private function __createAttribute($element, $value) { $attribute = array('comment' => $element['name'], 'to_ids' => $element['to_ids'], 'category' => $element['category'], 'value' => $value); if ($element['complex']) { App::uses('ComplexTypeTool', 'Tools'); $complexTypeTool = new ComplexTypeTool(); $result = $complexTypeTool->checkComplexRouter($value, ucfirst($element['type'])); if (isset($result['multi'])) { $temp = $attribute; $attribute = array(); foreach ($result['multi'] as $k => $r) { $attribute['multi'][] = $temp; $attribute['multi'][$k]['type'] = $r['type']; $attribute['multi'][$k]['value'] = $r['value']; } } else { if ($result != false) { $attribute['type'] = $result['type']; $attribute['value'] = $result['value']; } else { return false; } } } else { $attribute['type'] = $element['type']; } return $attribute; }
public function freeTextImport($id) { if (!$this->userRole['perm_add']) { throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes'); } $event = $this->Event->find('first', array('conditions' => array('Event.id' => $id), 'fields' => array('id', 'orgc'), 'recursive' => -1)); if (!$this->_isSiteAdmin() && !empty($event) && $event['Event']['orgc'] != $this->Auth->user('org')) { throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes'); } $this->set('event_id', $id); if ($this->request->is('get')) { $this->layout = 'ajax'; $this->request->data['Attribute']['event_id'] = $id; } if ($this->request->is('post')) { App::uses('ComplexTypeTool', 'Tools'); $complexTypeTool = new ComplexTypeTool(); $resultArray = $complexTypeTool->checkComplexRouter($this->request->data['Attribute']['value'], 'FreeText'); foreach ($resultArray as &$r) { $temp = array(); foreach ($r['types'] as $type) { $temp[$type] = $type; } $r['types'] = $temp; } // remove all duplicates foreach ($resultArray as $k => $v) { for ($i = 0; $i < $k; $i++) { if (isset($resultArray[$i]) && $v == $resultArray[$i]) { unset($resultArray[$k]); } } } $typeCategoryMapping = array(); foreach ($this->Event->Attribute->categoryDefinitions as $k => $cat) { foreach ($cat['types'] as $type) { $typeCategoryMapping[$type][$k] = $k; } } $defaultCategories = array('md5' => 'Payload delivery', 'sha1' => 'Payload delivery', 'sha256' => 'Payload delivery', 'filename|md5' => 'Payload delivery', 'filename|sha1' => 'Payload delivery', 'filename|sha256' => 'Payload delivery', 'regkey' => 'Persistence mechanism', 'filename' => 'Payload delivery', 'ip-src' => 'Network activity', 'ip-dst' => 'Network activity', 'hostname' => 'Network activity', 'domain' => 'Network activity', 'url' => 'Network activity', 'link' => 'External analysis', 'email-src' => 'Payload delivery', 'email-dst' => 'Payload delivery', 'text' => 'Other'); $this->set('typeList', array_keys($this->Event->Attribute->typeDefinitions)); $this->set('defaultCategories', $defaultCategories); $this->set('typeCategoryMapping', $typeCategoryMapping); $this->set('resultArray', $resultArray); $this->render('free_text_results'); } }