mirror of https://github.com/MISP/PyMISP
commit
c88096ab5d
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/python
|
||||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import sys
|
||||
|
|
|
@ -16,7 +16,7 @@ def init(url, key):
|
|||
return PyMISP(url, key, True, 'json')
|
||||
|
||||
if __name__ == '__main__':
|
||||
parser = argparse.ArgumentParser(description='Send malware sample to MISP.')
|
||||
parser = argparse.ArgumentParser(description='Create an event on MISP.')
|
||||
parser.add_argument("-d", "--distrib", type=int, help="The distribution setting used for the attributes and for the newly created event, if relevant. [0-3].")
|
||||
parser.add_argument("-i", "--info", help="Used to populate the event info field if no event ID supplied.")
|
||||
parser.add_argument("-a", "--analysis", type=int, help="The analysis level of the newly created event, if applicatble. [0-2]")
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/python
|
||||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
"""
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
__version__ = '2.2'
|
||||
__version__ = '2.3'
|
||||
|
||||
from .api import PyMISP, PyMISPError, NewEventError, NewAttributeError, MissingDependency, NoURL, NoKey
|
||||
|
|
|
@ -237,7 +237,6 @@ class PyMISP(object):
|
|||
else:
|
||||
return session.post(url, data=event)
|
||||
|
||||
|
||||
def update_event(self, event_id, event, force_out=None):
|
||||
"""
|
||||
Update an event
|
||||
|
@ -270,7 +269,6 @@ class PyMISP(object):
|
|||
url = urljoin(self.root_url, 'attributes/{}'.format(attribute_id))
|
||||
return session.delete(url)
|
||||
|
||||
|
||||
# ##############################################
|
||||
# ######### Event handling (Json only) #########
|
||||
# ##############################################
|
||||
|
@ -310,7 +308,7 @@ class PyMISP(object):
|
|||
distribution = int(distribution)
|
||||
# If None: take the default value of the event
|
||||
if distribution not in [None, 0, 1, 2, 3, 5]:
|
||||
raise NewAttributeError('{} is invalid, the distribution has to be in 0, 1, 2, 3 or None'.format(distribution))
|
||||
raise NewAttributeError('{} is invalid, the distribution has to be in 0, 1, 2, 3, 5 or None'.format(distribution))
|
||||
if distribution is not None:
|
||||
to_return['distribution'] = distribution
|
||||
|
||||
|
@ -572,7 +570,7 @@ class PyMISP(object):
|
|||
def prepare_attribute(self, event_id, distribution, to_ids, category, info,
|
||||
analysis, threat_level_id):
|
||||
to_post = {'request': {}}
|
||||
authorized_categs = ['Payload delivery', 'Artifacts dropped', 'Payload Installation', 'External Analysis']
|
||||
authorized_categs = ['Payload delivery', 'Artifacts dropped', 'Payload Installation', 'External Analysis', 'Antivirus detection']
|
||||
|
||||
if event_id is not None:
|
||||
try:
|
||||
|
@ -624,6 +622,31 @@ class PyMISP(object):
|
|||
response = session.post(url, data=json.dumps(to_post))
|
||||
return self._check_response(response)
|
||||
|
||||
def upload_attachment(self, filename, filepath, event_id, distribution, to_ids,
|
||||
category, info, analysis, threat_level_id):
|
||||
to_post = self.prepare_attribute(event_id, distribution, to_ids, category,
|
||||
info, analysis, threat_level_id)
|
||||
to_post['request']['files'] = [{'filename': filename, 'data': self._encode_file_to_upload(filepath)}]
|
||||
return self._upload_sample(to_post)
|
||||
|
||||
def upload_attachmentlist(self, filepaths, event_id, distribution, to_ids, category,
|
||||
info, analysis, threat_level_id):
|
||||
to_post = self.prepare_attribute(event_id, distribution, to_ids, category,
|
||||
info, analysis, threat_level_id)
|
||||
files = []
|
||||
for path in filepaths:
|
||||
if not os.path.isfile(path):
|
||||
continue
|
||||
files.append({'filename': os.path.basename(path), 'data': self._encode_file_to_upload(path)})
|
||||
to_post['request']['files'] = files
|
||||
return self._upload_sample(to_post)
|
||||
|
||||
def _upload_attachment(self, to_post):
|
||||
session = self.__prepare_session('json')
|
||||
url = urljoin(self.root_url, 'events/upload_attachment')
|
||||
response = session.post(url, data=json.dumps(to_post))
|
||||
return self._check_response(response)
|
||||
|
||||
# ############################
|
||||
# ######## Proposals #########
|
||||
# ############################
|
||||
|
@ -912,6 +935,7 @@ class PyMISP(object):
|
|||
response = session.get(url)
|
||||
return response
|
||||
# ############## Deprecated (Pure XML API should not be used) ##################
|
||||
|
||||
@deprecated
|
||||
def download_all(self):
|
||||
"""
|
||||
|
|
Loading…
Reference in New Issue