def get_misp_connection(config=None, parameters=None):
global misp_connection
if misp_connection:
return misp_connection
if not config:
raise MaltegoException("ERROR: MISP connection not yet established, and config not provided as parameter.")
misp_verify = True
misp_debug = False
misp_url = None
misp_key = None
try:
if is_local_exec_mode():
misp_url = config['MISP_maltego.local.misp_url']
misp_key = config['MISP_maltego.local.misp_key']
if config['MISP_maltego.local.misp_verify'] in ['False', 'false', 0, 'no', 'No']:
misp_verify = False
if config['MISP_maltego.local.misp_debug'] in ['True', 'true', 1, 'yes', 'Yes']:
misp_debug = True
if is_remote_exec_mode():
try:
misp_url = parameters['mispurl'].value
misp_key = parameters['mispkey'].value
except AttributeError:
raise MaltegoException("ERROR: mispurl and mispkey need to be set to something valid")
misp_connection = PyMISP(misp_url, misp_key, misp_verify, 'json', misp_debug, tool='misp_maltego')
except Exception:
if is_local_exec_mode():
raise MaltegoException("ERROR: Cannot connect to MISP server. Please verify your MISP_Maltego.conf settings.")
if is_remote_exec_mode():
raise MaltegoException("ERROR: Cannot connect to MISP server. Please verify your settings (MISP URL and API key), and ensure the MISP server is reachable from the internet.")
return misp_connection
def check_update(config):
# Do not check updates if running as remote transform
if is_remote_exec_mode():
return None
# only raise the alert once a day/reboot to the user.
try:
if time.time() - os.path.getmtime(local_path_version) > 60 * 60 * 24: # check the timestamp of the file
recheck = True
else:
recheck = False
except Exception: # file does not exist, so check version
recheck = True
if not recheck:
return None
# remember we checked the version
from pathlib import Path
Path(local_path_version).touch()
# UIMessageType must be Fatal as otherwise it is not shown to the user.
if 'MISP_maltego.local.check_updates' not in config:
return UIMessage("'check_updates' parameter missing in '.canari/MISP_maltego.conf'. Please set 'check_updates = True/False'.", type=UIMessageType.Fatal)
if config['MISP_maltego.local.check_updates']:
# check the version
r = requests.get(update_url)
for l in r.text.splitlines():
if 'version=' in l:
online_ver = l.strip().strip(',').split('=').pop().strip("'")
if StrictVersion(online_ver) > StrictVersion(__version__):
message = ('A new version of MISP-Maltego is available.\n'
'To upgrade, please:\n'
' pip3 --upgrade MISP-maltego'
' canari create-profile MISP_maltego\n'
' And import the newly generated .mtz bundle in Maltego (Import > Import Configuration)')
return UIMessage(message, type=UIMessageType.Fatal)
break
return None
def __call__(self, transform):
if callable(filter):
if self.remote_only and is_remote_exec_mode():
orig_do_transform = transform.do_transform
def do_transform(self_, request, response, config):
if self.filter.__call__(request, response, config):
return response
return orig_do_transform(self_, request, response, config)
transform.do_transform = do_transform
return transform
raise ValueError('Expected callable (got %s instead).' % type(self.filter).__name__)
def __call__(self, transform):
if callable(filter):
if self.remote_only and is_remote_exec_mode():
orig_do_transform = transform.do_transform
def do_transform(self_, request, response, config):
if self.filter.__call__(request, response, config):
return response
return orig_do_transform(self_, request, response, config)
transform.do_transform = do_transform
return transform
raise ValueError('Expected callable (got %s instead).' %
type(self.filter).__name__)
def load_config(config_file=None, recursive_load=True):
if not config_file:
config_file = os.path.join(os.getcwd(), "canari.conf")
if not os.path.lexists(config_file):
config_file = os.path.join(os.path.expanduser("~"), ".canari", "canari.conf")
with PushDir(os.path.dirname(config_file)):
config_parser = CanariConfigParser()
config_parser.read([global_config, config_file])
if recursive_load:
if is_remote_exec_mode() and OPTION_REMOTE_CONFIGS in config_parser:
config_parser.read(config_parser[OPTION_REMOTE_CONFIGS])
elif OPTION_LOCAL_CONFIGS in config_parser:
config_parser.read(config_parser[OPTION_LOCAL_CONFIGS])
return config_parser
def load_config(config_file=None, recursive_load=True):
if not config_file:
config_file = os.path.join(os.getcwd(), 'canari.conf')
if not os.path.lexists(config_file):
config_file = os.path.join(os.path.expanduser('~'), '.canari',
'canari.conf')
with PushDir(os.path.dirname(config_file)):
config_parser = CanariConfigParser()
config_parser.read([global_config, config_file])
if recursive_load:
if is_remote_exec_mode(
) and OPTION_REMOTE_CONFIGS in config_parser:
config_parser.read(config_parser[OPTION_REMOTE_CONFIGS])
elif OPTION_LOCAL_CONFIGS in config_parser:
config_parser.read(config_parser[OPTION_LOCAL_CONFIGS])
return config_parser