|
4 | 4 | from stix.indicator import Indicator |
5 | 5 | import stix.bindings.stix_core_1_0 as stix_core_binding |
6 | 6 | from lxml import etree |
| 7 | +from StringIO import StringIO |
7 | 8 |
|
8 | 9 | class STIXPackage(stix.Entity): |
9 | 10 | ''' |
@@ -147,8 +148,128 @@ def from_xml(cls, xml_file): |
147 | 148 |
|
148 | 149 | return (stix_package, stix_package_obj) |
149 | 150 |
|
150 | | - |
151 | | - |
| 151 | + |
| 152 | + def to_xml(self): |
| 153 | + '''Overrides the stix.to_xml() method. Namespace definitions are hardcoded--this is only temporary''' |
| 154 | + s = StringIO() |
| 155 | + self.to_obj().export(s, 0, name_="STIX_Package", |
| 156 | + namespacedef_='xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\ |
| 157 | + xmlns:WinRegistryKeyObj="http://cybox.mitre.org/objects#WinRegistryKeyObject"\ |
| 158 | + xmlns:WinMutexObj="http://cybox.mitre.org/objects#WinMutexObject"\ |
| 159 | + xmlns:campaign="http://stix.mitre.org/Campaign"\ |
| 160 | + xmlns:PortObj="http://cybox.mitre.org/objects#PortObject"\ |
| 161 | + xmlns:CodeObj="http://cybox.mitre.org/objects#CodeObject"\ |
| 162 | + xmlns:UnixPipeObj="http://cybox.mitre.org/objects#UnixPipeObject"\ |
| 163 | + xmlns:ProcessObj="http://cybox.mitre.org/objects#ProcessObject"\ |
| 164 | + xmlns:xlink="http://www.w3.org/1999/xlink"\ |
| 165 | + xmlns:COA="http://stix.mitre.org/COA"\ |
| 166 | + xmlns:WinProcessObj="http://cybox.mitre.org/objects#WinProcessObject"\ |
| 167 | + xmlns:WinEventLogObj="http://cybox.mitre.org/objects#WinEventLogObject"\ |
| 168 | + xmlns:UserSessionObj="http://cybox.mitre.org/objects#UserSessionObject"\ |
| 169 | + xmlns:xs="http://www.w3.org/2001/XMLSchema"\ |
| 170 | + xmlns:LibraryObj="http://cybox.mitre.org/objects#LibraryObject"\ |
| 171 | + xmlns:sch="http://purl.oclc.org/dsdl/schematron"\ |
| 172 | + xmlns:WinSystemObj="http://cybox.mitre.org/XMLSchema/objects#WinSystemObject"\ |
| 173 | + xmlns:indicator="http://stix.mitre.org/Indicator"\ |
| 174 | + xmlns:DNSCacheObj="http://cybox.mitre.org/objects#DNSCacheObject"\ |
| 175 | + xmlns:maecBundle="http://maec.mitre.org/XMLSchema/maec-bundle-3"\ |
| 176 | + xmlns:AccountObj="http://cybox.mitre.org/objects#AccountObject"\ |
| 177 | + xmlns:ProductObj="http://cybox.mitre.org/objects#ProductObject"\ |
| 178 | + xmlns:stixCommon="http://stix.mitre.org/Common"\ |
| 179 | + xmlns:WinUserAccountObj="http://cybox.mitre.org/objects#WinUserAccountObject"\ |
| 180 | + xmlns:X509CertificateObj="http://cybox.mitre.org/objects#X509CertificateObject"\ |
| 181 | + xmlns:GUIDialogboxObj="http://cybox.mitre.org/objects#GUIDialogboxObject"\ |
| 182 | + xmlns:capec="http://capec.mitre.org/capec_v1"\ |
| 183 | + xmlns:Incident="http://stix.mitre.org/Incident"\ |
| 184 | + xmlns:WinServiceObj="http://cybox.mitre.org/objects#WinServiceObject"\ |
| 185 | + xmlns:xal="urn:oasis:names:tc:ciq:xal:3"\ |
| 186 | + xmlns:maecPackage="http://maec.mitre.org/XMLSchema/maec-package-1"\ |
| 187 | + xmlns:UnixVolumeObj="http://cybox.mitre.org/objects#UnixVolumeObject"\ |
| 188 | + xmlns:WinFileObj="http://cybox.mitre.org/objects#WinFileObject"\ |
| 189 | + xmlns:ExpTgt="http://stix.mitre.org/ExploitTarget"\ |
