diff --git a/misp_modules/modules/import_mod/openiocimport.py b/misp_modules/modules/import_mod/openiocimport.py index b472fba..bf7a428 100755 --- a/misp_modules/modules/import_mod/openiocimport.py +++ b/misp_modules/modules/import_mod/openiocimport.py @@ -5,92 +5,92 @@ from pymisp.tools import openioc misperrors = {'error': 'Error'} userConfig = { - 'not save ioc': { - 'type': 'Boolean', - 'message': 'If you check this box, IOC file will not save as an attachment in MISP' - }, - 'default tag': { - 'type': 'String', - 'message': 'Add tags spaced by a comma (tlp:white,misp:threat-level="no-risk")', - 'validation' : '0' - } - } + 'not save ioc': { + 'type': 'Boolean', + 'message': 'If you check this box, IOC file will not save as an attachment in MISP' + }, + 'default tag': { + 'type': 'String', + 'message': 'Add tags spaced by a comma (tlp:white,misp:threat-level="no-risk")', + 'validation' : '0' + } + } inputSource = ['file'] moduleinfo = {'version': '0.1', 'author': 'Raphaƫl Vinot', - 'description': 'Import OpenIOC package', - 'module-type': ['import']} + 'description': 'Import OpenIOC package', + 'module-type': ['import']} moduleconfig = [] def handler(q=False): - # Just in case we have no data - if q is False: - return False + # Just in case we have no data + if q is False: + return False - # The return value - r = {'results': []} + # The return value + r = {'results': []} - # Load up that JSON - q = json.loads(q) + # Load up that JSON + q = json.loads(q) - # It's b64 encoded, so decode that stuff - package = base64.b64decode(q.get("data")).decode('utf-8') + # It's b64 encoded, so decode that stuff + package = base64.b64decode(q.get("data")).decode('utf-8') - # If something really weird happened - if not package: - return json.dumps({"success": 0}) + # If something really weird happened + if not package: + return json.dumps({"success": 0}) - pkg = openioc.load_openioc(package) + pkg = openioc.load_openioc(package) - if q.get('config'): - if q['config'].get('not save ioc') == "0": - addFile = { - "values": [q.get('filename')], - "types": ['attachment'], - "categories": ['Support Tool'], - "data" : q.get('data'), - } - # add tag - if q['config'].get('default tag') is not None: - addFile["tags"] = q['config']['default tag'].split(",") - # add file as attachment - r["results"].append(addFile) + if q.get('config'): + if q['config'].get('not save ioc') == "0": + addFile = { + "values": [q.get('filename')], + "types": ['attachment'], + "categories": ['Support Tool'], + "data" : q.get('data'), + } + # add tag + if q['config'].get('default tag') is not None: + addFile["tags"] = q['config']['default tag'].split(",") + # add file as attachment + r["results"].append(addFile) - # return all attributes - for attrib in pkg.attributes: - toAppend = { - "values": [attrib.value], - "types": [attrib.type], - "categories": [attrib.category], - "comment":attrib.comment - } - # add tag - if q['config'].get('default tag') is not None: - toAppend["tags"] = q['config']['default tag'].split(",") + # return all attributes + for attrib in pkg.attributes: + toAppend = { + "values": [attrib.value], + "types": [attrib.type], + "categories": [attrib.category], + "comment":attrib.comment + } + # add tag + if q['config'].get('default tag') is not None: + toAppend["tags"] = q['config']['default tag'].split(",") - r["results"].append(toAppend) - return r + r["results"].append(toAppend) + return r def introspection(): - modulesetup = {} - try: - userConfig - modulesetup['userConfig'] = userConfig - except NameError: - pass - try: - inputSource - modulesetup['inputSource'] = inputSource - except NameError: - pass - return modulesetup + modulesetup = {} + try: + userConfig + modulesetup['userConfig'] = userConfig + except NameError: + pass + try: + inputSource + modulesetup['inputSource'] = inputSource + except NameError: + pass + return modulesetup def version(): - moduleinfo['config'] = moduleconfig - return moduleinfo + moduleinfo['config'] = moduleconfig + return moduleinfo