class Packaging(entities.Entity):
"""An individual packaging layer."""
_namespace = 'http://cybox.mitre.org/objects#ArtifactObject-2'
_binding = artifact_binding
_binding_class = _binding.PackagingType
is_encrypted = fields.BooleanField("is_encrypted")
is_compressed = fields.BooleanField("is_compressed")
compression = fields.TypedField("Compression",
Compression,
factory=CompressionFactory,
multiple=True)
encryption = fields.TypedField("Encryption",
Encryption,
factory=EncryptionFactory,
multiple=True)
encoding = fields.TypedField("Encoding",
Encoding,
factory=EncodingFactory,
multiple=True)
def __init__(self,
is_encrypted=None,
is_compressed=None,
compression=None,
encryption=None,
encoding=None):
super(Packaging, self).__init__()
self.is_encrypted = is_encrypted
self.is_compressed = is_compressed
self.compression = compression
self.encryption = encryption
self.encoding = encoding
class ISAMarkingsAssertion(dm.MarkingStructure):
_binding = isa_markings_assertions
_binding_class = _binding.ISAMarkingsAssertionType
_namespace = 'http://www.us-cert.gov/sites/default/files/STIX_Namespace/ISAMarkingsAssertionsType.v2.xsd'
_XSI_TYPE = 'isam-assert-v2:ISAMarkingsAssertionType'
isam_version = fields.TypedField("isam_version")
most_restrictive = fields.BooleanField("most_restrictive")
default_marking = fields.BooleanField("default_marking")
policy_ref = fields.TypedField("PolicyRef", key_name="policy_ref")
auth_ref = fields.TypedField("AuthRef", key_name="auth_ref")
access_privilege = fields.TypedField("AccessPrivilege", type_="stix_edh.cyber_profile.AccessPrivilege", multiple=True, key_name="access_privilege")
further_sharing = fields.TypedField("FurtherSharing", type_="stix_edh.cyber_profile.FurtherSharing", multiple=True, key_name="further_sharing")
resource_disposition = fields.TypedField("ResourceDisposition", type_="stix_edh.cyber_profile.ResourceDisposition", key_name="resource_disposition")
control_set = fields.TypedField("ControlSet", type_="stix_edh.common.NMTokens", key_name="control_set")
original_classification = fields.TypedField("OriginalClassification", type_="stix_edh.cyber_profile.OriginalClassification", key_name="original_classification")
derivative_classification = fields.TypedField("DerivativeClassification", type_="stix_edh.cyber_profile.DerivativeClassification", key_name="derivative_classification")
declassification = fields.TypedField("Declassification", type_="stix_edh.cyber_profile.Declassification", key_name="declassification")
public_release = fields.TypedField("PublicRelease", type_="stix_edh.cyber_profile.PublicRelease", key_name="public_release")
addl_reference = fields.TypedField("AddlReference", type_="stix_edh.isa_markings_assertions.AddlReference", key_name="addl_reference")
def __init__(self):
super(ISAMarkingsAssertion, self).__init__()
self.isam_version = '2.0'
class Vulnerability(stix.Entity):
"""Implementation of STIX ``Vulnerability``.
Args:
title (optional): A string title.
description (optional): A string description.
short_description (optional): A string short description.
"""
_binding = exploit_target_binding
_binding_class = _binding.VulnerabilityType
_namespace = "http://stix.mitre.org/ExploitTarget-1"
is_known = fields.BooleanField("is_known")
is_publicly_acknowledged = fields.BooleanField("is_publicly_acknowledged")
title = fields.TypedField("Title")
descriptions = fields.TypedField("Description",
type_="stix.common.StructuredTextList")
short_descriptions = fields.TypedField(
"Short_Description", type_="stix.common.StructuredTextList")
cve_id = fields.TypedField("CVE_ID")
osvdb_id = fields.TypedField("OSVDB_ID")
source = fields.TypedField("Source")
cvss_score = fields.TypedField(
"CVSS_Score", "stix.exploit_target.vulnerability.CVSSVector")
discovered_datetime = fields.TypedField("Discovered_DateTime",
DateTimeWithPrecision)
published_datetime = fields.TypedField("Published_DateTime",
DateTimeWithPrecision)
affected_software = fields.TypedField(
"Affected_Software",
"stix.exploit_target.vulnerability.AffectedSoftware")
references = fields.TypedField("References", References)
def __init__(self, title=None, description=None, short_description=None):
super(Vulnerability, self).__init__()
self.title = title
self.descriptions = StructuredTextList(description)
self.short_descriptions = StructuredTextList(short_description)
@property
def description(self):
"""A single description about the contents or purpose of this object.
Default Value: ``None``
Note:
If this object has more than one description set, this will return
the description with the lowest ordinality value.
Returns:
An instance of :class:`.StructuredText`
"""
return next(iter(self.descriptions or []), None)
@description.setter
def description(self, value):
self.descriptions = value
def add_description(self, description):
"""Adds a description to the ``descriptions`` collection.
This is the same as calling "foo.descriptions.add(bar)".
"""
self.descriptions.add(description)
@property
def short_description(self):
"""A single short description about the contents or purpose of this
object.
Default Value: ``None``
Note:
If this object has more than one short description set, this will
return the description with the lowest ordinality value.
Returns:
An instance of :class:`.StructuredText`
"""
return next(iter(self.short_descriptions or []), None)
@short_description.setter
def short_description(self, value):
self.short_descriptions = value
def add_short_description(self, description):
"""Adds a description to the ``short_descriptions`` collection.
This is the same as calling "foo.short_descriptions.add(bar)".
"""
self.short_descriptions.add(description)
def add_reference(self, reference):
if not reference:
return
if self.references is None:
self.references = References()
self.references.append(reference)
class UnixFilePermissions(FilePermissions):
_binding = unix_file_binding
_binding_class = unix_file_binding.UnixFilePermissionsType
_namespace = "http://cybox.mitre.org/objects#UnixFileObject-2"
suid = fields.BooleanField("suid")
sgid = fields.BooleanField("sgid")
uread = fields.BooleanField("uread")
uwrite = fields.BooleanField("uwrite")
uexec = fields.BooleanField("uexec")
gread = fields.BooleanField("gread")
gwrite = fields.BooleanField("gwrite")
gexec = fields.BooleanField("gexec")
oread = fields.BooleanField("oread")
owrite = fields.BooleanField("owrite")
oexec = fields.BooleanField("oexec")