MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of github.com:MISP/MISP into 2.4

pull/4416/head
iglocska 2019-04-01 16:21:30 +02:00
parent a36deb94c9 215fd7ee82
commit c6974d217e
32 changed files with 456 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.travis.yml
View File

@ -27,7 +27,7 @@ before_install:
install:
- sudo add-apt-repository -y ppa:deadsnakes/ppa
- sudo apt-get -y update
- sudo apt-get -y install python3.6 python3-pip python3.6-dev python3-nose libxml2-dev libzmq3-dev zlib1g-dev apache2 curl php-mysql php-dev php-cli libapache2-mod-php libfuzzy-dev php-mbstring
- sudo apt-get -y install python3.6 python3-pip python3.6-dev python3-nose libxml2-dev libzmq3-dev zlib1g-dev apache2 curl php-mysql php-dev php-cli libapache2-mod-php libfuzzy-dev php-mbstring libonig2
- sudo apt-get -y dist-upgrade
- wget https://bootstrap.pypa.io/get-pip.py
- sudo python3.6 get-pip.py

2
INSTALL/old/INSTALL.ubuntu1604.with.webmin.txt
View File

@ -36,7 +36,7 @@ sudo mysql_secure_installation
# Install PHP and dependencies
sudo apt-get install libapache2-mod-php php php-cli php-crypt-gpg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml
sudo apt-get install libapache2-mod-php php php-cli php-crypt-gpg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-gd
# Apply all changes
sudo systemctl restart apache2

2
app/Controller/AppController.php
View File

@ -46,7 +46,7 @@ class AppController extends Controller
public $helpers = array('Utility', 'OrgImg', 'FontAwesome');
private $__queryVersion = '64';
private $__queryVersion = '65';
public $pyMispVersion = '2.4.103';
public $phpmin = '7.0';
public $phprec = '7.2';

105
app/Controller/AttributesController.php
View File

@ -1174,15 +1174,15 @@ class AttributesController extends AppController
if (!$this->Attribute->exists()) {
throw new NotFoundException('Invalid attribute');
}
$conditions = array('conditions' => array('Attribute.id' => $id), 'withAttachments' => true, 'flatten' => true);
$conditions['includeAllTags'] = false;
$conditions['includeAttributeUuid'] = true;
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), $conditions);
if (empty($attribute)) {
throw new MethodNotAllowedException('Invalid attribute');
}
$attribute = $attribute[0];
if ($this->_isRest()) {
$conditions = array('conditions' => array('Attribute.id' => $id), 'withAttachments' => true, 'flatten' => true);
$conditions['includeAllTags'] = false;
$conditions['includeAttributeUuid'] = true;
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), $conditions);
if (empty($attribute)) {
throw new MethodNotAllowedException('Invalid attribute');
}
$attribute = $attribute[0];
if (isset($attribute['AttributeTag'])) {
foreach ($attribute['AttributeTag'] as $k => $tag) {
$attribute['Attribute']['Tag'][$k] = $tag['Tag'];
@ -1193,7 +1193,94 @@ class AttributesController extends AppController
$this->set('Attribute', $attribute['Attribute']);
$this->set('_serialize', array('Attribute'));
} else {
$this->redirect('/events/view/' . $this->Attribute->data['Attribute']['event_id']);
$this->redirect('/events/view/' . $attribute['Attribute']['event_id']);
}
}
public function viewPicture($id, $thumbnail=false, $width=200, $height=200)
{
if (Validation::uuid($id)) {
$temp = $this->Attribute->find('first', array(
'recursive' => -1,
'conditions' => array('Attribute.uuid' => $id),
'fields' => array('Attribute.id', 'Attribute.uuid')
));
if (empty($temp)) {
throw new NotFoundException(__('Invalid attribute'));
}
$id = $temp['Attribute']['id'];
} elseif (!is_numeric($id)) {
throw new NotFoundException(__('Invalid attribute id.'));
}
$this->Attribute->id = $id;
if (!$this->Attribute->exists()) {
throw new NotFoundException('Invalid attribute');
}
$conditions = array(
'conditions' => array(
'Attribute.id' => $id,
'Attribute.type' => 'attachment'
),
'withAttachments' => true,
'includeAllTags' => false,
'includeAttributeUuid' => true,
'flatten' => true
);
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), $conditions);
if (empty($attribute)) {
throw new MethodNotAllowedException('Invalid attribute');
}
$attribute = $attribute[0];
if ($this->_isRest()) {
return $this->RestResponse->viewData($attribute['Attribute']['data'], $this->response->type());
} else {
$extension = explode('.', $attribute['Attribute']['value']);
$extension = end($extension);
if (extension_loaded('gd')) {
$image = ImageCreateFromString(base64_decode($attribute['Attribute']['data']));
if (!$thumbnail) {
ob_start ();
switch ($extension) {
case 'gif':
imagegif($image);
break;
case 'jpg':
case 'jpeg':
imagejpeg($image);
break;
case 'png':
imagepng($image);
break;
default:
break;
}
$image_data = $extension != 'gif' ? ob_get_contents() : base64_decode($attribute['Attribute']['data']);
ob_end_clean ();
imagedestroy($image);
} else { // thumbnail requested, resample picture with desired dimension
$width = isset($this->request->params['named']['width']) ? $this->request->params['named']['width'] : 150;
$height = isset($this->request->params['named']['height']) ? $this->request->params['named']['height'] : 150;
if ($extension == 'gif') {
$image_data = base64_decode($attribute['Attribute']['data']);
} else {
$extension = 'jpg';
$imageTC = ImageCreateTrueColor($width, $height);
ImageCopyResampled($imageTC, $image, 0, 0, 0, 0, $width, $height, ImageSX($image), ImageSY($image));
ob_start ();
imagejpeg ($imageTC);
$image_data = ob_get_contents();
ob_end_clean ();
imagedestroy($image);
imagedestroy($imageTC);
}
}
} else {
$image_data = base64_decode($attribute['Attribute']['data']);
}
$this->response->type(strtolower(h($extension)));
$this->response->body($image_data);
$this->autoRender = false;
}
}

