MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
19,773 Commits
34 Branches
365 Tags
188 MiB
Commit Graph

943 Commits (3bc4f901223c9782dd688a4f4993481e2cdb9b94)

Author SHA1 Message Date
Fafner [_KeyZee_] fb7c98ebcf
Add the possibility to have a '-' in the baseurl 
With the actual regex in testBaseURL, we can not have a '-' inside the BaseURL, I did a quick fix
 2020-12-21 14:39:25 +01:00
Jakub Onderka 8a045673c7 new: [UI] Show information about key expiration in server list 2020-12-17 13:50:25 +01:00
Jakub Onderka f27580f1e6 new: [security] Allow to set key validity 2020-12-17 13:50:25 +01:00
Jakub Onderka 9896f67358 new: [security] New setting Security.username_in_response_header 2020-12-17 13:50:25 +01:00
Jakub Onderka 4c6ffc6985 chg: [internal] Rename MISP.log_user_ips_auth -> MISP.log_user_ips_authkeys 2020-12-17 13:49:32 +01:00
Jakub Onderka 2ae6108b52 new: [test] Check when `MISP.authkey_keep_session` is true 2020-12-17 13:49:32 +01:00
Jakub Onderka a290629fe0
Merge pull request #6699 from folbricht-stripe/s3-fix-writable-check 
fix: Don't fail writable attachment dir test for S3
 2020-12-07 12:07:03 +01:00
Frank Olbricht c3cc091954 Don't fail writable attachment dir test for S3 2020-12-05 10:23:37 -07:00
iglocska 56f91f9b5f
fix: [baseurl] validation relaxed 
- no more arbitrary junk blocking https://localhost
 2020-12-01 13:41:52 +01:00
Jakub Onderka 2c7d6e4466 new: [auth] Allow to enforce auth plugin authentication 2020-11-30 14:46:36 +01:00
Jakub Onderka e15ca97f33
Merge pull request #6081 from JakubOnderka/security_disable_browser_cache 
new: [security] HTTP headers hardening
 2020-11-24 21:00:02 +01:00
StefanKelm d667847815
Update Server.php 
Tiny re-wording
 2020-11-20 12:56:27 +01:00
Jakub Onderka 66eb224409 chg: [UI] Allow to set syslog setting from UI 2020-11-19 21:32:14 +01:00
Jakub Onderka 071f8877b3 chg: [internal] Throw exception if setting name doesn't exists 2020-11-19 19:08:14 +01:00
mokaddem 8c87d5036c Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-11-19 11:45:21 +01:00
mokaddem 758e0de557 fix: [server:sqlRecoveryQuery] Added support of unsigned int 
Fix #6618
 2020-11-19 11:45:02 +01:00
Jakub Onderka 001122189e new: [diagnostic] Check extensions version 2020-11-19 10:11:56 +01:00
mokaddem 89f307bd07 Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-18 09:22:40 +01:00
Jakub Onderka 5a597ca3db chg: [diagnostic] Smarter PHP extension diagnostics 2020-11-17 14:08:37 +01:00
mokaddem 399f2f7720
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-17 11:04:41 +01:00
Sami Mokaddem 32e7a3a5c3
Merge pull request #6580 from Maddosaurus/fix-plugin-setting-spelling 
Fix: Fix spelling of sightings_anonymise_as description
 2020-11-17 11:04:25 +01:00
mokaddem 3ccaa50a37
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-17 10:33:22 +01:00
Jakub Onderka 24301af247 fix: [internal] Server::update method 2020-11-16 23:22:27 +01:00
Jakub Onderka a2449f9c02
Merge pull request #6597 from JakubOnderka/zmq-setting-change-fix 
fix: [internal] Initialize ZMQ just when necessary after setting change
 2020-11-16 21:48:35 +01:00
Jakub Onderka 14efe5681c fix: [internal] Initialize ZMQ just when necessary after setting change 2020-11-16 20:37:27 +01:00
mokaddem f0bc398e60
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-16 14:59:17 +01:00
Jakub Onderka 73b63e2ccd new: [diagnostic] Show installed GnuPG version 2020-11-16 14:38:40 +01:00
Jakub Onderka 3b8b0019af new: [user] Setting `disable_user_add` to disable user creation by org admins 2020-11-14 17:44:17 +01:00
Jakub Onderka 272142637b new: [UI] Add `disable_user_password_change` and `disable_user_login_change` setting 2020-11-14 17:44:16 +01:00
mokaddem dc65c79130
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-13 16:26:35 +01:00
iglocska c3a1fd7df9
fix: [UI] various smaller fixes 2020-11-13 12:53:52 +01:00
Mat c21ba85a08 Fix: Fix spelling of sightings_anonymise_as description 2020-11-13 12:38:05 +01:00
mokaddem 8846a03b75
fix: [galaxyCluster] Improved compatibility detection 2020-11-13 12:24:06 +01:00
iglocska dbffebe503
Merge branch '2.4' into CRUD 2020-11-11 11:19:23 +01:00
mokaddem 150b4cb7d1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-11-09 10:07:43 +01:00
iglocska 9768fc9bcc
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-10-31 08:49:21 +01:00
iglocska 6e81c8ee8a
fix: [security] SSRF fixed in the rest client 
- by using the full path parameter in the rest client, users could issue queries to any server
- this becomes especially problematic when the MISP server is able to query other internal servers,
  as external users could trigger those

- new server setting added that allows enabling the full path option, this is now disabled by default
- new server setting added to add an override baseurl for the rest client, removing the need for the full
  path option in the first place (for example for the training VM with its port forwarding)

- Thanks to Heitor Gouvêa for reporting this vulnerability
 2020-10-31 08:49:01 +01:00
Jakub Onderka 0cd2812472 new: [UI] Allow to set attachment scan settings from user interface 2020-10-25 13:30:03 +01:00
Jakub Onderka c346066cf9 chg: [module] Better error handling 2020-10-22 16:39:34 +02:00
Jakub Onderka 2130aa2c6f chg: [module] Move serialization into module class 2020-10-22 16:38:46 +02:00
Jakub Onderka 0ff3e0602c chg: [module] Allow module settings to be dict with setting description 2020-10-22 13:04:55 +02:00
Jakub Onderka 8da3679c73 chg: [module] Remove unused variable from Module::getModules method 2020-10-22 12:54:23 +02:00
Jakub Onderka bcbe6d2343 new: [UI] Allow to disable hover enrichment 2020-10-20 18:37:28 +02:00
Jakub Onderka ff4c98446a
Merge pull request #6450 from JakubOnderka/client-certificate-info 
new: [sync] Show client certificate info in connection test
 2020-10-20 10:15:20 +02:00
iglocska 0b6da917d4
new: [advanced authkey] API key copy to the new system added to diagnostics 2020-10-20 08:35:21 +02:00
iglocska 62bbc95472
Merge branch '2.4' into CRUD 2020-10-20 02:01:21 +02:00
iglocska 89c9bfb577
new: [advanced authkeys] toggle added 2020-10-20 01:43:09 +02:00
Jakub Onderka 63ae5c16e0 new: [security] New setting to check `Sec-Fetch-Site` header 2020-10-19 19:24:09 +02:00
Jakub Onderka 46ba51a32e new: [sync] Show client certificate info in connection test 2020-10-19 09:57:06 +02:00
Jakub Onderka 0eee4efb38 fix [internal] Removed unused Server::__handlePulledProposals method 2020-10-18 22:21:38 +02:00
Jakub Onderka 5e12063620 new: [security] Add new `Security.disable_browser_cache` option to disable saving data to browser cache 2020-10-18 18:53:57 +02:00
Koen Van Impe d4e77bf7c9 Send message to ZMQ when there is event add/edit coming from a connected server 2020-10-13 09:23:07 +02:00
Jakub Onderka 5c16ceb9d4
Merge pull request #6300 from JakubOnderka/validate-gpg-key 
Validate gpg key
 2020-10-09 23:14:33 +02:00
Jakub Onderka 380fba5405 new: [GPG] Validate fetched GPG key 2020-10-09 16:58:59 +02:00
mokaddem b628e15eb9
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-10-09 14:54:47 +02:00
mokaddem 485a1afff8
fix: [server:push] Allow pushing events only having event reports 2020-10-05 09:50:56 +02:00
Andras Iklody 1523fc7ff9
Merge pull request #6370 from MISP/fix-update-no-prio 
Fix update no prio
 2020-10-01 15:36:29 +02:00
Andras Iklody 2c2bf5f847
Update Server.php 2020-10-01 15:35:35 +02:00
Andras Iklody 22167a1e59
chg: [cleanup] removed duplicate empty queue declaration 2020-10-01 15:34:50 +02:00
Andras Iklody f12f86b503
Merge pull request #6373 from RichieB2B/issue-6368 
Allow OS user to be set for upgrades
 2020-10-01 14:40:21 +02:00
Richard van den Berg 502806ff50 fix: [server] Do not limit TLD to 5 characters. Fix #6342 2020-10-01 13:58:38 +02:00
Richard van den Berg bb8981353b chg: [Shell] Add MISP.osuser for updates. Fix #6368 2020-10-01 13:47:51 +02:00
mokaddem fc9c77b917
Merge branch '2.4' of github.com:MISP/MISP into feature-event-report 2020-10-01 13:40:06 +02:00
Andras Iklody 90dd9db25a
Merge pull request #6372 from RichieB2B/ncsc-nl/pullAll 
Document "cake Server pullAll"
 2020-10-01 12:51:59 +02:00
Richard van den Berg b9ff5fc7db fix: [doc] Document "cake Server pullAll" 2020-10-01 12:22:31 +02:00
mokaddem 02725982cc
Merge branch '2.4' of github.com:MISP/MISP into feature-event-report 2020-10-01 10:38:28 +02:00
mokaddem c4bb8e2ecb
fix: [server:workerDiagostics] Default queue status to false 2020-10-01 09:46:17 +02:00
Jakub Onderka 03b5af1f78
Merge pull request #6344 from JakubOnderka/misp-file-import 
Misp file import error message
 2020-09-26 19:34:55 +02:00
Jakub Onderka 804525a20e chg: [internal] Move addMISPExportFile from controller to model 2020-09-26 13:02:19 +02:00
mokaddem 7d3748f403
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-09-23 18:17:54 +02:00
Jakub Onderka 21e00a996b fix: [internal] Fix tests for missing ACL 2020-09-23 17:28:01 +02:00
mokaddem eb84b3344f
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-09-22 12:08:12 +02:00
mokaddem 4408a17dff
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-09-22 10:15:22 +02:00
iglocska 8c07d01302
new: [workers] add kill all / force kill all buttons to the worker management, fixes #6329 2020-09-22 09:15:03 +02:00
mokaddem 3f7ef16c14
chg: [server] Allow to sync events if they only have event report 2020-09-17 16:13:16 +02:00
mokaddem 17058aa1d0
chg: [server] Added distribution downgrade for event report sync 2020-09-17 16:12:44 +02:00
mokaddem a247bd3500 fix: [server] Downgrade distribution of objects when pulling 2020-09-17 15:53:10 +02:00
Andras Iklody 899490969c
Merge pull request #6310 from RichieB2B/ncsc-nl/selective-push 
Only push events/sightings when selected for server
 2020-09-11 20:46:51 +02:00
Richard van den Berg 284f32ba6a fix: [Server] only push events/sightings when selected 2020-09-11 18:08:57 +02:00
Richard van den Berg 7151990383 chg: [sightings] anonymise pushed sightings using new Sightings_anonymise_as setting 2020-09-11 17:23:29 +02:00
Jakub Onderka 94f2b5bbbb chg: [internal] Better error handling when pushing event to remote server 2020-09-04 15:43:52 +02:00
Jakub Onderka 6f12dfc7df new: [diagnostic] Check if database index is unique 2020-09-02 10:13:03 +02:00
Golbark 3a0bedb104 chg: [internal] Using Allowedlist instead of Whitelist 2020-09-01 16:28:20 +02:00
Golbark 3fb47d1cce chg: [internal] Using blocklist instead of blacklist 2020-09-01 16:27:36 +02:00
James Droste 2ae7c7df30 Add the ability to customize the IP header field when logging 2020-08-25 16:29:34 -07:00
Vito Piserchia b8c7485712 resolve merge 2020-08-16 13:31:31 +02:00
Jakub Onderka ee4de160e8 chg: [internal] Move GPG initialization to GpgTool 2020-08-12 19:33:15 +02:00
Jakub Onderka c347ffc6db new: [internal] 'GnuPG.obscure_subject' option to not send unencrypted subject 2020-08-12 19:33:15 +02:00
Jakub Onderka 31ea1d6eb3 chg: [CLI] Allow to fetch remove event by UUID 2020-08-10 15:47:06 +02:00
Jakub Onderka 8b10c94cfa chg: [internal] Refactor Server::getEventIdsFromServer 2020-08-10 15:47:06 +02:00
Jakub Onderka d4c7374a03 fix: [pull] Check if url_params in pull filter is empty string 2020-07-28 13:10:25 +02:00
Jakub Onderka 31bdf3384c
Merge pull request #6031 from JakubOnderka/json_error_handling 
chg: [internal] Better error handling for JSON decoding
 2020-07-26 21:35:37 +02:00
mokaddem ad81c60986
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-07-21 08:09:25 +02:00
chrisr3d b2a2acd886 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2020-07-20 17:17:15 +02:00
Jakub Onderka 9e8353971f
Merge pull request #6065 from JakubOnderka/job-progress 
chg: [internal] Better job progress and status logging
 2020-07-19 15:43:09 +02:00
chrisr3d e410bdf8e9 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2020-07-16 23:30:47 +02:00
Jakub Onderka 91a1913fed new: [attribute] Add support for IDN domains 2020-07-16 17:23:49 +02:00
mokaddem b3dbecb318
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-07-14 16:25:04 +02:00
Jakub Onderka f3d11f8d55 chg: [internal] Better error handling for JSON decoding 2020-07-13 15:59:32 +02:00
mokaddem 1333dea1fe
fix: [server:pull] Make sure to update the job progress only if we are 
running in a background job
 2020-07-10 17:59:09 +02:00
mokaddem 978c9612bf
fix: [server:pull] Makes pull works with jobs 2020-07-10 17:47:47 +02:00
chrisr3d 7a5e7a9824
chg: [diagnostic] Updated required stix2 library version 2020-07-10 15:46:35 +02:00
mokaddem eb7180c0ab
chg: Added more doc 2020-07-09 15:32:48 +02:00
mokaddem ebade5b6fc
chg: [galaxyCluster] Added bunch of doc 2020-07-08 16:56:31 +02:00
Jakub Onderka 812ae3d527 new: [diag] Check if ZIP extension is installed 2020-07-03 16:21:53 +02:00
mokaddem f3a9481c61
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-07-01 16:22:55 +02:00
mokaddem cb764f42c3
chg: [server:pull] Pluralized `pull_relevant_cluster` as we may pull 
more than one
 2020-06-30 08:49:47 +02:00
Jakub Onderka f0fa71627d chg: [internal] Better job progress and status logging 2020-06-28 09:06:27 +02:00
mokaddem 73db65cb28
chg: [event:publish] Publishing also pushes attached custom galaxy 
clusters
 2020-06-25 16:18:31 +02:00
mokaddem 4f010cffbd
chg: [server:push_galaxy_cluster] Working version of cluster push all 
technique
 2020-06-25 16:02:03 +02:00
mokaddem a137f85654
new: [server:pull_relevant_cluster] Added new cluster pull technique 
It fetches remote clusters based on cluster tags known locally
 2020-06-25 15:01:54 +02:00
mokaddem fae1a10c7d
chg: [server:pull_cluster] Added support of `numeric` pull technique 2020-06-25 12:16:09 +02:00
mokaddem f4b003e01e
chg: [galaxyCluster:pull] Pull clusters before events and added support of published state 2020-06-25 10:47:54 +02:00
Andras Iklody ccf0352458
Merge pull request #5992 from JakubOnderka/download-event-log-exception 
chg: [internal] Log exception if exception is thrown during event dow…
 2020-06-16 14:17:27 +02:00
mokaddem f0f5f02ef1
fix: [ACLComponent] Put `pushClusters` into the correct section. 
Also removed useless condition
 2020-06-16 09:18:04 +02:00
mokaddem 6854c81bff
chg: [galaxyCluster:push] Only push custom clusters that are contained in the 
event getting pushed
 2020-06-15 14:37:37 +02:00
Andras Iklody 3cb9f4b83b
Merge pull request #5993 from JakubOnderka/pull-progress 
fix: [pull] Correct progress for pull job
 2020-06-11 11:42:22 +02:00
mokaddem e48763a1c1
chg: [server:pull] Improved pull process for galaxyClusters 2020-06-10 09:37:25 +02:00
GlennHD 7c7787ec14
Fixed typo 
Fixed typo
 2020-06-09 16:55:54 -05:00
Jakub Onderka b2c193c984 fix: [pull] Correct progress for pull job 2020-06-07 22:25:32 +02:00
Jakub Onderka 90498fa1e2 chg: [internal] Log exception if exception is thrown during event downloading 2020-06-07 20:25:39 +02:00
mokaddem 5c04b9a8c1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-05-28 14:06:30 +02:00
mokaddem 43d129a2c1
chg: [galaxyClusters:pull] Added pull capabilities to fetch remote 
clusters
 2020-05-27 09:55:52 +02:00
mokaddem 02c07f01a3
chg: [galaxyCluster:getElligibleClustersToPush] Renamed function for 
better clarity
 2020-05-26 15:33:03 +02:00
mokaddem af67668eb6
fix: [server:pushGalaxyCluster] Correctly select UUIDs to be pushed 2020-05-26 15:30:53 +02:00
mokaddem 176e29c94f
chg: [server:push] Drafty version of galaxyCluster push 2020-05-26 15:08:24 +02:00
Andras Iklody 0db582ef95
Merge pull request #5924 from JakubOnderka/php74-errors 
Fix notices in PHP 7.4
 2020-05-23 18:27:19 +02:00
Sami Mokaddem 964ba7ca8b
fix: [documentation] Typo with the CLI function name. Fix #5931 2020-05-22 14:38:46 +02:00
Jakub Onderka ec92a97982 fix: [internal] Branch setting don't have level value 2020-05-19 17:43:18 +02:00
mokaddem 944b613a19
Merge branch '2.4' of github.com:MISP/MISP into pr-5856 2020-05-18 09:22:46 +02:00
