diff --git a/README.md b/README.md index 2885575..c56e034 100644 --- a/README.md +++ b/README.md @@ -390,6 +390,7 @@ sudo pip3 install --upgrade . SSH in with a different terminal and run `misp-modules` with debugging enabled. ~~~python +sudo killall misp-modules misp-modules -d ~~~ diff --git a/misp_modules/modules/import_mod/email_import.py b/misp_modules/modules/import_mod/email_import.py index 8165e0b..8949e3c 100644 --- a/misp_modules/modules/import_mod/email_import.py +++ b/misp_modules/modules/import_mod/email_import.py @@ -148,23 +148,23 @@ def handler(q=False): # Do we treat all attachments as malware treat_attachments_as_malware = config.get("treat_attachments_as_malware", - False) + "false") if treat_attachments_as_malware.lower() in acceptable_config_yes: treat_attachments_as_malware = True # Do we unzip attachments we find? - unzip = config.get("unzip_attachments", False) + unzip = config.get("unzip_attachments", "false") if unzip.lower() in acceptable_config_yes: unzip = True # Do we try to find passwords for protected zip files? - zip_pass_crack = config.get("guess_zip_attachment_passwords", False) + zip_pass_crack = config.get("guess_zip_attachment_passwords", "false") if zip_pass_crack.lower() in acceptable_config_yes: zip_pass_crack = True password_list = None # Only want to collect password list once # Do we extract URL's from the email. - extract_urls = config.get("extract_urls", False) + extract_urls = config.get("extract_urls", "false") if extract_urls.lower() in acceptable_config_yes: extract_urls = True diff --git a/tests/test.py b/tests/test.py index bf1a472..3c068a8 100644 --- a/tests/test.py +++ b/tests/test.py @@ -99,7 +99,7 @@ class TestModules(unittest.TestCase): with open("tests/test_attachment.eml", "r") as f: data = json.dumps({"module":"email_import", - "data":str(base64.b64encode(test_email)}).encode('utf8') + "data":str(base64.b64encode(test_email)).encode('utf8')}) response = requests.post(self.url + "query", data=data) response.connection.close() print(response.json())