From 582fd28702fa3923c2f3c0790fd2a5e2fa683b81 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Wed, 20 Dec 2017 13:29:05 +0100 Subject: [PATCH 1/2] fix MISPObject missing distribution and sharing_group_id - fix MISPObject missing distribution concept - fix language typo paramaters => parameters --- pymisp/mispevent.py | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/pymisp/mispevent.py b/pymisp/mispevent.py index 1c0a7fc..6f4558a 100644 --- a/pymisp/mispevent.py +++ b/pymisp/mispevent.py @@ -699,7 +699,7 @@ class MISPObjectAttribute(MISPAttribute): class MISPObject(AbstractMISP): - def __init__(self, name, strict=False, standalone=False, default_attributes_paramaters={}, **kwargs): + def __init__(self, name, strict=False, standalone=False, default_attributes_parameters={}, **kwargs): ''' Master class representing a generic MISP object :name: Name of the object @@ -708,7 +708,7 @@ class MISPObject(AbstractMISP): :standalone: The object will be pushed as directly on MISP, not as a part of an event. In this case the ObjectReference needs to be pushed manually and cannot be in the JSON dump. - :default_attributes_paramaters: Used as template for the attributes if they are not overwritten in add_attribute + :default_attributes_parameters: Used as template for the attributes if they are not overwritten in add_attribute ''' super(MISPObject, self).__init__(**kwargs) self.__strict = strict @@ -735,21 +735,25 @@ class MISPObject(AbstractMISP): pass self.uuid = str(uuid.uuid4()) self.__fast_attribute_access = {} # Hashtable object_relation: [attributes] - self._default_attributes_paramaters = default_attributes_paramaters - if self._default_attributes_paramaters: + self._default_attributes_parameters = default_attributes_parameters + if self._default_attributes_parameters: # Let's clean that up - self._default_attributes_paramaters.pop('value', None) # duh - self._default_attributes_paramaters.pop('uuid', None) # duh - self._default_attributes_paramaters.pop('id', None) # duh - self._default_attributes_paramaters.pop('object_id', None) # duh - self._default_attributes_paramaters.pop('type', None) # depends on the value - self._default_attributes_paramaters.pop('object_relation', None) # depends on the value - self._default_attributes_paramaters.pop('disable_correlation', None) # depends on the value - self._default_attributes_paramaters.pop('to_ids', None) # depends on the value - self._default_attributes_paramaters.pop('category', None) # depends on the value - self._default_attributes_paramaters.pop('deleted', None) # doesn't make sense to pre-set it - self._default_attributes_paramaters.pop('data', None) # in case the original in a sample or an attachment - self.distribution = self._default_attributes_paramaters.distribution + self._default_attributes_parameters.pop('value', None) # duh + self._default_attributes_parameters.pop('uuid', None) # duh + self._default_attributes_parameters.pop('id', None) # duh + self._default_attributes_parameters.pop('object_id', None) # duh + self._default_attributes_parameters.pop('type', None) # depends on the value + self._default_attributes_parameters.pop('object_relation', None) # depends on the value + self._default_attributes_parameters.pop('disable_correlation', None) # depends on the value + self._default_attributes_parameters.pop('to_ids', None) # depends on the value + self._default_attributes_parameters.pop('category', None) # depends on the value + self._default_attributes_parameters.pop('deleted', None) # doesn't make sense to pre-set it + self._default_attributes_parameters.pop('data', None) # in case the original in a sample or an attachment + self.distribution = self._default_attributes_parameters.distribution + self.sharing_group_id = self._default_attributes_parameters.sharing_group_id + else: + self.distribution = 3 + self.sharing_group_id = None self.ObjectReference = [] self._standalone = standalone if self._standalone: @@ -858,8 +862,8 @@ class MISPObject(AbstractMISP): attribute = MISPObjectAttribute({}) else: attribute = MISPObjectAttribute({}) - # Overwrite the parameters of self._default_attributes_paramaters with the ones of value - attribute.from_dict(object_relation=object_relation, **dict(self._default_attributes_paramaters, **value)) + # Overwrite the parameters of self._default_attributes_parameters with the ones of value + attribute.from_dict(object_relation=object_relation, **dict(self._default_attributes_parameters, **value)) if not self.__fast_attribute_access.get(object_relation): self.__fast_attribute_access[object_relation] = [] self.__fast_attribute_access[object_relation].append(attribute) From 4a1d43c7e24a1ee6a00df59a323345b4fd40baef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 20 Dec 2017 14:27:31 +0100 Subject: [PATCH 2/2] fix: Fix typo --- pymisp/tools/create_misp_object.py | 22 +++++++++++----------- pymisp/tools/elfobject.py | 2 +- pymisp/tools/machoobject.py | 2 +- pymisp/tools/peobject.py | 2 +- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/pymisp/tools/create_misp_object.py b/pymisp/tools/create_misp_object.py index e12f76e..cc0c6fc 100644 --- a/pymisp/tools/create_misp_object.py +++ b/pymisp/tools/create_misp_object.py @@ -22,8 +22,8 @@ class FileTypeNotImplemented(MISPObjectException): pass -def make_pe_objects(lief_parsed, misp_file, standalone=True, default_attributes_paramaters={}): - pe_object = PEObject(parsed=lief_parsed, standalone=standalone, default_attributes_paramaters=default_attributes_paramaters) +def