search

swimlane / pyattck

A Python package to interact with the Mitre ATT&CK Framework
MIT License
467 stars 87 forks source link

2.1.2 python 2 package from PyPi is different from repository #47

Closed jmeachum closed 3 years ago

jmeachum commented 3 years ago

I've attached the datasets.py file from the python2 package on pypi. Line 83 and 84 appear to be different than what is in git. There is a print statement that dumps the cached data to screen followed by an input('press') statement. This is causing the generated_attck_data function to hang waiting for input. datasets.txt

nbyt3 commented 3 years ago

I am seeing the same issue. I pip installed pyattck and ran the following code:

from pyattck import Attck
attack = Attck()

for technique in attack.enterprise.techniques:
    tech_name = technique.name

I'm getting a dump of the cached data causing memory issues:

{'last_updated': '2020-08-27T03:12:58.422089', 'techniques': [{'technique_id': 'T1082', 'commands': [{'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'ver', 'name': 'Built-in Windows Command'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'shell ver', 'name': 'Cobalt Strike'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'set', 'name': 'Built-in Windows Command'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'shell set', 'name': 'Cobalt Strike'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'get_env.rb', 'name': 'Metasploit'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'net config workstation\nnet config server', 'name': 'Built-in Windows Command'}, {'source': 'https://attack.mitre.org/docs/APT3_Adversary_Emulation_Field_Manual.xlsx', 'command': 'shell net config workstation\nshell net config server', 'name': 'Cobalt Strike'}, {'source': 'https://attack.mitre.org/docs/APT3.....
doomedraven commented 3 years ago

hello, there is another problem also in the pip package, you left "print()' and 'input(press)' that breaks everything and make all tools stuck where pyattck is integrated as library, but that isn't present on github, see last lines

def generated_attck_data(self, force=False):
        """Downloads, saves, or retrieves the Mitre ATT&CK Enterprise Generated Dataset JSON

        Args:
            force (bool, optional): Will force the download of a new Generated Datset JSON file. Defaults to False.

        Returns:
            [dict]: Mitre ATT&CK Enterprise Generated Dataset JSON
        """
        if force:
            datasets = self.__get_datasets()
            self.__save_locally(self.dataset_json_path, datasets)
            return datasets
        else:
            cached_data = self.__get_cached_data(self.dataset_json_path)
            if cached_data:
                print(cached_data)
                input('press')
joshswimlane commented 3 years ago

My apologies to everyone experiencing issues. I will get this resolved this evening.

Thanks!

doomedraven commented 3 years ago

Thank you

El lun., 14 dic. 2020 1:32, Josh Rickard notifications@github.com escribió:

My apologies to everyone experiencing issues. I will get this resolved this evening.

Thanks!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/swimlane/pyattck/issues/47#issuecomment-744099019, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAOFH34LUE3P5YLSOOBAUXLSUVMKFANCNFSM4UMLM23A .

joshswimlane commented 3 years ago

NP! Again, my apologies.