MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
23,820 Commits
34 Branches
364 Tags
187 MiB
Commit Graph

710 Commits (e6001bc9fa81938e68042105f43a4002ae9455a4)

Author SHA1 Message Date
Sami Mokaddem 6670333f10
chg: [workflow] Added database migration 2022-05-04 00:00:19 +02:00
Tom King 5de04ecffa chg: Merge from develop 2022-04-20 08:07:36 +01:00
iglocska be9fb9e802
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-04-19 15:18:40 +02:00
iglocska 2688961cc3
Merge branch 'develop' of github.com:MISP/MISP into develop 2022-04-18 17:59:34 +02:00
iglocska ccbd119417
chg: [internal] setupSyncRequest made public 
- to be able to access it via shell scripts
 2022-04-18 17:57:38 +02:00
iglocska 93821c0de6
fix: [security] Sanitise paths for several file interactions 
- remove :// anywhere we don't expect a protocol to be supplied
- remove phar:// in certauth plugin's fetcher

- as reported by Dawid Czarnecki of Zigrin Security
 2022-04-17 18:25:51 +02:00
iglocska 0108f1bde2
fix: [security] unregister phar from stream wrappers globally for all Model code 
- blanket protection against phar deserialization vulnerabilities

- as reported by Dawid Czarnecki of Zigrin Security
 2022-04-17 16:30:14 +02:00
Jakub Onderka 9e8608b3d3 chg: [jsonTool] Properly handle invalid JSON for PHP 7.2 and older 2022-04-10 09:38:25 +02:00
Jakub Onderka 9d8fc81678 chg: [internal] Throw exception if Redis class not found 2022-03-19 12:31:55 +01:00
Sami Mokaddem d65ef9c966
chg: [cryptographicKeys] Indexed more column and bumped db_schema 2022-03-17 14:43:01 +01:00
iglocska b80a7af2c3
new: [cryptographic keys] model and controllers added 
- sets MISP up for information signing
- sign data during synchronisation
 2022-03-13 12:35:12 +01:00
iglocska 870b9d761b
fix: [db schema] fixed 2022-03-04 16:10:12 +01:00
iglocska 7834ec3760
fix: [organisations] made meta fields default to '' and not allow null values 
- fixes a filtering issue with sharing group blueprints leading to sharing groups that are more restrictive than expected
 2022-03-02 17:32:35 +01:00
iglocska 639a4929e3
new: [sharing group blueprints] 
- create a rule based blueprint that is used to create and update a sharing group
- nest sharing groups
- filter organisations by metadata fields
- nested via boolean operators
- CLI exposed
- API exposed
- Lightweight ownership model (only blueprint owner can see and edit the blueprint)
 2022-03-02 02:09:20 +01:00
Tom King 5f618ed0ca chg: Update from upstream develop 2022-02-17 10:41:58 +00:00
Jakub Onderka bd9cecbc2c chg: [internal] Use ProcessTool in Sighting 2021-11-22 09:57:39 +01:00
Jakub Onderka 0cc7804219 chg: [internal] Current branch and commit checking 2021-11-14 19:09:38 +01:00
Jakub Onderka a424c01844 chg: [internal] Small optim 2021-11-14 19:09:38 +01:00
Jakub Onderka db3183ae54 chg: [internal] Faster way how to get current commit 2021-11-14 19:09:38 +01:00
Jakub Onderka 553036de94
Merge pull request #7955 from JakubOnderka/code-style-background-jobs 
chg: [internal] Code style
 2021-11-12 11:48:28 +01:00
Jakub Onderka fb99021ab9 chg: [internal] Code style 2021-11-12 09:44:21 +01:00
Jakub Onderka 6806cdf574 new: [user] Add sub field for user 2021-11-11 16:34:27 +01:00
Luciano Righetti ba0399a6fb chg: remove MISP.use_simple_background_jobs setting in favor of SimpleBackgroundJobs.enabled 2021-11-10 16:44:02 +01:00
Luciano Righetti 9e23a2744f chg: merge develop, fix conflicts 2021-11-09 14:23:51 +01:00
Luciano Righetti 4218787934 chg: move initTool() logic to constructor 2021-11-09 08:43:39 +01:00
Jakub Onderka 5c5f2b54ca
Merge pull request #7938 from JakubOnderka/authkeys-encrypted-vol2 
Authkeys encrypted vol2
 2021-11-09 08:36:44 +01:00
Luciano Righetti 96a46b6899 chg: merge develop, fix conflicts. 2021-11-08 14:37:27 +01:00
