mirror of https://github.com/MISP/MISP
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
commit
d0b99bebda
|
@ -426,7 +426,7 @@ class AppController extends Controller
|
|||
$this->Log->create();
|
||||
$change = 'HTTP method: ' . $_SERVER['REQUEST_METHOD'] . PHP_EOL . 'Target: ' . $this->here;
|
||||
if (($this->request->is('post') || $this->request->is('put')) && !empty(Configure::read('MISP.log_paranoid_include_post_body'))) {
|
||||
$payload = $this->request->data;
|
||||
$payload = $this->request->input();
|
||||
if (!empty($payload['_Token'])) {
|
||||
unset($payload['_Token']);
|
||||
}
|
||||
|
|
|
@ -894,7 +894,7 @@ class TagsController extends AppController
|
|||
return $object;
|
||||
}
|
||||
|
||||
public function attachTagToObject($uuid = false, $tag = false)
|
||||
public function attachTagToObject($uuid = false, $tag = false, $local = false)
|
||||
{
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException('This method is only accessible via POST requests.');
|
||||
|
@ -921,6 +921,14 @@ class TagsController extends AppController
|
|||
} else {
|
||||
$conditions = array('LOWER(Tag.name) LIKE' => strtolower(trim($tag)));
|
||||
}
|
||||
if (empty($local)) {
|
||||
if (!empty($this->request->data['local'])) {
|
||||
$local = $this->request->data['local'];
|
||||
}
|
||||
}
|
||||
if (!is_bool($local)) {
|
||||
throw new InvalidArgumentException('Invalid local flag');
|
||||
}
|
||||
$objectType = '';
|
||||
$object = $this->__findObjectByUuid($uuid, $objectType);
|
||||
$existingTag = $this->Tag->find('first', array('conditions' => $conditions, 'recursive' => -1));
|
||||
|
@ -948,23 +956,18 @@ class TagsController extends AppController
|
|||
$connectorObject = $objectType . 'Tag';
|
||||
$conditions = array(
|
||||
strtolower($objectType) . '_id' => $object[$objectType]['id'],
|
||||
'tag_id' => $existingTag['Tag']['id']
|
||||
'tag_id' => $existingTag['Tag']['id'],
|
||||
'local' => ($local ? 1 : 0)
|
||||
);
|
||||
$existingAssociation = $this->$objectType->$connectorObject->find('first', array(
|
||||
'conditions' => array(
|
||||
strtolower($objectType) . '_id' => $object[$objectType]['id'],
|
||||
'tag_id' => $existingTag['Tag']['id']
|
||||
)
|
||||
'conditions' => $conditions
|
||||
));
|
||||
if (!empty($existingAssociation)) {
|
||||
return $this->RestResponse->saveSuccessResponse('Tags', 'attachTagToObject', false, $this->response->type(), $objectType . ' already has the requested tag attached, no changes had to be made.');
|
||||
}
|
||||
$this->$objectType->$connectorObject->create();
|
||||
$data = array(
|
||||
$connectorObject => array(
|
||||
strtolower($objectType) . '_id' => $object[$objectType]['id'],
|
||||
'tag_id' => $existingTag['Tag']['id']
|
||||
)
|
||||
$connectorObject => $conditions
|
||||
);
|
||||
if ($objectType == 'Attribute') {
|
||||
$data[$connectorObject]['event_id'] = $object['Event']['id'];
|
||||
|
@ -983,7 +986,11 @@ class TagsController extends AppController
|
|||
} else if ($objectType === 'Event') {
|
||||
$this->Event->unpublishEvent($object['Event']['id']);
|
||||
}
|
||||
$message = 'Tag ' . $existingTag['Tag']['name'] . '(' . $existingTag['Tag']['id'] . ') successfully attached to ' . $objectType . '(' . $object[$objectType]['id'] . ').';
|
||||
if($local) {
|
||||
$message = 'Local tag ' . $existingTag['Tag']['name'] . '(' . $existingTag['Tag']['id'] . ') successfully attached to ' . $objectType . '(' . $object[$objectType]['id'] . ').';
|
||||
} else {
|
||||
$message = 'Global tag ' . $existingTag['Tag']['name'] . '(' . $existingTag['Tag']['id'] . ') successfully attached to ' . $objectType . '(' . $object[$objectType]['id'] . ').';
|
||||
}
|
||||
return $this->RestResponse->saveSuccessResponse('Tags', 'attachTagToObject', false, $this->response->type(), $message);
|
||||
} else {
|
||||
return $this->RestResponse->saveFailResponse('Tags', 'attachTagToObject', false, 'Failed to attach tag to object.', $this->response->type());
|
||||
|
|
|
@ -0,0 +1,78 @@
|
|||
<?php
|
||||
|
||||
class NetfilterExport
|
||||
{
|
||||
public $additional_params = array(
|
||||
'flatten' => 1,
|
||||
'conditions' => array(
|
||||
'AND' => array(
|
||||
'Attribute.type' => array(
|
||||
'ip-dst', 'ip-src', 'domain|ip', 'ip-dst|port', 'ip-src|port'
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
public $non_restrictive_export = true;
|
||||
|
||||
private $__attributeTypeMappings = array(
|
||||
'ip-dst' => 'full',
|
||||
'ip-src' => 'full',
|
||||
'domain|ip' => 1,
|
||||
'ip-dst|port' => 0,
|
||||
'ip-src|port' => 0
|
||||
);
|
||||
|
||||
public function handler($data, $options = array())
|
||||
{
|
||||
$action = empty($options['filters']['netfilter_action']) ? 'DROP' : $options['filters']['netfilter_action'];
|
||||
if ($options['scope'] === 'Attribute') {
|
||||
if (in_array($data['Attribute']['type'], array_keys($this->__attributeTypeMappings))) {
|
||||
return $this->__convertToRule($data['Attribute'], $action) . "\n";
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
if ($options['scope'] === 'Event') {
|
||||
$result = array();
|
||||
foreach ($data['Attribute'] as $attribute) {
|
||||
if (in_array($data['Attribute']['type'], array_keys($this->__attributeTypeMappings))) {
|
||||
$result[] = $this->__convertToRule($data['Attribute'], $action);
|
||||
}
|
||||
}
|
||||
return implode($this->separator(), $result) . "\n";
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
||||
private function __convertToRule($attribute, $action)
|
||||
{
|
||||
$ip = false;
|
||||
if ($this->__attributeTypeMappings[$attribute['type']] === 'full') {
|
||||
$ip = $attribute['value'];
|
||||
} else {
|
||||
$ip = explode('|', $attribute['value']);
|
||||
$ip = $ip[$this->__attributeTypeMappings[$attribute['type']]];
|
||||
}
|
||||
return sprintf(
|
||||
'iptables -A INPUT -s %s -j %s',
|
||||
$ip,
|
||||
$action
|
||||
);
|
||||
}
|
||||
|
||||
public function header($options = array())
|
||||
{
|
||||
return '';
|
||||
}
|
||||
|
||||
public function footer()
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
public function separator()
|
||||
{
|
||||
return "";
|
||||
}
|
||||
}
|
|
@ -70,7 +70,7 @@ class Attribute extends AppModel
|
|||
|
||||
//
|
||||
// NOTE WHEN MODIFYING: please ensure to run the script 'tools/gen_misp_types_categories.py' to update the new definitions everywhere. (docu, website, RFC, ...)
|
||||
//
|
||||
//
|
||||
$this->categoryDefinitions = array(
|
||||
'Internal reference' => array(
|
||||
'desc' => __('Reference used by the publishing party (e.g. ticket number)'),
|
||||
|
@ -149,7 +149,7 @@ class Attribute extends AppModel
|
|||
|
||||
//
|
||||
// NOTE WHEN MODIFYING: please ensure to run the script 'tools/gen_misp_types_categories.py' to update the new definitions everywhere. (docu, website, RFC, ...)
