本文整理匯總了Python中cybox.objects.email_message_object.EmailMessage類的典型用法代碼示例。如果您正苦於以下問題:Python EmailMessage類的具體用法?Python EmailMessage怎麽用?Python EmailMessage使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
在下文中一共展示了EmailMessage類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: add_email_observable
def add_email_observable(self, headers):
e = EmailMessage()
h = EmailHeader.from_dict(headers)
e.header = h
self.__emails.add(e)
email_observable = Observable(e)
self.email_indicator.add_observable(email_observable)示例2: test_roundtrip_basic
def test_roundtrip_basic(self):
msg_dict = {
"header": {"from": "[email protected]", "to": ["[email protected]"], "subject": "Howdy!"},
"raw_body": "This is a test. This is only a test.",
}
msg_obj = EmailMessage.object_from_dict(msg_dict)
msg_dict2 = EmailMessage.dict_from_object(msg_obj)
# Don't want to compare dictionaries directly since email addresses
# will have been expanded to full dictionaries with "address_value"
# and "category"
self.assertEqual(msg_dict2["header"]["from"]["address_value"], msg_dict["header"]["from"])
self.assertEqual(msg_dict2["header"]["to"][0]["address_value"], msg_dict["header"]["to"][0])
self.assertEqual(msg_dict2["header"]["subject"], msg_dict["header"]["subject"])
self.assertEqual(msg_dict2["raw_body"], msg_dict["raw_body"])
self.assertEqual(msg_dict2["xsi:type"], EmailMessage._XSI_TYPE)
# Make sure extra keys didn't sneak into the output.
self.assertFalse("attachments" in msg_dict2)
self.assertFalse("optional_header" in msg_dict2)
self.assertFalse("email_server" in msg_dict2)
self.assertFalse("raw_header" in msg_dict2)
self.assertFalse("cc" in msg_dict2["header"])
self.assertFalse("bcc" in msg_dict2["header"])
self.assertFalse("in_reply_to" in msg_dict2["header"])
self.assertFalse("date" in msg_dict2["header"])
self.assertFalse("message_id" in msg_dict2["header"])
self.assertFalse("sender" in msg_dict2["header"])
self.assertFalse("reply_to" in msg_dict2["header"])
self.assertFalse("errors_to" in msg_dict2["header"])示例3: generateEmailAttachmentObject
def generateEmailAttachmentObject(indicator, filename):
file_object = File()
file_object.file_name = filename
email = EmailMessage()
email.attachments = Attachments()
email.add_related(file_object, "Contains", inline=True)
email.attachments.append(file_object.parent.id_)
indicator.observable = email示例4: test_get_namespaces
def test_get_namespaces(self):
m = EmailMessage()
m.to = "[email protected]"
m.subject = "Here's a cool picture"
m.links = Links()
u = URI("http://example.com/cool.jpg", URI.TYPE_URL)
m.links.append(u.parent.id_)
self.assertEqual(5, len(Observables([u, m])._get_namespaces()))示例5: main
def main():
m = EmailMessage()
m.from_ = ["[email protected]",
"[email protected]",
"[email protected]"]
m.from_.condition = "Equals"
m.subject = "New modifications to the specification"
m.subject.condition = "Equals"
print(Observables(m).to_xml())示例6: to_cybox
def to_cybox(self, exclude=None):
"""
Convert an email to a CybOX Observables.
Pass parameter exclude to specify fields that should not be
included in the returned object.
Returns a tuple of (CybOX object, releasability list).
To get the cybox object as xml or json, call to_xml() or
to_json(), respectively, on the resulting CybOX object.