1
app/Controller/Component/ACLComponent.php
View File

@ -68,6 +68,7 @@ class ACLComponent extends Component
'toggleToIDS' => array('perm_add'),
'updateAttributeValues' => array('perm_add'),
'view' => array('*'),
'viewPicture' => array('*'),
),
'eventBlacklists' => array(
'add' => array(),

5
app/Controller/Component/RestResponseComponent.php
View File

@ -1533,7 +1533,10 @@ class RestResponseComponent extends Component
$field['values'] = array_keys(ClassRegistry::init("Attribute")->categoryDefinitions);
}
private function __overwriteDistribution($scope, &$field) {
$field['values'] = array_keys(ClassRegistry::init("Attribute")->distributionLevels);
$field['values'] = array();
foreach(ClassRegistry::init("Attribute")->distributionLevels as $d => $text) {
$field['values'][] = array('label' => $text, 'value' => $d);
}
}
private function __overwriteTags($scope, &$field) {
$this->{$scope} = ClassRegistry::init("Tag");

45
app/Controller/EventsController.php
View File

@ -26,7 +26,7 @@ class EventsController extends AppController
);
private $acceptedFilteringNamedParams = array('sort', 'direction', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'attributeFilter', 'extended', 'page',
'searchFor', 'proposal', 'correlation', 'warning', 'deleted', 'includeRelatedTags', 'distribution', 'taggedAttributes', 'galaxyAttachedAttributes', 'objectType', 'attributeType', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'feed', 'server', 'toIDS'
'searchFor', 'proposal', 'correlation', 'warning', 'deleted', 'includeRelatedTags', 'distribution', 'taggedAttributes', 'galaxyAttachedAttributes', 'objectType', 'attributeType', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'feed', 'server', 'toIDS', 'sighting'
);
public $defaultFilteringRules = array(
@ -41,6 +41,7 @@ class EventsController extends AppController
'feed' => 0,
'server' => 0,
'distribution' => array(0, 1, 2, 3, 4, 5),
'sighting' => 0,
'taggedAttributes' => '',
'galaxyAttachedAttributes' => ''
);
@ -1134,7 +1135,9 @@ class EventsController extends AppController
$filters['sort'] = 'timestamp';
$filters['direction'] = 'desc';
}
$params = $this->Event->rearrangeEventForView($event, $filters, $all);
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
$params = $this->Event->rearrangeEventForView($event, $filters, $all, $sightingsData);
$this->params->params['paging'] = array($this->modelClass => $params);
// workaround to get the event dates in to the attribute relations
$relatedDates = array();
@ -1165,8 +1168,6 @@ class EventsController extends AppController
$this->set($variable, $currentModel->{$variable});
}
}
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Module');
$modules = $this->Module->getEnabledModules($this->Auth->user());
@ -1380,7 +1381,9 @@ class EventsController extends AppController
}
}
unset($modificationMap);
$params = $this->Event->rearrangeEventForView($event, $filters);
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
$params = $this->Event->rearrangeEventForView($event, $filters, false, $sightingsData);
$this->params->params['paging'] = array($this->modelClass => $params);
$this->set('event', $event);
@ -1423,8 +1426,6 @@ class EventsController extends AppController
'recursive' => -1,
'contain' => array('Org', 'RequesterOrg'))));
}
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Module');
$modules = $this->Module->getEnabledModules($this->Auth->user());
@ -5086,17 +5087,27 @@ class EventsController extends AppController
if (!is_array($result)) {
throw new Exception($result);
}
$defaultDistribution = 5;
if (!empty(Configure::read('MISP.default_attribute_distribution'))) {
$defaultDistribution = Configure::read('MISP.default_attribute_distribution');
if ($defaultDistribution == 'event') {
$defaultDistribution = 5;
}
}
$attributes = array();
$objects = array();
if (isset($result['results']['Attribute']) && !empty($result['results']['Attribute'])) {
foreach ($result['results']['Attribute'] as $tmp_attribute) {
array_push($attributes, $this->Event->Attribute->captureAttribute($tmp_attribute, $event_id, $this->Auth->user()));
foreach ($result['results']['Attribute'] as &$tmp_attribute) {
$tmp_attribute = $this->__fillAttribute($tmp_attribute, $defaultDistribution);
array_push($attributes, $tmp_attribute);
}
unset($result['results']['Attribute']);
}
if (isset($result['results']['Object']) && !empty($result['results']['Object'])) {
foreach ($result['results']['Object'] as $tmp_object) {
$this->Event->Object->captureObject($tmp_object, $event_id, $this->Auth->user());
foreach ($tmp_object['Attribute'] as &$tmp_attribute) {
$tmp_attribute = $this->__fillAttribute($tmp_attribute, $defaultDistribution);
}
array_push($objects, $tmp_object);
}
unset($result['results']['Object']);
@ -5120,6 +5131,20 @@ class EventsController extends AppController
}
}
private function __fillAttribute($attribute, $defaultDistribution)
{
if (!isset($attribute['category'])) {
$attribute['category'] = $this->Event->Attribute->typeDefinitions[$attribute['type']]['default_category'];
}
if (!isset($attribute['to_ids'])) {
$attribute['to_ids'] = $this->Event->Attribute->typeDefinitions[$attribute['type']]['to_ids'];
}
if (!isset($attribute['distribution'])) {
$attribute['distribution'] = $defaultDistribution;
}
return $attribute;
}
private function __queryOldEnrichment($attribute, $module, $options, $type)
{
$data = array('module' => $module, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value'], 'event_id' => $attribute[0]['Attribute']['event_id'], 'attribute_uuid' => $attribute[0]['Attribute']['uuid']);