iglocska dc925a321f
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-11-08 14:17:01 +01:00
iglocska 952a98dba8
Merge branch 'local_only' into develop 2021-11-08 14:15:18 +01:00
Luciano Righetti f2c9d12eae chg: merge develop, fix conflicts. 2021-11-08 11:35:20 +01:00
Jakub Onderka 5569d7d2bf new: [security] Store authkeys for servers encrypted 2021-11-07 17:51:04 +01:00
Jakub Onderka 3459a09943 chg: [internal] App model cleanup 2021-11-07 10:40:01 +01:00
Jakub Onderka c9b8564c0a
Merge pull request #7927 from JakubOnderka/system-setting 
System setting in database
 2021-11-06 16:15:23 +01:00
Luciano Righetti f80fcec2db chg: rename settings 2021-11-05 15:46:42 +01:00
Jakub Onderka c9597ba3e9 new: Store system settings in database 2021-11-05 09:19:56 +01:00
Luciano Righetti 309f7ed50e fix: wrong update query 2021-11-04 16:51:56 +01:00
Luciano Righetti 5242d3204d chg: rename conf name 2021-11-04 11:39:24 +01:00
iglocska a0e8acc45f
Merge branch 'develop' of github.com:MISP/MISP into develop 2021-11-04 11:05:32 +01:00
iglocska eddf95355a
fix: [database] upgrade script using mb4 defaulted to 255 key length 
- default should be 191
 2021-11-04 11:04:56 +01:00
Luciano Righetti 946bdb68e6 chg: add db update 2021-11-03 17:09:42 +01:00
Luciano Righetti b1eaed2b1b chg: merge develop, fix conflicts 2021-11-03 13:54:20 +01:00
Luciano Righetti 453418d6a5 fix: use class registry to get job class 2021-11-02 16:53:42 +01:00
Luciano Righetti cce5e581d4 fix: add missing jobId param to enqueue() calls 2021-11-02 16:25:43 +01:00
Luciano Righetti ae3300d5d0 chg: use new bg jobs tool in AppModel 2021-11-02 11:55:12 +01:00
Jakub Onderka f1283996ad chg: [internal] Optimise AuditLog 2021-10-31 10:52:47 +01:00
Jakub Onderka 9ae7d88f23 chg: [internal] Optimise Tag::findTagIdsByTagNames 2021-10-30 19:43:17 +02:00
Jakub Onderka 94808488ce
Merge pull request #7852 from JakubOnderka/optimise-sighting 
chg: [internal] Optimise sightings
 2021-10-29 21:25:42 +02:00
Jakub Onderka 0d8292289d chg: [internal] Optimise afterFind and simplify ISODatetimeToUTC 2021-10-28 13:56:27 +02:00
Jakub Onderka 6ade27a27c chg: [internal] Move attribute validation to different tool 2021-10-28 09:42:04 +02:00
Loïc Fortemps dc71f6e451
Merge branch 'develop' into local_tags 2021-10-27 17:06:02 +02:00
Loic Fortemps a1ba1c053e
Adding a local_only option for Tags and Galaxies 2021-10-27 16:51:54 +02:00
Luciano Righetti 5e19ca6761 chg: refactor all background job calls from event model and controller to use new tool 2021-10-27 11:33:32 +02:00
Luciano Righetti 35cf34fab2 Merge branch 'develop' into add_simple_background_jobs 2021-10-26 10:55:13 +02:00
Jakub Onderka 006f603d76 chg: [schema] Add index for object_references.event_id column 2021-10-24 16:01:22 +02:00
Jakub Onderka fd0faf53d7
Merge pull request #7884 from JakubOnderka/faster-notifications 
chg: [internal] Simplified notifications loading
 2021-10-23 20:12:28 +02:00
Jakub Onderka 4997af0aa2 chg: [internal] Disable order for hasAny method 2021-10-23 19:54:38 +02:00
Jakub Onderka 0d78d0f994 chg: [internal] Simplified notifications loading 2021-10-23 19:50:38 +02:00
Jakub Onderka 958bfe7383 fix: [schema] Modify User.change_pw column to boolean 2021-10-23 19:22:45 +02:00
Luciano Righetti f3d05e6ff8 add: add initial new simple background jobs. 2021-10-21 13:39:26 +02:00
Tom King 4e74a165ed Merge remote-tracking branch 'upstream/develop' into feature/propagate_tag_deletion 2021-10-19 09:44:41 +01:00
Jakub Onderka 2ed41a0964 new: [oidc] User setting for oidc metadata 2021-10-18 10:08:18 +02:00
Jakub Onderka 6fe3a895c8 chg: [internal] Simplify validation 2021-10-18 09:04:06 +02:00
Jakub Onderka 1ffdfed0b1 chg: [internal] Optimise validators 2021-10-18 09:04:06 +02:00