|
||||
//
|
||||
//
|
||||
$this->typeDefinitions = array(
|
||||
'md5' => array('desc' => __('A checksum in md5 format'), 'formdesc' => __("You are encouraged to use filename|md5 instead. A checksum in md5 format, only use this if you don't know the correct filename"), 'default_category' => 'Payload delivery', 'to_ids' => 1),
|
||||
'sha1' => array('desc' => __('A checksum in sha1 format'), 'formdesc' => __("You are encouraged to use filename|sha1 instead. A checksum in sha1 format, only use this if you don't know the correct filename"), 'default_category' => 'Payload delivery', 'to_ids' => 1),
|
||||
|
@ -405,7 +405,8 @@ class Attribute extends AppModel
|
|||
'rpz' => array('txt', 'RPZExport', 'rpz'),
|
||||
'csv' => array('csv', 'CsvExport', 'csv'),
|
||||
'cache' => array('txt', 'CacheExport', 'cache'),
|
||||
'attack-sightings' => array('json', 'AttackSightingsExport', 'json')
|
||||
'attack-sightings' => array('json', 'AttackSightingsExport', 'json'),
|
||||
'netfilter' => array('txt', 'NetfilterExport', 'sh')
|
||||
);
|
||||
|
||||
// FIXME we need a better way to list the defaultCategories knowing that new attribute types will continue to appear in the future. We should generate this dynamically or use a function using the default_category of the $typeDefinitions
|
||||
|
@ -4313,7 +4314,10 @@ class Attribute extends AppModel
|
|||
'filters' => $filters
|
||||
);
|
||||
if (!empty($exportTool->additional_params)) {
|
||||
$params = array_merge($params, $exportTool->additional_params);
|
||||
$params = array_merge_recursive(
|
||||
$params,
|
||||
$exportTool->additional_params
|
||||
);
|
||||
}
|
||||
$tmpfile = tmpfile();
|
||||
fwrite($tmpfile, $exportTool->header($exportToolParams));
|
||||
|
|
|
@ -180,7 +180,8 @@ class Event extends AppModel
|
|||
'yara-json' => array('json', 'YaraExport', 'json'),
|
||||
'cache' => array('txt', 'CacheExport', 'cache'),
|
||||
'attack' => array('html', 'AttackExport', 'html'),
|
||||
'attack-sightings' => array('json', 'AttackSightingsExport', 'json')
|
||||
'attack-sightings' => array('json', 'AttackSightingsExport', 'json'),
|
||||
'netfilter' => array('txt', 'NetfilterExport', 'sh')
|
||||
);
|
||||
|
||||
public $csv_event_context_fields_to_fetch = array(
|
||||
|
|
|
@ -4054,10 +4054,7 @@ class Server extends AppModel
|
|||
if (empty($user)) {
|
||||
$user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0);
|
||||
}
|
||||
App::uses('Folder', 'Utility');
|
||||
$file = new File(ROOT . DS . 'VERSION.json', true);
|
||||
$localVersion = json_decode($file->read(), true);
|
||||
$file->close();
|
||||
$localVersion = $this->checkMISPVersion();
|
||||
$server = $this->find('first', array('conditions' => array('Server.id' => $id)));
|
||||
$HttpSocket = $this->setupHttpSocket($server, $HttpSocket);
|
||||
$request = $this->setupSyncRequest($server);
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
<?php
|
||||
$data = h(Hash::extract($row, $field['data_path']));
|
||||
echo sprintf(
|
||||
'<div style="white-space:pre;" class="blue bold">%s</div>',
|
||||
json_encode($data, JSON_PRETTY_PRINT)
|
||||
);
|
||||
?>
|
|
@ -1 +1 @@
|
|||
Subproject commit f38d1604f1fbd602d59d5a88fd906a2d7c21dfb3
|
||||
Subproject commit 0bf4d8bafc71f44cd65c7ad291bc0b4270dcecb8
|
|
@ -1 +1 @@
|
|||
Subproject commit 42f457fc22dcec032e93b8bf5b4be54e3d89249d
|
||||
Subproject commit 309109eb270966a716edbbbd621bd96aa2a90726
|
|
@ -1 +1 @@
|
|||
Subproject commit 4ab14e785a9d4a696a092495c4d8954fd9fb0e9c
|
||||
Subproject commit ffc120106c4ba9ed3b2fd5ae18d41f730e61b3ab
|
Loading…
Reference in New Issue