コード例 #1
0
ファイル: views.py プロジェクト: armtash/crits
def add_actor(request):
    """
    Add an Actor. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        request.user._setup()
        user = request.user
        data = request.POST
        form = AddActorForm(request.user, data)
        if form.is_valid():
            if user.has_access_to(ActorACL.WRITE):
                cleaned_data = form.cleaned_data
                name = cleaned_data['name']
                aliases = cleaned_data['aliases']
                description = cleaned_data['description']
                source = cleaned_data['source_name']
                reference = cleaned_data['source_reference']
                method = cleaned_data['source_method']
                tlp = cleaned_data['source_tlp']
                campaign = cleaned_data['campaign']
                confidence = cleaned_data['confidence']
                bucket_list = cleaned_data.get(
                    form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
                ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME)
                related_id = cleaned_data['related_id']
                related_type = cleaned_data['related_type']
                relationship_type = cleaned_data['relationship_type']

                result = add_new_actor(name,
                                       aliases=aliases,
                                       description=description,
                                       source=source,
                                       source_method=method,
                                       source_reference=reference,
                                       source_tlp=tlp,
                                       campaign=campaign,
                                       confidence=confidence,
                                       user=user,
                                       bucket_list=bucket_list,
                                       ticket=ticket,
                                       related_id=related_id,
                                       related_type=related_type,
                                       relationship_type=relationship_type)
            else:
                result = {"success":False,
                          "message":"User does not have permission to add Actors."}

            return HttpResponse(json.dumps(result,
                                           default=json_handler),
                                content_type="application/json")
        return HttpResponse(json.dumps({'success': False,
                                        'form':form.as_table()}),
                            content_type="application/json")
    return render(request, "error.html", {'error': 'Expected AJAX/POST'})
コード例 #2
0
    def obj_create(self, bundle, **kwargs):
        """
        Handles creating Actors through the API.

        :param bundle: Bundle containing the information to create the Actor.
        :type bundle: Tastypie Bundle object.
        :returns: HttpResponse object.
        """

        user = bundle.request.user
        data = bundle.data
        name = data.get('name', None)
        aliases = data.get('aliases', '')
        description = data.get('description', None)
        source = data.get('source', None)
        reference = data.get('reference', None)
        method = data.get('method', None)
        tlp = data.get('tlp', "amber")
        campaign = data.get('campaign', None)
        confidence = data.get('confidence', None)
        bucket_list = data.get('bucket_list', None)
        ticket = data.get('ticket', None)

        if user.has_access_to(ActorACL.WRITE):
            result = add_new_actor(name,
                                   aliases,
                                   description=description,
                                   source=source,
                                   source_method=method,
                                   source_reference=reference,
                                   source_tlp=tlp,
                                   campaign=campaign,
                                   confidence=confidence,
                                   user=user,
                                   bucket_list=bucket_list,
                                   ticket=ticket)
        else:
            result = {
                'success': False,
                'message': 'User does not have permission to create Object.'
            }

        content = {
            'return_code': 0,
            'type': 'Actor',
            'message': result.get('message', ''),
            'id': result.get('id', '')
        }
        if result.get('id'):
            url = reverse('api_dispatch_detail',
                          kwargs={
                              'resource_name': 'actors',
                              'api_name': 'v1',
                              'pk': result.get('id')
                          })
            content['url'] = url
        if not result['success']:
            content['return_code'] = 1
        self.crits_response(content)
コード例 #3
0
    def parse_threat_actors(self, threat_actors):
        """
        Parse list of Threat Actors.

        :param threat_actors: List of STIX ThreatActors.
        :type threat_actors: List of STIX ThreatActors.
        """
        from stix.threat_actor import ThreatActor
        analyst = self.source_instance.analyst
        for threat_actor in threat_actors:  # for each STIX ThreatActor
            try:  # create CRITs Actor from ThreatActor
                if isinstance(threat_actor, ThreatActor):
                    name = str(threat_actor.title)
                    description = str(threat_actor.description)
                    res = add_new_actor(name=name,
                                        description=description,
                                        source=[self.source],
                                        analyst=analyst)
                    if res['success']:
                        sl = ml = tl = il = []
                        for s in threat_actor.sophistications:
                            v = get_crits_actor_tags(str(s.value))
                            if v:
                                sl.append(v)
                        update_actor_tags(res['id'], 'ActorSophistication', sl,
                                          analyst)
                        for m in threat_actor.motivations:
                            v = get_crits_actor_tags(str(m.value))
                            if v:
                                ml.append(v)
                        update_actor_tags(res['id'], 'ActorMotivation', ml,
                                          analyst)
                        for t in threat_actor.types:
                            v = get_crits_actor_tags(str(t.value))
                            if v:
                                tl.append(v)
                        update_actor_tags(res['id'], 'ActorThreatType', tl,
                                          analyst)
                        for i in threat_actor.intended_effects:
                            v = get_crits_actor_tags(str(i.value))
                            if v:
                                il.append(v)
                        update_actor_tags(res['id'], 'ActorIntendedEffect', il,
                                          analyst)
                        obj = Actor.objects(id=res['id']).first()
                        self.imported[threat_actor.id_] = (
                            Actor._meta['crits_type'], obj)
                    else:
                        self.failed.append(
                            (res['message'], type(threat_actor).__name__,
                             ""))  # note for display in UI
            except Exception, e:
                self.failed.append((e.message, type(threat_actor).__name__,
                                    ""))  # note for display in UI
コード例 #4
0
ファイル: api.py プロジェクト: armtash/crits
    def obj_create(self, bundle, **kwargs):
        """
        Handles creating Actors through the API.

