Browse Source

Fix STIX import module

pull/70/head
Raphaël Vinot 6 years ago
parent
commit
5624104b77
  1. 9
      misp_modules/modules/import_mod/stiximport.py
  2. 24
      tests/test.py

9
misp_modules/modules/import_mod/stiximport.py

@ -28,7 +28,7 @@ def handler(q=False): @@ -28,7 +28,7 @@ def handler(q=False):
q = json.loads(q)
# It's b64 encoded, so decode that stuff
package = str(base64.b64decode(q.get("data", None)), 'utf-8')
package = base64.b64decode(q.get("data")).decode('utf-8')
# If something really weird happened
if not package:
@ -168,6 +168,9 @@ def buildObservable(o): @@ -168,6 +168,9 @@ def buildObservable(o):
# May as well be useless
return r
if not o.get('object'):
return r
props = o["object"]["properties"]
# If it has an address_value field, it's gonna be an address
@ -195,7 +198,7 @@ def buildObservable(o): @@ -195,7 +198,7 @@ def buildObservable(o):
for hsh in props["hashes"]:
r["values"].append(hsh["simple_hash_value"]["value"])
r["types"] = identifyHash(hsh["simple_hash_value"]["value"])
elif "xsi:type" in props:
# Cybox. Ew.
try:
@ -208,7 +211,7 @@ def buildObservable(o): @@ -208,7 +211,7 @@ def buildObservable(o):
else:
print("Ignoring {}".format(type_))
except:
pass
pass
return r

24
tests/test.py

@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
#!/usr/bin/env python
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import unittest
@ -7,6 +7,7 @@ import base64 @@ -7,6 +7,7 @@ import base64
import json
import os
class TestModules(unittest.TestCase):
def setUp(self):
@ -32,13 +33,14 @@ class TestModules(unittest.TestCase): @@ -32,13 +33,14 @@ class TestModules(unittest.TestCase):
print(response.json())
def test_stix(self):
with open("tests/stix.xml", "r") as f:
data = json.dumps({"module":"stiximport",
"data":str(base64.b64encode(bytes(f.read(), 'utf-8')), 'utf-8'),
"config": {"max_size": "15000"},
})
with open("tests/stix.xml", "rb") as f:
content = base64.b64encode(f.read())
data = json.dumps({"module": "stiximport",
"data": content.decode('utf-8'),
"config": {"max_size": "15000"},
})
response = requests.post(self.url + "query", data=data)
print(response.json())
print('STIX', response.json())
def test_virustotal(self):
# This can't actually be tested without disclosing a private
@ -46,11 +48,11 @@ class TestModules(unittest.TestCase): @@ -46,11 +48,11 @@ class TestModules(unittest.TestCase):
# and pass if it can't find one
if not os.path.exists("tests/bodyvirustotal.json"):
return
return
with open("tests/bodyvirustotal.json", "r") as f:
response = requests.post(self.url + "query", data=f.read()).json()
response = requests.post(self.url + "query", data=f.read()).json()
assert(response)
if __name__ == '__main__':
unittest.main()
unittest.main()

Loading…
Cancel
Save