')) {
$this->loadModel('Job');

64
app/Controller/GalaxiesController.php
View File

@ -19,7 +19,7 @@ class GalaxiesController extends AppController
public function index()
{
$aclConditions = array();
$filters = $this->IndexFilter->harvestParameters(array('value'));
$filters = $this->IndexFilter->harvestParameters(array('value', 'enabled'));
$searchConditions = array();
if (empty($filters['value'])) {
$filters['value'] = '';
@ -35,6 +35,9 @@ class GalaxiesController extends AppController
)
);
}
if (isset($filters['enabled'])) {
$searchConditions[]['enabled'] = $filters['enabled'] ? 1 : 0;
}
if ($this->_isRest()) {
$galaxies = $this->Galaxy->find(
'all',
@ -51,6 +54,7 @@ class GalaxiesController extends AppController
$this->paginate['conditions']['AND'][] = $aclConditions;
$galaxies = $this->paginate();
$this->set('galaxyList', $galaxies);
$this->set('passedArgsArray', $this->passedArgs);
$this->set('searchall', $filters['value']);
}
}
@ -139,7 +143,7 @@ class GalaxiesController extends AppController
}
$result = $this->Galaxy->delete($id);
if ($result) {
$message = 'Galaxy deleted';
$message = __('Galaxy deleted');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Galaxy', 'delete', false, $this->response->type(), $message);
} else {
@ -147,7 +151,7 @@ class GalaxiesController extends AppController
$this->redirect(array('controller' => 'galaxies', 'action' => 'index'));
}
} else {
$message = 'Could not delete Galaxy.';
$message = __('Could not delete Galaxy.');
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Galaxy', 'delete', false, $message);
} else {
@ -156,7 +160,55 @@ class GalaxiesController extends AppController
}
}
}
public function enable($id) {
return $this->toggle($id, true);
}
public function disable($id) {
return $this->toggle($id, false);
}
public function toggle($id, $enabled=null)
{
if (Validation::uuid($id)) {
$id = $this->Toolbox->findIdByUuid($this->Galaxy, $id);
} elseif (!is_numeric($id)) {
throw new NotFoundException('Invalid galaxy.');
}
$galaxy = $this->Galaxy->find('first', array(
'recursive' => -1,
'conditions' => array('Galaxy.id' => $id)
));
if (empty($galaxy)) {
throw new NotFoundException('Invalid galaxy.');
}
if (is_null($enabled)) {
$galaxy['Galaxy']['enabled'] = !$galaxy['Galaxy']['enabled'];
} else {
$galaxy['Galaxy']['enabled'] = $enabled;
}
$result = $this->Galaxy->save($galaxy);
if ($result) {
$message = __('Galaxy enabled');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Galaxy', 'toggle', false, $this->response->type(), $message);
} else {
$this->Flash->success($message);
$this->redirect(array('controller' => 'galaxies', 'action' => 'index'));
}
} else {
$message = __('Could not enable Galaxy.');
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Galaxy', 'toggle', false, $message);
} else {
$this->Flash->success($message);
$this->redirect($this->referer());
}
}
}
public function import()
{
if ($this->request->is('post') || $this->request->is('put')) {
@ -284,6 +336,9 @@ class GalaxiesController extends AppController
$local = !empty($this->params['named']['local']) ? $this->params['named']['local'] : '0';
$eventid = !empty($this->params['named']['eventid']) ? $this->params['named']['eventid'] : '0';
$conditions = $namespace === '0' ? array() : array('namespace' => $namespace);
$conditions[] = [
'enabled' => true
];
$galaxies = $this->Galaxy->find('all', array(
'recursive' => -1,
'fields' => array('MAX(Galaxy.version) as latest_version', 'id', 'kill_chain_order', 'name', 'icon', 'description'),
@ -339,6 +394,7 @@ class GalaxiesController extends AppController
$namespaces = $this->Galaxy->find('list', array(
'recursive' => -1,
'fields' => array('namespace', 'namespace'),
'conditions' => array('enabled' => 1),
'group' => array('namespace'),
'order' => array('namespace asc')
));

17
app/Controller/GalaxyClustersController.php
View File

@ -159,7 +159,7 @@ class GalaxyClustersController extends AppController
$this->render('ajax/index');
}
}
/**
* @param mixed $id ID or UUID of the cluster
*/
@ -204,7 +204,7 @@ class GalaxyClustersController extends AppController
}
}
}
/**
* @param mixed $galaxyId ID of the galaxy to which the cluster will be added
*/
@ -329,7 +329,7 @@ class GalaxyClustersController extends AppController
$this->set('sharingGroups', $sgs);
$this->set('action', 'add');
}
/**
* @param mixed $id ID or UUID of the cluster
*/
@ -396,7 +396,7 @@ class GalaxyClustersController extends AppController
if (empty($cluster['GalaxyCluster']['authors'])) {
$cluster['GalaxyCluster']['authors'] = [];
} else if (is_array($cluster['GalaxyCluster']['authors'])) {
// This is as intended, move on
// This is as intended, move on
}else {
$decoded = json_decode($cluster['GalaxyCluster']['authors'], true);
if (is_null($decoded)) { // authors might be comma separated
@ -774,6 +774,15 @@ class GalaxyClustersController extends AppController
}
}
public function viewCyCatRelations($id)
{
$cluster = $this->GalaxyCluster->fetchIfAuthorized($this->Auth->user(), $id, 'view', true, false);
$CyCatRelations = $this->GalaxyCluster->getCyCatRelations($cluster);
$this->set('cluster', $cluster);
$this->set('CyCatRelations', $CyCatRelations);
$this->render('cluster_cycatrelations');
}
public function viewGalaxyMatrix($id)
{
if (!$this->request->is('ajax')) {

4
app/Controller/NoticelistsController.php
View File

@ -171,6 +171,10 @@ class NoticelistsController extends AppController
if (empty($noticelist)) {
throw new NotFoundException('Noticelist not found.');
}
$noticelist['Noticelist']['ref'] = json_decode($noticelist['Noticelist']['ref']);
$noticelist['Noticelist']['geographical_area'] = json_decode($noticelist['Noticelist']['geographical_area']);
if ($this->_isRest()) {
$noticelist['Noticelist']['NoticelistEntry'] = $noticelist['NoticelistEntry'];
return $this->RestResponse->viewData($noticelist, $this->response->type());