        :param bundle: Bundle containing the information to create the Actor.
        :type bundle: Tastypie Bundle object.
        :returns: HttpResponse object.
        """

        user = bundle.request.user
        data = bundle.data
        name = data.get('name', None)
        aliases = data.get('aliases', '')
        description = data.get('description', None)
        source = data.get('source', None)
        reference = data.get('reference', None)
        method = data.get('method', None)
        tlp = data.get('tlp', "amber")
        campaign = data.get('campaign', None)
        confidence = data.get('confidence', None)
        bucket_list = data.get('bucket_list', None)
        ticket = data.get('ticket', None)

        if user.has_access_to(ActorACL.WRITE):
            result = add_new_actor(name,
                                   aliases,
                                   description=description,
                                   source=source,
                                   source_method=method,
                                   source_reference=reference,
                                   source_tlp=tlp,
                                   campaign=campaign,
                                   confidence=confidence,
                                   user=user,
                                   bucket_list=bucket_list,
                                   ticket=ticket)
        else:
            result = {'success':False,
                      'message':'User does not have permission to create Object.'}


        content = {'return_code': 0,
                   'type': 'Actor',
                   'message': result.get('message', ''),
                   'id': result.get('id', '')}
        if result.get('id'):
            url = reverse('api_dispatch_detail',
                          kwargs={'resource_name': 'actors',
                                  'api_name': 'v1',
                                  'pk': result.get('id')})
            content['url'] = url
        if not result['success']:
            content['return_code'] = 1
        self.crits_response(content)
コード例 #5
0
ファイル: parsers.py プロジェクト: Abdullah-Mughal/crits
    def parse_threat_actors(self, threat_actors):
        """
        Parse list of Threat Actors.

        :param threat_actors: List of STIX ThreatActors.
        :type threat_actors: List of STIX ThreatActors.
        """
        from stix.threat_actor import ThreatActor
        analyst = self.source_instance.analyst
        for threat_actor in threat_actors: # for each STIX ThreatActor
            try: # create CRITs Actor from ThreatActor
                if isinstance(threat_actor, ThreatActor):
                    name = str(threat_actor.title)
                    description = str(threat_actor.description)
                    res = add_new_actor(name=name,
                                        description=description,
                                        source=[self.source],
                                        analyst=analyst)
                    if res['success']:
                        sl = ml = tl = il = []
                        for s in threat_actor.sophistications:
                            sl.append(str(s.value))
                        update_actor_tags(res['id'],
                                            'ActorSophistication',
                                            sl,
                                            analyst)
                        for m in threat_actor.motivations:
                            ml.append(str(m.value))
                        update_actor_tags(res['id'],
                                            'ActorMotivation',
                                            ml,
                                            analyst)
                        for t in threat_actor.types:
                            tl.append(str(t.value))
                        update_actor_tags(res['id'],
                                            'ActorThreatType',
                                            tl,
                                            analyst)
                        for i in threat_actor.intended_effects:
                            il.append(str(i.value))
                        update_actor_tags(res['id'],
                                            'ActorIntendedEffect',
                                            il,
                                            analyst)
                        obj = Actor.objects(id=res['id']).first()
                        self.imported.append((Actor._meta['crits_type'], obj))
                    else:
                        self.failed.append((res['message'],
                                            type(threat_actor).__name__,
                                            "")) # note for display in UI
            except Exception, e:
                self.failed.append((e.message, type(threat_actor).__name__,
                                    "")) # note for display in UI
コード例 #6
0
ファイル: views.py プロジェクト: xtracerx/crits
def add_actor(request):
    """
    Add an Actor. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        data = request.POST
        form = AddActorForm(request.user, data)
        if form.is_valid():
            cleaned_data = form.cleaned_data
            name = cleaned_data['name']
            aliases = cleaned_data['aliases']
            description = cleaned_data['description']
            source = cleaned_data['source']
            reference = cleaned_data['source_reference']
            method = cleaned_data['source_method']
            campaign = cleaned_data['campaign']
            confidence = cleaned_data['confidence']
            analyst = request.user.username
            bucket_list = cleaned_data.get(form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
            ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME)
            related_id = cleaned_data['related_id']
            related_type = cleaned_data['related_type']
            relationship_type = cleaned_data['relationship_type']

            result = add_new_actor(name,
                                   aliases=aliases,
                                   description=description,
                                   source=source,
                                   source_method=method,
                                   source_reference=reference,
                                   campaign=campaign,
                                   confidence=confidence,
                                   analyst=analyst,
                                   bucket_list=bucket_list,
                                   ticket=ticket,
                                   related_id=related_id,
                                   related_type=related_type,
                                   relationship_type=relationship_type)
            return HttpResponse(json.dumps(result,
                                           default=json_handler),
                                content_type="application/json")
        return HttpResponse(json.dumps({'success': False,
                                        'form':form.as_table()}),
                            content_type="application/json")
    return render_to_response("error.html",
                              {'error': 'Expected AJAX/POST'},
                              RequestContext(request))
コード例 #7
0
ファイル: api.py プロジェクト: optionstvm/crits
    def obj_create(self, bundle, **kwargs):
        """
        Handles creating Actors through the API.

