search

MISP / misp-modules

Modules for expansion services, enrichment, import and export in MISP and other tools.
http://misp.github.io/misp-modules
GNU Affero General Public License v3.0
344 stars 233 forks source link

Error exporting event as PDF #235

Closed geekscrapy closed 5 years ago

geekscrapy commented 6 years ago

pdfexport does not seem to support events with tags

To reproduce

  1. Use version MISP 2.4.95 of misp VM
  2. Download the CIRCL feed
  3. Open event (5ad09f32-ce58-47f3-b137-4411950d210f)
  4. Try and Download as... using Pdfexport

The following error is given within /var/log/syslog, a .pdf file is pushed to the client (and it can be downloaded) however it is 0 bytes.

Sep 21 10:46:40 misp rc.local[527]: 2018-09-21 10:46:40,096 - misp-modules - ERROR - Something went wrong: Sep 21 10:46:40 misp rc.local[527]: Traceback (most recent call last): Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/init.py", line 197, in post Sep 21 10:46:40 misp rc.local[527]: response = yield tornado.gen.with_timeout(timeout, self.run_request(jsonpayload)) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/tornado/gen.py", line 1133, in run Sep 21 10:46:40 misp rc.local[527]: value = future.result() Sep 21 10:46:40 misp rc.local[527]: File "/usr/lib/python3.6/concurrent/futures/thread.py", line 56, in run Sep 21 10:46:40 misp rc.local[527]: result = self.fn(*self.args, *self.kwargs) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/init.py", line 185, in run_request Sep 21 10:46:40 misp rc.local[527]: response = mhandlers[x['module']].handler(q=jsonpayload) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 150, in handler Sep 21 10:46:40 misp rc.local[527]: report.asciidoc() Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 133, in asciidoc Sep 21 10:46:40 misp rc.local[527]: self.report += self.event_level_tags() Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 110, in event_level_tags Sep 21 10:46:40 misp rc.local[527]: tax, predicate = self._get_tag_info(tag['name']) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 97, in _get_tag_info Sep 21 10:46:40 misp rc.local[527]: return self.taxonomies.revert_machinetag(machinetag) Sep 21 10:46:40 misp rc.local[527]: AttributeError: 'ReportGenerator' object has no attribute 'taxonomies' Sep 21 10:46:40 misp rc.local[527]: ERROR:misp-modules:Something went wrong: Sep 21 10:46:40 misp rc.local[527]: Traceback (most recent call last): Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/init.py", line 197, in post Sep 21 10:46:40 misp rc.local[527]: response = yield tornado.gen.with_timeout(timeout, self.run_request(jsonpayload)) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/tornado/gen.py", line 1133, in run Sep 21 10:46:40 misp rc.local[527]: value = future.result() Sep 21 10:46:40 misp rc.local[527]: File "/usr/lib/python3.6/concurrent/futures/thread.py", line 56, in run Sep 21 10:46:40 misp rc.local[527]: result = self.fn(self.args, **self.kwargs) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/init.py", line 185, in run_request Sep 21 10:46:40 misp rc.local[527]: response = mhandlers[x['module']].handler(q=jsonpayload) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 150, in handler Sep 21 10:46:40 misp rc.local[527]: report.asciidoc() Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 133, in asciidoc Sep 21 10:46:40 misp rc.local[527]: self.report += self.event_level_tags() Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 110, in event_level_tags Sep 21 10:46:40 misp rc.local[527]: tax, predicate = self._get_tag_info(tag['name']) Sep 21 10:46:40 misp rc.local[527]: File "/usr/local/lib/python3.6/dist-packages/misp_modules/modules/export_mod/pdfexport.py", line 97, in _get_tag_info Sep 21 10:46:40 misp rc.local[527]: return self.taxonomies.revert_machinetag(machinetag) Sep 21 10:46:40 misp rc.local[527]: AttributeError: 'ReportGenerator' object has no attribute 'taxonomies'

When removing all tags, the download works as expected (however no attributes are downloaded...)

SteveClement commented 5 years ago

I identified the bug.

Basically the code is incomplete.

There are parts of that code that come from here: https://github.com/MISP/PyMISP/blob/master/examples/asciidoc_generator.py

vedd3r commented 5 years ago

Not sure the said event (5ad09f32-ce58-47f3-b137-4411950d210f) contains MISP Objects or not but it also failed to export to PDF when MISP Object is present in an event. I manage to export events with no object as PDF in my test.

Vincent-CIRCL commented 5 years ago

A bugfix is available with #278. If accepted, this would solve - at least with very basic pdf - the issue.

EDIT : The feature is now available