Sub-techniques for T1584 and T1588 incorrect in generate Excel files #270
Comments
reginaelwell
changed the title
reginaelwell
changed the title
|
Hi @reginaelwell, This is an interesting bug. The objects in question have the same name, but different ATT&CK IDs. It appears that the excel exporter doesn't take the differing IDs into account and uses the wrong IDs (but correct name) when IDs are enabled under matrix layout. For example:
I'm 99% sure the bug occurs in this line of code, where the sub-technique name is used as the key to lookup the ID. If this is the case, line 148 may also have bugs associated with it (in the case of techniques with the same name, which shouldn't occur within the current dataset but could in the future). As you noted, this only occurs in the excel exporter. The matrix layout and SVG exporter seem unaffected. |
…h-same-names Bugs/#270 subtechniques with same names
|
This bug has been addressed in #279 and is now fixed on develop. It will be updated in the live application (on the master branch) with the next release. |
I've noticed that sub-techniques for T1584 and T1588 are incorrect in generate Excel files. Display in the Navigator and generated JSON files appear to be unaffected.
T1584 has sub-techniques for T1583 in generated Excel files.
T1584: Compromise Infrastructure
T1583.005: Botnet
T1583.002: DNS Server
T1583.001: Domains
T1583.004: Server
T1583.003: Virtual Private Server
T1583.006: Web Services
T1588 has a mix of sub-techniques for T1587 and T1588.
T1588: Obtain Capabilities
T1587.002: Code Signing Certificates
T1587.003: Digital Certificates
T1587.004: Exploits
T1587.001: Malware
T1588.002: Tool
T1588.006: Vulnerabilities
The text was updated successfully, but these errors were encountered: