mirror of https://github.com/MISP/misp-modules
Fixed basic errors
parent
08261366b7
commit
0ff270a3be
|
@ -390,6 +390,7 @@ sudo pip3 install --upgrade .
|
||||||
SSH in with a different terminal and run `misp-modules` with debugging enabled.
|
SSH in with a different terminal and run `misp-modules` with debugging enabled.
|
||||||
|
|
||||||
~~~python
|
~~~python
|
||||||
|
sudo killall misp-modules
|
||||||
misp-modules -d
|
misp-modules -d
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
|
|
@ -148,23 +148,23 @@ def handler(q=False):
|
||||||
|
|
||||||
# Do we treat all attachments as malware
|
# Do we treat all attachments as malware
|
||||||
treat_attachments_as_malware = config.get("treat_attachments_as_malware",
|
treat_attachments_as_malware = config.get("treat_attachments_as_malware",
|
||||||
False)
|
"false")
|
||||||
if treat_attachments_as_malware.lower() in acceptable_config_yes:
|
if treat_attachments_as_malware.lower() in acceptable_config_yes:
|
||||||
treat_attachments_as_malware = True
|
treat_attachments_as_malware = True
|
||||||
|
|
||||||
# Do we unzip attachments we find?
|
# Do we unzip attachments we find?
|
||||||
unzip = config.get("unzip_attachments", False)
|
unzip = config.get("unzip_attachments", "false")
|
||||||
if unzip.lower() in acceptable_config_yes:
|
if unzip.lower() in acceptable_config_yes:
|
||||||
unzip = True
|
unzip = True
|
||||||
|
|
||||||
# Do we try to find passwords for protected zip files?
|
# Do we try to find passwords for protected zip files?
|
||||||
zip_pass_crack = config.get("guess_zip_attachment_passwords", False)
|
zip_pass_crack = config.get("guess_zip_attachment_passwords", "false")
|
||||||
if zip_pass_crack.lower() in acceptable_config_yes:
|
if zip_pass_crack.lower() in acceptable_config_yes:
|
||||||
zip_pass_crack = True
|
zip_pass_crack = True
|
||||||
password_list = None # Only want to collect password list once
|
password_list = None # Only want to collect password list once
|
||||||
|
|
||||||
# Do we extract URL's from the email.
|
# Do we extract URL's from the email.
|
||||||
extract_urls = config.get("extract_urls", False)
|
extract_urls = config.get("extract_urls", "false")
|
||||||
if extract_urls.lower() in acceptable_config_yes:
|
if extract_urls.lower() in acceptable_config_yes:
|
||||||
extract_urls = True
|
extract_urls = True
|
||||||
|
|
||||||
|
|
|
@ -99,7 +99,7 @@ class TestModules(unittest.TestCase):
|
||||||
|
|
||||||
with open("tests/test_attachment.eml", "r") as f:
|
with open("tests/test_attachment.eml", "r") as f:
|
||||||
data = json.dumps({"module":"email_import",
|
data = json.dumps({"module":"email_import",
|
||||||
"data":str(base64.b64encode(test_email)}).encode('utf8')
|
"data":str(base64.b64encode(test_email)).encode('utf8')})
|
||||||
response = requests.post(self.url + "query", data=data)
|
response = requests.post(self.url + "query", data=data)
|
||||||
response.connection.close()
|
response.connection.close()
|
||||||
print(response.json())
|
print(response.json())
|
||||||
|
|
Loading…
Reference in New Issue