MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
7,181 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

490 Commits (4b722e0b619de28565aa7d982d9e23e9ca49d5fd)

Author SHA1 Message Date
iglocska 7d5494570a fix: Fix an invalid call to saving a log entry without initialising the class first 2018-01-31 07:53:21 +01:00
iglocska bfcb85f56f new: Added boolean attribute type 2018-01-26 19:49:29 +01:00
Alexandre Dulaunoy cea61bf61f
fix: clarifies the scope of a BIC code in the financial sector 
The Business Identifier Codes (also known as SWIFT-BIC, BIC, SWIFT ID
or SWIFT code)...
 2018-01-21 12:51:13 +01:00
iglocska faa097128a fix: Don't block email headers from being added if they have a line break in them 2018-01-17 17:40:34 +01:00
iglocska 0b99498f67 fix: Sharing group ID set to the correct value if set implicitly by setting the ID instead of passing a full sharing group object along, fixes #2814 
- also, fail if no valid sharing group was found.
 2018-01-15 15:12:05 +01:00
iglocska b3fc9e2c2c Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2018-01-13 14:25:45 +01:00
iglocska a432f8358e chg: Performance tuning 
- improved performance of inserting batch attributes / passing a large number of attributes to attributes/add
  - reworked algorithm to a two phase bulk insertion (validation -> mass insert) instead of looping through all attributes
  - removed the build in counter cache for incrementing attribute counts on events in favour of a more lightweight solution
  - performance gains on test data set: 50+ seconds -> 32 seconds

- Greatly improved attribute index / attribute search performance
  - fixed an issue that caused the lookup to avoid using indeces
  - performance gains on test data when paginating: 11 seconds -> 1 second
 2018-01-13 14:23:04 +01:00
iglocska 1d992cac92 fix: fetchAttributes() now correctly adheres to object distributions 2018-01-12 15:58:29 +01:00
iglocska 3b1894ca49 fix: Fix to the previous issue with emptying the object_relation in attributes on fetch 2018-01-08 17:32:28 +01:00
iglocska 42e7f009ab fix: Fixed null entry for object_relation, fixes #2773 2018-01-08 17:00:38 +01:00
Alexandre Dulaunoy 8866eae317
fix: I ate too much chocolate ;-) 2017-12-21 16:25:06 +01:00
Alexandre Dulaunoy e0ae94ac9f
add: stix2-pattern type added to support the STIX 2 patterning format 2017-12-21 16:21:23 +01:00
iglocska 8ed3883f0b fix: Fixed an issue where adding an attribute to an existing object isn't handled correctly via the API / sync, fixes #2760 2017-12-20 17:00:33 +01:00
iglocska 6cdb8479cb fix: Fixed a tag lookup scope error in attributes/restSearch 
- searching for an attribute tag returned all attributes contained within the event holding the located attributes

- for example: Event with 3 attributes, one having the tag "test"
  - query /attributes/restSearch with "tags":["test"] returned 3 attributes instead of 1
 2017-12-19 20:26:54 +01:00
Alexandre Dulaunoy 3c4d8f53ee
add: whois-registrant-org attribute type added 
As requested in https://github.com/MISP/misp-objects/issues/55
 2017-12-18 13:52:36 +01:00
Alexandre Dulaunoy bab083b345
add: new types added for X509 certificate fingerprint: 
- x509-fingerprint-md5
- x509-fingerprint-sha256

This is required to ensure consistent export while hashes are used.  The
associated x509 object template has been fixed to reflect the 3 fingerprint types
instead of the generic hash types. This would allow different export types.

b85438fc45
 2017-12-13 17:43:32 +01:00
iglocska 05a89f5e87 Merge branch '2.4' into feature/tag_filter_rework 2017-11-30 22:28:35 +01:00
iglocska 3d627ad8c3 fix: dns-soa-email didn't have a category 2017-11-30 18:34:08 +01:00
iglocska f537d8f1f2 fix: Fixed missing entries for mac-eui-64 2017-11-30 16:54:53 +01:00
iglocska 16ac48ac9b Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-11-30 10:17:41 +01:00
iglocska e86766c28e new: Added mac-address and mac-eui-64 attribute types 2017-11-30 10:12:02 +01:00
Alexandre Dulaunoy e3858b1aa7
fix: Vulnerability (CVE) should correlate (CIRCL and NCSC-NL are supporting it) fix #2691 2017-11-28 16:42:25 +01:00
iglocska 325ca46871 fix: Relaxed email validation 
- because unicode tlds / domains are such a great idea
 2017-11-22 13:45:39 +01:00
iglocska f259a51247 fix: Fixed invalid timestamp generation 2017-11-22 10:59:42 +01:00
iglocska a70b786e25 fix: If no distribution level set, don't try to check if it's set to sharing group on the attribute level 
- Attribute->editAttribute()
 2017-11-22 10:55:24 +01:00
iglocska 678eecf224 new: Add attribute tag filters to the fetchEvents() functionality 
- tag filters now filter on:
  - all events cotaining matching tags on event + attribute level (positive lookup)
  - all events not containing matching tags (negative lookup)
  - filter attributes within a matched event for blocked attributes (negative lookup)

- moved tag filtering to subquery filtering - should improve performance massively on larger instances when filtering on tags

- first round of implementations, more on the way
 2017-11-19 21:21:32 +01:00
iglocska 45a2d1a09b new: Added phone number recognition to the freetext import tool 
- also, changed the massaging of phone number type attributes to replace 00 with +
 2017-11-16 16:25:46 +01:00
iglocska 396eecd242 fix: Ugly fix for the float issues 2017-11-08 18:55:13 +01:00
iglocska 7492d2799f new: Sightings ingested on import/sync 2017-11-03 15:18:46 +01:00
iglocska 3baa9978ec fix: Changed relationship name of filesize in add attachments to size-in-byte 2017-11-02 18:38:04 +01:00
iglocska f57b510723 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-10-27 15:56:15 +02:00
iglocska 68f4833893 new: First version of the zmq reimplementation 2017-10-27 09:10:46 +02:00
iglocska a5a7bf47b3 fix: Added initialisation of Log model in the editAttribute() function if the save fails 2017-10-25 10:53:04 +02:00
iglocska a9d156f0e2 fix: Added default category for gender 2017-10-20 14:34:39 +02:00
iglocska b535adc779 fix: Added email-message-id's default category 2017-10-18 08:26:31 +02:00
Steffen Sauler 89e747da13 Removed duplicates from $categoryDefinitions 
Payload delivery/ip-dst|port
Payload delivery/ip-src|port
Support Tool/text
 2017-10-03 16:10:29 +02:00
Andras Iklody 63a00df202 Merge pull request #2515 from c-goes/emailregex 
Allow $ in email addresses
 2017-09-27 16:34:00 +02:00
iglocska 343e5b881f fix: Fixed potential double hashing of samples with the encrypt flag 2017-09-27 15:47:29 +02:00
c-goes 49ed85dd4e Allow $ in email addresses 2017-09-27 13:01:14 +02:00
iglocska a61b5007cf fix: Fixed an issue with pushing a sample via the API / add attachments when no object templates are loaded 2017-09-25 13:08:26 +02:00
iglocska 3f76fd6ea7 new: Rework of the attachment uploader 
- add attachments and upload_sample now share code
- allow the same features via upload_sample (object creation / use of advanced add attachments)
- new flag: advanced

- example:

  POST to mymisp/events/upload_sample
  BODY:
{"request":{"files": [{"filename": "bla.exe", "data": "U3RhckNyYWZ0IElJIGZvcmV2ZXI="}], "distribution": 1, "advanced":1, "info":"bla"}}

