MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [stix export] Updated Stix export libraries 

- Including parameters to define versions in the
  restSearch filters
- New parameters to call the python scripts
pull/7815/head
chrisr3d 2021-08-30 20:09:15 +02:00
parent 006ce95bb8
commit df33baff4d
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
3 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Lib/Export/Stix1Export.php
View File

@ -5,6 +5,8 @@ App::uses('StixExport', 'Export');
class Stix1Export extends StixExport
{
protected $__attributes_limit = 15000;
protected $__default_version = '1.1.1';
protected $__sane_versions = array('1.1.1', '1.2');
private $__script_name = 'misp2stix.py ';
private $__baseurl = null;
private $__org = null;
@ -17,10 +19,10 @@ class Stix1Export extends StixExport
return $my_server->getPythonVersion() . ' ' . $this->__framing_script . ' stix1 -v ' . $this->__version . ' -n ' . $this->__baseurl . ' -o ' . $this->__org . ' -f ' . $this->__return_format . ' ' . $this->__end_of_cmd;
}
protected function __parse_misp_events($filename)
protected function __parse_misp_events($filenames)
{
$scriptFile = $this->__scripts_dir . $this->__script_name;
$my_server = ClassRegistry::init('Server');
return shell_exec($my_server->getPythonVersion() . ' ' . $scriptFile . ' ' . $filename . ' ' . $this->__return_format . ' ' . $this->__baseurl . ' ' . $this->__org . $this->__end_of_cmd);
return shell_exec($my_server->getPythonVersion() . ' ' . $scriptFile . '-v ' . $this->__version . ' -f ' . $this->__return_format . ' -o ' . $this->__org . ' -i ' . $this->__tmp_dir . $filenames . $this->__end_of_cmd);
}
}

6
app/Lib/Export/Stix2Export.php
View File

@ -5,6 +5,8 @@ App::uses('StixExport', 'Export');
class Stix2Export extends StixExport
{
protected $__attributes_limit = 15000;
protected $__default_version = '2.0';
protected $__sane_versions = array('2.0', '2.1');
private $__script_name = 'stix2/misp2stix2.py ';
protected function __initiate_framing_params()
@ -13,12 +15,12 @@ class Stix2Export extends StixExport
return $my_server->getPythonVersion() . ' ' . $this->__framing_script . ' stix2 -v ' . $this->__version . ' --uuid ' . escapeshellarg(CakeText::uuid()) . $this->__end_of_cmd;
}
protected function __parse_misp_events()
protected function __parse_misp_events($filenames)
{
$scriptFile = $this->__scripts_dir . $this->__script_name;
$filenames = implode(' ' . $this->__tmp_dir, $this->__filenames);
$my_server = ClassRegistry::init('Server');
$result = shell_exec($my_server->getPythonVersion() . ' ' . $scriptFile . ' ' . $this->__tmp_dir . $filenames . $this->__end_of_cmd);
$result = shell_exec($my_server->getPythonVersion() . ' ' . $scriptFile . '-v ' . $this->__version . ' -i ' . $this->__tmp_dir . $filenames . $this->__end_of_cmd);
$result = preg_split("/\r\n|\n|\r/", trim($result));
return end($result);
}

12
app/Lib/Export/StixExport.php
View File

@ -13,6 +13,8 @@ class StixExport
protected $__end_of_cmd = ' 2>' . APP . 'tmp/logs/exec-errors.log';
protected $__return_type = null;
protected $__filenames = array();
protected $__default_filters = null;
protected $__version = null;
private $__current_filename = null;
private $__empty_file = null;
@ -22,6 +24,13 @@ class StixExport
private $__n_attributes = 0;
public $non_restrictive_export = true;
public $use_default_filters = true;
public function setDefaultFilters($filters)
{
$sane_version = (!empty($filters['version']) && in_array($filters['version'], $this->__sane_versions));
$this->__version = $sane_version ? $filters['version'] : $this->__default_version;
}
public function handler($data, $options = array())
{
@ -85,7 +94,8 @@ class StixExport
$this->__tmp_file->close();
array_push($this->__filenames, $this->__current_filename);
}
$result = $this->__parse_misp_events();
$filenames = implode(' ' . $this->__tmp_dir, $this->__filenames);
$result = $this->__parse_misp_events($filenames);
$decoded = json_decode($result, true);
if (!isset($decoded['success']) || !$decoded['success']) {
$this->__delete_temporary_files();