MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' into develop

pull/6982/head
iglocska 2021-02-03 08:49:23 +01:00
parent 957c66c573 7d0a5368b1
commit f889ba91c9
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
17 changed files with 67 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
INSTALL/INSTALL.sh
View File

@ -675,6 +675,7 @@ kaliSpaceSaver () {
echo "${RED}Not implement${NC}"
}
# FIXME: Kali now uses kali/kali instead of root/toor
# Because Kali is l33t we make sure we DO NOT run as root
kaliOnTheR0ckz () {
totalRoot=$(df -k | grep /$ |awk '{ print $2 }')
@ -776,6 +777,7 @@ installRNG () {
kaliUpgrade () {
debug "Running various Kali upgrade tasks"
checkAptLock
sudo DEBIAN_FRONTEND=noninteractive apt update
sudo DEBIAN_FRONTEND=noninteractive apt install --only-upgrade bash libc6 -y
sudo DEBIAN_FRONTEND=noninteractive apt autoremove -y
}
@ -1197,7 +1199,7 @@ installDepsPhp74 () {
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
php-json php-xml php-mysql php7.4-opcache php-readline php-mbstring php-zip \
php-redis php-gnupg \
php-intl php-bcmath \
php-gd
@ -1559,6 +1561,7 @@ coreCAKE () {
# Various plugin sightings settings
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_policy" 0
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise_as" 1
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_range" 365
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_sighting_db_enable" false
@ -1766,6 +1769,7 @@ mispmodules () {
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
sudo chgrp staff .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install censys pyfaup
# Start misp-modules as a service
sudo cp /usr/local/src/misp-modules/etc/systemd/system/misp-modules.service /etc/systemd/system/
@ -2539,6 +2543,7 @@ mispmodulesRHEL () {
# pip install
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install pyfaup censys
sudo yum install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
echo "[Unit]
@ -2780,10 +2785,10 @@ installSupported () {
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
elif [[ "$PHP_VER" == 7.3 ]]; then
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73
elif [[ "$PHP_VER" == 7.4 ]]; then
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74
elif [[ "$PHP_VER" == 7.0 ]]; then
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
@ -2885,7 +2890,7 @@ installSupported () {
# Main Kali Install function
installMISPonKali () {
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('')
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('generic/supportFunctions.md')
kaliUpgrade
# Set locale if not set - functionLocation('generic/supportFunctions.md')
@ -2894,8 +2899,8 @@ installMISPonKali () {
# Set Base URL - functionLocation('generic/supportFunctions.md')
setBaseURL
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
installDepsPhp73
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
installDepsPhp74
# Set custom Kali only variables and tweaks
space
@ -2913,12 +2918,12 @@ installMISPonKali () {
installCoreDeps
debug "Enabling redis and gnupg modules"
sudo phpenmod -v 7.3 redis
sudo phpenmod -v 7.3 gnupg
sudo phpenmod -v 7.4 redis
sudo phpenmod -v 7.4 gnupg
debug "Apache2 ops: dismod: status - dissite: 000-default enmod: ssl rewrite headers php7.3 ensite: default-ssl"
sudo a2dismod status
sudo a2enmod ssl rewrite headers php7.3
sudo a2enmod ssl rewrite headers php7.4
sudo a2dissite 000-default
sudo a2ensite default-ssl
@ -3021,26 +3026,18 @@ installMISPonKali () {
debug "Setting up database"
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
echo "
set timeout 10
spawn sudo mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send -- \"\r\"
expect \"Set root password?\"
send -- \"y\r\"
expect \"New password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Re-enter new password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Remove anonymous users?\"
send -- \"y\r\"
expect \"Disallow root login remotely?\"
send -- \"y\r\"
expect \"Remove test database and access to it?\"
send -- \"y\r\"
expect \"Reload privilege tables now?\"
send -- \"y\r\"
expect eof" | expect -f -
# Kill the anonymous users
sudo mysql -h $DBHOST -e "DROP USER IF EXISTS ''@'localhost'"
# Because our hostname varies we'll use some Bash magic here.
sudo mysql -h $DBHOST -e "DROP USER IF EXISTS ''@'$(hostname)'"
# Kill off the demo database
sudo mysql -h $DBHOST -e "DROP DATABASE IF EXISTS test"
# No root remote logins
sudo mysql -h $DBHOST -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
# Make sure that NOBODY can access the server without a password
sudo mysqladmin -h $DBHOST -u "${DBUSER_ADMIN}" password "${DBPASSWORD_ADMIN}"
# Make our changes take effect
sudo mysql -h $DBHOST -e "FLUSH PRIVILEGES"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "CREATE DATABASE $DBNAME;"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT USAGE ON *.* TO $DBUSER_MISP@localhost IDENTIFIED BY '$DBPASSWORD_MISP';"
@ -3291,9 +3288,6 @@ x86_64-debian-stretch
x86_64-debian-buster
x86_64-ubuntu-bionic
x86_64-ubuntu-focal
x86_64-kali-2020.1
x86_64-kali-2020.2
x86_64-kali-2020.3
x86_64-kali-2020.4
armv6l-raspbian-stretch
armv7l-raspbian-stretch

6
INSTALL/INSTALL.sh.sfv
View File

@ -1,5 +1,5 @@
; Generated by RHash v1.3.9 on 2021-01-15 at 16:07.48
; Generated by RHash v1.3.9 on 2021-02-03 at 15:13.46
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
;
; 137197 16:07.48 2021-01-15 INSTALL.sh
INSTALL.sh AC931C9555B90E9C3B0935492DAA0E7EDC4B4394 E77AC1F6FA1B60AFAE910B86B59ACC5C33E2019D738B3E3380732FA51354D1AD C40E1D6E33EB14394C93E5C3FDFDC8DA66C2216AC0D22D1453578BD47AD052C84CB48EFDEA4F0769697A92A59FEA7E0F 8F5E59632C0B02F9CDAEE5B3B301697EA7ABFF8D1359673499689A4389A25D059625EBC2B650C114AD114A336ECA609A588FF6C6633FFDCE599F69A7717BD0F8
; 137499 15:13.46 2021-02-03 INSTALL.sh
INSTALL.sh 5645164D7C2701EC0E0FF7D33CD8263D41B27947 803115D518C0EF187B041B942B0298CEAF329F4ADD07DB405B508D6E7ABB5D45 6B8019972E761EDC6E8CD1335E8B280376315DD762F6C98AE36C149D7960A0FC5D3C6E3F228DCB2949BDCB747942B557 ABE5D6541D23895E863BAB8BE306E54058897823EA703E6A8A225097ED8CA24F365441E8E98851576E5289B34D81C351C1A1A2520A0865BFE0D37AD77D018282

2
INSTALL/INSTALL.sh.sha1
View File

@ -1 +1 @@
ac931c9555b90e9c3b0935492daa0e7edc4b4394 INSTALL.sh
5645164d7c2701ec0e0ff7d33cd8263d41b27947 INSTALL.sh

2
INSTALL/INSTALL.sh.sha256
View File

@ -1 +1 @@
e77ac1f6fa1b60afae910b86b59acc5c33e2019d738b3e3380732fa51354d1ad INSTALL.sh
803115d518c0ef187b041b942b0298ceaf329f4add07db405b508d6e7abb5d45 INSTALL.sh

2
INSTALL/INSTALL.sh.sha384
View File

@ -1 +1 @@
c40e1d6e33eb14394c93e5c3fdfdc8da66c2216ac0d22d1453578bd47ad052c84cb48efdea4f0769697a92a59fea7e0f INSTALL.sh
6b8019972e761edc6e8cd1335e8b280376315dd762f6c98ae36c149d7960a0fc5d3c6e3f228dcb2949bdcb747942b557 INSTALL.sh