"""
if exclude == None:
exclude = []
observables = []
obj = EmailMessage()
# Assume there is going to be at least one header
obj.header = EmailHeader()
if 'message_id' not in exclude:
obj.header.message_id = String(self.message_id)
if 'subject' not in exclude:
obj.header.subject = String(self.subject)
if 'sender' not in exclude:
obj.header.sender = Address(self.reply_to, Address.CAT_EMAIL)
if 'reply_to' not in exclude:
obj.header.reply_to = Address(self.reply_to, Address.CAT_EMAIL)
if 'x_originating_ip' not in exclude:
obj.header.x_originating_ip = Address(self.x_originating_ip,
Address.CAT_IPV4)
if 'raw_body' not in exclude:
obj.raw_body = self.raw_body
if 'raw_header' not in exclude:
obj.raw_header = self.raw_header
#copy fields where the names differ between objects
if 'helo' not in exclude and 'email_server' not in exclude:
obj.email_server = String(self.helo)
if ('from_' not in exclude and 'from' not in exclude and
'from_address' not in exclude):
obj.header.from_ = EmailAddress(self.from_address)
if 'date' not in exclude and 'isodate' not in exclude:
obj.header.date = DateTime(self.isodate)
observables.append(Observable(obj))
return (observables, self.releasability)示例7: resolveEmailObservable
def resolveEmailObservable(attribute):
new_object = EmailMessage()
email_header = EmailHeader()
if (attribute["type"] == "email-src"):
email_header.from_ = attribute["value"]
elif(attribute["type"] == "email-dst"):
email_header.to = attribute["value"]
else:
email_header.subject = attribute["value"]
new_object.header = email_header
return new_object示例8: main
def main():
stix_package = STIXPackage()
ttp = TTP(title="Phishing")
stix_package.add_ttp(ttp)
# Create the indicator for just the subject
email_subject_object = EmailMessage()
email_subject_object.header = EmailHeader()
email_subject_object.header.subject = "[IMPORTANT] Please Review Before"
email_subject_object.header.subject.condition = "StartsWith"
email_subject_indicator = Indicator()
email_subject_indicator.title = "Malicious E-mail Subject Line"
email_subject_indicator.add_indicator_type("Malicious E-mail")
email_subject_indicator.observable = email_subject_object
email_subject_indicator.confidence = "Low"
# Create the indicator for just the attachment
file_attachment_object = EmailMessage()
file_attachment_object.attachments = Attachments()
attached_file_object = File()
attached_file_object.file_name = "Final Report"
attached_file_object.file_name.condition = "StartsWith"
attached_file_object.file_extension = "doc.exe"
attached_file_object.file_extension.condition = "Equals"
file_attachment_object.add_related(attached_file_object, "Contains", inline=True)
file_attachment_object.attachments.append(file_attachment_object.parent.id_)
indicator_attachment = Indicator()
indicator_attachment.title = "Malicious E-mail Attachment"
indicator_attachment.add_indicator_type("Malicious E-mail")
indicator_attachment.observable = file_attachment_object
indicator_attachment.confidence = "Low"
# Create the combined indicator w/ both subject an attachment
full_email_object = EmailMessage()
full_email_object.attachments = Attachments()
# Add the previously referenced file as another reference rather than define it again:
full_email_object.attachments.append(file_attachment_object.parent.id_)
full_email_object.header = EmailHeader()
full_email_object.header.subject = "[IMPORTANT] Please Review Before"
full_email_object.header.subject.condition = "StartsWith"
combined_indicator = Indicator(title="Malicious E-mail")
combined_indicator.add_indicator_type("Malicious E-mail")
combined_indicator.confidence = Confidence(value="High")
combined_indicator.observable = full_email_object
email_subject_indicator.add_indicated_ttp(TTP(idref=ttp.id_))
indicator_attachment.add_indicated_ttp(TTP(idref=ttp.id_))
combined_indicator.add_indicated_ttp(TTP(idref=ttp.id_))