mokaddem 3983bd7ac4
chg: [server:dbSchema] Added support of mysql's `extra` column. Fix #5860 2020-05-15 11:28:49 +02:00
Andras Iklody d8a5ee76dc
Merge pull request #5876 from JakubOnderka/pubsub 
chg: [pubsub] Refactored PubSub tool
 2020-05-14 10:24:47 +02:00
iglocska a24fe930da
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-05-14 09:52:45 +02:00
iglocska 15d6c30649
new: [sync] (for now) undocumented force pull added 
- can only be triggered via the CLI for now
- usage: /var/www/MISP/app/Console/cake Server pull [user_id] [server_id] [technique] [force]
  - the force flag has to be passed as 'force' to avoid accidentally triggering it

- What it does:
  - pulls ignoring the timetamp differences
  - this means that even older states of events, attributes, objects are ingested
  - useful for when wanting to reset an event / all events to align with an upstream server
- Caveats:
  - attributes added on the low side are maintained
  - tags added on the low side are maintained
  - keep in mind this WILL override attributes that are soft deleted
 2020-05-14 09:34:49 +02:00
chrisr3d 18a8bc0781
fix: [diagnostic] Updated required version for the stix python library 2020-05-13 11:06:59 +02:00
Jakub Onderka 1e07dfc9ae chg: [pubsub] Refactored PubSub tool 2020-05-11 08:22:37 +02:00
Richard van den Berg a096cdfb98 fix: [stix export] Bump minimum CybOX version to 2.1.0.21 2020-05-04 15:59:17 +02:00
Jakub Onderka a0476bda3d new: [internal] Do not log auhtkeys 2020-05-04 15:13:17 +02:00
iglocska 6ec8391e46
Merge branch '5726' into 2.4 2020-04-29 15:50:01 +02:00
iglocska 3bdbe0ed19
fix: [otp] enabling it requires e-mailing to be enabled 2020-04-29 15:48:43 +02:00
iglocska 42c7945de3
Merge branch '5819' into 2.4 2020-04-28 15:23:30 +02:00
mokaddem 436fd184c9
Merge branch '2.4' into JakubOnderka-redis-delete-multiple 2020-04-28 09:16:13 +02:00
Jakub Onderka 37f8699a91
fix: [internal] Remove unused code 2020-04-26 10:57:55 +02:00
Jakub Onderka 9b45aac810
fix: Remove unused variable 2020-04-26 10:22:27 +02:00
Golbark 3436bc6ae5 Merge branch '2.4' into email-otp-implementation 
Conflicts:
	app/Model/Server.php
 2020-04-20 12:16:25 +02:00
iglocska ec93389669
fix: [internal] Added a setting to skip positive attribute level filters on the event scope 
- when running a large MISP community, it is bound to happen that your instance will be used as the back-end for internal tooling
- often these tools are configured to fetch aggressively, often with heavy consequences on the server load
- some filter that serves mostly edge-case lookups can mistakenly lead to heavy server load for no good reason

We have identified attribute level positive filters on the event scope to be such a filter and made them optionally toggle-able
via the MISP.attribute_fitlers_block_only flag. Turning the setting on will remove all event level filters such as "type" from
being viable filter candidates unless used to block the inclusion of attribute types. Some examples:

"type": {"OR": ["ip-dst", "ip-src", "hostname", "domain"]} would normally return ANY event that has at least one of the listed
attribute types. This is the behaviour that can now be disabled.

"type": {"NOT": ["iban", "cc-number"]} would normally remove any attributes with the given types from the list of returned
events. This functionality is NOT affected by the toggle.
 2020-04-15 06:21:15 +02:00
iglocska bd8854e5ae
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-04-14 15:05:28 +02:00
iglocska 4ded5a73c4
new: [database] New MySQL data source added for debugging 
- MySQLObserver datasource added - prepends all queries with the requested controller/action and user ID for better debugging
 2020-04-14 15:04:33 +02:00
mokaddem dd1be03597
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-04-09 14:26:48 +02:00
mokaddem b61ac5be6a
fix: [server:DBSchemaDiagnostic] Quote index column's name and added 
missing keyword
 2020-04-08 11:37:18 +02:00