| 190 | + xmlns:a="urn:oasis:names:tc:ciq:xal:3"\ |
| 191 | + xmlns:xsd="http://www.w3.org/2001/XMLSchema"\ |
| 192 | + xmlns:WinEventObj="http://cybox.mitre.org/objects#WinEventObject"\ |
| 193 | + xmlns:WinKernelHookObj="http://cybox.mitre.org/objects#WinKernelHookObject"\ |
| 194 | + xmlns:UnixFileObj="http://cybox.mitre.org/objects#UnixFileObject"\ |
| 195 | + xmlns:VolumeObj="http://cybox.mitre.org/objects#VolumeObject"\ |
| 196 | + xmlns:cvrf-common="http://www.icasi.org/CVRF/schema/common/1.1"\ |
| 197 | + xmlns:dc="http://purl.org/dc/elements/1.1/"\ |
| 198 | + xmlns:APIObj="http://cybox.mitre.org/objects#APIObject"\ |
| 199 | + xmlns:x509CertificateObj="http://cybox.mitre.org/objects#X509CertificateObject"\ |
| 200 | + xmlns:EmailMessageObj="http://cybox.mitre.org/objects#EmailMessageObject"\ |
| 201 | + xmlns:DeviceObj="http://cybox.mitre.org/objects#DeviceObject"\ |
| 202 | + xmlns:WinSystemRestoreObj="http://cybox.mitre.org/objects#WinSystemRestoreObject"\ |
| 203 | + xmlns:ns1="http://cybox.mitre.org/objects#FileObject"\ |
| 204 | + xmlns:SystemObj="http://cybox.mitre.org/objects#SystemObject"\ |
| 205 | + xmlns:common="http://cybox.mitre.org/Common_v1"\ |
| 206 | + xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject"\ |
| 207 | + xmlns:WinComputerAccountObj="http://cybox.mitre.org/objects#WinComputerAccountObject"\ |
| 208 | + xmlns:WinThreadObj="http://cybox.mitre.org/objects#WinThreadObject"\ |
| 209 | + xmlns:WinExecutableFileObj="http://cybox.mitre.org/objects#WinExecutableFileObject"\ |
| 210 | + xmlns:WinMemoryPageRegionObj="http://cybox.mitre.org/objects#WinMemoryPageRegionObject"\ |
| 211 | + xmlns:WinKernelObj="http://cybox.mitre.org/objects#WinKernelObject"\ |
| 212 | + xmlns:iodef="urn:ietf:params:xml:ns:iodef-1.0"\ |
| 213 | + xmlns:WinNetworkRouteEntryObj="http://cybox.mitre.org/objects#WinNetworkRouteEntryObject"\ |
| 214 | + xmlns:WinPrefetchObj="http://cybox.mitre.org/objects#WinPrefetchObject"\ |
| 215 | + xmlns:n="urn:oasis:names:tc:ciq:xnl:3"\ |
| 216 | + xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1"\ |
| 217 | + xmlns:SemaphoreObj="http://cybox.mitre.org/objects#SemaphoreObject"\ |
| 218 | + xmlns:ciq="urn:oasis:names:tc:ciq:xpil:3"\ |
| 219 | + xmlns:SocketObj="http://cybox.mitre.org/objects#SocketObject"\ |
| 220 | + xmlns:HTTPSessionObj="http://cybox.mitre.org/objects#HTTPSessionObject"\ |
| 221 | + xmlns:GUIObj="http://cybox.mitre.org/objects#GUIObject"\ |
| 222 | + xmlns:metadata="http://xml/metadataSharing.xsd"\ |
| 223 | + xmlns:WinCriticalSectionObj="http://cybox.mitre.org/objects#WinCriticalSectionObject"\ |
| 224 | + xmlns:DNSRecordObj="http://cybox.mitre.org/objects#DNSRecordObject"\ |
| 225 | + xmlns:UserAccountObj="http://cybox.mitre.org/objects#UserAccountObject"\ |
| 226 | + xmlns:WinNetworkShareObj="http://cybox.mitre.org/objects#WinNetworkShareObject"\ |
| 227 | + xmlns:cyboxCommon="http://cybox.mitre.org/Common_v1"\ |
| 228 | + xmlns:None="urn:oasis:names:tc:ciq:xpil:3"\ |
| 229 | + xmlns:aciq="urn:oasis:names:tc:ciq:xal:3"\ |
| 230 | + xmlns:WinWaitableTimerObj="http://cybox.mitre.org/objects#WinWaitableTimerObject"\ |