3
app/Controller/ServersController.php
View File

@ -2527,4 +2527,7 @@ misp.direct_call(relative_path, body)
$syncFilteringRules = $this->Server->getAvailableSyncFilteringRules($this->Auth->user());
return $this->RestResponse->viewData($syncFilteringRules);
}
public function openapi() {
}
}

30
app/Controller/SightingsController.php
View File

@ -15,9 +15,9 @@ class SightingsController extends AppController
}
public $paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array('Sighting.date_sighting' => 'DESC'),
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array('Sighting.date_sighting' => 'DESC'),
);
// takes an attribute ID or UUID
@ -78,9 +78,9 @@ class SightingsController extends AppController
if ($this->request->is('ajax')) {
if ($error) {
$error_message = 'Could not add the Sighting. Reason: ' . $error;
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $error_message)), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => false, 'errors' => $error_message)), 'status' => 200, 'type' => 'json'));
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => $result . ' ' . $this->Sighting->type[$type] . (($result == 1) ? '' : 's') . ' added.')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'success' => $result . ' ' . $this->Sighting->type[$type] . (($result == 1) ? '' : 's') . ' added.')), 'status' => 200, 'type' => 'json'));
}
} else {
if ($error) {
@ -147,7 +147,7 @@ class SightingsController extends AppController
$this->render('/Sightings/ajax/advanced');
}
public function quickAdd($id=false, $type=1, $onvalue=false)
public function quickAdd($id = false, $type = 1, $onvalue = false)
{
if (!$this->userRole['perm_modify_org']) {
throw new MethodNotAllowedException(__('You are not authorised to remove sightings data as you don\'t have permission to modify your organisation\'s data.'));
@ -174,7 +174,7 @@ class SightingsController extends AppController
}
} else {
if (!isset($id)) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => __('Invalid request.'))), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => __('Invalid request.'))), 'status' => 200, 'type' => 'json'));
} else {
if ($onvalue) {
$result = $this->Sighting->add();
@ -183,9 +183,9 @@ class SightingsController extends AppController
}
if ($result) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => __('Sighting added.'))), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'success' => __('Sighting added.'))), 'status' => 200, 'type' => 'json'));
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => __('Sighting could not be added'))), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => __('Sighting could not be added'))), 'status' => 200, 'type' => 'json'));
}
}
}
@ -204,20 +204,20 @@ class SightingsController extends AppController
$this->render('ajax/quickDeleteConfirmationForm');
} else {
if (!isset($id)) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => 'Invalid request.')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => 'Invalid request.')), 'status' => 200, 'type' => 'json'));
} else {
$sighting = $this->Sighting->find('first', array('conditions' => array('Sighting.id' => $id), 'recursive' => -1));
if (empty($sighting)) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => 'Invalid sighting.')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => 'Invalid sighting.')), 'status' => 200, 'type' => 'json'));
}
if (!$this->_isSiteAdmin() && $sighting['Sighting']['org_id'] != $this->Auth->user('org_id')) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => 'Invalid sighting.')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => 'Invalid sighting.')), 'status' => 200, 'type' => 'json'));
}
$result = $this->Sighting->delete($id);
if ($result) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Sighting deleted.')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'success' => 'Sighting deleted.')), 'status' => 200, 'type' => 'json'));
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'errors' => 'Sighting could not be deleted')), 'status' => 200, 'type' => 'json'));
return new CakeResponse(array('body' => json_encode(array('saved' => true, 'errors' => 'Sighting could not be deleted')), 'status' => 200, 'type' => 'json'));
}
}
}
@ -259,7 +259,7 @@ class SightingsController extends AppController
$sightingConditions = array('Sighting.event_id' => $eventid);
}
$sightedEvents = $this->Sighting->find('list', array(
'group' => 'Sighting.event_id',
'group' => ['Sighting.id', 'Sighting.event_id'],
'fields' => array('Sighting.event_id'),
'conditions' => $sightingConditions
));

2
app/Lib/Tools/SecurityAudit.php
View File

@ -373,7 +373,7 @@ class SecurityAudit
if ($diffDays > 300) {
$output['System'][] = [
'warning',
__('Kernel build time was s days ago. This usually means that the system kernel is not updated.', $diffDays),
__('Kernel build time was %s days ago. This usually means that the system kernel is not updated.', $diffDays),
];
}
}

5
app/Model/AppModel.php
View File

@ -90,7 +90,7 @@ class AppModel extends Model
51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false,
57 => false, 58 => false, 59 => false, 60 => false, 61 => false, 62 => false,
63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false,
69 => false,
69 => false, 70 => false,
);
public $advanced_updates_description = array(
@ -1600,6 +1600,9 @@ class AppModel extends Model
INDEX `model_id` (`model_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
break;
case 70:
$sqlArray[] = "ALTER TABLE `galaxies` ADD `enabled` tinyint(1) NOT NULL DEFAULT 1 AFTER `namespace`;";
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

7
app/Model/Attribute.php
View File

@ -3628,6 +3628,13 @@ class Attribute extends AppModel
if (!empty($parentEvent)) {
$params['parentEvent'] = $parentEvent;
}
if (!empty($attribute['SharingGroup'])) {
$attribute['sharing_group_id'] = $this->SharingGroup->captureSG($attribute['SharingGroup'], $user);
} elseif (!empty($attribute['sharing_group_id'])) {
if (!$this->SharingGroup->checkIfAuthorised($user, $attribute['sharing_group_id'])) {
unset($attribute['sharing_group_id']);
}
}
if (!$this->save($attribute, $params)) {
$attribute_short = (isset($attribute['category']) ? $attribute['category'] : 'N/A') . '/' . (isset($attribute['type']) ? $attribute['type'] : 'N/A') . ' ' . (isset($attribute['value']) ? $attribute['value'] : 'N/A');
$log->create();