        :param bundle: Bundle containing the information to create the Actor.
        :type bundle: Tastypie Bundle object.
        :returns: HttpResponse object.
        """

        analyst = bundle.request.user.username
        data = bundle.data
        name = data.get("name", None)
        aliases = data.get("aliases", "")
        description = data.get("description", None)
        source = data.get("source", None)
        reference = data.get("reference", None)
        method = data.get("method", None)
        campaign = data.get("campaign", None)
        confidence = data.get("confidence", None)
        bucket_list = data.get("bucket_list", None)
        ticket = data.get("ticket", None)

        result = add_new_actor(
            name,
            aliases,
            description=description,
            source=source,
            source_method=method,
            source_reference=reference,
            campaign=campaign,
            confidence=confidence,
            analyst=analyst,
            bucket_list=bucket_list,
            ticket=ticket,
        )

        content = {"return_code": 0, "type": "Actor", "message": result.get("message", ""), "id": result.get("id", "")}
        if result.get("id"):
            url = reverse(
                "api_dispatch_detail", kwargs={"resource_name": "actors", "api_name": "v1", "pk": result.get("id")}
            )
            content["url"] = url
        if not result["success"]:
            content["return_code"] = 1
        self.crits_response(content)
コード例 #8
0
ファイル: views.py プロジェクト: mishley/crits
def add_actor(request):
    """
    Add an Actor. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        data = request.POST
        form = AddActorForm(request.user, data)
        if form.is_valid():
            cleaned_data = form.cleaned_data
            name = cleaned_data["name"]
            aliases = cleaned_data["aliases"]
            description = cleaned_data["description"]
            source = cleaned_data["source"]
            reference = cleaned_data["source_reference"]
            method = cleaned_data["source_method"]
            campaign = cleaned_data["campaign"]
            confidence = cleaned_data["confidence"]
            analyst = request.user.username
            bucket_list = cleaned_data.get(form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
            ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME)

            result = add_new_actor(
                name,
                aliases=aliases,
                description=description,
                source=source,
                source_method=method,
                source_reference=reference,
                campaign=campaign,
                confidence=confidence,
                analyst=analyst,
                bucket_list=bucket_list,
                ticket=ticket,
            )
            return HttpResponse(json.dumps(result, default=json_handler), mimetype="application/json")
        return HttpResponse(json.dumps({"success": False, "form": form.as_table()}), mimetype="application/json")
    return render_to_response("error.html", {"error": "Expected AJAX/POST"}, RequestContext(request))
コード例 #9
0
ファイル: views.py プロジェクト: zhangjunqiang/crits
def add_actor(request):
    """
    Add an Actor. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        request.user._setup()
        user = request.user
        data = request.POST
        form = AddActorForm(request.user, data)
        if form.is_valid():
            if user.has_access_to(ActorACL.WRITE):
                cleaned_data = form.cleaned_data
                name = cleaned_data['name']
                aliases = cleaned_data['aliases']
                description = cleaned_data['description']
                source = cleaned_data['source_name']
                reference = cleaned_data['source_reference']
                method = cleaned_data['source_method']
                tlp = cleaned_data['source_tlp']
                campaign = cleaned_data['campaign']
                confidence = cleaned_data['confidence']
                bucket_list = cleaned_data.get(
                    form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
                ticket = cleaned_data.get(
                    form_consts.Common.TICKET_VARIABLE_NAME)
                related_id = cleaned_data['related_id']
                related_type = cleaned_data['related_type']
                relationship_type = cleaned_data['relationship_type']

                result = add_new_actor(name,
                                       aliases=aliases,
                                       description=description,
                                       source=source,
                                       source_method=method,
                                       source_reference=reference,
                                       source_tlp=tlp,
                                       campaign=campaign,
                                       confidence=confidence,
                                       user=user,
                                       bucket_list=bucket_list,
                                       ticket=ticket,
                                       related_id=related_id,
                                       related_type=related_type,
                                       relationship_type=relationship_type)
            else:
                result = {
                    "success": False,
                    "message": "User does not have permission to add Actors."
                }

            return HttpResponse(json.dumps(result, default=json_handler),
                                content_type="application/json")
        return HttpResponse(json.dumps({
            'success': False,
            'form': form.as_table()
        }),
                            content_type="application/json")
    return render(request, "error.html", {'error': 'Expected AJAX/POST'})