Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 09:47
    crackytsi opened #5183
  • 09:47
    crackytsi opened #5183
  • 09:45
    redbaron4 commented #5176
  • 09:45
    redbaron4 commented #5176
  • 08:57
    slackfoo opened #17
  • 08:24
    mokaddem opened #5182
  • 08:24
    mokaddem opened #5182
  • 07:45
    mokaddem assigned #5181
  • 07:45
    mokaddem assigned #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem labeled #5181
  • 07:45
    mokaddem edited #5181
  • 07:45
    mokaddem edited #5181
  • 07:44
    mokaddem edited #5181
  • 07:44
    mokaddem edited #5181
  • 07:44
    mokaddem opened #5181
Andras Iklody
@iglocska
time for fud :D
L I T T L 3 F I E L D
@littl3field
@iglocska hey cool just looking at this now
L I T T L 3 F I E L D
@littl3field
Not sure if it's ticking through or there is an error?
image.png
Andras Iklody
@iglocska
it takes a while :)
if there's an error it will stop executing
L I T T L 3 F I E L D
@littl3field
Roger that, will let it think and let you know the output
Andras Iklody
@iglocska
cheers
Antoine Cailliau
@ancailliau
Sorting by date in /attributes/search/results/sort:date/direction:asc looks completely broken. Can someone perform a search by attribute type and check if sorting is also borken? If so, I'll open a ticket.
Andras Iklody
@iglocska
you are right
sorting on date doesn't seem to work
Antoine Cailliau
@ancailliau
Ok, I'll create a ticket.
it's minor, we can sort by ID which is close
except for updates
Andras Iklody
@iglocska
fixed ;)
Antoine Cailliau
@ancailliau
Wow, that was quick :)
Andras Iklody
@iglocska
haha, easy fix luckily
Antoine Cailliau
@ancailliau
You can close the ticket then
Oh. you already did :D
Andras Iklody
@iglocska
;D
Antoine Cailliau
@ancailliau
I hope to be able to provide more of these quick fix after the 26 :)
Andras Iklody
@iglocska
awesome!
B-)
L I T T L 3 F I E L D
@littl3field
@iglocska still running xD
L I T T L 3 F I E L D
@littl3field
Okay completed and seems to have worked fine! Thank you very much for your help @iglocska
Andras Iklody
@iglocska
excellent!
don't forget to launch a recorrelation!
eCrimeLabs
@eCrimeLabs
When using PyMISPExpanded.delete_attribute the attribute is only soft deleted and when parsing "hard_delete=True" it does not seem to work
Andras Iklody
@iglocska
Pingerino @Rafiot
eCrimeLabs
@eCrimeLabs

This soft deletes attributes

result = misp.delete_attribute(attribute_uuid)

But when using the below the attribute is not deleted at all :)

result = misp.delete_attribute(attribute_uuid, hard_delete=True)

:)

Antoine Cailliau
@ancailliau
When looking at https://github.com/MISP/PyMISP/blob/b800dcb4b494ac116ea058889d9a79dadf26291d/pymisp/aping.py#L426 it does not look like hard_delete is available @Rafiot
Raphaël Vinot
@Rafiot
The method was doing a GET, which is wrong
I'm changing that
and updating ExpandedPyMISP accordingly (which doesn't support hard delete at all
Jesse
@drchews_gitlab
was documentation ever created to explain how to enable external authentication for a SAML token?
eCrimeLabs
@eCrimeLabs
@Rafiot Is there a way to bulk delete attributes through PyMISP, currently I'm looping , however with an event with 1000 Attributes it is not optimal. Is this a feature then I'll create it, else I'll appreciate any help :)
Raphaël Vinot
@Rafiot
No, you currently cannot delete a bunch of attributes at once, it will need to be implemented on MISP side.
eCrimeLabs
@eCrimeLabs
(Y)
Jesse
@drchews_gitlab
does anyone here know how to enable misp as a service provider for shibbauthentiation?
Jesse
@drchews_gitlab
or better yet, which plugin is recommended to implement external auth for misp that can communicate with a IdP
cygnetix
@cygnetix

Hi all, following an upgrade to Ubuntu LTS 1804, I'm now getting the following error when trying to log in to MISP:

2019-09-16 23:10:30 Error: [BadRequestException] The request has been black-holed
Request URL: /users/login
Stack Trace:
#0 /var/www/MISP/app/Lib/cakephp/lib/Cake/Controller/Component/SecurityComponent.php(831): AppController->blackhole('secure')
#1 /var/www/MISP/app/Lib/cakephp/lib/Cake/Controller/Component/SecurityComponent.php(351): SecurityComponent->_callback(Object(UsersController), 'blackHole', Array)
#2 /var/www/MISP/app/Lib/cakephp/lib/Cake/Controller/Component/SecurityComponent.php(255): SecurityComponent->blackHole(Object(UsersController), 'secure', Object(SecurityException))
#3 /var/www/MISP/app/Lib/cakephp/lib/Cake/Utility/ObjectCollection.php(129): SecurityComponent->startup(Object(UsersController))
#4 /var/www/MISP/app/Lib/cakephp/lib/Cake/Event/CakeEventManager.php(243): ObjectCollection->trigger('startup')
#5 /var/www/MISP/app/Lib/cakephp/lib/Cake/Controller/Controller.php(683): CakeEventManager->dispatch(Object(CakeEvent))
#6 /var/www/MISP/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()
#7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(UsersController), Object(CakeRequest))
#8 /var/www/MISP/app/webroot/index.php(92): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))
#9 {main}

I've done some Googling, confirmed both MariaDB and Redis are available (and appear to be working) and ran through most of the install guide for 1804 again to see if I could find missing packages, but this error is pretty vague.

Any suggestions on what the underlying cause could be?

cygnetix
@cygnetix
Got it sorted. Looks like both PHP 7.0 and 7.2 were installed after the upgrade. Changing Apache to use 7.2 (and adding memory settings to php.ini) fixed the problem.
Antoine Cailliau
@ancailliau
Nice !
It looks like I will need to dive into sightings
Manabu Niseki
@ninoseki
Hi, I found a typo in misp-book and made a PR to fix it.
MISP/misp-book#176
I’d appreciate if someone could take time to look.
Andras Iklody
@iglocska
Merged, thanks!
lazydaemon
@lazy_daemon_twitter
Hi, how do I enable misp warninglists?
lazydaemon
@lazy_daemon_twitter
found it