mirror of https://github.com/MISP/MISP
fix: Added impfuzzy validation
parent
169da86545
commit
e70992c565
|
@ -815,20 +815,20 @@ class Attribute extends AppModel {
|
||||||
}
|
}
|
||||||
|
|
||||||
private $__hexHashLengths = array(
|
private $__hexHashLengths = array(
|
||||||
'authentihash' => 64,
|
'authentihash' => 64,
|
||||||
'md5' => 32,
|
'md5' => 32,
|
||||||
'imphash' => 32,
|
'imphash' => 32,
|
||||||
'sha1' => 40,
|
'sha1' => 40,
|
||||||
'x509-fingerprint-md5' => 32,
|
'x509-fingerprint-md5' => 32,
|
||||||
'x509-fingerprint-sha1' => 40,
|
'x509-fingerprint-sha1' => 40,
|
||||||
'x509-fingerprint-sha256' => 64,
|
'x509-fingerprint-sha256' => 64,
|
||||||
'pehash' => 40,
|
'pehash' => 40,
|
||||||
'sha224' => 56,
|
'sha224' => 56,
|
||||||
'sha256' => 64,
|
'sha256' => 64,
|
||||||
'sha384' => 96,
|
'sha384' => 96,
|
||||||
'sha512' => 128,
|
'sha512' => 128,
|
||||||
'sha512/224' => 56,
|
'sha512/224' => 56,
|
||||||
'sha512/256' => 64,
|
'sha512/256' => 64
|
||||||
);
|
);
|
||||||
|
|
||||||
public function runValidation($value, $type) {
|
public function runValidation($value, $type) {
|
||||||
|
@ -845,8 +845,8 @@ class Attribute extends AppModel {
|
||||||
case 'sha512/224':
|
case 'sha512/224':
|
||||||
case 'sha512/256':
|
case 'sha512/256':
|
||||||
case 'authentihash':
|
case 'authentihash':
|
||||||
case 'x509-fingerprint-md5':
|
case 'x509-fingerprint-md5':
|
||||||
case 'x509-fingerprint-sha256':
|
case 'x509-fingerprint-sha256':
|
||||||
case 'x509-fingerprint-sha1':
|
case 'x509-fingerprint-sha1':
|
||||||
$length = $this->__hexHashLengths[$type];
|
$length = $this->__hexHashLengths[$type];
|
||||||
if (preg_match("#^[0-9a-f]{" . $length . "}$#", $value)) {
|
if (preg_match("#^[0-9a-f]{" . $length . "}$#", $value)) {
|
||||||
|
@ -876,6 +876,13 @@ class Attribute extends AppModel {
|
||||||
}
|
}
|
||||||
if (!$returnValue) $returnValue = 'Invalid SSDeep hash. The format has to be blocksize:hash:hash';
|
if (!$returnValue) $returnValue = 'Invalid SSDeep hash. The format has to be blocksize:hash:hash';
|
||||||
break;
|
break;
|
||||||
|
case 'impfuzzy':
|
||||||
|
if (substr_count($value, ':') == 2) {
|
||||||
|
$parts = explode(':', $value);
|
||||||
|
if (is_numeric($parts[0])) $returnValue = true;
|
||||||
|
}
|
||||||
|
if (!$returnValue) $returnValue = 'Invalid impfuzzy format. The format has to be imports:hash:hash';
|
||||||
|
break;
|
||||||
case 'http-method':
|
case 'http-method':
|
||||||
if (preg_match("#(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK|VERSION-CONTROL|REPORT|CHECKOUT|CHECKIN|UNCHECKOUT|MKWORKSPACE|UPDATE|LABEL|MERGE|BASELINE-CONTROL|MKACTIVITY|ORDERPATCH|ACL|PATCH|SEARCH)#", $value)) {
|
if (preg_match("#(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK|VERSION-CONTROL|REPORT|CHECKOUT|CHECKIN|UNCHECKOUT|MKWORKSPACE|UPDATE|LABEL|MERGE|BASELINE-CONTROL|MKACTIVITY|ORDERPATCH|ACL|PATCH|SEARCH)#", $value)) {
|
||||||
$returnValue = true;
|
$returnValue = true;
|
||||||
|
@ -1270,8 +1277,8 @@ class Attribute extends AppModel {
|
||||||
$value = preg_replace('/^hxxp/i', 'http', $value);
|
$value = preg_replace('/^hxxp/i', 'http', $value);
|
||||||
$value = preg_replace('/\[\.\]/', '.' , $value);
|
$value = preg_replace('/\[\.\]/', '.' , $value);
|
||||||
break;
|
break;
|
||||||
case 'x509-fingerprint-md5':
|
case 'x509-fingerprint-md5':
|
||||||
case 'x509-fingerprint-sha256':
|
case 'x509-fingerprint-sha256':
|
||||||
case 'x509-fingerprint-sha1':
|
case 'x509-fingerprint-sha1':
|
||||||
$value = str_replace(':', '', $value);
|
$value = str_replace(':', '', $value);
|
||||||
$value = strtolower($value);
|
$value = strtolower($value);
|
||||||
|
|
Loading…
Reference in New Issue