38
app/Model/Event.php
View File

@ -1004,17 +1004,28 @@ class Event extends AppModel
private function __prepareForPushToServer($event, $server)
{
if ($event['Event']['distribution'] == 4) {
if (!empty($event['SharingGroup']['SharingGroupServer'])) {
$found = false;
foreach ($event['SharingGroup']['SharingGroupServer'] as $sgs) {
if ($sgs['server_id'] == $server['Server']['id']) {
$found = true;
if (empty($event['SharingGroup']['SharingGroup']['roaming']) && empty($server['Server']['internal'])) {
$serverFound = false;
if (!empty($event['SharingGroup']['SharingGroupServer'])) {
foreach ($event['SharingGroup']['SharingGroupServer'] as $sgs) {
if ($sgs['server_id'] == $server['Server']['id']) {
$serverFound = true;
}
}
}
if (!$found) {
if (!$serverFound) {
return 403;
}
} else if (empty($event['SharingGroup']['roaming'])) {
}
$orgFound = false;
if (!empty($event['SharingGroup']['SharingGroupOrg'])) {
foreach ($event['SharingGroup']['SharingGroupOrg'] as $org) {
if (isset($org['Organisation']) && $org['Organisation']['uuid'] === $server['RemoteOrg']['uuid']) {
$orgFound = true;
}
}
}
if (!$orgFound) {
return 403;
}
}
@ -2992,9 +3003,20 @@ class Event extends AppModel
public function set_filter_value(&$params, $conditions, $options, $keys = array('Attribute.value1', 'Attribute.value2'))
{
if (!empty($params['value'])) {
$valueParts = explode('|', $params['value'], 2);
$params[$options['filter']] = $this->convert_filters($params[$options['filter']]);
$conditions = $this->generic_add_filter($conditions, $params[$options['filter']], $keys);
// Allows searching for ['value1' => [full, part1], 'value2' => [full, part2]]
if (count($valueParts) == 2) {
$convertedFilterVal1 = $this->convert_filters($valueParts[0]);
$convertedFilterVal2 = $this->convert_filters($valueParts[1]);
$conditionVal1 = $this->generic_add_filter([], $convertedFilterVal1, ['Attribute.value1'])['AND'][0]['OR'];
$conditionVal2 = $this->generic_add_filter([], $convertedFilterVal2, ['Attribute.value2'])['AND'][0]['OR'];
$tmpConditions = [
'AND' => [$conditionVal1, $conditionVal2]
];
$conditions['AND'][0]['OR']['OR']['AND'] = [$conditionVal1, $conditionVal2];
}
}
return $conditions;
}

42
app/Model/GalaxyCluster.php
View File

@ -602,7 +602,7 @@ class GalaxyCluster extends AppModel
$this->GalaxyClusterRelation->GalaxyClusterRelationTag->deleteAll(['GalaxyClusterRelationTag.galaxy_cluster_relation_id' => $relation_ids], false, false);
$this->Log = ClassRegistry::init('Log');
$this->Log->createLogEntry('SYSTEM', 'wipe_default', 'GalaxyCluster', 0, "Wiping default galaxy clusters");
}
/**
@ -2133,4 +2133,44 @@ class GalaxyCluster extends AppModel
]);
return empty($cluster['Tag']['id']) ? false : $cluster['Tag']['id'];
}
public function getCyCatRelations($cluster)
{
$CyCatRelations = [];
if (empty(Configure::read('Plugin.CyCat_enable'))) {
return $CyCatRelations;
}
App::uses('SyncTool', 'Tools');
$cycatUrl = empty(Configure::read("Plugin.CyCat_url")) ? 'https://api.cycat.org': Configure::read("Plugin.CyCat_url");
$syncTool = new SyncTool();
if (empty($this->HttpSocket)) {
$this->HttpSocket = $syncTool->createHttpSocket();
}
$request = array(
'header' => array(
'Accept' => array('application/json'),
'MISP-version' => implode('.', $this->checkMISPVersion()),
'MISP-uuid' => Configure::read('MISP.uuid'),
'x-ground-truth' => 'Dogs are superior to cats'
)
);
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $cluster['GalaxyCluster']['uuid'], array(), $request);
if ($response->code === '200') {
$response = $this->HttpSocket->get($cycatUrl . '/relationships/' . $cluster['GalaxyCluster']['uuid'], array(), $request);
if ($response->code === '200') {
$relationUUIDs = json_decode($response->body);
if (!empty($relationUUIDs)) {
foreach ($relationUUIDs as $relationUUID) {
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $relationUUID, array(), $request);
if ($response->code === '200') {
$lookupResult = json_decode($response->body, true);
$lookupResult['uuid'] = $relationUUID;
$CyCatRelations[$relationUUID] = $lookupResult;
}
}
}
}
}
return $CyCatRelations;
}
}

2
app/Model/Organisation.php
View File

@ -98,7 +98,7 @@ class Organisation extends AppModel
'uuid' => '0',
'contacts' => '',
'local' => true,
'restricted_to_domain' => '[]',
'restricted_to_domain' => [],
'landingpage' => null
);

228
app/Model/Role.php
View File

@ -59,113 +59,6 @@ class Role extends AppModel
'publish' => 3
);
// #TODO i18n?
public $permFlags = array(
'perm_site_admin' => array(
'id' => 'RolePermSiteAdmin',
'text' => 'Site Admin',
'readonlyenabled' => false,
'title' => 'Unrestricted access to any data and functionality on this instance.'
),
'perm_admin' => array(
'id' => 'RolePermAdmin',
'text' => 'Org Admin',
'readonlyenabled' => false,
'title' => 'Limited organisation admin - create, manage users of their own organisation'
),
'perm_sync' => array(
'id' => 'RolePermSync',
'text' => 'Sync Actions',
'readonlyenabled' => true,
'title' => 'Synchronisation permission, can be used to connect two MISP instances create data on behalf of other users. Make sure that the role with this permission has also access to tagging and tag editing rights.'
),
'perm_audit' => array(
'id' => 'RolePermAudit',
'text' => 'Audit Actions',
'readonlyenabled' => true,
'title' => 'Access to the audit logs of the user\'s organisation.'
),
'perm_auth' => array(
'id' => 'RolePermAuth',
'text' => 'Auth key access',
'readonlyenabled' => true,
'title' => 'Users with this permission have access to authenticating via their Auth keys, granting them access to the API.',
'site_admin_optional' => true
),
'perm_regexp_access' => array(
'id' => 'RolePermRegexpAccess',
'text' => 'Regex Actions',
'readonlyenabled' => false,
'title' => 'Users with this role can modify the regex rules affecting how data is fed into MISP. Make sure that caution is advised with handing out roles that include this permission, user controlled executed regexes are dangerous.'
),
'perm_tagger' => array(
'id' => 'RolePermTagger',
'text' => 'Tagger',
'readonlyenabled' => false,
'title' => 'Users with roles that include this permission can attach or detach existing tags to and from events/attributes.'
),
'perm_tag_editor' => array(
'id' => 'RolePermTagEditor',
'text' => 'Tag Editor',
'readonlyenabled' => false,
'title' => 'This permission gives users the ability to create tags.'
),
'perm_template' => array(
'id' => 'RolePermTemplate',
'text' => 'Template Editor',
'readonlyenabled' => false,
'title' => 'Create or modify templates, to be used when populating events.'
),
'perm_sharing_group' => array(
'id' => 'RolePermSharingGroup',
'text' => 'Sharing Group Editor',
'readonlyenabled' => false,
'title' => 'Permission to create or modify sharing groups.'
),
'perm_delegate' => array(
'id' => 'RolePermDelegate',
'text' => 'Delegations Access',
'readonlyenabled' => false,
'title' => 'Allow users to create delegation requests for their own org only events to trusted third parties.'
),
'perm_sighting' => array(
'id' => 'RolePermSighting',
'text' => 'Sighting Creator',
'readonlyenabled' => true,
'title' => 'Permits the user to push feedback on attributes into MISP by providing sightings.'
),
'perm_object_template' => array(
'id' => 'RolePermObjectTemplate',
'text' => 'Object Template Editor',
'readonlyenabled' => false,
'title' => 'Create or modify MISP Object templates'
),
'perm_galaxy_editor' => array(
'id' => 'RolePermGalaxyEditor',
'text' => 'Galaxy Editor',
'readonlyenabled' => false,
'title' => 'Create or modify MISP Galaxies and MISP Galaxies Clusters'
),
'perm_decaying' => array(
'id' => 'RolePermDecaying',
'text' => 'Decaying Model Editor',
'readonlyenabled' => true,
'title' => 'Create or modify MISP Decaying Models'
),
'perm_publish_zmq' => array(
'id' => 'RolePermPublishZmq',
'text' => 'ZMQ publisher',
'readonlyenabled' => false,
'title' => 'Allow users to publish data to the ZMQ pubsub channel via the publish event to ZMQ button.'
),
'perm_publish_kafka' => array(
'id' => 'RolePermPublishKafka',
'text' => 'Kafka publisher',
'readonlyenabled' => false,
'title' => 'Allow users to publish data to Kafka via the publish event to Kafka button.'
)
);
public $premissionLevelName = array('Read Only', 'Manage Own Events', 'Manage Organisation Events', 'Manage and Publish Organisation Events');
public function beforeSave($options = array())
@ -307,4 +200,125 @@ class Role extends AppModel
}
return $suggestedRole;
}
public function __get($name)
{
if ($name === 'permFlags') {
$this->permFlags = $this->generatePermFlags();
return $this->permFlags;
}
return parent::__get($name);
}
/**
* @return array[]
*/
private function generatePermFlags()
{
return array(
'perm_site_admin' => array(
'id' => 'RolePermSiteAdmin',
'text' => 'Site Admin',
'readonlyenabled' => false,
'title' => __('Unrestricted access to any data and functionality on this instance.')
),
'perm_admin' => array(
'id' => 'RolePermAdmin',
'text' => 'Org Admin',
'readonlyenabled' => false,
'title' => __('Limited organisation admin - create, manage users of their own organisation.')
),
'perm_sync' => array(
'id' => 'RolePermSync',
'text' => 'Sync Actions',
'readonlyenabled' => true,
'title' => __('Synchronisation permission, can be used to connect two MISP instances create data on behalf of other users. Make sure that the role with this permission has also access to tagging and tag editing rights.')
),
'perm_audit' => array(
'id' => 'RolePermAudit',
'text' => 'Audit Actions',
'readonlyenabled' => true,
'title' => __('Access to the audit logs of the user\'s organisation.')
),
'perm_auth' => array(
'id' => 'RolePermAuth',
'text' => 'Auth key access',
'readonlyenabled' => true,
'title' => __('Users with this permission have access to authenticating via their Auth keys, granting them access to the API.'),
'site_admin_optional' => true
),
'perm_regexp_access' => array(
'id' => 'RolePermRegexpAccess',
'text' => 'Regex Actions',
'readonlyenabled' => false,
'title' => __('Users with this role can modify the regex rules affecting how data is fed into MISP. Make sure that caution is advised with handing out roles that include this permission, user controlled executed regexes are dangerous.')
),
'perm_tagger' => array(
'id' => 'RolePermTagger',
'text' => 'Tagger',
'readonlyenabled' => false,
'title' => __('Users with roles that include this permission can attach or detach existing tags to and from events/attributes.')
),
'perm_tag_editor' => array(
'id' => 'RolePermTagEditor',
'text' => 'Tag Editor',
'readonlyenabled' => false,
'title' => __('This permission gives users the ability to create tags.')
),
'perm_template' => array(
'id' => 'RolePermTemplate',
'text' => 'Template Editor',
'readonlyenabled' => false,
'title' => __('Create or modify templates, to be used when populating events.')
),
'perm_sharing_group' => array(
'id' => 'RolePermSharingGroup',
'text' => 'Sharing Group Editor',
'readonlyenabled' => false,
'title' => __('Permission to create or modify sharing groups.')
),
'perm_delegate' => array(
'id' => 'RolePermDelegate',
'text' => 'Delegations Access',
'readonlyenabled' => false,
'title' => __('Allow users to create delegation requests for their own org only events to trusted third parties.')
),
'perm_sighting' => array(
'id' => 'RolePermSighting',
'text' => 'Sighting Creator',
'readonlyenabled' => true,
'title' => __('Permits the user to push feedback on attributes into MISP by providing sightings.')
),
'perm_object_template' => array(
'id' => 'RolePermObjectTemplate',
'text' => 'Object Template Editor',
'readonlyenabled' => false,
'title' => __('Create or modify MISP Object templates.')
),
'perm_galaxy_editor' => array(
'id' => 'RolePermGalaxyEditor',
'text' => 'Galaxy Editor',
'readonlyenabled' => false,
'title' => __('Create or modify MISP Galaxies and MISP Galaxies Clusters.')
),
'perm_decaying' => array(
'id' => 'RolePermDecaying',
'text' => 'Decaying Model Editor',
'readonlyenabled' => true,
'title' => __('Create or modify MISP Decaying Models.')
),
'perm_publish_zmq' => array(
'id' => 'RolePermPublishZmq',
'text' => 'ZMQ publisher',
'readonlyenabled' => false,
'title' => __('Allow users to publish data to the ZMQ pubsub channel via the publish event to ZMQ button.')
),
'perm_publish_kafka' => array(
'id' => 'RolePermPublishKafka',
'text' => 'Kafka publisher',
'readonlyenabled' => false,
'title' => __('Allow users to publish data to Kafka via the publish event to Kafka button.'),
),
);
}
}

23
app/Model/Server.php
View File

@ -165,7 +165,10 @@ class Server extends AppModel
'data' => array(
'PullAll' => 'MISP/app/Console/cake Server pullAll [user_id] [full|update]',
'Pull' => 'MISP/app/Console/cake Server pull [user_id] [server_id] [full|update]',
'PushAll' => 'MISP/app/Console/cake Server pushAll [user_id]',
'Push' => 'MISP/app/Console/cake Server push [user_id] [server_id]',
'Cache server' => 'MISP/app/Console/cake server cacheServer [user_id] [server_id]',
'Cache all servers' => 'MISP/app/Console/cake server cacheServerAll [user_id]',
'Cache feeds for quick lookups' => 'MISP/app/Console/cake Server cacheFeed [user_id] [feed_id|all|csv|text|misp]',
'Fetch feeds as local data' => 'MISP/app/Console/cake Server fetchFeed [user_id] [feed_id|all|csv|text|misp]',
'Run enrichment' => 'MISP/app/Console/cake Event enrichment [user_id] [event_id] [json_encoded_module_list]',
@ -7013,7 +7016,25 @@ class Server extends AppModel
'test' => 'testForEmpty',
'type' => 'string',
'null' => true
)
),
'CyCat_enable' => [
'level' => 1,
'description' => __('Enable lookups for additional relations via CyCat.'),
'value' => false,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean',
'null' => true
],
'CyCat_url' => [
'level' => 2,
'description' => __('URL to use for CyCat lookups, if enabled.'),
'value' => 'https://api.cycat.org',
'errorMessage' => '',
'test' => 'testForEmpty',
'type' => 'string',
'null' => true
]
),
'debug' => array(
'level' => 0,

7
app/Model/SharingGroup.php
View File

@ -533,7 +533,7 @@ class SharingGroup extends AppModel
}
}
}
if ($conditional === false) {
if ($conditional === false && empty($server['Server']['internal'])) {
return false;
}
}
@ -618,6 +618,7 @@ class SharingGroup extends AppModel
if ($existingCaptureResult !== true) {
return $existingCaptureResult;
}
$sg_id = $existingSG['SharingGroup']['id'];
$forceUpdate = true;
}
unset($sg['Organisation']);
@ -838,7 +839,7 @@ class SharingGroup extends AppModel
$temp = $this->SharingGroupOrg->find('first', array(
'recursive' => -1,
'conditions' => array(
'sharing_group_id' => $existingSG['SharingGroup']['id'],
'sharing_group_id' => $sg_id,
'org_id' => $sg['SharingGroupOrg'][$k]['org_id']
),
));
@ -891,7 +892,7 @@ class SharingGroup extends AppModel
$temp = $this->SharingGroupServer->find('first', array(
'recursive' => -1,
'conditions' => array(
'sharing_group_id' => $existingSG['SharingGroup']['id'],
'sharing_group_id' => $sg_id,
'server_id' => $sg['SharingGroupServer'][$k]['server_id']
),
));

3
app/View/AuthKeys/index.ctp
View File

@ -1,4 +1,7 @@
<?php
if (!$advancedEnabled) {
echo '<div class="alert">' . __('Advanced auth keys are not enabled.') . '</div>';
}
echo sprintf('<div%s>', empty($ajax) ? ' class="index"' : '');
echo $this->element('genericElements/IndexTable/index_table', [
'data' => [

19
app/View/Dashboards/update_settings.ctp Normal file
View File

@ -0,0 +1,19 @@
<?php
$modelForForm = 'Dashboard';
echo $this->element('genericElements/Form/genericForm', array(
'form' => $this->Form,
'url' => 'updateSettings',
'data' => array(
'title' => __('Add Widget'),
'model' => 'Dashboard',
'fields' => array(
array(
'field' => 'value',
),
),
'submit' => array(
'action' => 'updateSettings',
),
)
));
?>

8
app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp
View File

@ -101,9 +101,9 @@ function triggerEventFilteringTool(hide) {
"id": "deleted",
"label": "Deleted",
"values": {
0: "Both",
1: "Deleted only",
2: "Exclude deleted"
0: "Exclude deleted",
1: "Both",
2: "Deleted only"
}
},
{
@ -314,7 +314,7 @@ function triggerEventFilteringTool(hide) {
{
field: 'deleted',
id: 'deleted',
value: <?php echo isset($filters['deleted']) ? h($filters['deleted']) : 2; ?>
value: <?php echo isset($filters['deleted']) ? h($filters['deleted']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['includeRelatedTags'])): ?>

7
app/View/Elements/eventattributetoolbar.ctp
View File

@ -1,4 +1,7 @@
<?php
if (!empty($this->passedArgs['correlation'])) {
$attributeFilter = 'correlation';
}
$simple_filter_data = array(
array(
'id' => 'filter_all',
@ -32,8 +35,8 @@
'title' => __('Only show correlating attributes'),
'text' => __('Correlation'),
'active' => $attributeFilter == 'correlation',
'onClick' => 'filterAttributes',
'onClickParams' => array('correlation', $event['Event']['id'])
'onClick' => 'toggleBoolFilter',
'onClickParams' => array($urlHere, 'correlation'),
);
$simple_filter_data[] = array(
'id' => 'filter_warning',

22
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -440,6 +440,11 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
'url' => '/eventReports/edit/' . h($id),
'text' => __('Edit Event Report')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => '/admin/audit_logs/index/model:EventReport/model_id:' . h($id),
'text' => __('View report history'),
'requirement' => Configure::read('MISP.log_new_audit') && $canAccess('auditLogs', 'admin_index'),
));
}
break;
@ -1551,6 +1556,23 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
));
}
break;
case 'api':
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'openapi',
'url' => $baseurl . '/servers/openapi',
'text' => __('OpenAPI')
));
if ($isAclAdd) {
if ($canAccess('servers', 'rest')) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'rest',
'url' => $baseurl . '/servers/rest',
'text' => __('REST client')
));
}
}
break;
}
?>
</ul>

2
app/View/Elements/genericElements/accordion.ctp
View File

@ -13,7 +13,7 @@
</div>',
h($elementId),
h($elementId) . '-collapse',
h($title),
!empty($titleHTML) ? $titleHTML : h($title),
!empty($allowFullscreen) ? '' : sprintf(
'<span class="fas fa-external-link-alt" title="View %s full screen" onclick="event.stopPropagation(); window.location.href=\'%s\';"></span>',
h($title),

20
app/View/Elements/global_menu.ctp
View File

@ -33,11 +33,6 @@
'text' => __('Search Attributes'),
'url' => $baseurl . '/attributes/search'
),
array(
'text' => __('REST client'),
'url' => $baseurl . '/servers/rest',
'requirement' => $canAccess('servers', 'rest'),
),
array(
'type' => 'separator'
),
@ -476,6 +471,21 @@
'url' => $baseurl . '/admin/logs/search'
)
)
),
array(
'type' => 'root',
'text' => __('API'),
'children' => array(
array(
'text' => __('OpenAPI'),
'url' => $baseurl . '/servers/openapi'
),
array(
'text' => __('REST client'),
'url' => $baseurl . '/servers/rest',
'requirement' => $canAccess('servers', 'rest')
)
)
)
);
$menu_right = array(

6
app/View/Errors/error403.ctp
View File

@ -1,7 +1,9 @@
<div class="misp-error-container">
<h2><?php echo $name; ?></h2>
<?php if (!empty($message)): ?>
<p class="error">
<strong><?php echo __('Error'); ?>: </strong>
<?php printf(__('%s', true), "{$message}"); ?>
<strong><?= __('Error'); ?>:</strong>
<?= $message; ?>
</p>
<?php endif; ?>
</div>

1
app/View/Events/automation.ctp
View File

@ -3,6 +3,7 @@
?>
<div class="event index">
<h2><?php echo __('Automation');?></h2>
<p class="bold"><?php echo __('Check out the OpenAPI spec of the MISP Automation API <a href="%s">here</a>.', $baseurl . '/servers/openapi');?></p>
<p><?php echo __('Automation functionality is designed to automatically feed other tools and systems with the data in your MISP repository.
To to make this functionality available for automated tools an authentication key is used.');?>
<br /><?php echo __('You can use the <a href="' . $baseurl . '/servers/rest">REST client</a> to test your API queries against your MISP and export the resulting tuned queries as curl or python scripts.');?>

65
app/View/Galaxies/index.ctp
View File

@ -5,6 +5,26 @@
'data' => $galaxyList,
'top_bar' => array(
'children' => array(
array(
'type' => 'simple',
'children' => array(
array(
'url' => $baseurl . '/galaxies/index',
'text' => __('All'),
'active' => !isset($passedArgsArray['enabled']),
),
array(
'url' => $baseurl . '/galaxies/index/enabled:1',
'text' => __('Enabled'),
'active' => isset($passedArgsArray['enabled']) && $passedArgsArray['enabled'] === "1",
),
array(
'url' => $baseurl . '/galaxies/index/enabled:0',
'text' => __('Disabled'),
'active' => isset($passedArgsArray['enabled']) && $passedArgsArray['enabled'] === "0",
)
)
),
array(
'type' => 'search',
'button' => __('Filter'),
@ -52,7 +72,14 @@
array(
'name' => __('Description'),
'data_path' => 'Galaxy.description',
)
),
array(
'name' => __('Enabled'),
'element' => 'boolean',
'sort' => 'enabled',
'class' => 'short',
'data_path' => 'Galaxy.enabled',
),
),
'title' => __('Galaxy index'),
'actions' => array(
@ -64,6 +91,42 @@
'icon' => 'eye',
'dbclickAction' => true
),
array(
'title' => __('Enable'),
'icon' => 'play',
'postLink' => true,
'url' => $baseurl . '/galaxies/enable',
'url_params_data_paths' => ['Galaxy.id'],
'postLinkConfirm' => __('Are you sure you want to enable this galaxy library?'),
'complex_requirement' => array(
'function' => function ($row, $options) use ($isSiteAdmin) {
return $isSiteAdmin && !$options['datapath']['enabled'];
},
'options' => array(
'datapath' => array(
'enabled' => 'Galaxy.enabled'
)
)
),
),
array(
'title' => __('Disable'),
'icon' => 'stop',
'postLink' => true,
'url' => $baseurl . '/galaxies/disable',
'url_params_data_paths' => ['Galaxy.id'],
'postLinkConfirm' => __('Are you sure you want to disable this galaxy library?'),
'complex_requirement' => array(
'function' => function ($row, $options) use ($isSiteAdmin) {
return $isSiteAdmin && $options['datapath']['enabled'];
},
'options' => array(
'datapath' => array(
'enabled' => 'Galaxy.enabled'
)
)
),
),
array(
'url' => '/galaxies/delete',
'url_params_data_paths' => array(

34
app/View/GalaxyClusters/cluster_cycatrelations.ctp Normal file
View File

@ -0,0 +1,34 @@
<?php
$cycatUrl = empty(Configure::read('Plugin.CyCat_url')) ? 'https://api.cycat.org' : Configure::read('Plugin.CyCat_url');
$CyCatRelationsTable = $this->element('/genericElements/IndexTable/index_table', [
'data' => [
'skip_pagination' => true,
'data' => $CyCatRelations,
'fields' => [
[
'name' => __('UUID'),
'class' => 'short',
'data_path' => 'uuid',
'element' => 'links',
'url_params_data_paths' => 'uuid',
'url' => $cycatUrl . '/lookup'
],
[
'name' => __('MITRE CTI Name'),
'class' => 'short',
'data_path' => 'mitre-cti:name',
],
[
'name' => __('MITRE CTI Type'),
'class' => 'short',
'data_path' => 'mitre-cti:type',
],
[
'name' => __('MITRE CTI Description'),
'data_path' => 'mitre-cti:description',
],
],
]
]);
echo $CyCatRelationsTable;
?>

