MISP
/
mail_to_misp
mirror of https://github.com/MISP/mail_to_misp
2
0
Fork 0
Code Issues Releases Wiki Activity
238 Commits
5 Branches
2 Tags
3 MiB
Commit Graph

238 Commits (5ccb365f935f1d8cb5c85405548e0c8d96e7419a)

Author SHA1 Message Date
eidurorng 5ccb365f93 Quick fix for everything getting classified as external analysis 
With the OR statement everything gets classified as external analysis when not running with --urlsonly.
 2021-01-25 18:03:18 +00:00
Raphaël Vinot 3818ac92ea new: Add freetext import of the whole body 2021-01-25 17:54:58 +01:00
Steve Clement ad36ff599d
Merge pull request #44 from SteveClement/main 
chg: [py] Bumped requirements.txt
 2020-07-14 19:12:23 +09:00
Steve Clement 3e931448a9
chg: [py] Bumped requirements.txt 2020-07-15 04:11:04 +09:00
Raphaël Vinot 851a98177e
Update README.md 2020-06-16 13:13:25 +02:00
Raphaël Vinot 8680e5fb64 chg: Cleanup, bump deps, bump readme 2020-06-16 12:03:59 +02:00
Raphaël Vinot 5b10290700 fix: libfuzzy-dev is required on travis 2020-06-07 21:34:39 +02:00
Raphaël Vinot 190a771ccb chg: Use poetry 2020-06-07 21:28:15 +02:00
Raphaël Vinot 4735383c2c chg: Bump dependencies 2020-06-07 20:55:34 +02:00
Raphaël Vinot 8e6a62e7df chg: bump tests 2020-06-07 20:44:51 +02:00
Raphaël Vinot 7ab2b432df
Merge pull request #42 from TheMysteriousX/master 
multipart messages can be nested within each other
 2020-06-07 20:44:00 +02:00
Raphaël Vinot 62a596146b
Merge branch 'master' into master 2020-06-07 20:41:47 +02:00
Raphaël Vinot 68b334df38
Merge pull request #39 from begunrom/carrier_mail_with_emailattachments 
Carrier mail with emailattachments
 2020-06-07 20:40:34 +02:00
Adam Bishop 8c2777585a multipart messages can be nested within each other 
An example of something that does this is GPG, when operating in PGP/MIME
mode.

The Python documentation remarks that an attachment is anything that isn't
a body - meaning that if there are multipart messages nested within each
other, the containers will be flagged as an attachment.

When get_content() is called on the attachment, it fails with an unhandled
KeyError as there is no attachment handler for multipart.

This change wraps the get_content() call in a try...catch, and returns if
an attachment type unsupported by the runtime is present.

```
Traceback (most recent call last):
  File "/Users/adamb/mail_to_misp/tests/tests.py", line 89, in test_nested_mime
    self.mail2misp.process_email_body()
  File "./mail2misp/mail2misp.py", line 188, in process_email_body
    self._find_attached_forward()
  File "./mail2misp/mail2misp.py", line 88, in _find_attached_forward
    attachment_content = attachment.get_content()
  File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/email/message.py", line 1096, in get_content
    return content_manager.get_content(self, *args, **kw)
  File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/email/contentmanager.py", line 25, in get_content
    raise KeyError(content_type)
KeyError: 'multipart/mixed'
```
 2020-06-07 00:31:56 +01:00
Steve Clement 721d806e8d
Merge pull request #41 from SteveClement/master 
chg: [pip] Fix deps
 2020-04-30 22:57:35 +09:00
Steve Clement 72d369fd2f
chg: [pip] Fix deps 2020-04-30 22:56:36 +09:00
Steve Clement b29f8fdf75
fix: [py] Update wrapt to 1.12.1 2020-04-27 19:21:01 +09:00
Steve Clement 3ed0d5280b
fix: [py] lief is now 0.10.1 stable 2020-04-27 19:16:55 +09:00
begunrom 92c99c0559 exclude attachements of size 0 bytes 
Optionally exclude attachments that are 0 bytes long
 2019-11-19 10:13:36 +01:00
begunrom b02cce7d14 added unit test for carrier 2019-11-17 09:45:30 +01:00
begunrom 6070d6428c fixed wrong exception handling 
Except block handles 'BaseException'
 2019-11-17 09:45:12 +01:00
begunrom 26ef177d58 carrier mail functionality 
Implements processing of a carrier mail that contains email attachments. Each email attachment is converted into an individual MISP event.
 2019-11-16 16:47:43 +01:00
Sascha Rommelfangen d747ede23c add email sender to comment 2019-07-23 14:45:50 +02:00
Sascha Rommelfangen e8b94aae62 Merge branch 'master' of https://github.com/rommelfs/mail_to_misp 2019-07-23 13:36:20 +02:00
Sascha Rommelfangen 0f6d95e8a7 tag extraction from subject and bug fix for alternativetags 2019-07-23 13:35:17 +02:00
Sascha Rommelfangen dd26e2653a
status change from deprecated to unmaintained 2019-07-22 14:49:29 +02:00
Sascha Rommelfangen 9906c05298
described new feature (--urlsonly, --event) 2019-07-22 14:47:41 +02:00
Sascha Rommelfangen 5347325d8b using subject as comment when urlsonly is enabled 2019-07-22 14:35:51 +02:00
Sascha Rommelfangen bf1fca9a9c handled the case with internalattributes better 2019-07-22 11:31:27 +02:00
Sascha Rommelfangen c30c706a2d add urlonly to event feature added 2019-07-19 12:20:56 +02:00
Raphaël Vinot ee56a47e4e new: Add setup.py 2019-07-18 16:34:05 +02:00
Raphaël Vinot 4bf9457c86 ch: Bump requirements file 2019-07-18 16:33:13 +02:00
Raphaël Vinot b43b1de286 fix: Missing key in tests 2019-07-18 16:20:28 +02:00
Raphaël Vinot b9ba7a256f fix: Buggy decode, the email was added twice 2019-07-18 16:12:44 +02:00
Raphaël Vinot 9e2abc260f chg: Bump deps, slight changes. 2019-07-18 15:12:15 +02:00
Sascha Rommelfangen 96594e97ec some "fixes" 2019-07-18 12:46:31 +02:00
Sascha Rommelfangen f19006e56d Merge branch 'master' of https://github.com/rommelfs/mail_to_misp 
Conflicts:
	mail_to_misp.py
 2019-07-18 11:19:01 +02:00
Sascha Rommelfangen e9a707a2fa temporary fix for attachments 2019-07-18 11:06:26 +02:00
Sascha Rommelfangen f84c9eadee added new functionality to update an event 2019-07-18 11:02:42 +02:00
Steve Clement 69a04243e7
fix: [pip] urllib3 fix (#32) 
fix: [pip] urllib3 fix
 2019-05-17 05:24:26 +02:00
Steve Clement 73cda7fbf6 fix: [pip] urllib3 fix 2019-05-17 12:23:33 +09:00
Steve Clement 520e2e791f
fix: [pip] updated urllib3 CVE-2019-11324 (#31) 
fix: [pip] updated urllib3 CVE-2019-11324
 2019-05-17 05:20:54 +02:00
Steve Clement 5a73264518 fix: [pip] updated urllib3 CVE-2019-11324 2019-05-17 12:19:14 +09:00
Raphaël Vinot b64d651299 chg: Bump dependencies 2019-03-25 16:04:30 +01:00
Raphaël Vinot a4aea56cda chg: Update readme to use pipenv 2019-01-21 14:52:10 +01:00
Raphaël Vinot 84142f9402 chg: Remove testing for python 3.7, lief from pypi doesn't support it. 2019-01-21 14:51:00 +01:00
Raphaël Vinot 58ea8a64ca fix: Support new version of pyfaup 2019-01-21 14:39:04 +01:00
Raphaël Vinot 28326e37a9 chg: Use pipenv 2019-01-21 14:33:09 +01:00
Raphaël Vinot 7ba873dd68 chg: Bump test files 2018-08-03 11:48:57 +02:00
Raphaël Vinot 11c99c879b fix: Properly add sightings, meta event attributes 2018-08-03 11:26:11 +02:00