2
INSTALL/INSTALL.sh.sha512
View File

@ -1 +1 @@
8f5e59632c0b02f9cdaee5b3b301697ea7abff8d1359673499689a4389a25d059625ebc2b650c114ad114a336eca609a588ff6c6633ffdce599f69a7717bd0f8 INSTALL.sh
abe5d6541d23895e863bab8be306e54058897823ea703e6a8a225097ed8ca24f365441e8e98851576e5289b34d81c351c1a1a2520a0865bfe0d37ad77d018282 INSTALL.sh

51
INSTALL/INSTALL.tpl.sh
View File

@ -284,10 +284,10 @@ installSupported () {
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
elif [[ "$PHP_VER" == 7.3 ]]; then
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73
elif [[ "$PHP_VER" == 7.4 ]]; then
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74
elif [[ "$PHP_VER" == 7.0 ]]; then
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
@ -389,7 +389,7 @@ installSupported () {
# Main Kali Install function
installMISPonKali () {
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('')
# Kali might have a bug on installs where libc6 is not up to date, this forces bash and libc to update - functionLocation('generic/supportFunctions.md')
kaliUpgrade
# Set locale if not set - functionLocation('generic/supportFunctions.md')
@ -398,8 +398,8 @@ installMISPonKali () {
# Set Base URL - functionLocation('generic/supportFunctions.md')
setBaseURL
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
installDepsPhp73
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
installDepsPhp74
# Set custom Kali only variables and tweaks
space
@ -417,12 +417,12 @@ installMISPonKali () {
installCoreDeps
debug "Enabling redis and gnupg modules"
sudo phpenmod -v 7.3 redis
sudo phpenmod -v 7.3 gnupg
sudo phpenmod -v 7.4 redis
sudo phpenmod -v 7.4 gnupg
debug "Apache2 ops: dismod: status - dissite: 000-default enmod: ssl rewrite headers php7.3 ensite: default-ssl"
sudo a2dismod status
sudo a2enmod ssl rewrite headers php7.3
sudo a2enmod ssl rewrite headers php7.4
sudo a2dissite 000-default
sudo a2ensite default-ssl
@ -525,26 +525,18 @@ installMISPonKali () {
debug "Setting up database"
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
echo "
set timeout 10
spawn sudo mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send -- \"\r\"
expect \"Set root password?\"
send -- \"y\r\"
expect \"New password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Re-enter new password:\"
send -- \"${DBPASSWORD_ADMIN}\r\"
expect \"Remove anonymous users?\"
send -- \"y\r\"
expect \"Disallow root login remotely?\"
send -- \"y\r\"
expect \"Remove test database and access to it?\"
send -- \"y\r\"
expect \"Reload privilege tables now?\"
send -- \"y\r\"
expect eof" | expect -f -
# Kill the anonymous users
sudo mysql -h $DBHOST -e "DROP USER IF EXISTS ''@'localhost'"
# Because our hostname varies we'll use some Bash magic here.
sudo mysql -h $DBHOST -e "DROP USER IF EXISTS ''@'$(hostname)'"
# Kill off the demo database
sudo mysql -h $DBHOST -e "DROP DATABASE IF EXISTS test"
# No root remote logins
sudo mysql -h $DBHOST -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
# Make sure that NOBODY can access the server without a password
sudo mysqladmin -h $DBHOST -u "${DBUSER_ADMIN}" password "${DBPASSWORD_ADMIN}"
# Make our changes take effect
sudo mysql -h $DBHOST -e "FLUSH PRIVILEGES"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "CREATE DATABASE $DBNAME;"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT USAGE ON *.* TO $DBUSER_MISP@localhost IDENTIFIED BY '$DBPASSWORD_MISP';"
@ -795,9 +787,6 @@ x86_64-debian-stretch
x86_64-debian-buster
x86_64-ubuntu-bionic
x86_64-ubuntu-focal
x86_64-kali-2020.1
x86_64-kali-2020.2
x86_64-kali-2020.3
x86_64-kali-2020.4
armv6l-raspbian-stretch
armv7l-raspbian-stretch

