Commit Graph

328 Commits (main)

Author SHA1 Message Date
Raphaël Vinot 7ab2b432df
Merge pull request #42 from TheMysteriousX/master
multipart messages can be nested within each other
2020-06-07 20:44:00 +02:00
Raphaël Vinot 62a596146b
Merge branch 'master' into master 2020-06-07 20:41:47 +02:00
Raphaël Vinot 68b334df38
Merge pull request #39 from begunrom/carrier_mail_with_emailattachments
Carrier mail with emailattachments
2020-06-07 20:40:34 +02:00
Adam Bishop 8c2777585a multipart messages can be nested within each other
An example of something that does this is GPG, when operating in PGP/MIME
mode.

The Python documentation remarks that an attachment is anything that isn't
a body - meaning that if there are multipart messages nested within each
other, the containers will be flagged as an attachment.

When get_content() is called on the attachment, it fails with an unhandled
KeyError as there is no attachment handler for multipart.

This change wraps the get_content() call in a try...catch, and returns if
an attachment type unsupported by the runtime is present.

```
Traceback (most recent call last):
  File "/Users/adamb/mail_to_misp/tests/tests.py", line 89, in test_nested_mime
    self.mail2misp.process_email_body()
  File "./mail2misp/mail2misp.py", line 188, in process_email_body
    self._find_attached_forward()
  File "./mail2misp/mail2misp.py", line 88, in _find_attached_forward
    attachment_content = attachment.get_content()
  File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/email/message.py", line 1096, in get_content
    return content_manager.get_content(self, *args, **kw)
  File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/email/contentmanager.py", line 25, in get_content
    raise KeyError(content_type)
KeyError: 'multipart/mixed'
```
2020-06-07 00:31:56 +01:00
Steve Clement 721d806e8d
Merge pull request #41 from SteveClement/master
chg: [pip] Fix deps
2020-04-30 22:57:35 +09:00
Steve Clement 72d369fd2f
chg: [pip] Fix deps 2020-04-30 22:56:36 +09:00
Steve Clement b29f8fdf75
fix: [py] Update wrapt to 1.12.1 2020-04-27 19:21:01 +09:00
Steve Clement 3ed0d5280b
fix: [py] lief is now 0.10.1 stable 2020-04-27 19:16:55 +09:00
begunrom 92c99c0559 exclude attachements of size 0 bytes
Optionally exclude attachments that are 0 bytes long
2019-11-19 10:13:36 +01:00
begunrom b02cce7d14 added unit test for carrier 2019-11-17 09:45:30 +01:00
begunrom 6070d6428c fixed wrong exception handling
Except block handles 'BaseException'
2019-11-17 09:45:12 +01:00
begunrom 26ef177d58 carrier mail functionality
Implements processing of a carrier mail that contains email attachments. Each email attachment is converted into an individual MISP event.
2019-11-16 16:47:43 +01:00
Sascha Rommelfangen d747ede23c add email sender to comment 2019-07-23 14:45:50 +02:00
Sascha Rommelfangen e8b94aae62 Merge branch 'master' of https://github.com/rommelfs/mail_to_misp 2019-07-23 13:36:20 +02:00
Sascha Rommelfangen 0f6d95e8a7 tag extraction from subject and bug fix for alternativetags 2019-07-23 13:35:17 +02:00
Sascha Rommelfangen dd26e2653a
status change from deprecated to unmaintained 2019-07-22 14:49:29 +02:00
