MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
6,648 Commits
63 Branches
383 Tags
216 MiB
Commit Graph

6648 Commits (67d37a283faab5c95e88cb539743b26c8e2743d6)

Author SHA1 Message Date
chrisr3d 5f293912fc Added reg-key objects parsing for observed data 
Still not tested as registry-key objects seem to have an issue in MISP
 2017-11-15 11:21:50 +01:00
Alexandre Dulaunoy 0257ddc02c
fix: MISP objects updated to the latest version 2017-11-15 08:13:12 +01:00
chrisr3d beac7ed393 Support email objects parsing into observed data 
Currently skipping display names in observed data email-addr objects
 2017-11-14 17:41:54 +01:00
Alexandre Dulaunoy c7ebc46321
Merge pull request #2639 from truckydev/patch-4 
update args.sleep on typeError
 2017-11-14 17:33:54 +01:00
truckydev 5dff54db00
force int for --sleep 
^^
 2017-11-14 17:29:07 +01:00
truckydev a21486c328
update args.sleep on typeError 
Convert string to int for time.sleep when sub.py use with -t
 2017-11-14 17:02:16 +01:00
iglocska f19a3a7c1b fix: Fixed the downloadSamples API 2017-11-14 09:54:47 +01:00
iglocska 27e3faeba5 fix: Fixed silly lookup with injected event IDs on the export page for normal users 
- broke instances with a few hundred k events
 2017-11-13 16:32:28 +01:00
iglocska a659664447 fix: Fixed a reflected XSS in the sharing group creator tool 
- Fixed a reflected XSS in the sharing group editor that requires malicious organisation names

- Low impact due to the following requirements:
  - organisation names with malicious org names (JS in the orgname)
  - sharing group editor user has to manually add an organisation to the list that has javascript in the org name
  - only vulnerable view is the editor itself, so the impact is limited to
    users that manually add organisations with malicious names to the list themselves / edit such sharing groups