| 231 | + xmlns:vuln="http://www.icasi.org/CVRF/schema/vuln/1.1"\ |
| 232 | + xmlns:ct="urn:oasis:names:tc:ciq:ct:3"\ |
| 233 | + xmlns:DNSQueryObj="http://cybox.mitre.org/objects#DNSQueryObject"\ |
| 234 | + xmlns:FileObj="http://cybox.mitre.org/objects#FileObject"\ |
| 235 | + xmlns:WinVolumeObj="http://cybox.mitre.org/objects#WinVolumeObject"\ |
| 236 | + xmlns:PipeObj="http://cybox.mitre.org/objects#PipeObject"\ |
| 237 | + xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject"\ |
| 238 | + xmlns:ArtifactObj="http://cybox.mitre.org/objects#ArtifactObject"\ |
| 239 | + xmlns:marking="http://data-marking.mitre.org"\ |
| 240 | + xmlns:DiskObj="http://cybox.mitre.org/objects#DiskObject"\ |
| 241 | + xmlns:HandleObj="http://cybox.mitre.org/objects#HandleObject"\ |
| 242 | + xmlns:TTP="http://stix.mitre.org/TTP"\ |
| 243 | + xmlns:UnixProcessObj="http://cybox.mitre.org/objects#UnixProcessObject"\ |
| 244 | + xmlns:NetworkRouteObj="http://cybox.mitre.org/objects#NetworkRouteObject"\ |
| 245 | + xmlns:GUIWindowObj="http://cybox.mitre.org/objects#GUIWindowObject"\ |
| 246 | + xmlns:NetworkRouteEntryObj="http://cybox.mitre.org/objects#NetworkRouteEntryObject"\ |
| 247 | + xmlns:stix="http://stix.mitre.org"\ |
| 248 | + xmlns:prod="http://www.icasi.org/CVRF/schema/prod/1.1"\ |
| 249 | + xmlns:TA="http://stix.mitre.org/ThreatActor"\ |
| 250 | + xmlns:URIObj="http://cybox.mitre.org/objects#URIObject"\ |
| 251 | + xmlns:WinMailslotObj="http://cybox.mitre.org/objects#WinMailslotObject"\ |
| 252 | + xmlns:PacketObj="http://cybox.mitre.org/objects#PacketObject"\ |
| 253 | + xmlns:UnixNetworkRouteEntryObj="http://cybox.mitre.org/objects#UnixNetworkRouteEntryObject"\ |
| 254 | + xmlns:WinDriverObj="http://cybox.mitre.org/objects#WinDriverObject"\ |
| 255 | + xmlns:NetworkSubnetObj="http://cybox.mitre.org/objects#NetworkSubnetObject"\ |
| 256 | + xmlns:DiskPartitionObj="http://cybox.mitre.org/objects#DiskPartitionObject"\ |
| 257 | + xmlns:WhoisObj="http://cybox.mitre.org/objects#WhoisObject"\ |
| 258 | + xmlns:incident="http://stix.mitre.org/Incident"\ |
| 259 | + xmlns:Common="http://cybox.mitre.org/Common_v1"\ |
| 260 | + xmlns:UnixUserAccountObj="http://cybox.mitre.org/objects#UnixUserAccountObject"\ |
| 261 | + xmlns:NetFlowObj="http://cybox.mitre.org/objects#NetworkFlowObject"\ |
| 262 | + xmlns:MutexObj="http://cybox.mitre.org/objects#MutexObject"\ |
| 263 | + xmlns:MemoryObj="http://cybox.mitre.org/objects#MemoryObject"\ |
| 264 | + xmlns:WinHandleObj="http://cybox.mitre.org/objects#WinHandleObject"\ |
| 265 | + xmlns:WinTaskObj="http://cybox.mitre.org/objects#WinTaskObject"\ |
| 266 | + xmlns:LinuxPackageObj="http://cybox.mitre.org/objects#LinuxPackageObject"\ |
| 267 | + xmlns:maecContainer="http://maec.mitre.org/XMLSchema/maec-container-1"\ |
| 268 | + xmlns:cybox="http://cybox.mitre.org/cybox_v1"\ |
| 269 | + xmlns:WinSemaphoreObj="http://cybox.mitre.org/objects#WinSemaphoreObject"\ |
| 270 | + xmlns:WinPipeObj="http://cybox.mitre.org/objects#WinPipeObject"\ |
| 271 | + xmlns:xnl="urn:oasis:names:tc:ciq:xnl:3"') |
| 272 | + return s.getvalue() |
152 | 273 |
|
153 | 274 |
|
154 | 275 |
|
|
0 commit comments