MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
2,364 Commits
13 Branches
166 Tags
93 MiB
Commit Graph

26 Commits (85d36bcb6216bd942c6faf937701293ec06dd960)

Author SHA1 Message Date
Raphaël Vinot fa95c9d84f fix: Properly decode the body depending on the encoding of the email 
Fix #671
 2021-01-11 14:15:34 +01:00
seamus tuohy 87c02da0d7 Updated emailobject. 
Email object no longer requires extra php libraries for install.
Tests have been expanded to improve coverage.
RTF encapsulated HTML and Plain Text will now be de-encapsulated.
The raw MSG binary will now be included in the extracted email object.
 2020-12-28 13:47:21 -05:00
nighttardis 2a4b215026 adding check if "from" is in the "received" header row 2020-11-30 18:45:53 -06:00
Raphaël Vinot 9046b08a3c fix: Do not fail on PyMISP import when mail-parser is not present 2020-11-24 14:56:29 +01:00
Raphaël Vinot 9fed66eb2b chg: Make mail-parser an optional dependency 2020-11-24 11:17:23 +01:00
Raphaël Vinot b55370cdad chg: Improve error handling for Outlook emails 
Related: #631
 2020-11-19 11:38:35 +01:00
Jakub Onderka 9fd3d8a3e3 fix: [emailobject] Correctly parse multiple addresses 2020-10-24 17:24:18 +02:00
Jakub Onderka 055ef16e41 new: Test parsing just email header 2020-10-24 17:24:18 +02:00
Jakub Onderka 5e0ad0a47f new: Test parsing outlook message format 2020-10-24 17:24:18 +02:00
Jakub Onderka f598865ce4 new: Refactored emailobject generator 2020-10-24 17:24:17 +02:00
Jakub Onderka d39d4caf7d new: Export display name from email 2020-10-24 17:16:16 +02:00
Jakub Onderka c2fedc3850 new: Parse date from email 2020-10-24 17:16:16 +02:00
Raphaël Vinot e3815a41f1 fix: Make flake8 happy 2020-09-09 15:41:42 +02:00
seamus tuohy 07137209e2 Attempt to decode utf-8-sig encoded emails. 
eml files downloaded from Windows Online security on some Windows 11
systems are automatically encoded in UTF with a byte order mark (BOM)
at the front of the file. This will cause the email parser to fail.

This is a somewhat isolated problem. It only will affects a small
subset of Windows users who download and re-upload eml files. But,
this small subset of users is the target user-base for the MISP
email module: low expertiese users who wish to quickly share
high-value indicators on an ad-hoc basis.

While this fix could be tacked onto the MISP email module instead of
here, I beleive that this fix is more appropriate in the PyMISP object
code. As the "email" object parser this object should be built to
parse all manner of emails that it may encounter. This includes common
malformations such as this one and, even horrors such as, the .msg
format. This commit adds a generically named "attempt_decoding"
function which can be expanded to address all manner of sins that
are encountered in the future.
 2020-09-09 07:45:07 -04:00
Paal Braathen ff62f1c19c Linting/Add missing whitespace 2020-07-28 20:05:42 +02:00
louis f8589061cb chg: Remove standalone default value from MISPObject children c'tor 
MISPObject.__init__ sets standalone=True by default, so there is no
need to do it in its child classes.
 2020-06-30 12:40:08 +02:00
Raphaël Vinot b0e95fd5af chg: Refactorize typing, validate 2020-01-23 10:27:40 +01:00
Raphaël Vinot c03b26a18c new: URLObject (requires pyfaup) 2019-12-04 15:18:27 +01:00
Raphaël Vinot f312f87072 fix: Objects helpers were broken, do not overwrite describe_types 2019-10-08 09:28:33 +02:00
Raphaël Vinot 67cb8e9d53 chg: Allow to pass a eml as string to EmailObject 2019-04-24 15:37:40 +02:00
Raphaël Vinot 42c99054f8 fix: Decoding issue. 2018-05-11 10:20:07 -04:00
Raphaël Vinot 04d3183115 fix: Properly get and decode the body of the email 2018-05-08 11:02:32 +02:00
Raphaël Vinot cb15bdfca1 fix: Provide the extension of the EML file to attach. 2018-05-07 10:18:38 +02:00
Raphaël Vinot 1193e904bf fix: Properly handle attachments 2018-05-04 16:06:48 +02:00
Raphaël Vinot ab54c85509 new: Properly implement the Email object creator 2018-05-03 20:51:04 +02:00
Raphaël Vinot 5c6314c45c new: Add email object generator 2018-03-18 23:21:29 +01:00