InvalidJSONError！

[Moofeng]

generic.py

import os
import shutil
import pickle
from datetime import datetime as dt
from io import StringIO
from ruamel.yaml import YAML
from ruamel.yaml.timestamp import TimeStamp as ruamelTimeStamp
from upgrade import upgrade_yaml_file, check_yaml_updated_to_sub_techniques
from constants import *
from health import check_yaml_file_health

# Due to performance reasons the import of attackcti is within the function that makes use of this library.

local_stix_path = None

def _save_attack_data(data, path):
    """
    Save ATT&CK data to disk for the purpose of caching. Data can be STIX objects our a custom schema.
    :param data: the MITRE ATT&CK data to save
    :param path: file path to write to, including filename
    :return:
    """

    if not os.path.exists('cache/'):
        os.mkdir('cache/')
    with open(path, 'wb') as f:
        pickle.dump([data, dt.now()], f)

def load_attack_data(data_type):
    """
    By default the ATT&CK data is loaded from the online TAXII server or from the local cache directory. The
    local cache directory will be used if the file is not expired (data file on disk is older then EXPIRE_TIME
    seconds). When the local_stix_path option is given, the ATT&CK data will be loaded from the given path of
    a local STIX repository.
    :param data_type: the desired data type, see DATATYPE_XX constants.
    :return: MITRE ATT&CK data object (STIX or custom schema)
    """
    from attackcti import attack_client
    if local_stix_path is not None:
        if local_stix_path is not None and os.path.isdir(os.path.join(local_stix_path, 'enterprise-attack')) \
                and os.path.isdir(os.path.join(local_stix_path, 'pre-attack')) \
                and os.path.isdir(os.path.join(local_stix_path, 'mobile-attack')):
            mitre = attack_client(local_path=local_stix_path)
        else:
            print('[!] Not a valid local STIX path: ' + local_stix_path)
            quit()
    else:
        if os.path.exists("cache/" + data_type):
            with open("cache/" + data_type, 'rb') as f:
                cached = pickle.load(f)
                write_time = cached[1]
                if not (dt.now() - write_time).total_seconds() >= EXPIRE_TIME:
                    # the first item in the list contains the ATT&CK data
                    return cached[0]

        mitre = attack_client()

    attack_data = None
    if data_type == DATA_TYPE_STIX_ALL_RELATIONSHIPS:
->      attack_data = mitre.get_relationships()

Exception has occurred: InvalidJSONError Invalid JSON was received from https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/objects/?match%5Btype%5D=relationship

Command: python dettect.py g

[marcusbakker]

I've just run the same command, and all is working. Could you remove the cache directory and try again? If that does not solve the problem, could you share the below?:

• Python version
• Installed version of the following Python packages: attackcti, simplejson, taxii2-client

[Moofeng]

I've just run the same command, and all is working. Could you remove the cache directory and try again? If that does not solve the problem, could you share the below?:

• Python version
• Installed version of the following Python packages: attackcti, simplejson, taxii2-client

Python==3.8.4 attackcti==0.3.3 simplejson==3.17.2 taxii2-client==2.2.2

[marcusbakker]

The versions all look ok. Are you 100% sure you completely deleted all files within or the whole cache directory? I suspect somehow the JSON data within the cache directory got corrupted.

[Moofeng]

The versions all look ok. Are you 100% sure you completely deleted all files within or the whole cache directory? I suspect somehow the JSON data within the cache directory got corrupted.

I just checked that there is no cache directory

[marcusbakker]

I'm no trusting the view of VSCode for 100% as the cache directory is part of the .gitignore file. Despite the output directory is being shown, which is also port of the .gitignore file.

Could you try to search for the directory using a file browser or via a CLI terminal? Delete the cache file if present. If not present, please run dettect.py from a terminal and not VSCode (which should be working, but let us try something different).

[Moofeng]

It worked！There really is no cache folder.But this time I execute the command from a terminal and not VSCode. That‘s strange. Thanks a lot！

[marcusbakker]

Good to hear it's working now 😄