14
app/Controller/FeedsController.php
View File

@ -50,7 +50,19 @@ class FeedsController extends AppController
);
}
}
$data = $this->paginate();
if ($this->_isRest()) {
$keepFields = array('conditions', 'contain', 'recursive', 'sort');
$searchParams = array();
foreach ($keepFields as $field) {
if (!empty($this->paginate[$field])) {
$searchParams[$field] = $this->paginate[$field];
}
}
$data = $this->Feed->find('all', $searchParams);
} else {
$data = $this->paginate();
}
$this->loadModel('Event');
foreach ($data as $key => $value) {
if ($value['Feed']['event_id'] != 0 && $value['Feed']['fixed_event']) {

72
app/Model/Event.php
View File

@ -4412,7 +4412,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType = false,
&$eventWarnings,
$warningLists
$warningLists,
$sightingsData
) {
$attribute['objectType'] = 'attribute';
$include = true;
@ -4462,6 +4463,15 @@ class Event extends AppModel
$include = $include && ($filterType['server'] == 2);
}
/* sightings */
if ($filterType['sighting'] == 0) { // `both`
// pass, do not consider as `both` is selected
} else if (isset($sightingsData['data'][$attribute['id']])) { // `include only`
$include = $include && ($filterType['sighting'] == 1);
} else { // `exclude`
$include = $include && ($filterType['sighting'] == 2);
}
/* TypeGroupings */
if (
$filterType['attributeFilter'] != 'all'
@ -4574,7 +4584,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType = false,
&$eventWarnings,
$warningLists
$warningLists,
$sightingsData
) {
$object['category'] = $object['meta-category'];
$proposal['objectType'] = 'object';
@ -4590,7 +4601,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
false,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$temp[] = $result['data'];
@ -4604,16 +4616,17 @@ class Event extends AppModel
|| $filterType['correlation'] != 0
|| $filterType['proposal'] != 0
|| $filterType['warning'] != 0
|| $filterType['sighting'] != 0
|| $filterType['feed'] != 0
|| $filterType['server'] != 0
) {
$include = $this->__checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes);
$include = $this->__checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes, $sightingsData);
}
return array('include' => $include, 'data' => $object);
}
private function __checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes)
private function __checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes, $sightingsData)
{
$include = true;
@ -4697,6 +4710,35 @@ class Event extends AppModel
}
}
/* sighting */
if ($filterType['sighting'] == 0) { // `both`
// pass, do not consider as `both` is selected
} else if ($filterType['sighting'] == 1 || $filterType['sighting'] == 2) {
$flagKeep = false;
foreach ($object['Attribute'] as $k => $attribute) { // check if object contains at least 1 warning
if (isset($sightingsData['data'][$attribute['id']])) {
$flagKeep = ($filterType['sighting'] == 1); // keep if server are included
} else {
$flagKeep = ($filterType['sighting'] == 2); // keep if server are excluded
}
if (!$flagKeep && !empty($attribute['ShadowAttribute'])) {
foreach ($attribute['ShadowAttribute'] as $shadowAttribute) {
if (isset($sightingsData['data'][$attribute['id']])) {
$flagKeep = ($filterType['sighting'] == 1); // do not keep if server are excluded
break;
}
}
}
if ($flagKeep) {
break;
}
}
if (!$flagKeep) {
$include = false;
return $include;
}
}
/* feed */
if ($filterType['feed'] == 0) { // `both`
// pass, do not consider as `both` is selected
@ -4769,10 +4811,15 @@ class Event extends AppModel
if (!empty($object['data'])) {
$object['image'] = $object['data'];
} else {
if ($object['objectType'] === 'proposal') {
$object['image'] = $this->ShadowAttribute->base64EncodeAttachment($object);
if (extension_loaded('gd')) {
// if extention is loaded, the data is not passed to the view because it is asynchronously fetched
$object['image'] = true; // tell the view that it is an image despite not having the actual data
} else {
$object['image'] = $this->Attribute->base64EncodeAttachment($object);
if ($object['objectType'] === 'proposal') {
$object['image'] = $this->ShadowAttribute->base64EncodeAttachment($object);
} else {
$object['image'] = $this->Attribute->base64EncodeAttachment($object);
}
}
}
}
@ -4790,7 +4837,7 @@ class Event extends AppModel
return $object;
}
public function rearrangeEventForView(&$event, $passedArgs = array(), $all = false)
public function rearrangeEventForView(&$event, $passedArgs = array(), $all = false, $sightingsData=array())
{
$this->Warninglist = ClassRegistry::init('Warninglist');
$warningLists = $this->Warninglist->fetchForEventView();
@ -4807,6 +4854,7 @@ class Event extends AppModel
'warning' => isset($passedArgs['warning']) ? $passedArgs['warning'] : 0,
'deleted' => isset($passedArgs['deleted']) ? $passedArgs['deleted'] : 0,
'toIDS' => isset($passedArgs['toIDS']) ? $passedArgs['toIDS'] : 0,
'sighting' => isset($passedArgs['sighting']) ? $passedArgs['sighting'] : 0,
'feed' => isset($passedArgs['feed']) ? $passedArgs['feed'] : 0,
'server' => isset($passedArgs['server']) ? $passedArgs['server'] : 0
);
@ -4827,7 +4875,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$event['objects'][] = $result['data'];
@ -4855,7 +4904,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$event['objects'][] = $result['data'];

24
app/Model/Server.php
View File

@ -4521,7 +4521,7 @@ class Server extends AppModel
public function extensionDiagnostics()
{
$results = array();
$extensions = array('redis');
$extensions = array('redis', 'gd');
foreach ($extensions as $extension) {
$results['web']['extensions'][$extension] = extension_loaded($extension);
}
@ -4570,25 +4570,38 @@ class Server extends AppModel
public function getSubmodulesGitStatus()
{
$submodulesNames = array('misp-galaxy', 'misp-taxonomies', 'misp-objects', 'misp-noticelist', 'misp-warninglists');
exec('cd ' . APP . '../; git submodule |cut -f3 -d\ ', $submodulesNames);
$status = array();
foreach ($submodulesNames as $submoduleName) {
$temp = $this->getSubmoduleGitStatus($submoduleName);
if ( ! empty($temp) ) {
$status[$submoduleName] = $this->getSubmoduleGitStatus($submoduleName);
}
}
return $status;
}
public function getSubmoduleGitStatus($submoduleName) {
$acceptedSubmodulesNames = array('misp-galaxy', 'misp-taxonomies', 'misp-objects', 'misp-noticelist', 'misp-warninglists');
$acceptedSubmodulesNames = array('PyMISP',
'app/files/misp-galaxy',
'app/files/taxonomies',
'app/files/misp-objects',
'app/files/noticelists',
'app/files/warninglists',
'cti-python-stix2'
);
$status = array();
if (in_array($submoduleName, $acceptedSubmodulesNames)) {
$path = $this->__getSubmodulePath($submoduleName);
$path = APP . '../' . $submoduleName;
$submoduleName=(strpos($submoduleName, '/') >= 0 ? explode('/', $submoduleName) : $submoduleName);
$submoduleName=end($submoduleName);
$submoduleRemote=exec('cd ' . $path . '; git config --get remote.origin.url');
$status = array(
'moduleName' => $submoduleName,
'current' => exec(sprintf('cd %s; git rev-parse HEAD', $path)),
'currentTimestamp' => exec(sprintf('cd %s; git log -1 --pretty=format:%%ct', $path)),
'remoteTimestamp' => exec('timeout 3 git log origin/2.4 -1 --pretty=format:%ct'),
'remote' => exec(sprintf('timeout 3 git ls-remote https://github.com/MISP/%s | head -1 | sed "s/HEAD//"', $submoduleName)),
'remote' => exec(sprintf('timeout 3 git ls-remote %s | head -1 | sed "s/HEAD//"', $submoduleRemote)),
'upToDate' => ''
);
if (!empty($status['remote'])) {
@ -4605,6 +4618,7 @@ class Server extends AppModel
return $status;
}
// Potentially obsolete. Ideally it is more uniform to get the path of the submodules.
private function __getSubmodulePath($submoduleName) {
$base = APP . 'files' . DS;
switch ($submoduleName) {

22
app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp
View File

@ -182,6 +182,21 @@ function triggerEventFilteringTool(clicked) {
5: "Inherit",
}
},
{
"input": "radio",
"type": "integer",
"operators": [
"equal",
],
"unique": true,
"id": "sighting",
"label": "Sightings",
"values": {
0: "Both",
1: "Have sighting(s) only",
2: "Doesn\'t have sighting(s)"
}
},
<?php if (!empty($attributeTags)): ?>
{
"input": "select",
@ -305,6 +320,13 @@ function triggerEventFilteringTool(clicked) {
value: <?php echo isset($filters['server']) ? h($filters['server']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['sighting'])): ?>
{
field: 'sighting',
id: 'sighting',
value: <?php echo isset($filters['sighting']) ? h($filters['sighting']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['distribution'])): ?>
{
field: 'distribution',

14
app/View/Elements/Events/View/value_field.ctp
View File

@ -2,10 +2,16 @@
$sigDisplay = $object['value'];
if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
if ($object['type'] == 'attachment' && isset($object['image'])) {
$extension = explode('.', $object['value']);
$extension = end($extension);
$uri = 'data:image/' . strtolower(h($extension)) . ';base64,' . h($object['image']);
echo '<img class="screenshot screenshot-collapsed useCursorPointer" src="' . $uri . '" title="' . h($object['value']) . '" />';
if (extension_loaded('gd')) {
$img = '<it class="fa fa-spin fa-spinner" style="font-size: large; left: 50%; top: 50%;"></it>';
$img .= '<img class="screenshot screenshot-collapsed useCursorPointer img-rounded hidden" src="' . $baseurl . '/attributes/viewPicture/' . h($object['id']) . '/1' . '" title="' . h($object['value']) . '" onload="$(this).show(200); $(this).parent().find(\'.fa-spinner\').remove();"/>';
echo $img;
} else {
$extension = explode('.', $object['value']);
$extension = end($extension);
$uri = 'data:image/' . strtolower(h($extension)) . ';base64,' . h($object['image']);
echo '<img class="screenshot screenshot-collapsed useCursorPointer" src="' . $uri . '" title="' . h($object['value']) . '" />';
}
} else {
$filenameHash = explode('|', h($object['value']));
if (strrpos($filenameHash[0], '\\')) {

