From cac0c19eed5ee8af23c41d064bf67a36e49bc774 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 4 May 2022 01:26:56 +0200 Subject: [PATCH] new: [action module] samples added for testing --- misp_modules/modules/action_mod/__init__.py | 2 +- .../modules/action_mod/blockaction.py | 63 +++++++++++++++++ .../modules/action_mod/writeaction.py | 68 +++++++++++++++++++ 3 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 misp_modules/modules/action_mod/blockaction.py create mode 100644 misp_modules/modules/action_mod/writeaction.py diff --git a/misp_modules/modules/action_mod/__init__.py b/misp_modules/modules/action_mod/__init__.py index 42fa40e..8427a03 100644 --- a/misp_modules/modules/action_mod/__init__.py +++ b/misp_modules/modules/action_mod/__init__.py @@ -1 +1 @@ -__all__ = ['testaction'] +__all__ = ['testaction', 'blockaction', 'writeaction'] diff --git a/misp_modules/modules/action_mod/blockaction.py b/misp_modules/modules/action_mod/blockaction.py new file mode 100644 index 0000000..facdeab --- /dev/null +++ b/misp_modules/modules/action_mod/blockaction.py @@ -0,0 +1,63 @@ +import json +import base64 + +misperrors = {'error': 'Error'} + +# config fields that your code expects from the site admin +moduleconfig = { + +}; + +# blocking modules break the exection of the chain of actions (such as publishing) +blocking = True + +# returns either "boolean" or "data" +# Boolean is used to simply signal that the execution has finished. +# For blocking modules the actual boolean value determines whether we break execution +returns = 'boolean' + + +# the list of hook-points that it can hook +hooks = ['publish'] + + +moduleinfo = {'version': '0.1', 'author': 'Andras Iklody', + 'description': 'This module is merely a test, always returning true. Triggers on event publishing.', + 'module-type': ['action']} + + +def handler(q=False): + if q is False: + return False + r = {"data": False, "error": "Barf."} + return r + + +def introspection(): + modulesetup = {} + try: + responseType + modulesetup['responseType'] = responseType + except NameError: + pass + try: + inputSource + modulesetup['resultType'] = resultType + except NameError: + pass + try: + hooks + modulesetup['hooks'] = hooks + except NameError: + pass + try: + hooks + modulesetup['blocking'] = blocking + except NameError: + pass + return modulesetup + + +def version(): + moduleinfo['config'] = moduleconfig + return moduleinfo diff --git a/misp_modules/modules/action_mod/writeaction.py b/misp_modules/modules/action_mod/writeaction.py new file mode 100644 index 0000000..7efab95 --- /dev/null +++ b/misp_modules/modules/action_mod/writeaction.py @@ -0,0 +1,68 @@ +import json +import base64 + +misperrors = {'error': 'Error'} + +# config fields that your code expects from the site admin +moduleconfig = { + +}; + +# blocking modules break the exection of the chain of actions (such as publishing) +blocking = False + +# returns either "boolean" or "data" +# Boolean is used to simply signal that the execution has finished. +# For blocking modules the actual boolean value determines whether we break execution +returns = 'boolean' + + +# the list of hook-points that it can hook +hooks = ['publish'] + + +moduleinfo = {'version': '0.1', 'author': 'Andras Iklody', + 'description': 'This module is merely a test, writing a tmp file with the event info.', + 'module-type': ['action']} + + +def handler(q=False): + if q is False: + return False + request = json.loads(q) + data = request["data"] + f = open("/var/www/MISP7/app/tmp/output.txt","w+") + f.write(data["Event"]["info"]) + f.close() + r = {"data": True} + return r + + +def introspection(): + modulesetup = {} + try: + responseType + modulesetup['responseType'] = responseType + except NameError: + pass + try: + inputSource + modulesetup['resultType'] = resultType + except NameError: + pass + try: + hooks + modulesetup['hooks'] = hooks + except NameError: + pass + try: + hooks + modulesetup['blocking'] = blocking + except NameError: + pass + return modulesetup + + +def version(): + moduleinfo['config'] = moduleconfig + return moduleinfo