15
app/View/GalaxyClusters/view.ctp
View File

@ -102,6 +102,21 @@ if (!empty($extendedByHtml)) {
<div class="row-fuild">
<div id="relations_container"></div>
</div>
<?php
if (!empty(Configure::read('Plugin.CyCat_enable'))) {
$titleHTML = __('CyCat Relationships');
$titleHTML .= sprintf('<a href="%s" onclick="event.stopPropagation()" title="%s" target="_blank"><img src="%s" style="height: 2.5em"/></a>',
'https://cycat.org/',
__('CyCAT or the CYbersecurity Resource CATalogue aims at mapping and documenting, in a single formalism and catalogue all the available cybersecurity tools, rules, playbooks, processes and controls.'),
$baseurl . '/img/CyCat.ico'
);
echo $this->element('/genericElements/accordion', [
'title' => 'CyCat Relationships',
'titleHTML' => $titleHTML,
'url' => '/galaxy_clusters/viewCyCatRelations/' . $cluster['GalaxyCluster']['id']
]);
}
?>
<div id="elements_content"></div>
</div>
<?= $this->element('genericElements/assetLoader', array(

2
app/View/Noticelists/view.ctp
View File

@ -5,7 +5,7 @@
$fields = array();
foreach ($field_names as $field_name) {
if ($field_name == 'ref' || $field_name == 'geographical_area') {
$value = json_decode($noticelist['Noticelist'][$field_name]);
$value = $noticelist['Noticelist'][$field_name];
foreach ($value as $k => $v) {
if ($field_name == 'ref') {
$value[$k] = '<a href="' . h($v) . '">' . h($v) . '</a>';

13
app/View/Servers/openapi.ctp Normal file
View File

@ -0,0 +1,13 @@
<?php
echo $this->element('genericElements/assetLoader', array(
'js' => array('redoc.standalone')
));
?>
<div id="redoc-container"></div>
<script>
Redoc.init('/doc/openapi.yaml', {
fontFamily: "inherit",
disableSearch: true,
expandResponses: "200"
}, document.getElementById('redoc-container'))
</script>

2
app/View/Servers/rest.ctp
View File

@ -189,7 +189,7 @@
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'rest'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'api', 'menuItem' => 'rest'));
echo $this->element('genericElements/assetLoader', array(
'js' => array(
'moment.min',

2
app/View/Users/login.ctp
View File

@ -19,7 +19,7 @@
<?php if (Configure::read('MISP.main_logo') && file_exists(APP . '/webroot/img/custom/' . Configure::read('MISP.main_logo'))): ?>
<img src="<?php echo $baseurl?>/img/custom/<?php echo h(Configure::read('MISP.main_logo'));?>" style=" display:block; margin-left: auto; margin-right: auto;" />
<?php else: ?>
<img src="<?php echo $baseurl?>/img/misp-birthday-logo.svg" style="display:block; margin-left: auto; margin-right: auto;"/>
<img src="<?php echo $baseurl?>/img/misp-logo.png" style="display:block; margin-left: auto; margin-right: auto;"/>
<?php endif;?>
</div>
<?php

26
app/View/Warninglists/view.ctp
View File

@ -1,17 +1,13 @@
<?php
$data = $warninglist['Warninglist'];
$text = array();
foreach ($warninglist['WarninglistType'] as $temp) {
$text[] = $temp['type'];
}
$text = implode(', ', $text);
$types = array_column($warninglist['WarninglistType'], 'type');
$table_data = array(
array('key' => __('Id'), 'value' => $data['id']),
array('key' => __('ID'), 'value' => $data['id']),
array('key' => __('Name'), 'value' => $data['name']),
array('key' => __('Description'), 'value' => $data['description']),
array('key' => __('Version'), 'value' => $data['version']),
array('key' => __('Type'), 'value' => $data['type']),
array('key' => __('Accepted attribute types'), 'value' => $text),
array('key' => __('Accepted attribute types'), 'value' => implode(', ', $types)),
array(
'key' => __('Enabled'),
'boolean' => $data['enabled'],
@ -26,24 +22,14 @@
),
);
echo sprintf(
'<div class="warninglist view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div><h4>%s</h4>%s</div>%s',
'<div class="warninglist view"><div class="row-fluid"><div class="span8" style="margin:0;">%s</div></div><h4>%s</h4>%s</div>',
sprintf(
'<h2>%s</h2>%s',
h(strtoupper($warninglist['Warninglist']['name'])),
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
),
__('Values'),
implode('<br />', array_column($warninglist['WarninglistEntry'], 'value')),
$this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'warninglist', 'menuItem' => 'view'))
implode('<br>', array_column($warninglist['WarninglistEntry'], 'value'))
);
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'warninglist', 'menuItem' => 'view'));
?>
<script type="text/javascript">
$(document).ready(function(){
$('input:checkbox').removeAttr('checked');
$('.mass-select').hide();
$('.select_taxonomy, .select_all').click(function(){
taxonomyListAnyCheckBoxesChecked();
});
});
</script>

7306
app/webroot/doc/openapi.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
app/webroot/img/CyCat.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

18
app/webroot/js/markdownEditor/event-report.js
View File

@ -362,6 +362,7 @@ function MISPElementSuggestionRule(state) {
var blockTokens = state.tokens
var tokens, blockToken, currentToken
var indexOfAllLines, lineOffset, absoluteLine, relativeIndex
var tokenMap
var i, j, l
for (i = 0, l = blockTokens.length; i < l; i++) {
blockToken = blockTokens[i]
@ -380,7 +381,8 @@ function MISPElementSuggestionRule(state) {
blockToken.indexOfAllLines = indexOfAllLines
}
lineOffset = getLineNumInArrayList(currentToken.content.indexes.start, blockToken.indexOfAllLines.bMarks)
var absoluteLine = blockToken.map[0] + lineOffset
tokenMap = findBackClosestStartLine(blockTokens, i)
var absoluteLine = tokenMap[0] + lineOffset
var relativeIndex = currentToken.content.indexes.start - blockToken.indexOfAllLines.bMarks[lineOffset]
state.tokens[i].children[j].content.indexes.lineStart = absoluteLine
state.tokens[i].children[j].content.indexes.start = relativeIndex
@ -2113,6 +2115,20 @@ function getLineNumInArrayList(index, arrayToSearchInto) {
return 0
}
function findBackClosestStartLine(tokens, i) {
if (tokens[i].map !== null) {
return tokens[i].map
}
var token
for (var j = i-1; j >= 0; j--) {
token = tokens[j]
if (token.map !== null) {
return token.map
}
}
return null
}
function parseDestinationValue(str, pos, max) {
var level = 0
var lines = 0

