Example #1
0
def alta_informacion(request):
    #"""
    #When in GET method return all the Content Blocks.
    #When in POST method, given a content binding id, a title, description and content we create a Content Block.
    #"""
    logger = logging.getLogger('TAXIIApplication.rest.views.alta_informacion')
    logger.debug('Entering alta_informacion')
    logger.debug(request.method)
    if request.method == 'GET':
        content = ContentBlock.objects.all()
        serializer = ContentBlockSerializer(content, many=True)
        return Response(serializer.data)
    elif request.method == 'POST':
        cont = request.DATA.get('content')

        c = StringIO.StringIO(cont)

        logger.debug(request.DATA.get('content_binding'))

	observables_obj = cybox_core_binding.parse(c)
	observables = Observables.from_obj(observables_obj)

        logger.debug(str(observables))

        stix_package = STIXPackage()
        stix_header = STIXHeader()

        stix_header.description = request.DATA.get('description')
        stix_header.title = request.DATA.get('title') 
        stix_package.stix_header = stix_header
        stix_package.add_observable(observables)

    	content_binding = ContentBindingId.objects.get(id=1)
    	cb = ContentBlock(title=request.DATA.get('title'), description=request.DATA.get('description') ,content_binding=content_binding, content=stix_package.to_xml())
    	cb.save()
        df = DataFeed.objects.get(name='default')

        df.content_blocks.add(cb)
	return Response(status=status.HTTP_201_CREATED)
Example #2
0
def inbox_add_content(request, inbox_name, taxii_message):
    """Adds content to inbox and associated data feeds"""
    logger = logging.getLogger('taxii.utils.handlers.inbox_add_content')
    logger.debug('Adding content to inbox [%s]', make_safe(inbox_name))

    try:
        inbox = Inbox.objects.get(name=inbox_name)
    except:
        logger.debug('Attempting to push content to unknown inbox [%s]', make_safe(inbox_name))
        m = tm.StatusMessage(tm.generate_message_id(), taxii_message.message_id, status_type=tm.ST_NOT_FOUND, message='Inbox does not exist [%s]' % (make_safe(inbox_name)))
        return create_taxii_response(m, use_https=request.is_secure())

    logger.debug('TAXII message [%s] contains [%d] content blocks', make_safe(taxii_message.message_id), len(taxii_message.content_blocks))

    datafeed = taxii_message.subscription_information.collection_name
    
    for content_block in taxii_message.content_blocks:
        try:
            content_binding_id = ContentBindingId.objects.filter(binding_id=content_block.content_binding)
        except:
            logger.debug('TAXII message [%s] contained unrecognized content binding [%s]', make_safe(taxii_message.message_id), make_safe(content_block.content_binding))
            continue # cannot proceed - move on to the next content block

        if content_binding_id[0] not in inbox.supported_content_bindings.all():
            logger.debug('Inbox [%s] does not accept content with binding id [%s]', make_safe(inbox_name), make_safe(content_block.content_binding))
        else:

            tree = etree.parse(c.content)

            import stix.bindings.stix_core as stix_core_binding
            stix_package_obj = stix_core_binding.STIXType().factory()
            stix_package_obj.build(tree.getroot())

            from stix.core import STIXPackage # resolve circular dependencies
            stix_package = STIXPackage().from_obj(stix_package_obj)
            
            info = ContentBlock.objects.filter(stix_id = stix_package._id)
            if info.exists():

                c = ContentBlock()
                c.origen = datafeed
                c.message_id = taxii_message.message_id
                c.content_binding = content_binding_id[0]
                c.content = content_block.content
                if content_block.padding:
                    c.padding = content_block.padding

                if request.user.is_authenticated():
                    c.submitted_by = request.user

                c.save()
                inbox.content_blocks.add(c) # add content block to inbox

                for data_feed in inbox.data_feeds.all():
                    if content_binding_id[0] in data_feed.supported_content_bindings.all():
                        data_feed.content_blocks.add(c)
                        data_feed.save()
                    else:
                        logger.debug('Inbox [%s] received data using content binding [%s] - '
                                 'associated data feed [%s] does not support this binding.',
                                 make_safe(inbox_name), make_safe(content_block.content_binding), make_safe(data_feed.name))

    inbox.save()
    m = tm.StatusMessage(tm.generate_message_id(), taxii_message.message_id, status_type = tm.ST_SUCCESS)
    return create_taxii_response(m, use_https=request.is_secure())
Example #3
0
def poll_request(collection_name, subscription_id, host, path, port):
    #Given the collection name, subscription id, host, path and port we make a poll request to 
    #the client TAXII associated with the host, path and port for the subscription and collection given.
    logger = logging.getLogger('TAXIIApplication.rest.tasks.poll_request')
    logger.debug('Poll information starts')
    logger.debug('Parameters are: ')
    logger.debug('Collection Name: ' + collection_name)
    logger.debug('Subscription Id: ' + str(subscription_id))
    logger.debug('Host: ' + str(host))
    logger.debug('Path: ' + path)
    logger.debug('Port: ' + str(port))

    begin_ts = None
    end_ts = None

    poll_req = tm11.PollRequest(message_id = tm11.generate_message_id(),
                                collection_name = collection_name,
                                exclusive_begin_timestamp_label = begin_ts,
                                inclusive_end_timestamp_label = end_ts,
                                subscription_id = subscription_id)

    poll_req_xml = poll_req.to_xml()
    logger.debug('The following Poll Request message was generated')
    logger.debug('###########################################')
    logger.debug(poll_req_xml)
    logger.debug('###########################################')

    client = tc.HttpClient()
    resp = client.callTaxiiService2(host, path, t.VID_TAXII_XML_10, poll_req_xml, port)
    response_message = t.get_message_from_http_response(resp, '0')

    logger.debug('The response got from the sistem was: ')
    logger.debug('#########################################')
    logger.debug(response_message.to_xml())
    logger.debug('#########################################')

    try:
        taxii_message = tm.get_message_from_xml(response_message.to_xml())
    except Exception as ex:
        logger.debug('The message could not be parsed:s', ex.message)

    if taxii_message.message_type != tm.MSG_POLL_RESPONSE:
        logger.debug('The message is not a TAXII response')
    else:
        logger.debug(taxii_message)
        content_blocks = taxii_message.content_blocks
        logger.debug('We process the Content Blocks')

        for cb in content_blocks:

            tree = etree.parse(StringIO(cb.content))
            import stix.bindings.stix_core as stix_core_binding
            stix_package_obj = stix_core_binding.STIXType().factory()
            stix_package_obj.build(tree.getroot())

            from stix.core import STIXPackage # resolve circular dependencies
            stix_package = STIXPackage().from_obj(stix_package_obj)

            logger.debug(stix_package.stix_header.description)
            logger.debug('El id del stix es ' + str(stix_package._id))
            
            info = ContentBlock.objects.filter(stix_id = stix_package._id)
            if info.exists():
                p = ContentBlock()

                p.description = stix_package.stix_header.description
                p.title = stix_package.stix_header.title
                p.message_id = taxii_message.message_id
                p.origen = collection_name + ' in ' + host             
                c = ContentBindingId(binding_id=cb.content_binding)
                c.save()
                p.content_binding = c
                p.content = cb.content
                p.save()