Sascha Rommelfangen 9906c05298
described new feature (--urlsonly, --event) 2019-07-22 14:47:41 +02:00
Sascha Rommelfangen 5347325d8b using subject as comment when urlsonly is enabled 2019-07-22 14:35:51 +02:00
Sascha Rommelfangen bf1fca9a9c handled the case with internalattributes better 2019-07-22 11:31:27 +02:00
Sascha Rommelfangen c30c706a2d add urlonly to event feature added 2019-07-19 12:20:56 +02:00
Raphaël Vinot ee56a47e4e new: Add setup.py 2019-07-18 16:34:05 +02:00
Raphaël Vinot 4bf9457c86 ch: Bump requirements file 2019-07-18 16:33:13 +02:00
Raphaël Vinot b43b1de286 fix: Missing key in tests 2019-07-18 16:20:28 +02:00
Raphaël Vinot b9ba7a256f fix: Buggy decode, the email was added twice 2019-07-18 16:12:44 +02:00
Raphaël Vinot 9e2abc260f chg: Bump deps, slight changes. 2019-07-18 15:12:15 +02:00
Sascha Rommelfangen 96594e97ec some "fixes" 2019-07-18 12:46:31 +02:00
Sascha Rommelfangen f19006e56d Merge branch 'master' of https://github.com/rommelfs/mail_to_misp
Conflicts:
	mail_to_misp.py
2019-07-18 11:19:01 +02:00
Sascha Rommelfangen e9a707a2fa temporary fix for attachments 2019-07-18 11:06:26 +02:00
Sascha Rommelfangen f84c9eadee added new functionality to update an event 2019-07-18 11:02:42 +02:00
Steve Clement 69a04243e7
fix: [pip] urllib3 fix (#32)
fix: [pip] urllib3 fix
2019-05-17 05:24:26 +02:00
Steve Clement 73cda7fbf6 fix: [pip] urllib3 fix 2019-05-17 12:23:33 +09:00
Steve Clement 520e2e791f
fix: [pip] updated urllib3 CVE-2019-11324 (#31)
fix: [pip] updated urllib3 CVE-2019-11324
2019-05-17 05:20:54 +02:00
Steve Clement 5a73264518 fix: [pip] updated urllib3 CVE-2019-11324 2019-05-17 12:19:14 +09:00
Raphaël Vinot b64d651299 chg: Bump dependencies 2019-03-25 16:04:30 +01:00
Raphaël Vinot a4aea56cda chg: Update readme to use pipenv 2019-01-21 14:52:10 +01:00
Raphaël Vinot 84142f9402 chg: Remove testing for python 3.7, lief from pypi doesn't support it. 2019-01-21 14:51:00 +01:00
Raphaël Vinot 58ea8a64ca fix: Support new version of pyfaup 2019-01-21 14:39:04 +01:00
Raphaël Vinot 28326e37a9 chg: Use pipenv 2019-01-21 14:33:09 +01:00
Raphaël Vinot 7ba873dd68 chg: Bump test files 2018-08-03 11:48:57 +02:00
Raphaël Vinot 11c99c879b fix: Properly add sightings, meta event attributes 2018-08-03 11:26:11 +02:00
Raphaël Vinot 757f2cb4bf fix: Allow passing 0 to distribution, threat_level and analysis 2018-08-03 10:52:35 +02:00
Raphaël Vinot 145930d55d new: Add config to disable DNS lookups 2018-08-02 17:04:46 +02:00
Raphaël Vinot b651ffd984 Merge branch 'master' of github.com:MISP/mail_to_misp 2018-08-02 17:02:25 +02:00
Raphaël Vinot 45fa0c7323 fix: Properly handle plain text attachments 2018-08-02 17:02:17 +02:00
Raphaël Vinot 5facd8d4d5
Fix typo 2018-08-02 14:02:10 +02:00
Raphaël Vinot 517bb19786 chg: Dump test files 2018-08-02 13:57:21 +02:00
Raphaël Vinot 086ab9f367 fix: Fucked up submodule 2018-08-02 13:51:11 +02:00
Raphaël Vinot 59f630268b fix: Add submodule 2018-08-02 13:44:53 +02:00
Raphaël Vinot 03bf3e3506 fix: Proper type detection of attachments
Fix #27
2018-08-02 13:42:07 +02:00
Raphaël Vinot cdfe86af2a chg: Update readme 2018-08-02 12:02:50 +02:00