stix_package.indicators = [combined_indicator, email_subject_indicator, indicator_attachment]
print stix_package.to_xml()示例9: resolveEmailObservable
def resolveEmailObservable(indicator, attribute):
indicator.add_indicator_type("Malicious E-mail")
new_object = EmailMessage()
email_header = EmailHeader()
if (attribute["type"] == "email-src"):
email_header.from_ = attribute["value"]
elif(attribute["type"] == "email-dst"):
email_header.to = attribute["value"]
else:
email_header.subject = attribute["value"]
new_object.header = email_header
return new_object示例10: generateEmailAttachmentObject
def generateEmailAttachmentObject(indicator, attribute):
file_object = File()
file_object.file_name = attribute["value"]
email = EmailMessage()
email.attachments = Attachments()
email.add_related(file_object, "Contains", inline=True)
file_object.parent.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":file-" + attribute["uuid"]
email.attachments.append(file_object.parent.id_)
email.parent.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":EmailMessage-" + attribute["uuid"]
observable = Observable(email)
observable.id_ = cybox.utils.idgen.__generator.namespace.prefix + ":observable-" + attribute["uuid"]
indicator.observable = observable示例11: main
def main():
NS = cybox.utils.Namespace("http://example.com/", "example")
cybox.utils.set_id_namespace(NS)
m = EmailMessage()
m.from_ = ["[email protected]",
"[email protected]",
"[email protected]"]
m.from_.condition = "Equals"
m.subject = "New modifications to the specification"
m.subject.condition = "Equals"
print(Observables(m).to_xml())示例12: test_get_namespaces
def test_get_namespaces(self):
m = EmailMessage()
m.to = "[email protected]"
m.subject = "Here's a cool picture"
m.links = Links()
u = URI("http://example.com/cool.jpg", URI.TYPE_URL)
m.links.append(u.parent.id_)
o = Observables([u, m])
logger.info(o.to_xml())
actual_namespaces = o._get_namespaces()
logger.info("\n".join([str(x) for x in actual_namespaces]))
self.assertEqual(5, len(actual_namespaces))示例13: main
def main():
print '<?xml version="1.0" encoding="UTF-8"?>'
attachment = File()
attachment.file_name = "FooBar Specification (critical revision).doc"
attachment.add_hash(Hash("4EC0027BEF4D7E1786A04D021FA8A67F"))
email = EmailMessage()
email.attachments.append(attachment)
email.subject = String("New modifications to the specification")
email.to = EmailRecipients(EmailAddress("[email protected]"),
EmailAddress("[email protected]"))
email.from_ = EmailAddress("[email protected]")
print Observables(email).to_xml()示例14: test_from_date
def test_from_date(self):
date_str = "Thu, 14 Feb 2013 11:28:42 -0500"
isoformat = "2013-02-14T11:28:42-05:00"
d = {'header': {'date': date_str}}
msg = EmailMessage.from_dict(d)
self.assertEqual(msg.date.serialized_value, isoformat)示例15: make_cybox_object
def make_cybox_object(type_, name=None, value=None):
"""
Converts type_, name, and value to a CybOX object instance.
:param type_: The object type.
:type type_: str
:param name: The object name.
:type name: str
:param value: The object value.
:type value: str
:returns: CybOX object
"""
if type_ == "Address":
return Address(category=name, address_value=value)
elif type_ == "Email Message":
e = EmailMessage()
e.raw_body = value
return e
#TODO: Http Request Header Fields not implemented?
#elif type_ == "Http Request Header Fields":
#pass
#TODO: Mutex object type is incomplete
#elif type_ == "Mutex":
#return Mutex.object_from_dict({'name': value})
#TODO: use Byte_Run object?
#elif type_ == "String":
#pass
elif type_ == "URI":
#return URI(type_=name, value=value)
r = URI()
r.type_ = name
r.value = value
return r
#TODO: Win_File incomplete
#elif type_ == "Win File":
#TODO: Registry_Key incomplete
#elif type_ == "Win Handle" and name == "RegistryKey":
#return Registry_Key.object_from_dict({'key':value})
raise UnsupportedCybOXObjectTypeError(type_, name)