MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
2,943 Commits
41 Branches
370 Tags
180 MiB
Commit Graph

2943 Commits (93af832abef6293052efb768f6109bf8a5355f8a)

Author SHA1 Message Date
Iglocska 93af832abe Blocked the colour update when the taxonomies are updated 
- better to not overwrite the local tag colours unless the tag is refreshed from the taxonomy view. A gree tlp:red looks silly.
 2015-11-26 09:21:51 +01:00
Iglocska c104a1763b Temporarily re-added org field for jobs 2015-11-26 04:38:57 +01:00
Iglocska 0572b2030e Further work on the taxonomies 
- colour coding
- filters on the index
- mass tag creation
 2015-11-26 04:31:24 +01:00
Iglocska 1328d83fe5 Updated taxonomies 2015-11-25 15:43:45 +01:00
iglocska b5857696e9 Update to the Taxonomies 2015-11-24 12:02:39 +01:00
iglocska 3784209cf5 First bash at Taxonomies 
What works:
- added submodules for taxonomies
- added import tool for taxonomies
- added models and convenience functions for taxonomies

- site admins can update taxonomy libraries
- list taxonomies / view indvidual ones (with all resolved tags)
- create tags manually if a taxonomy is enabled
- view related tags / events quickly from the Taxonomy view

What doesn't work:
- Users still cannot choose a tag from taxonomy lists (this will be the main functionality)
- Feature cannot be disabled
 2015-11-24 03:27:14 +01:00
iglocska c5ef4e1d2d update to the gitignore 2015-11-23 19:45:44 +01:00
iglocska 71cbaefae3 Removed nested gitignores 2015-11-23 19:44:57 +01:00
iglocska ba8728abb9 Merge branch 'master' into 2.4-beta 
Conflicts:
	VERSION.json
	app/Controller/Component/IOCImportComponent.php
 2015-11-22 17:53:08 +01:00
iglocska 97f6da18da Added file as an option when a url like google.com is recognised 2015-11-22 17:50:22 +01:00
iglocska cb0ac8b0c3 Merge branch 'master' of https://github.com/MISP/MISP 2015-11-22 17:41:38 +01:00
iglocska 751f57830e Merge branch 'hotfix-2.3.164' 2015-11-22 17:41:00 +01:00
iglocska ca51b55d6b Changes to the OpenIOC Import, fixes #725 
- Removed the OpenIOC Indicator UUID persistence and moved it to a comment
  - this allows for the same OpenIOC report to be imported into separate events and won't result in a UUID collision

- Reworked the composite indicator resolver
  - more generic, allows for 3 part composites (to allow for regkeypath/regkey/regvalue combinations)

- Registry values now correctly recognised
 2015-11-22 17:38:11 +01:00
iglocska 74ab203fda Memberslist now links to the organisations 2015-11-21 23:55:48 +01:00
Alexandre Dulaunoy 1cd7f6bd04 Initial JSON schema - MISP event (version 2.3) 2015-11-20 10:28:11 +01:00
iglocska 1805614efb Fix to a bug in the template attribute creation 2015-11-20 04:31:58 +01:00
iglocska 709a6cae3d New category lookup added to templates 2015-11-20 04:22:10 +01:00
iglocska 61282db28e Fix to the ZMQ call on publish incorrectly passing data to the event fetcher 2015-11-20 03:53:46 +01:00
iglocska 394ae49596 Some bugs resolved 2015-11-20 03:42:35 +01:00
iglocska ac56b8e806 Empty server list causes the user creation to fail 
- fixed
 2015-11-20 03:11:41 +01:00
iglocska 94072f7c60 Fixed a newly introduced bug in the IOC import component 2015-11-20 01:50:10 +01:00
iglocska 3cc3b4f34d fixed too restrictive generateCorrelation attribute fields 2015-11-20 01:21:44 +01:00
iglocska ec566d6225 Small fix to the upgrade script 2015-11-20 01:09:02 +01:00
iglocska 0fb9a70449 Merge branch 'master' into 2.4-beta 
Conflicts:
	VERSION.json
 2015-11-20 00:15:17 +01:00
iglocska 352c7d31c7 Merge branch 'hotfix-2.3.163' into develop 2015-11-19 17:13:41 +01:00
iglocska 7f8ee7ddba Merge branch 'hotfix-2.3.163' 2015-11-19 16:52:41 +01:00
iglocska 2daaee5333 Version bump 2015-11-19 16:52:25 +01:00
iglocska 56adab6122 Bugfix pack, fixes #724, fixes #721 
- Fixed an issue with the new UUID generation method call in OpenIOC
- Fixed an invalid validation check on the salt key