- As reported by Dawid Czarnecki
 2017-11-13 09:25:44 +01:00
Andras Iklody 9c068f4e66
Merge pull request #2633 from dawid-czarnecki/patch-1 
Download terms redirect fix
 2017-11-12 08:01:11 +01:00
dawid-czarnecki b3c35e7b4f
Download terms redirect fix 
When server setting MISP.terms_download=true and MISP.terms_file exists under MISP/app/files/terms directory user wasn't able to download terms and conditions before accepting it.
 2017-11-12 01:57:23 +01:00
Alexandre Dulaunoy 012651e920
Merge pull request #2632 from PaoloVecchi/2.4 
Create INSTALL.ubuntu1604.with.webmin.txt
 2017-11-11 18:19:57 +01:00
Paolo Vecchi 6aa3c75957
Create INSTALL.ubuntu1604.with.webmin.txt 
Some, maybe a friend, can't be asked to configure and manage all the services on an Ubuntu 16.04 so Webmin could be useful.
Tested with:
MISP 2.4.82
Webmin 1.860
 2017-11-11 16:18:44 +00:00
chrisr3d 86a0ebb217 Merge branch '2.4' of github.com:MISP/MISP into 2.4 2017-11-10 16:51:28 +01:00
chrisr3d 516af50eeb Some other object types supported in Observed Data 
Object types still not supported (not in 'objectsMapping'
dictionary, from misp2stix2_dictionaries module) are set
to a basic value until the next update, so they do not
generate errors in Stix2 functions
 2017-11-10 16:34:32 +01:00
Andras Iklody 188156f6af
Merge pull request #2630 from treyka/2.4 
add cti-python-stix2 to .gitmodules
 2017-11-10 14:47:04 +01:00
Trey Darley dc9e0bd1f7 add cti-python-stix2 2017-11-10 13:39:28 +00:00
Andras Iklody f2446f870f
Merge pull request #2629 from treyka/2.4 
typo fixen
 2017-11-10 14:18:28 +01:00
Trey Darley 8765e4106f typo fixen 2017-11-10 13:15:07 +00:00
Andras Iklody 4de8e8da8b
Merge pull request #2628 from Delta-Sierra/2.4 
display "Fetch this event" button function in Servers and Feeds preview index
 2017-11-10 11:25:59 +01:00
chrisr3d d5a2f6a88f Merge branch '2.4' of github.com:MISP/MISP into 2.4 2017-11-10 11:23:10 +01:00
chrisr3d aee61a87ba Quick fixes 2017-11-10 11:22:22 +01:00
Alexandre Dulaunoy 829763fbe9
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2017-11-10 11:19:22 +01:00
Deborah Servili 4336517468 Uppercase to be consistent 2017-11-10 11:14:51 +01:00
Deborah Servili 1db899a5fa display "Fetch this event" button function in Servers and Feeds preview index 2017-11-10 11:08:17 +01:00
chrisr3d 74c1f75e52 Supporting Observed Data SDOs from event Objects 
Objects currently supported:
- domain-ip
- file
- ip|port
Currently working on the other ones
 2017-11-10 10:52:33 +01:00
chrisr3d 66f8942c05 Merge branch '2.4' of github.com:MISP/MISP into stix2experiments 2017-11-10 10:42:08 +01:00
iglocska 78915131cb fix: 3rd time is the charm (PyMISP updated) 2017-11-10 08:02:37 +01:00
iglocska 808ad5ea62 fix: PyMISP version 2017-11-10 08:00:28 +01:00
iglocska 1faef82d97 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-11-10 07:54:49 +01:00
iglocska f7418f2d6c chg: PyMISP version bump 2017-11-10 07:53:19 +01:00
Alexandre Dulaunoy 8468bddbc8
2017 even if it's not 2049 ;-) 2017-11-10 07:17:52 +01:00
chrisr3d 20b5ec36f3 Merge branch '2.4' of github.com:MISP/MISP into stix2experiments 2017-11-10 00:26:30 +01:00
Alexandre Dulaunoy 2563f9adca
fix: warning list updated to the latest version 2017-11-09 19:24:21 +01:00
Alexandre Dulaunoy e1422f4f0b
fix: taxonomy updated to the latest version 2017-11-09 19:23:34 +01:00
Alexandre Dulaunoy 596131bd32
fix: MISP object updated to the latest version 2017-11-09 19:23:04 +01:00
Alexandre Dulaunoy 945b09f403
fix: latest version of the galaxy added 2017-11-09 19:22:22 +01:00
chrisr3d fcc1525881 Fixed typo for custom objects' type 
In order to keep the initial type of the attribute
 2017-11-09 16:35:27 +01:00
chrisr3d eaa840d436 Previous version of the dictionary no longer used 
Double quotes seem to not be validated in stix2 patterns
 2017-11-09 16:31:38 +01:00
iglocska ed1a2edc34 fix: Added sharing group data to the new ACL functions 2017-11-09 11:57:41 +01:00
iglocska 6090e77cff fix: Rework of tags index / galaxy view 
- performance tweaks
- no more silly queries
- added sharing group aware ACL to the event/attribute counters
 2017-11-09 11:53:57 +01:00
chrisr3d 9dd1f2e1d2 Fixed an issue with patterns 
Caused by the previous dictionary format
(double and simple quotes management)
 2017-11-09 11:46:50 +01:00
chrisr3d dd137fde95 Merge branch '2.4' of github.com:MISP/MISP into stix2experiments 2017-11-09 10:48:36 +01:00
iglocska d5acd0fb22 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2017-11-08 18:57:37 +01:00
iglocska 57b935e7de fix: Added context to the sightings zmq feed 2017-11-08 18:57:08 +01:00
iglocska dcfe2fff09 fix: Fixed the tags/index performance snafu 2017-11-08 18:55:58 +01:00
iglocska 396eecd242 fix: Ugly fix for the float issues 2017-11-08 18:55:13 +01:00
iglocska a096449631 fix: Potential reflected XSS on older browsers in the histogram 
- As reported by Dawid Czarnecki
 2017-11-08 12:01:09 +01:00
iglocska 3e5b1179c5 fix: Histogram rework 
- removed junk debug
- fixed group by issue
- better performance
 2017-11-08 11:58:19 +01:00
iglocska 42b67a04d9 fix: Enable auto select for new object rows when adding additional ones via the multiple expand 2017-11-08 09:12:23 +01:00