make_pe_objects(lief_parsed, misp_file, standalone=True, default_attributes_parameters={}): + pe_object = PEObject(parsed=lief_parsed, standalone=standalone, default_attributes_parameters=default_attributes_parameters) misp_file.add_reference(pe_object.uuid, 'included-in', 'PE indicators') pe_sections = [] for s in pe_object.sections: @@ -31,8 +31,8 @@ def make_pe_objects(lief_parsed, misp_file, standalone=True, default_attributes_ return misp_file, pe_object, pe_sections -def make_elf_objects(lief_parsed, misp_file, standalone=True, default_attributes_paramaters={}): - elf_object = ELFObject(parsed=lief_parsed, standalone=standalone, default_attributes_paramaters=default_attributes_paramaters) +def make_elf_objects(lief_parsed, misp_file, standalone=True, default_attributes_parameters={}): + elf_object = ELFObject(parsed=lief_parsed, standalone=standalone, default_attributes_parameters=default_attributes_parameters) misp_file.add_reference(elf_object.uuid, 'included-in', 'ELF indicators') elf_sections = [] for s in elf_object.sections: @@ -40,8 +40,8 @@ def make_elf_objects(lief_parsed, misp_file, standalone=True, default_attributes return misp_file, elf_object, elf_sections -def make_macho_objects(lief_parsed, misp_file, standalone=True, default_attributes_paramaters={}): - macho_object = MachOObject(parsed=lief_parsed, standalone=standalone, default_attributes_paramaters=default_attributes_paramaters) +def make_macho_objects(lief_parsed, misp_file, standalone=True, default_attributes_parameters={}): + macho_object = MachOObject(parsed=lief_parsed, standalone=standalone, default_attributes_parameters=default_attributes_parameters) misp_file.add_reference(macho_object.uuid, 'included-in', 'MachO indicators') macho_sections = [] for s in macho_object.sections: @@ -49,9 +49,9 @@ def make_macho_objects(lief_parsed, misp_file, standalone=True, default_attribut return misp_file, macho_object, macho_sections -def make_binary_objects(filepath=None, pseudofile=None, filename=None, standalone=True, default_attributes_paramaters={}): +def make_binary_objects(filepath=None, pseudofile=None, filename=None, standalone=True, default_attributes_parameters={}): misp_file = FileObject(filepath=filepath, pseudofile=pseudofile, filename=filename, - standalone=standalone, default_attributes_paramaters=default_attributes_paramaters) + standalone=standalone, default_attributes_parameters=default_attributes_parameters) if HAS_LIEF and filepath or (pseudofile and filename): try: if filepath: @@ -63,11 +63,11 @@ def make_binary_objects(filepath=None, pseudofile=None, filename=None, standalon else: lief_parsed = lief.parse(raw=pseudofile.getvalue(), name=filename) if isinstance(lief_parsed, lief.PE.Binary): - return make_pe_objects(lief_parsed, misp_file, standalone, default_attributes_paramaters) + return make_pe_objects(lief_parsed, misp_file, standalone, default_attributes_parameters) elif isinstance(lief_parsed, lief.ELF.Binary): - return make_elf_objects(lief_parsed, misp_file, standalone, default_attributes_paramaters) + return make_elf_objects(lief_parsed, misp_file, standalone, default_attributes_parameters) elif isinstance(lief_parsed, lief.MachO.Binary): - return make_macho_objects(lief_parsed, misp_file, standalone, default_attributes_paramaters) + return make_macho_objects(lief_parsed, misp_file, standalone, default_attributes_parameters) except lief.bad_format as e: logger.warning('Bad format: {}'.format(e)) except lief.bad_file as e: diff --git a/pymisp/tools/elfobject.py b/pymisp/tools/elfobject.py index 4dda680..d58390c 100644 --- a/pymisp/tools/elfobject.py +++ b/pymisp/tools/elfobject.py @@ -58,7 +58,7 @@ class ELFObject(AbstractMISPObjectGenerator): if self.__elf.sections: pos = 0 for section in self.__elf.sections: - s = ELFSectionObject(section, self._standalone, default_attributes_paramaters=self._default_attributes_paramaters) + s = ELFSectionObject(section, self._standalone, default_attributes_parameters=self._default_attributes_parameters) self.add_reference(s.uuid, 'included-in', 'Section {} of ELF'.format(pos)) pos += 1 self.sections.append(s) diff --git a/pymisp/tools/machoobject.py b/pymisp/tools/machoobject.py index fddda21..ed6e2ae 100644 --- a/pymisp/tools/machoobject.py +++ b/pymisp/tools/machoobject.py @@ -61,7 +61,7 @@ class MachOObject(AbstractMISPObjectGenerator): if self.__macho.sections: pos = 0 for section in self.__macho.sections: - s = MachOSectionObject(section, self._standalone, default_attributes_paramaters=self._default_attributes_paramaters) + s = MachOSectionObject(section, self._standalone, default_attributes_parameters=self._default_attributes_parameters) self.add_reference(s.uuid, 'included-in', 'Section {} of MachO'.format(pos)) pos += 1 self.sections.append(s) diff --git a/pymisp/tools/peobject.py b/pymisp/tools/peobject.py index 8f32426..d55a97b 100644 --- a/pymisp/tools/peobject.py +++ b/pymisp/tools/peobject.py @@ -104,7 +104,7 @@ class PEObject(AbstractMISPObjectGenerator): if self.__pe.sections: pos = 0 for section in self.__pe.sections: - s = PESectionObject(section, self._standalone, default_attributes_paramaters=self._default_attributes_paramaters) + s = PESectionObject(section, self._standalone, default_attributes_parameters=self._default_attributes_parameters) self.add_reference(s.uuid, 'included-in', 'Section {} of PE'.format(pos)) if ((self.__pe.entrypoint >= section.virtual_address) and (self.__pe.entrypoint < (section.virtual_address + section.virtual_size))):