We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
{When creating a File observable, OpenCTI no longer verifies that the MD5 value entered is a legitimate MD5 hash. The same goes for SHA1, SHA256}
Steps to create the smallest reproducible scenario:
Error - this is not a valid hash
Successfully created File object
{
}
The text was updated successfully, but these errors were encountered:
Hi @securitiz,
And lib/rules in mind to check that? Thanks
Sorry, something went wrong.
I'm not intimately familiar with the specs for each hash type, but you could initially check the value length, where:
Then you could ensure that all the characters are hexadecimal, (0-9, A-F, a-f). This could be all verified with regex, and would be a sufficient start
If you want to be aligned with STIX 2.1 hash values, here are the regex patterns for hash algorithms in the spec:
Thanks for your insights @securitiz and @CyberDaedalus00 .
[api] Implement hashes verification and observable check in edition (#…
392ada4
…1042)
No branches or pull requests
Description
{When creating a File observable, OpenCTI no longer verifies that the MD5 value entered is a legitimate MD5 hash. The same goes for SHA1, SHA256}
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Expected Output
Error - this is not a valid hash
Actual Output
Successfully created File object
Additional information
{
}
The text was updated successfully, but these errors were encountered: