OpenCTI-Platform · Megafredo · Jan 8, 2025 · Dec 13, 2024 · Dec 13, 2024 · Dec 13, 2024
diff --git a/external-import/shadowserver/src/shadowserver/stix_transform.py b/external-import/shadowserver/src/shadowserver/stix_transform.py
@@ -10,6 +10,7 @@
 from pycti import ObservedData as pycti_observed_data
 from pycti import OpenCTIConnectorHelper
 from pycti import Report as pycti_report
+from pycti import Vulnerability as pycti_vulnerability
 from stix2 import (
     Artifact,
     AutonomousSystem,
@@ -497,7 +498,7 @@ def get_custom_labels(self, element):
             A list of custom labels extracted from the element.
         """
         labels_list = []
-        if element.get("tag") and ";" in element.get("tag"):
+        if element.get("tag"):
             custom_labels = element.get("tag").split(";")
             for label in custom_labels:
                 if label.upper().startswith("CVE"):
@@ -531,12 +532,14 @@ def create_vulnerability(self, name: str):
             "object_marking_refs": self.marking_refs,
         }
 
-        opencti_obj = Vulnerability(id=Vulnerability.generate_id(name), **kwargs)
+        opencti_obj = Vulnerability(id=pycti_vulnerability.generate_id(name), **kwargs)
 
         if opencti_obj.get("id"):
             self.object_refs.append(opencti_obj.get("id"))
             self.stix_objects.append(opencti_obj)
 
+        return opencti_obj.get("id")
+
     def create_asn(self, value: int, labels: list = []):
         """Creates an autonomous system STIX object."""
         self.helper.connector_logger.debug(f"Creating ASN STIX object: {value}")
@@ -652,9 +655,10 @@ def create_network_traffic(
         dst_ref: str = "",
         labels: list = [],
     ):
+        stix_object_id = str()
         description = []
         if not protocol:
-            return None
+            return stix_object_id
 
         """Creates a network traffic STIX object."""
         if labels is None:
@@ -706,32 +710,34 @@ def create_network_traffic(
             self.helper.connector_logger.error(
                 f"STIX object with ID {kwargs['id']} already exists. Aborting creation."
             )
-            return None
-
-        # Add description to custom properties
-        description_str = f"Shadowserver Network Traffic: {', '.join(description)}"
-        self.extend_stix_object(kwargs, labels)
-        if "custom_properties" not in kwargs:
-            kwargs["custom_properties"] = {}
-        kwargs["custom_properties"].update({"x_opencti_description": description_str})
-
-        stix_object = NetworkTraffic(**kwargs)
-
-        if stix_object:
-            self.helper.connector_logger.debug(
-                f"Created network traffic STIX object: {stix_object.id}"
-            )
-            self.object_refs.append(stix_object.id)
-            self.stix_objects.append(stix_object)
-            return stix_object.id
         else:
-            self.helper.connector_logger.error(
-                f"Failed to create network traffic STIX object with ID {stix_object.id}"
+            # Add description to custom properties
+            description_str = f"Shadowserver Network Traffic: {', '.join(description)}"
+            self.extend_stix_object(kwargs, labels)
+            if "custom_properties" not in kwargs:
+                kwargs["custom_properties"] = {}
+            kwargs["custom_properties"].update(
+                {"x_opencti_description": description_str}
             )
-            return None
+
+            stix_object = NetworkTraffic(**kwargs)
+
+            if stix_object:
+                self.helper.connector_logger.debug(
+                    f"Created network traffic STIX object: {stix_object.id}"
+                )
+                stix_object_id = stix_object.get("id", str())
+                self.object_refs.append(stix_object.id)
+                self.stix_objects.append(stix_object)
+            else:
+                self.helper.connector_logger.error(
+                    f"Failed to create network traffic STIX object with ID {stix_object.id}"
+                )
+        return stix_object_id
 
     def create_x509_certificate(self, data: dict, labels: list = []):
         """Creates an X509 certificate STIX object."""
+        stix_object_id = str()
         self.helper.connector_logger.debug(
             f"Creating X509 certificate STIX object: {data}"
         )
@@ -770,7 +776,12 @@ def create_x509_certificate(self, data: dict, labels: list = []):
             )
             self.object_refs.append(stix_object.get("id"))
             self.stix_objects.append(stix_object)
-            return stix_object.get("id")
+            stix_object_id = stix_object.get("id", str())
+        else:
+            self.helper.connector_logger.error(
+                f"Failed to create X509 certificate STIX object: {data}"
+            )
+        return stix_object_id
 
     def create_observed_data(
         self,

diff --git a/external-import/shadowserver/src/shadowserver/tests/fixtures/report_type_blocklist.json b/external-import/shadowserver/src/shadowserver/tests/fixtures/report_type_blocklist.json
@@ -1,77 +1,77 @@
 [
-    {
-        "asn": 1234,
-        "city": "NORTHAMPTON",
-        "geo": "UK",
-        "hostname": "",
-        "ip": "192.168.0.1",
-        "naics": 517312,
-        "reason": "not-specified",
-        "region": "WEST NORTHAMPTONSHIRE",
-        "sector": "Communications, Service Provider, and Hosting Service",
-        "severity": "low",
-        "source": "random-source-1",
-        "tag": "",
-        "timestamp": "2024-01-04 08:04:37Z"
-    },
-    {
-        "asn": 5678,
-        "city": "ROCKFORD",
-        "geo": "US",
-        "hostname": "",
-        "ip": "10.0.0.1",
-        "naics": 517311,
-        "reason": "not-specified",
-        "region": "ILLINOIS",
-        "sector": "Communications, Service Provider, and Hosting Service",
-        "severity": "low",
-        "source": "random-source-2",
-        "tag": "",
-        "timestamp": "2024-01-04 08:04:37Z"
-    },
-    {
-        "asn": 9012,
-        "city": "WINNIPEG",
-        "geo": "CA",
-        "hostname": "",
-        "ip": "172.16.0.1",
-        "naics": 517311,
-        "reason": "not-specified",
-        "region": "MANITOBA",
-        "sector": "Communications, Service Provider, and Hosting Service",
-        "severity": "low",
-        "source": "random-source-3",
-        "tag": "",
-        "timestamp": "2024-01-04 08:04:37Z"
-    },
-    {
-        "asn": 3456,
-        "city": "PENDER ISLAND",
-        "geo": "CA",
-        "hostname": "",
-        "ip": "192.168.1.1",
-        "naics": 517311,
-        "reason": "not-specified",
-        "region": "BRITISH COLUMBIA",
-        "sector": "Communications, Service Provider, and Hosting Service",
-        "severity": "low",
-        "source": "random-source-4",
-        "tag": "",
-        "timestamp": "2024-01-04 08:04:37Z"
-    },
-    {
-        "asn": 7890,
-        "city": "MONTICELLO",
-        "geo": "US",
-        "hostname": "",
-        "ip": "192.168.2.1",
-        "naics": 517311,
-        "reason": "not-specified",
-        "region": "NEW YORK",
-        "sector": "Communications, Service Provider, and Hosting Service",
-        "severity": "low",
-        "source": "random-source-5",
-        "tag": "",
-        "timestamp": "2024-01-04 08:04:37Z"
-    }
-]
+  {
+    "asn": 1234,
+    "city": "NORTHAMPTON",
+    "geo": "UK",
+    "hostname": "",
+    "ip": "192.168.0.1",
+    "naics": 517312,
+    "reason": "not-specified",
+    "region": "WEST NORTHAMPTONSHIRE",
+    "sector": "Communications, Service Provider, and Hosting Service",
+    "severity": "low",
+    "source": "random-source-1",
+    "tag": "",
+    "timestamp": "2024-01-04 08:04:37Z"
+  },
+  {
+    "asn": 5678,
+    "city": "ROCKFORD",
+    "geo": "US",
+    "hostname": "",
+    "ip": "10.0.0.1",
+    "naics": 517311,
+    "reason": "not-specified",
+    "region": "ILLINOIS",
+    "sector": "Communications, Service Provider, and Hosting Service",
+    "severity": "low",
+    "source": "random-source-2",
+    "tag": "",
+    "timestamp": "2024-01-04 08:04:37Z"
+  },
+  {
+    "asn": 9012,
+    "city": "WINNIPEG",
+    "geo": "CA",
+    "hostname": "",
+    "ip": "172.16.0.1",
+    "naics": 517311,
+    "reason": "not-specified",
+    "region": "MANITOBA",
+    "sector": "Communications, Service Provider, and Hosting Service",
+    "severity": "low",
+    "source": "random-source-3",
+    "tag": "",
+    "timestamp": "2024-01-04 08:04:37Z"
+  },
+  {
+    "asn": 3456,
+    "city": "PENDER ISLAND",
+    "geo": "CA",
+    "hostname": "",
+    "ip": "192.168.1.1",
+    "naics": 517311,
+    "reason": "not-specified",
+    "region": "BRITISH COLUMBIA",
+    "sector": "Communications, Service Provider, and Hosting Service",
+    "severity": "low",
+    "source": "random-source-4",
+    "tag": "",
+    "timestamp": "2024-01-04 08:04:37Z"
+  },
+  {
+    "asn": 7890,
+    "city": "MONTICELLO",
+    "geo": "US",
+    "hostname": "",
+    "ip": "192.168.2.1",
+    "naics": 517311,
+    "reason": "not-specified",
+    "region": "NEW YORK",
+    "sector": "Communications, Service Provider, and Hosting Service",
+    "severity": "low",
+    "source": "random-source-5",
+    "tag": "CVE-2024-38063",
+    "timestamp": "2024-01-04 08:04:37Z"
+  }
+]