32
app/webroot/js/misp.js
View File

@ -3676,7 +3676,7 @@ function toggleBoolFilter(url, param) {
});
if (res[param] !== undefined) {
if (param == 'deleted') {
res[param] = res[param] == 0 ? 2 : 0;
res[param] = res[param] == 0 ? 1 : 0;
} else {
res[param] = res[param] == 0 ? 1 : 0;
}
@ -5073,17 +5073,25 @@ function saveDashboardState() {
dashBoardSettings.push(temp);
}
});
$.ajax({
data: {value: dashBoardSettings},
success:function (data, textStatus) {
showMessage('success', 'Dashboard settings saved.');
},
error: function (jqXHR, textStatus, errorThrown) {
showMessage('fail', textStatus + ": " + errorThrown);
},
type: "post",
url: baseurl + '/dashboards/updateSettings',
});
var url = baseurl + '/dashboards/updateSettings'
fetchFormDataAjax(url, function(formData) {
var $formContainer = $(formData)
$formContainer.find('#DashboardValue').val(JSON.stringify(dashBoardSettings))
var $theForm = $formContainer.find('form')
xhr({
data: $theForm.serialize(),
success:function (data) {
showMessage('success', 'Dashboard settings saved.');
},
error:function(jqXHR, textStatus, errorThrown) {
showMessage('fail', textStatus + ": " + errorThrown);
},
beforeSend:function() {
},
type:"post",
url: $theForm.attr('action')
});
})
}
function updateDashboardWidget(element) {

107
app/webroot/js/redoc.standalone.js Normal file
View File

File diff suppressed because one or more lines are too long

1
app/webroot/js/redoc.standalone.js.map Normal file
View File

File diff suppressed because one or more lines are too long

13
db_schema.json
View File

@ -2460,6 +2460,17 @@
"column_default": "misp",
"extra": ""
},
{
"column_name": "enabled",
"is_nullable": "NO",
"data_type": "tinyint",
"character_maximum_length": null,
"numeric_precision": "3",
"collation_name": null,
"column_type": "tinyint(1)",
"column_default": "1",
"extra": ""
},
{
"column_name": "kill_chain_order",
"is_nullable": "YES",
@ -8158,5 +8169,5 @@
"id": true
}
},
"db_version": "69"
"db_version": "70"
}

1
docs/generic/Authentication Diagram/MISP Authentication Diagram.drawio Normal file
View File

File diff suppressed because one or more lines are too long

BIN
docs/generic/Authentication Diagram/MISP Authentication Diagram.pdf Normal file
View File

Binary file not shown.

BIN
docs/generic/Authentication Diagram/MISP Authentication Diagram.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 884 KiB

1
docs/generic/Authentication Diagram/MISP Authentication Diagram.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

72
docs/generic/Synchronisation/README.md Normal file
View File

@ -0,0 +1,72 @@
# Data visibility for Sync-users
Sync-users are used to serve as the point of connection between instances.
Typically, events pushed to an instance are created via a sync-user account residing on the remote instance.
Events pulled from an instance are fetched using the remote's sync user account and are then saved locally.
If a sync-user is bound to a synchronisation server, the event index might be filtered based on the PUSH rules defined in the synchronisation server settings.
The binding can be set when editing a user by linking it to an existing synchronisation server.
## Standard server connection without filtering rules
### State
- User Role = `perm_sync`
- `MISP.unpublishedprivate` = false
- True will deny access to unpublished events to users outside the organization of the submitter except site admins.
### Conditions
- `cond_org`: Does the event belong to the requesting user's org
- `cond_unpublished_private`: Should unpublished events be hidden for users outside the event's organisation
- `cond_distribution`: Does the event's distribution level allows it to be view by the requesting user
Where `cond_distribution` is as follow:
```
Event.distribution ∈ [1, 2, 3] (Event.distribution = 4 ∧ User ∈ Event.sharing_group_id)
```
Or expressed otherwise:
- The distribution level of the event must either be `This community only`, `Connected community` or `All communities`.
- Or, if the distribution level is set to `sharing group`, the user requesting the event must be part of said sharing group
Events are retrieved from the database if the following condition is met:
```
cond_org (cond_distribution ∧ cond_unpublished_private)
```
Or expressed otherwise:
- The event belongs to the user requesting the event
- Or, the user is authorised to view the event considering its distribution level and its publication state
## Server connection with PUSH filtering rules
### State
- User Role = `perm_sync`
- `MISP.unpublishedprivate` = false // True will deny access to unpublished events to users outside the organization of the submitter except site admins.
- Server has PUSH rule(s)
- e.g.: Events with the tag `exportable` are allowed
### Conditions
- `cond_org`: Does the event belong to the requesting user's org
- `cond_unpublished_private`: Should unpublished events be hidden for users outside the event's organisation
- `cond_distribution`: Does the event's distribution level allows it to be view by the requesting user
- `cond_push_rule`: Any events to be pushed must satisfy this condition
Where `cond_distribution` is as follow:
```
Event.distribution ∈ [1, 2, 3] (Event.distribution = 4 ∧ User ∈ Event.sharing_group_id)
```
Which is the same as in the previous example.
Events are retrieved from the database if the following condition is met:
```
( cond_org (cond_distribution ∧ cond_unpublished_private) ) ∧ cond_push_rule
```
Which is almost the same as in the previous example.
The only difference is that the previous conditions must be fulfilled and the `push_rule` described in the synchronisation link must be met.
## Synchronisation logic
![MISP Sync diagrams: PUSH](sync-diagram-push-full.png)
![MISP Sync diagrams: PULL](sync-diagram-pull-full.png)

BIN
docs/generic/Synchronisation/sync-diagram-pull-full.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 336 KiB

BIN
docs/generic/Synchronisation/sync-diagram-pull-simple.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 177 KiB

BIN
docs/generic/Synchronisation/sync-diagram-push-full.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 373 KiB

BIN
docs/generic/Synchronisation/sync-diagram-push-simple.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 162 KiB

1
docs/generic/Synchronisation/sync-diagrams.drawio Normal file
View File

File diff suppressed because one or more lines are too long