- this commit was brought to you by CEF and

MMMH$= -  .,   ,,.          %H++  ,= %%$$$$X+ ;=== .=  :+HHHMMMHMMM####MMH@@@@@@HHH$=      HHH@HHHHH+XXX$$$$$$$$XXXXXXX+
MMH = -.  . ,-,,-,.         :H@H  =;;++$HH+XX$%+X%+$++=:=.XH@@@HMMMMMMMMH@@@@@@@HHX$   ,X@@@@@@@HHHHHHHHHHXXXXXXXXXXXXXX
  . ---,  -    ,,,            +@ .. ;++$HH+HHH++$+++HH+++, .+%HHMHHHHHHHHH+%%%++++$+   +++HHHHHHH+++++++++HHHHHHHHHHHHHH
- -- ,,,  --,. -                 , ,; +$XHH@@@@HHH@@@HHHH+$+$X+HH+$$+ ;  ;=  .    %   +  ,+$X+++XXXXXXXXXXXXX++HH+++++++
---==,,--,-,-., :     .          -,,:/ $XHH@HMMMMMMMMMM@HHX$H@MHHHHX+H%%$%+H/:.%. $. @,,,. $$XXXXXXXXXXXXXXXXXXXXXXXXXX+
  =  - --,,   , --   ..             =/ +$+H@@HMMMMMMMMH+H+++HHHHHHHH@+++++H+X++X+$$  = ,,, - $$XXXXX$$$$X$$$$$$$$$$$$$$X
====== --,,,, ,= =              ,==== ++$$+HHMMM####MH+$$+++HH@+HH@MHMMH@@H@@@HH+$+    ,,, ,. $$+$++$$$$$$$$$$++$$$$$$$X
 :==-===-,. ,., ==   .           :;; +++%$+H@HMMMMMMM%$%$$$+H@@+HH@MMMMMM@@@@HHH++H. .,,-,,--=/+$$%%%%%%%%$+%%$$$$$XXXXX
,  =  ==- -  .  ==             . =; ++++%++HHHHHHHHHH++%$$X+@@H+HHHMMMMMMHH@@@+X+    , ,,,,-  , ,$$$$$$$+++++$$$$XXXXX$$
,,-       ,    --=    ..       . ;/ ++++%$X+HHHHHHH  ++$++X+HH+X+H@HMMHHHHHHHH+.       ,,  ,,  , .    +$$$$+%+$$$$$$$$$$
,-----=-=--,   ,==             ..;/ +% +%$XX+HH++HH+/+$%++H@@HHXHHH@@@@@@@@HXX  .   .,,,.  ,,,,     ,-=$$$$$$$$$$$$$$$$$
 - ,- --  -,   ,-=     .         =/++%++%+++++XXXXX$$+.  +HHH@+$XHHHHHHHHH++$        -,,,  ,,      ,,,.   ,+$$$$$$$$$$$$
 ---,-----, .   ==               =/+%+++%++$$+++$X$$$$++,$$+++XXHHHHHHHH+X$+%       ,-,-,        ,,    .  .  ,+$$+++++++
== --, -- =--, ,,=          .    ./++$$++$+X$+/++$$XXXX$$$$XXXXXXH+HH+H+X$%%/     .,,,,,,    ..  ..    ,. ,,,-=+%+++ /++
+   -- -  -,,-  .,    .  . .      = +$$++++HH+.  ,+$$+++++++$XX$X$XHHH+X$$+      ..--,-    .. .        .    ,-, = ======
MH - ---- --,,,    .       .. ,      %++$$X++++ +%++++++++%++$$$$$+H++X$$+        --,    .         .   .        =  .====
MM=,-, ---,,,,,    . .     ...,,,   =/++%$$XXXX+/+++@@H@HX$+%$$+HHHHH$$$+:       ,--    .     ,. ..       .. ==::;=-:;;;
MM+ ,----,,,,              , .. ,.      +++X+HH+++++%++$++++$$+HHH+++$$          ,-          ,   .       .   : ;/ +%+.
MMH ,-,-,, ,,.        .    -,     =     = +$+H@HH++++$$X$$+++HHH+++$                       ,    ..       ,  +++++++%%+%+
MM@,--,-,,,,,. .     ,,     .    ,-,    .=+$XHHHXXHHHHHHHH@@@@HX$%+:          ,, .      ..,,  .....    ...%%%%++%%%%%%%%
M@@== ,,,  ,                               ++++XX++HHHHHH++HHH+,              ,         ,  .  ....     . +$+%%%%%%+%%%%%
H@H+=,,,  ..                                  ,,+%$+H@HHHXX++,               ,         ,,  .  ...   . ,$$$$$%%%%%+%+%%%%
@H+,-,,.....       .                          .,.;; ++$$X+%+:-              ,  .     .,,,  .  ...   . XXX$$$%%%%%%+%%%%%
+++ -, . ...                             .  .======== === ,                          ,, . .  ..   . -,XXX$X$+$+%%%%%%%%%
$+     .                                ===:; ++++ ++++-,.  ,                       ,-,          .  $X+XX+XXX$$+%++%%%%%
++: ,. .                         ,-,,-==:; %%%%%+%$$%$$X$$$+%+:==        .        . ,,           ..+X$XXXXXX$$$+%%$$%%%%
=:                              ,,,  ==   ++++++$+$$%+++$$$++$+ . ==     .        .,,,             +$$$$$$$$$$$$$$+$%%%+
 ,                          ,---, =:;/++$$XX$$$$$$X+H@H@HHH$%%%$X$++;===== .      .,            .. +%%+$++$%$$$$$$%%++%+
                               ===; +++$$$$+ +%+++%+HH@@@@HH+++ ++%+$+,  ===      ..             ,=;   +++++++++..   :;;
                      .   =:;   /++%$$++,  ,++HHMMHH@@@@HHHH@HH++++++ ,+$$+ .     ..                :=;;:;;;;;==========
                  .,,-==;;;+%  %%+$$$$ /+++@@@@@@@@@@HH@M@MH@@@HHHHH$$% /%$XXX$X  .                -=====::::=========::
                .    =;  ++++++$+++  , +%H@@@HHH@HH++HHH@MHHH@HHHHHH++++ , +%%+$                    ,, -       --- ==:=:
               ====;    ++++$$+%  ++H@HHHHHHH+X++X++@@@HHH@MMMMHHHHHH@HHHH+++++.                        ,,,,-,--- =:==;;
     .,., ==;// / ++++%+%+%+++$$+@H@@@@H@HHH+XXX$%+HHHH@@HH@HMMMMMMMMMMMMMMH@+%;                       ...,,,,,--==;;;/;
 .  ...=    .,+%$++%+$XXX$++%+++H@@@@HHH@HHH+++.   ++++H+HHHHHHHMMMMMMMMMMMM@++:                            ,,, ===;;;;;
==: .  ++++++++HH%H+++X++HH+H@HHHH@HHHHHHH+++++%++%%+%%++ . ,   = ++$H@@HMHMMH%=                                .  ..,,=
+++%$XXHHHHHH@H@@@@@H@HH@MMM@@HH@HH+HXH@HH%%+HH+XX$$$+++/;:=== ,,,,,, = ::; % :,                                   ...,,
%+++HHH@HHH@@HMHHHH@HHHMHMHHHHHH+XH+HHH++++HHHH@HHHHH++%+ -,  = ,=== ,,  ,,, .
H@HHHH#M#M#MHHHM#MMMMMMMHHHH@H@H++@H$+++HHM#MMMMHMMH@@HHHHHH%+++++%%%+++    ,  .
%%%%%%%%%%%%%%++++%%++   ..   ...  ..  .                                   +++%+++++++%++++%+++++++++%+%++%+%%++%++++++%
 2017-09-25 12:22:19 +02:00
iglocska da573e6ee9 fix: Port added to network activity 2017-09-20 15:40:16 +02:00
truckydev caedc85077 bugfix for freetextimport and email 
Correction for a bug when you add an email in freeTextImport.

When you select 'whois-registrant-email' attribut never created and an error is displayed.

because : 
'whois-registrant-email' not in 'Social network'  and 'Payload delivery' but only in 'Attribution'.

This PR add the type 'whois-registrant-email' in 'Social network'  and 'Payload delivery' category.

#### What does it do?

no issue has been created.

#### Questions

- [ ] Does it require a DB change?
- [ ] Are you using it in production?
- [ ] Does it require a change in the API (PyMISP for example)?

#### Release Type:
- [ ] Major
- [ ] Minor
- [X] Patch
 2017-09-19 09:38:48 +02:00
iglocska d32c8e8d91 fix: Fixed double attachment of hashes for malware-samples 2017-09-18 17:20:04 +02:00
iglocska 9eb3ea2114 fix: When deleting an attirbute/objects, object references to it are not deleted, fixes #2477 
- force a reference deletion on attribute/object deletion
- changed it to match deletion type
  - soft-deleting an attribute/object soft-deletes all references to it
  - hard-deleting an attribute/object hard-deletes all references to it
 2017-09-17 12:26:06 +02:00
iglocska 64d16a420e new: Objects tied into e-mailing 2017-09-15 16:52:49 +02:00
iglocska 9ff81f5546 new: Add way to flatten attributes for certain exports (hids, nids) 2017-09-14 09:33:54 +02:00
iglocska 3938abe7e1 fix: Fixed the add attachments functionalities 2017-09-07 16:10:36 +02:00
iglocska 40ea22a272 Merge branch '2.4' into objects_wip 2017-09-04 17:38:06 +02:00
iglocska 58bfabfa73 new: Sync with objects wip 
- add/edit of full events now capture all object related structures
- restructuring of the edit/add functionalities into clearly divided subsections
 2017-09-04 17:26:45 +02:00