Jakub Onderka a1c22e9fe5 chg: [internal] Remove unused validation rule 2021-10-18 09:04:06 +02:00
Jakub Onderka f3f50c14fd chg: [internal] Remove unused method 2021-10-18 09:04:06 +02:00
Jakub Onderka e1895cba81 chg: [internal] Optimise sightings 2021-10-17 16:17:17 +02:00
Jakub Onderka 28afe209ca chg: [internal] Fix setting cleanDb admin setting 2021-10-16 19:32:32 +02:00
Jakub Onderka d45ac63bf9 chg: [internal] Do less work when checking if db is updated 2021-10-16 09:58:05 +02:00
Jakub Onderka a3d1ff8762 chg: [internal] Another bunch of event filter optim 2021-10-15 15:54:31 +02:00
Jakub Onderka 9d84b6923d
Merge pull request #7835 from JakubOnderka/stix-export 
chg: [internal] Simplified loading python bin
 2021-10-13 17:27:02 +02:00
Jakub Onderka 2b31ada0a5 chg: [stix-export] Simplified loading python bin 2021-10-13 09:57:25 +02:00
Jakub Onderka 9610fb1e93 chg: [internal] Use FileAccessTool for Feed::unzipFirstFile 2021-10-12 14:32:50 +02:00
Jakub Onderka d9e89955bc chg: [internal] Simplify fetching Kafka topic 2021-10-11 09:41:46 +02:00
Jakub Onderka b3591f2d72 chg: [internal] Faster event tag attaching 2021-10-05 20:24:02 +02:00
Jakub Onderka 544c9ee8b9 new: [internal] Store MISP live status also in Redis 2021-10-04 10:07:32 +02:00
Jakub Onderka fdf6f5ca9e chg: [internal] Cleanup AdminShell::{updateJSON,runUpdates} 2021-09-26 21:52:18 +02:00
Jakub Onderka da1818c3cc fix: [internal] Fetching filter rules 2021-08-30 17:51:17 +02:00
Jakub Onderka 98b87d8987 chg: [security] Use const hasher also for login 2021-08-24 21:45:37 +02:00
Jakub Onderka 439ec5cceb fix: [internal] Code cleanup 2021-08-23 17:03:44 +02:00
Jakub Onderka 3c3cee7735
Merge pull request #7659 from JakubOnderka/unique-indexes 
chg: [schema] Mark more indexes as unique
 2021-08-20 09:22:23 +02:00
Jakub Onderka 1cd09dd919 chg: [schema] Mark more indexes as unique 2021-08-13 13:59:47 +02:00
Jakub Onderka c7f3be0929 chg: [sync] Remove `commit` and MISP-version from HTTP header 2021-08-11 17:02:55 +02:00
Jakub Onderka da195589df chg: [internal] Convert PubSubTool to static 2021-08-11 12:07:32 +02:00
Tom King 370176a037 Merge remote-tracking branch 'upstream/develop' into feature/propagate_tag_deletion 2021-08-11 10:56:30 +01:00
iglocska 4739e1f234
Merge branch '2.4' into develop 2021-08-02 13:31:19 +02:00
iglocska 269883c4ef
fix: [afterHook] for setting changes wasn't returning true, fixes 7477 
- this caused the CLI setting change to error out
 2021-08-02 13:30:29 +02:00
Jakub Onderka db242d6901 chg: [internal] Convert array to const 2021-07-27 18:49:40 +02:00
Jakub Onderka 15e3cc799c chg: [internal] Removed unused variables 2021-07-27 18:43:16 +02:00
Jakub Onderka 525339e333 chg: [internal] Remove unused method 2021-07-21 17:57:25 +02:00
Jakub Onderka 5f48fee84a chg: [internal] Move variable from AppModel to Server model 2021-07-21 17:53:47 +02:00
Jakub Onderka b62c95389c
Merge pull request #7157 from JakubOnderka/sighting-push-filtering 
new: [sync] Method for filtering out existing sightings
 2021-07-09 12:19:32 +02:00
Tom King 297eb9baad Merge remote-tracking branch 'upstream/2.4' into feature/propagate_tag_deletion 2021-07-07 08:49:13 +01:00
Jakub Onderka 017249451b new: [API] Read only authkeys 2021-06-28 12:41:10 +02:00
Tom King b5e2163556 new: [sync] Allow option to delete tags on event sync prior to soft-delete tag implementation 2021-06-11 17:14:29 +01:00
Jakub Onderka 8dc740cc35 new: Custom warninglist 2021-06-08 17:48:05 +02:00
mokaddem daf3d112ee
Merge remote-tracking branch 'origin/develop' into feature-galaxy-disabled 2021-06-03 11:01:49 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
iglocska d61ebc9905
new: [correlation exclusions] now have an optional comment field 
- explain why you exclude a value for easier maintenance
- edit existing exclusions to add those comments after the fact
 2021-04-27 10:52:53 +02:00
Jakub Onderka cd943b5e27 new: [sync] Method for filtering out existing sightings 2021-03-09 20:07:02 +01:00
Jakub Onderka e19850218a chg: [optimisation] Faster Model::_findList method 2021-03-07 11:12:03 +01:00
Jakub Onderka 062390ed83
Merge pull request #7155 from JakubOnderka/push-optim 
Push optim
 2021-03-04 19:12:31 +01:00
Jakub Onderka 921583f24d chg: [sync] Code cleanup 2021-03-04 18:30:28 +01:00
Jakub Onderka 599819f7f9 new: [authkeys] Allowed IPs 2021-03-03 09:23:07 +01:00
Jakub Onderka e3b2a0a40c chg: [schema] Add index for EventReport.event_id 2021-03-03 08:17:18 +01:00
Jakub Onderka 874ec66c9b chg: [schema] Convert GalaxyCluster tag name to case insensitive 2021-03-03 08:17:16 +01:00
iglocska b4e84726f1
Merge branch '2.4' into develop 2021-02-25 11:58:11 +01:00
iglocska 64879b836e
new: [CLI] check if updates are done yet or not 
usage:

- /var/www/MISP/app/Console/cake Admin updatesDone [blocking]
- returns True or False based on whether it is done
- When the blocking parameter is set, it will not return until all updates are done
 2021-02-25 11:37:37 +01:00
mokaddem 7222197245
new: [galaxy] Support of enabled/disabled state at galaxy level 
Fix #7019
 2021-02-19 13:33:24 +01:00
Jakub Onderka 1ac21e04c6 chg: [internal] Make Redis connection static 2021-02-16 09:50:46 +01:00
Jakub Onderka f910d8538b
Merge pull request #6809 from JakubOnderka/optimise-sightings-saving 
chg: [internal] Optimise sightings saving
 2021-01-09 13:23:36 +01:00
iglocska b8823b86e2
new: [correlation] added system to exclude certain values from the correlation engine 
- simply add values at /exclude_correlations
- new values coming in will not correlate if they trip over the values listed there
- to remove existing correlations run the cleaner tool on the above endpoint

- values can be 1:1 matches, or substring searches (denoted with a leading, ending, or both '%')
  - https://www.google.com/%  will match anything starting with https://www.google.com/
  - %google.com% will match anything that contains google.com
 2021-01-07 09:31:38 +01:00
Jakub Onderka 2bbe36c0ed chg: [internal] Optimise sightings saving 2021-01-01 15:45:05 +01:00
Jakub Onderka 4d4b306b60 new: [internal] New model method find('column') 2020-12-23 10:42:05 +01:00
Jakub Onderka a585466dff new: [security] Setting to hide orgs form sharing group view 2020-12-22 23:43:30 +01:00
Jakub Onderka 8df77748b0 chg: [internal] Small optimisations 2020-12-17 13:50:25 +01:00
Jakub Onderka d7c027fe91 chg: [internal] Force to update session data after database update 2020-12-17 13:49:32 +01:00
iglocska a332e1379c
Merge branch '2.4' into cerebrate 2020-11-30 23:49:40 +01:00
iglocska e65b255a62
new: [Cerebrate] db update added 2020-11-30 23:38:38 +01:00
Jakub Onderka 2c7d6e4466 new: [auth] Allow to enforce auth plugin authentication 2020-11-30 14:46:36 +01:00
Jakub Onderka 3b791aea7e fix: [internal] Do not try to fetch empty job 2020-11-19 19:16:12 +01:00
mokaddem eb2fa7b393 Merge branch '2.4' into galaxy-cluster2.0 2020-11-18 11:45:01 +01:00
iglocska 360dadc35f
fix: [authkey] default value incorrect 2020-11-18 11:37:23 +01:00
mokaddem dc65c79130
Merge branch '2.4' of github.com:MISP/MISP into galaxy-cluster2.0 2020-11-13 16:26:35 +01:00
mokaddem 410e3fbeee
chg: [appModel] Logout users after update 2020-11-12 11:08:08 +01:00
iglocska dbffebe503
Merge branch '2.4' into CRUD 2020-11-11 11:19:23 +01:00
mokaddem 150b4cb7d1
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-11-09 10:07:43 +01:00
mokaddem 0f69022a4e
fix: [appmodel] Make sure parameter is a string before accessing string 
index.
