private function __createAttribute($element, $value)
{
$attribute = array('comment' => $element['name'], 'to_ids' => $element['to_ids'], 'category' => $element['category'], 'value' => $value);
if ($element['complex']) {
App::uses('ComplexTypeTool', 'Tools');
$complexTypeTool = new ComplexTypeTool();
$result = $complexTypeTool->checkComplexRouter($value, ucfirst($element['type']));
if (isset($result['multi'])) {
$temp = $attribute;
$attribute = array();
foreach ($result['multi'] as $k => $r) {
$attribute['multi'][] = $temp;
$attribute['multi'][$k]['type'] = $r['type'];
$attribute['multi'][$k]['value'] = $r['value'];
}
} else {
if ($result != false) {
$attribute['type'] = $result['type'];
$attribute['value'] = $result['value'];
} else {
return false;
}
}
} else {
$attribute['type'] = $element['type'];
}
return $attribute;
}
public function freeTextImport($id)
{
if (!$this->userRole['perm_add']) {
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
}
$event = $this->Event->find('first', array('conditions' => array('Event.id' => $id), 'fields' => array('id', 'orgc'), 'recursive' => -1));
if (!$this->_isSiteAdmin() && !empty($event) && $event['Event']['orgc'] != $this->Auth->user('org')) {
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
}
$this->set('event_id', $id);
if ($this->request->is('get')) {
$this->layout = 'ajax';
$this->request->data['Attribute']['event_id'] = $id;
}
if ($this->request->is('post')) {
App::uses('ComplexTypeTool', 'Tools');
$complexTypeTool = new ComplexTypeTool();
$resultArray = $complexTypeTool->checkComplexRouter($this->request->data['Attribute']['value'], 'FreeText');
foreach ($resultArray as &$r) {
$temp = array();
foreach ($r['types'] as $type) {
$temp[$type] = $type;
}
$r['types'] = $temp;
}
// remove all duplicates
foreach ($resultArray as $k => $v) {
for ($i = 0; $i < $k; $i++) {
if (isset($resultArray[$i]) && $v == $resultArray[$i]) {
unset($resultArray[$k]);
}
}
}
$typeCategoryMapping = array();
foreach ($this->Event->Attribute->categoryDefinitions as $k => $cat) {
foreach ($cat['types'] as $type) {
$typeCategoryMapping[$type][$k] = $k;
}
}
$defaultCategories = array('md5' => 'Payload delivery', 'sha1' => 'Payload delivery', 'sha256' => 'Payload delivery', 'filename|md5' => 'Payload delivery', 'filename|sha1' => 'Payload delivery', 'filename|sha256' => 'Payload delivery', 'regkey' => 'Persistence mechanism', 'filename' => 'Payload delivery', 'ip-src' => 'Network activity', 'ip-dst' => 'Network activity', 'hostname' => 'Network activity', 'domain' => 'Network activity', 'url' => 'Network activity', 'link' => 'External analysis', 'email-src' => 'Payload delivery', 'email-dst' => 'Payload delivery', 'text' => 'Other');
$this->set('typeList', array_keys($this->Event->Attribute->typeDefinitions));
$this->set('defaultCategories', $defaultCategories);
$this->set('typeCategoryMapping', $typeCategoryMapping);
$this->set('resultArray', $resultArray);
$this->render('free_text_results');
}
}
