From 94e3419c39e29c3549892abc511f53e1f045118a Mon Sep 17 00:00:00 2001
From: garanews <puntogtg@tiscali.it>
Date: Fri, 20 Oct 2017 09:55:46 +0200
Subject: [PATCH] Created add_generic_object.py

usage: add_generic_object.py [-h] -e EVENT -t TYPE -d DICT

Examples:
python3 add_generic_object.py -e 1683 -t email -d '{"subject":"The Pink Letter", "to":"jon@snow.org"}'
python3 add_generic_object.py -e 2343 -t person -d '{"first-name":"Daenerys", "last-name":"Targaryen", "place-of-birth":"Dragonstone"}'
python3 add_generic_object.py -e 3596 -t "domain|ip" -d '{"domain":"stormborn.org", "ip":"50.63.202.33"}'
---
 examples/add_generic_object.py | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 examples/add_generic_object.py

diff --git a/examples/add_generic_object.py b/examples/add_generic_object.py
new file mode 100644
index 0000000..308a1a3
--- /dev/null
+++ b/examples/add_generic_object.py
@@ -0,0 +1,33 @@
+import json
+from pymisp import PyMISP
+from pymisp.tools.abstractgenerator import AbstractMISPObjectGenerator
+from keys import misp_url, misp_key, misp_verifycert
+import argparse
+
+class GenericObject(AbstractMISPObjectGenerator):
+    def __init__(self, type, data_dict):
+        super(GenericObject, self).__init__(type)
+        self.__data = data_dict
+        self.generate_attributes()
+
+    def generate_attributes(self):
+        for key, value in self.__data.items():
+            self.add_attribute(key, value=value)
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description='Create a MISP Object selectable by type starting from a dictionary')
+    parser.add_argument("-e", "--event", required=True, help="Event ID to update")
+    parser.add_argument("-t", "--type", required=True, help="Type of the generic object")
+    parser.add_argument("-d", "--dict", required=True, help="Dict ")
+    args = parser.parse_args()
+
+    pymisp = PyMISP(misp_url, misp_key, misp_verifycert)
+    try:
+        template_id = [x['ObjectTemplate']['id'] for x in pymisp.get_object_templates_list() if x['ObjectTemplate']['name'] == args.type][0]
+    except IndexError:
+        valid_types = ", ".join([x['ObjectTemplate']['name'] for x in pymisp.get_object_templates_list()])
+        print ("Template for type %s not found! Valid types are: %s" % (args.type, valid_types))
+        exit()
+
+    misp_object = GenericObject(args.type.replace("|", "-"), json.loads(args.dict))
+    r = pymisp.add_object(args.event, template_id, misp_object)