- Added a note on the server page to make it more obvious that values can be changed by double clicking them
 2015-11-19 16:50:14 +01:00
iglocska c71c8f968d Fix to a bug in the financial tool's validation router 
- it didn't use the validation type -> validation method array to call the validation function
- resulted in CC validation not being called as expected
 2015-11-17 22:25:37 +01:00
iglocska db359170f6 some left over merging issues among other things 2015-11-17 22:01:22 +01:00
iglocska 043057f133 Merge branch 'master' into 2.4-beta 
Conflicts:
	VERSION.json
	app/View/Attributes/index.ctp
	app/View/Elements/eventattribute.ctp
	app/View/Elements/global_menu.ctp
	app/View/Elements/side_menu.ctp
	app/View/Events/automation.ctp
	app/View/Events/index.ctp
	app/View/Pages/administration.ctp
	app/View/ShadowAttributes/index.ctp
	app/View/Tags/index.ctp
 2015-11-17 15:13:55 +01:00
iglocska f8fbcc1c60 Merge branch 'master' into develop 2015-11-17 12:07:54 +01:00
iglocska b02480c5eb Merge branch 'hotfix-2.3.162' 
Conflicts:
	app/View/Elements/side_menu.ctp
 2015-11-17 12:07:05 +01:00
iglocska bda6923018 Security fix fixing an XSS issue with the templates 
- as discovered and reported by Rafael Pablos García of INCIBE

- fixed a reflected XSS for template creator users when viewing a template
 2015-11-17 11:58:56 +01:00
iglocska 41b3ef3d9f Merge branch 'hotfix-2.3.161' into develop 2015-11-17 10:22:57 +01:00
iglocska ce49216514 Merge branch 'hotfix-2.3.161' 2015-11-17 10:22:40 +01:00
iglocska e96c05b987 Fix to a recent patch breaking the publish button 2015-11-17 10:21:44 +01:00
iglocska b59ab5cd8b Added logo to organisation page 2015-11-17 08:52:24 +01:00
iglocska 7ee1a9bab2 Merge branch 'hotfix-2.3.160' into develop 2015-11-17 01:18:18 +01:00
iglocska 8a5f725547 Merge branch 'hotfix-2.3.160' 2015-11-17 01:17:55 +01:00
iglocska 332d5fa666 Reverted the sanitisation of the baseurl variable on the view level 
- sanitising it in appcontroller instead
 2015-11-17 01:17:10 +01:00
iglocska 485c007b39 Merge branch 'master' into 2.4-beta 
Conflicts:
	VERSION.json
	app/Lib/Tools/XMLConverterTool.php
	app/Model/Event.php
	app/Model/EventTag.php
	app/Model/TemplateElementAttribute.php
	app/Model/TemplateElementFile.php
	app/Model/TemplateElementText.php
	app/Model/ThreatLevel.php
	app/View/Attributes/index.ctp
	app/View/Elements/eventattribute.ctp
	app/View/Elements/eventattributerow.ctp
	app/View/Elements/global_menu.ctp
	app/View/Elements/side_menu.ctp
	app/View/Events/automation.ctp
	app/View/Events/index.ctp
	app/View/Pages/administration.ctp
	app/View/ShadowAttributes/index.ctp
	app/View/Tags/index.ctp
 2015-11-17 01:14:51 +01:00
iglocska 866641fb40 Fixed an issue with the blacklists not saving the event org 2015-11-17 00:47:51 +01:00
iglocska 54d469f854 Merge branch 'hotfix-2.3.160' into develop 2015-11-17 00:38:45 +01:00
iglocska 63915ab714 Merge branch 'hotfix-2.3.160' 2015-11-17 00:38:05 +01:00
iglocska 6cb7cc7748 Fixed some deprecated validations left over from the purge a few weeks ago 2015-11-17 00:35:32 +01:00
iglocska b3a2428345 Merge branch 'basedir' into hotfix-2.3.160 
Conflicts:
	app/Controller/AppController.php
	app/View/Pages/administration.ctp
 2015-11-17 00:33:34 +01:00
iglocska 053c27ae9a Removed a crappy solution to an issue with attributes being overwritten that was fixed a long time ago correctly on data entry 2015-11-16 19:51:38 +01:00
iglocska cd3096a38f Fixed a security issue with the regular expressions 
- as discovered and reported by Egidio Romano of Minded Security

- Users with the perm_regex permissions could create a malicious regex that leads to RCE using the PHP /e modifier for preg_replace().
- Regular expressions are now sanitised on edit / creation of the malicious modifier

- also added an admin tool that lets admins clean their current set of regexes of the harmful modifier
 2015-11-16 19:47:31 +01:00
iglocska ac2cd88be7 Merge branch 'hotfix-2.3.159' into develop 2015-11-16 00:28:54 +01:00