Fix #6544
 2020-11-05 10:13:05 +01:00
Jakub Onderka 49660255fe new: [av] Malware protection for uploaded files 2020-10-22 16:38:07 +02:00
iglocska 0b6da917d4
new: [advanced authkey] API key copy to the new system added to diagnostics 2020-10-20 08:35:21 +02:00
Jakub Onderka 46ba51a32e new: [sync] Show client certificate info in connection test 2020-10-19 09:57:06 +02:00
Jakub Onderka ac6761d7a5 fix: [internal] Remove unused AppModel::checkVersionRequirements method 2020-10-18 22:19:07 +02:00
mokaddem b628e15eb9
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-10-09 14:54:47 +02:00
Jakub Onderka cf070bd7dd fix: [internal] Array to string conversion when constructing request 2020-10-06 17:27:53 +02:00
mokaddem 28a05576a4
chg: [appmodel] Set default value for warninglist_entry_count 2020-10-06 10:53:29 +02:00
Jakub Onderka c2f6908002 chg: [optimisation] Load MISP version and commit just once 2020-10-03 20:02:55 +02:00
mokaddem 02725982cc
Merge branch '2.4' of github.com:MISP/MISP into feature-event-report 2020-10-01 10:38:28 +02:00
mokaddem 2fdcede6b6
chg: [appModel] Removed prio worker from the list of available workers 
to perform an update
 2020-10-01 09:28:02 +02:00
iglocska 6b0252d7e4
new: [user agent] string changed for MISP -> MISP synchronisation 2020-09-29 14:56:19 +02:00
mokaddem 6aab30c871
chg: [appmodel] Make sure to trigger the event report db update 2020-09-28 15:53:12 +02:00
mokaddem eb84b3344f
Merge remote-tracking branch 'origin/2.4' into galaxy-cluster2.0 2020-09-22 12:08:12 +02:00
mokaddem 4408a17dff
Merge remote-tracking branch 'origin/2.4' into feature-event-report 2020-09-22 10:15:22 +02:00
mokaddem 8e6b5ecb44
chg: [appmodel] New entry to create an upper bound for the unwanted 
action through login

This will be used by recovery scripts
 2020-09-15 12:00:26 +02:00
mokaddem 32dde67374
Merge branch '2.4' of github.com:MISP/MISP into feature-event-report 2020-09-03 13:38:41 +02:00
mokaddem fb5c26997a
chg: [appModel] Create UUID unique index for other tables 2020-09-03 13:29:54 +02:00
mokaddem b374e67a15
chg: [appModel] Delete duplicated sightings uuid 2020-09-03 13:15:24 +02:00
mokaddem 6f092dfeb4
chg: [appModel] Optimized deduplication, log removed elements and 
regenerate unique indexes on update
 2020-09-03 10:55:14 +02:00
mokaddem 1729de3995
Merge branch '2.4' into fix-duplicated-uuids 2020-09-03 10:21:56 +02:00
Golbark 3a0bedb104 chg: [internal] Using Allowedlist instead of Whitelist 2020-09-01 16:28:20 +02:00
Golbark 3fb47d1cce chg: [internal] Using blocklist instead of blacklist 2020-09-01 16:27:36 +02:00
mokaddem 355861daa7
fix: [appmodel] Create indexes after the column has been added 2020-09-01 08:16:17 +02:00