10
app/View/Elements/Events/eventIndexTable.ctp
View File

@ -172,9 +172,15 @@
</td>
<?php endif; ?>
<?php if (Configure::read('MISP.showSightingsCountOnIndex')):?>
<td class = "bold" style="width:30px;" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" title="<?php echo (!empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : '0') . ' sighting(s)';?>">
<?php echo !empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : ''; ?>&nbsp;
<td class = "bold" style="width:30px;">
<?php if (!empty($event['Event']['sightings_count'])): ?>
<a href="<?php echo $baseurl."/events/view/" . h($event['Event']['id']) . '/sighting:1';?>" title="<?php echo (!empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : '0') . ' sighting(s). Show filtered event with sighting(s) only.';?>">
<?php echo h($event['Event']['sightings_count']); ?>&nbsp;
</a>
<?php endif; ?>
</td>
<?php endif; ?>
<?php if (Configure::read('MISP.showProposalsOnIndex')): ?>
<td class = "bold" style="width:30px;" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" title="<?php echo (!empty($event['Event']['proposals_count']) ? h($event['Event']['proposals_count']) : '0') . __(' proposal(s)');?>">

2
app/View/Elements/healthElements/diagnostics.ctp
View File

@ -170,7 +170,7 @@
if (isset($extensions[$context]['extensions'])):
foreach ($extensions[$context]['extensions'] as $extension => $status):
?>
<?php echo h($extension); ?>:… <span style="color:<?php echo $status ? 'green' : 'red';?>;font-weight:bold;"><?php echo $status ? __('OK') : __('Not loaded'); ?></span>
<?php echo h($extension); ?>:… <span style="color:<?php echo $status ? 'green' : 'red';?>;font-weight:bold;"><?php echo $status ? __('OK') : __('Not loaded'); ?></span><br />
<?php
endforeach;
else:

39
app/View/Events/resolved_misp_format.ctp
View File

@ -7,7 +7,7 @@
'type' => 'hidden',
'value' => json_encode($event, true)
);
echo $this->form->input('data', $formSettings);
echo $this->Form->input('data', $formSettings);
$scope = !empty($proposals) ? 'proposals of' : '';
$objects_array = array();
if (isset($event['Attribute'])) {
@ -28,13 +28,6 @@
<div style="margin-bottom:20px;">
<?php
$attributeFields = array('category', 'type', 'value', 'uuid');
$defaultDistribution = 5;
if (!empty(Configure::read('MISP.default_attribute_distribution'))) {
$defaultDistribution = Configure::read('MISP.default_attribute_distribution');
if ($defaultDistribution == 'event') {
$defaultDistribution = 5;
}
}
if (isset($event['Object']) && !empty($event['Object'])) {
?>
<table class="table table-condensed table-stripped">
@ -67,14 +60,10 @@
foreach ($object['Attribute'] as $a => $attribute) {
echo '<tr>';
echo '<td>' . h($attribute['object_relation']) . '</td>';
if (isset($attribute['distribution'])) {
if ($attribute['distribution'] != 4) {
$attribute['distribution'] = $distributions[$attribute['distribution']];
} else {
$attribute['distribution'] = $sgs[$attribute['sharing_group_id']];
}
if ($attribute['distribution'] != 4) {
$attribute['distribution'] = $distributions[$attribute['distribution']];
} else {
$attribute['distribution'] = $distributions[$defaultDistribution];
$attribute['distribution'] = $sgs[$attribute['sharing_group_id']];
}
foreach ($attributeFields as $field) {
if (isset($attribute[$field])) {
@ -138,10 +127,10 @@
<?php
foreach ($event['Attribute'] as $a => $attribute) {
echo '<tr>';
if (isset($attribute['distribution'])) {
$attribute['distribution'] = ($attribute['distribution'] != 4 ? $distributions[$attribute['distribution']] : $sgs[$attribute['sharing_group_id']]);
if ($attribute['distribution'] != 4) {
$attribute['distribution'] = $distributions[$attribute['distribution']];
} else {
$attribute['distribution'] = $distributions[$defaultDistribution];
$attribute['distribution'] = $sgs[$attribute['sharing_group_id']];
}
foreach ($attributeFields as $field) {
if (isset($attribute[$field])) {
@ -195,11 +184,13 @@
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => $menuItem));
?>
<script type="text/javascript">
$('.distributionToggle').change(function() {
if ($(this).val() == 4) {
$(this).next().show();
} else {
$(this).next().hide();
}
$(document).ready(function() {
$('.distributionToggle').change(function() {
if ($(this).val() == 4) {
$(this).next().show();
} else {
$(this).next().hide();
}
});
});
</script>

18
app/View/Roles/admin_index.ctp
View File

@ -41,9 +41,21 @@ foreach ($list as $item): ?>
<td><?php echo h($item['Role']['name']); ?>&nbsp;</td>
<td class="short"><span class="<?php if ($item['Role']['restricted_to_site_admin']) echo 'icon-ok'; ?>"></span>&nbsp;</td>
<td><?php echo h($options[$item['Role']['permission']]); ?>&nbsp;</td>
<?php foreach ($permFlags as $k => $flags): ?>
<td class="short"><span class="<?php if ($item['Role'][$k]) echo 'icon-ok'; ?>"></span>&nbsp;</td>
<?php endforeach; ?>
<?php
foreach ($permFlags as $k => $flags) {
$flagName = Inflector::Humanize(substr($k, 5));
echo sprintf(
'<td class="short"><span class="%s" title="%s"></span>&nbsp;</td>',
($item['Role'][$k]) ? 'icon-ok' : '',
sprintf(
__('%s permission %s'),
h($flagName),
$item['Role'][$k] ? 'granted' : 'denied'
)
);
}
?>
<td class="short">
<?php
if (empty($item['Role']['memory_limit'])) {

18
app/View/Roles/index.ctp
View File

@ -36,9 +36,21 @@ foreach ($list as $item): ?>
<td class="short" style="text-align:center;width:20px;"><div class="icon-<?php echo $default_role_id == $item['Role']['id'] ? __('ok') : __('remove') ?>"></div></td>
<td><?php echo h($item['Role']['name']); ?>&nbsp;</td>
<td class="short"><?php echo h($options[$item['Role']['permission']]); ?>&nbsp;</td>
<?php foreach ($permFlags as $k => $flags): ?>
<td class="short"><span class="<?php if ($item['Role'][$k]) echo 'icon-ok'; ?>"></span>&nbsp;</td>
<?php endforeach; ?>
<?php
foreach ($permFlags as $k => $flags) {
$flagName = Inflector::Humanize(substr($k, 5));
echo sprintf(
'<td class="short"><span class="%s" title="%s"></span>&nbsp;</td>',
($item['Role'][$k]) ? 'icon-ok' : '',
sprintf(
__('%s permission %s'),
h($flagName),
$item['Role'][$k] ? 'granted' : 'denied'
)
);
}
?>
</tr><?php
endforeach; ?>
</table>

4
app/View/Servers/index.ctp
View File

@ -122,10 +122,10 @@ foreach ($servers as $server):
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/previewIndex/' . h($server['Server']['id']), __('Explore'), 'fa fa-search');
if ($server['Server']['pull']) {
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/pull/' . h($server['Server']['id']) . '/update', __('Pull updates to events that already exist locally'), 'fa fa-sync');
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/pull/' . h($server['Server']['id']) . '/full', __('Pull all'), 'fa fa-circle-down');
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/pull/' . h($server['Server']['id']) . '/full', __('Pull all'), 'fa fa-arrow-circle-down');
}
if ($server['Server']['push']) {
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/push/' . h($server['Server']['id']) . '/full', __('Push all'), 'fa fa-circle-up');
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/push/' . h($server['Server']['id']) . '/full', __('Push all'), 'fa fa-arrow-circle-up');
}
if ($server['Server']['caching_enabled']) {
echo sprintf('<a href="%s" title="%s" class="%s"></a>', $baseurl . '/servers/cache/' . h($server['Server']['id']), __('Cache instance'), 'fa fa-memory');

2
app/files/scripts/selftest.php
View File

@ -1,5 +1,5 @@
<?php
$extensions = array('redis');
$extensions = array('redis', 'gd');
$results = array();
$results['phpversion'] = phpversion();
foreach ($extensions as $extension) {

2
app/files/warninglists

@ -1 +1 @@
Subproject commit 04e8f468d9b789956adb1bea44fa108c4012229f
Subproject commit 3ededf3ddf92573e1037305859857418f73fdf25

16
app/webroot/css/main.css
View File

@ -848,12 +848,18 @@ a.proposal_link_red:hover {
.screenshot_box {
display:none;
position: fixed;
top:150px;
background-color:#f4f4f4;
border-radius: 11px 11px 10px 10px;
box-shadow: 4px 4px 4px #333;
position: absolute;
top: 100px;
left: 20px;
right: 20px;
z-index:5;
text-align: center;
}
.screenshot_box-content {
margin: auto;
display: block;
background-color:#f4f4f4;
box-shadow: 4px 4px 4px #333;
}
.ajax_popover_form legend, .ajax_popover_form .legend {

16
app/webroot/js/attack_matrix.js
View File

@ -181,15 +181,19 @@
minOverwrite = minOverwrite !== undefined ? minOverwrite : minWidth;
minOverwrite = minWidth > minOverwrite ? minWidth : minOverwrite;
if($(window).width()*0.5+700 <= minOverwrite) {
$('#popover_form_large').css('position', 'absolute');
$('#popover_form_large').css('left', '10px');
var topOff = $('#popover_form_large').offset().top;
savedTopOffset = topOff >= $(document).scrollTop() ? topOff - $(document).scrollTop() : topOff;
$('#popover_form_large').css('top', savedTopOffset+$(document).scrollTop()+'px');
$('#popover_form_large').css({
position: 'absolute',
left: '10px',
top: savedTopOffset+$(document).scrollTop()+'px'
});
} else {
$('#popover_form_large').css('position', 'fixed');
$('#popover_form_large').css('left', '');
$('#popover_form_large').css('top', savedTopOffset);
$('#popover_form_large').css({
position: 'absolute',
left: '',
top: savedTopOffset
});
}
}

69
app/webroot/js/misp.js
View File

@ -79,13 +79,22 @@ function genericPopup(url, popupTarget, callback) {
});
}
function screenshotPopup(screenshotData, title) {
popupHtml = '<img src="' + screenshotData + '" id="screenshot-image" title="' + title + '" />';
function screenshotPopup(url, title) {
if (!url.startsWith('data:image/')) {
url = url.slice(0, -1);
}
popupHtml = '<it class="fa fa-spin fa-spinner" style="font-size: xx-large; color: white; position: fixed; left: 50%; top: 50%;"></it>'
popupHtml += '<img class="screenshot_box-content hidden" src="' + url + '" id="screenshot-image" title="' + title + '" alt="' + title + '" onload="$(this).show(); $(this).parent().find(\'.fa-spinner\').remove();"/>';
popupHtml += '<div class="close-icon useCursorPointer" onClick="closeScreenshot();"></div>';
if (!url.startsWith('data:image/')) {
popupHtml += '<a class="close-icon useCursorPointer fa fa-expand" style="right: 20px; background: black; color: white; text-decoration: none;" target="_blank" href="' + url + '" ></a>';
}
popupHtml += '<div style="height: 20px;"></div>'; // see bottom of image for large one
$('#screenshot_box').html(popupHtml);
$('#screenshot_box').show();
left = ($(window).width() / 2) - ($('#screenshot-image').width() / 2);
$('#screenshot_box').css({'left': left + 'px'});
$('#screenshot_box').css({
display: 'block',
top: (document.documentElement.scrollTop + 100) + 'px'
});
$("#gray_out").fadeIn();
}
@ -1433,7 +1442,7 @@ function openPopup(id) {
var window_height = $(window).height();
var popup_height = $(id).height();
if (window_height < popup_height) {
$(id).css("top", 0);
$(id).css("top", 50);
$(id).css("height", window_height);
$(id).addClass('vertical-scroll');
} else {
@ -4096,54 +4105,6 @@ function submit_feed_overlap_tool(feedId) {
});
}
function populate_rest_history(scope) {
if (scope === 'history') {
scope = '';
var container_class = 'history_queries';
} else {
scope = '1';
var container_class = 'bookmarked_queries';
}
$.get("/rest_client_history/index/" + scope, function(data) {
$('.' + container_class).html(data);
});
}
function loadRestClientHistory(k, data_container) {
$('#ServerMethod').val(data_container[k]['RestClientHistory']['http_method']);
$('#ServerUseFullPath').prop("checked", data_container[k]['RestClientHistory']['use_full_path']);
$('#ServerShowResult').prop("checked", data_container[k]['RestClientHistory']['show_result']);
$('#ServerSkipSslValidation').prop("checked", data_container[k]['RestClientHistory']['skip_ssl_validation']);
$('#ServerUrl').val(data_container[k]['RestClientHistory']['url']);
$('#ServerHeader').val(data_container[k]['RestClientHistory']['headers']);
$('#ServerBody').val(data_container[k]['RestClientHistory']['body']);
toggleRestClientBookmark();
}
function toggleRestClientBookmark() {
if ($('#ServerBookmark').prop("checked") == true) {
$('#bookmark-name').css('display', 'block');
} else {
$('#bookmark-name').css('display', 'none');
}
}
function removeRestClientHistoryItem(id) {
$.ajax({
data: '[]',
success:function (data, textStatus) {
populate_rest_history('bookmark');
populate_rest_history('history');
},
error:function() {
handleGenericAjaxResponse({'saved':false, 'errors':['Request failed due to an unexpected error.']});
},
type:"post",
cache: false,
url: '/rest_client_history/delete/' + id,
});
}
function changeTaxonomyRequiredState(checkbox) {
var checkbox_state = $(checkbox).is(":checked");
var taxonomy_id = $(checkbox).data('taxonomy-id');

88
app/webroot/js/restClient.js
View File

@ -31,6 +31,61 @@ function setApiInfoBox(isTyping) {
}
}
function loadRestClientHistory(k, data_container) {
$('#ServerMethod').val(data_container[k]['RestClientHistory']['http_method']);
$('#ServerUseFullPath').prop("checked", data_container[k]['RestClientHistory']['use_full_path']);
$('#ServerShowResult').prop("checked", data_container[k]['RestClientHistory']['show_result']);
$('#ServerSkipSslValidation').prop("checked", data_container[k]['RestClientHistory']['skip_ssl_validation']);
$('#ServerUrl').val(data_container[k]['RestClientHistory']['url']);
$('#ServerHeader').val(data_container[k]['RestClientHistory']['headers']);
toggleRestClientBookmark();
$('#ServerBody').val(data_container[k]['RestClientHistory']['body']);
$('#TemplateSelect').val(data_container[k]['RestClientHistory']['url']).trigger("chosen:updated");
updateQueryTool(data_container[k]['RestClientHistory']['url'], false);
$('#querybuilder').find('select').trigger('chosen:updated');
setApiInfoBox(false);
}
function populate_rest_history(scope) {
if (scope === 'history') {
scope = '';
var container_class = 'history_queries';
} else {
scope = '1';
var container_class = 'bookmarked_queries';
}
$.get("/rest_client_history/index/" + scope, function(data) {
$('.' + container_class).html(data);
});
}
function toggleRestClientBookmark() {
if ($('#ServerBookmark').prop("checked") == true) {
$('#bookmark-name').css('display', 'block');
} else {
$('#bookmark-name').css('display', 'none');
}
}
function removeRestClientHistoryItem(id) {
$.ajax({
data: '[]',
success:function (data, textStatus) {
populate_rest_history('bookmark');
populate_rest_history('history');
},
error:function() {
handleGenericAjaxResponse({'saved':false, 'errors':['Request failed due to an unexpected error.']});
},
type:"post",
cache: false,
url: '/rest_client_history/delete/' + id,
});
}
var allValidApis;
var fieldsConstraint;
var querybuilderTool;
@ -87,7 +142,7 @@ function setApiInfoBox(isTyping) {
$('#ServerUrl').data('urlWithoutParam', selected_template);
$('#ServerBody').val(allValidApis[selected_template].body);
setApiInfoBox(false);
updateQueryTool(selected_template);
updateQueryTool(selected_template, true);
}
});
@ -150,9 +205,18 @@ function setApiInfoBox(isTyping) {
});
function updateQueryTool(url) {
function updateQueryTool(url, isEmpty) {
var apiJson = allValidApis[url];
var filtersJson = fieldsConstraint[url];
isEmpty = isEmpty === undefined ? false : isEmpty;
var body = $('#ServerBody').val();
if (!isEmpty && body !== undefined && body.length > 0) {
body = JSON.parse(body);
} else {
body = {};
}
var filters = [];
for (var k in filtersJson) {
if (filtersJson.hasOwnProperty(k)) {
@ -196,6 +260,11 @@ function updateQueryTool(url) {
};
mandatoryFields.forEach(function(mandatory) {
var r = filtersJson[mandatory];
var action = r.id.split('.')[1];
if (body[action] !== undefined) {
r.value = body[action];
delete body[action];
}
r.flags = {
no_delete: true,
filter_readonly: true
@ -211,6 +280,21 @@ function updateQueryTool(url) {
};
}
Object.keys(body).forEach(function(k) {
var values = body[k];
if (Array.isArray(values)) {
values.forEach(function(value) {
var r = $.extend({}, filtersJson[k], true);
r.value = value;
rules.rules[0].rules.push(r);
});
} else {
var r = filtersJson[k];
r.value = values;
rules.rules[0].rules.push(r);
}
});
// add Params input field
var paramFields = apiJson.params;
$('#divAdditionalParamInput').remove();

3
docs/INSTALL.ubuntu1804.md
View File

@ -107,7 +107,8 @@ installDepsPhp72 () {
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg
php-redis php-gnupg \
php-gd
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do

2
docs/archive/INSTALL.ubuntu1604.md
View File

@ -103,7 +103,7 @@ sudo a2dissite 000-default
sudo a2ensite default-ssl
# Install PHP and dependencies
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring -y
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring php-gd -y
# Apply all changes
sudo systemctl restart apache2

6
docs/generic/supportFunctions.md
View File

@ -420,7 +420,8 @@ installDepsPhp70 () {
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
php-pear \
php-redis php-gnupg
php-redis php-gnupg \
php-gd
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
@ -443,7 +444,8 @@ installDepsPhp73 () {
php7.3-dev \
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
php-pear \
php-redis php-gnupg
php-redis php-gnupg \
php-gd
}
# <snippet-end 0_installDepsPhp73.sh>

2
docs/xINSTALL.OpenBSD.md
View File

@ -259,7 +259,7 @@ doas pkg_add -v fcgi-cgi fcgi
If on OpenBSD 6.3, upgrade to 6.4 to make your life much easier.
```
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl72-redis
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl72-redis php-gd
```
#### /etc/php-7.2.ini

2
docs/xINSTALL.centos7.md
View File

@ -68,7 +68,7 @@ sudo yum install gcc git zip \
libxslt-devel zlib-devel ssdeep-devel -y
# Install PHP 7.1 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php71/
sudo yum install rh-php71 rh-php71-php-fpm rh-php71-php-devel rh-php71-php-mysqlnd rh-php71-php-mbstring rh-php71-php-xml rh-php71-php-bcmath rh-php71-php-opcache -y
sudo yum install rh-php71 rh-php71-php-fpm rh-php71-php-devel rh-php71-php-mysqlnd rh-php71-php-mbstring rh-php71-php-xml rh-php71-php-bcmath rh-php71-php-opcache rh-php71-php-gd -y
# Install Python 3.6 from SCL, see
# https://www.softwarecollections.org/en/scls/rhscl/rh-python36/

2
docs/xINSTALL.debian9.md
View File

@ -77,7 +77,7 @@ libxml2-dev libxslt1-dev zlib1g-dev
#sudo /etc/init.d/redis-server restart
sudo apt install -y libapache2-mod-php7.0 php7.0 php7.0-cli php7.0-mbstring php7.0-dev php7.0-json php7.0-xml php7.0-mysql php7.0-opcache php7.0-readline php-redis php-gnupg
sudo apt install -y libapache2-mod-php7.0 php7.0 php7.0-cli php7.0-mbstring php7.0-dev php7.0-json php7.0-xml php7.0-mysql php7.0-opcache php7.0-readline php-redis php-gnupg php-gd
sudo apt install -y \
mariadb-client \

2
docs/xINSTALL.debian_testing.md
View File

@ -61,7 +61,7 @@ python3-setuptools python3-dev python3-pip python3-redis python3-zmq virtualenv
mariadb-client \
mariadb-server \
apache2 apache2-doc apache2-utils \
libapache2-mod-php7.3 php7.3 php7.3-cli php7.3-mbstring php7.3-dev php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php-redis php-gnupg \
libapache2-mod-php7.3 php7.3 php7.3-cli php7.3-mbstring php7.3-dev php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php-redis php-gnupg php-gd \
libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
jq ntp ntpdate jupyter-notebook imagemagick tesseract-ocr \
libxml2-dev libxslt1-dev zlib1g-dev

2
docs/xINSTALL.ubuntu1804.with.webmin.md
View File

@ -141,7 +141,7 @@ Also make sure the variable ${VIRT_USER} is set to the user you created when you
#### Install PHP and dependencies
```bash
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring -y
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring php-gd -y
```
# Apply all changes