3
app/Model/Attribute.php
View File

@ -12,6 +12,7 @@ App::uses('ComplexTypeTool', 'Tools');
/**
* @property Event $Event
* @property AttributeTag $AttributeTag
* @property Sighting $Sighting
* @property-read array $typeDefinitions
* @property-read array $categoryDefinitions
*/
@ -3979,7 +3980,7 @@ class Attribute extends AppModel
}
}
if (!empty($attribute['Sighting'])) {
$this->Sighting->captureSighting($attribute['Sighting'], $this->id, $eventId, $user);
$this->Sighting->captureSightings($attribute['Sighting'], $this->id, $eventId, $user);
}
}
if (!empty($this->validationErrors)) {

2
app/Model/MispObject.php
View File

@ -912,8 +912,8 @@ class MispObject extends AppModel
'title' => 'Object dropped due to it being a duplicate and breakOnDuplicate being requested for Event ' . $eventId,
'change' => 'Duplicate object found.',
));
return true;
}
return true;
}
if (empty($log)) {
$log = ClassRegistry::init('Log');

2
app/files/misp-galaxy

@ -1 +1 @@
Subproject commit 3c19c7c1e5d347fd14ab4ff6887522ec28e08d68
Subproject commit 815e5c4fe4b3ac4de4966dbf65dad876d5c1660c

2
app/files/misp-objects

@ -1 +1 @@
Subproject commit eedcc2d5af83e044fac806108d6c70095e5c7343
Subproject commit 4b9f12c64467613ff8f8d67209345039b7acdd6e

6
docs/INSTALL.kali.md
View File

@ -1,12 +1,12 @@
# INSTALLATION INSTRUCTIONS
## for Kali Linux 2020.2
## for Kali Linux 2020.4
# 0/ Quick MISP Instance on Kali Linux - Status
This has been tested by @SteveClement on 20200513
This has been tested by @SteveClement on 20210203
# 1/ Prepare Kali with a MISP User
This only works on Kali 2020.x 2019.x was year(s) ago(tm).
This only works on Kali 2020.4 and higher.
To install MISP on Kali copy paste this in your shell:
```bash

2
docs/INSTALL.ubuntu2004.md
View File

@ -112,7 +112,7 @@ installDepsPhp74 () {
libapache2-mod-php \
php php-cli \
php-dev \
php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
php-json php-xml php-mysql php7.4-opcache php-readline php-mbstring php-zip \
php-redis php-gnupg \
php-intl php-bcmath \
php-gd

1
docs/generic/MISP_CAKE_init.md
View File

@ -64,6 +64,7 @@ coreCAKE () {
# Various plugin sightings settings
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_policy" 0
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise_as" 1
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_range" 365
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_sighting_db_enable" false

1
docs/generic/misp-modules-centos.md
View File

@ -13,6 +13,7 @@ mispmodulesRHEL () {
# pip install
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install pyfaup censys
sudo yum install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
echo "[Unit]

1
docs/generic/misp-modules-debian.md
View File

@ -41,6 +41,7 @@ mispmodules () {
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
sudo chgrp staff .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install -I .
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install censys pyfaup
# Start misp-modules as a service
sudo cp /usr/local/src/misp-modules/etc/systemd/system/misp-modules.service /etc/systemd/system/

2
docs/generic/supportFunctions.md
View File

@ -510,6 +510,7 @@ kaliSpaceSaver () {
echo "${RED}Not implement${NC}"
}
# FIXME: Kali now uses kali/kali instead of root/toor
# Because Kali is l33t we make sure we DO NOT run as root
kaliOnTheR0ckz () {
totalRoot=$(df -k | grep /$ |awk '{ print $2 }')
@ -611,6 +612,7 @@ installRNG () {
kaliUpgrade () {
debug "Running various Kali upgrade tasks"
checkAptLock
sudo DEBIAN_FRONTEND=noninteractive apt update
sudo DEBIAN_FRONTEND=noninteractive apt install --only-upgrade bash libc6 -y
sudo DEBIAN_FRONTEND=noninteractive apt autoremove -y
}