OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [cti-users] Re: [EXT] [cti-users] Client Python Code


Just to let you know, using my own desktop App (not Python) 
I was able to connect to https://test.freetaxii.com:8000/taxii/
and get the discovery info, the api roots, the collections and the objects.
However I could not get this api root to work: https://demo.freetaxii.com:8000/osint/

Even using curl:
curl -H "Accept:application/vnd.oasis.taxii+json;" https://demo.freetaxii.com:8000/osint/

I get:
curl: (51) SSL: no alternative certificate subject name matches target host name 'demo.freetaxii.com'

Note, the Chrome browser complains that the site is not secure and should not be used.

Ringo

From: CTI-Stix-User <cti-users@lists.oasis-open.org> on behalf of Bret Jordan <jordan2175@gmail.com>
Date: Wednesday, 8 November 2017 at 6:21 am
To: "Jason A. Evans" <jasonevans77@gmail.com>
Cc: CTI-Stix-User <cti-users@lists.oasis-open.org>, Bret Jordan <Bret_Jordan@symantec.com>, "Piazza, Rich" <rpiazza@mitre.org>, Greg Back <gback@mitre.org>
Subject: Re: [cti-users] Re: [EXT] [cti-users] Client Python Code

Jason,

I think I see the problem.  Let me look in to this and I will get back with you. 

Bret





On Nov 7, 2017, at 12:59, Jason A. Evans <jasonevans77@gmail.com> wrote:

I'm kind of at a loss. Rechecked everything. Really seems like the server is returning something different/incorrect compared to yesterday. Below is my simple Python code followed by the error.

=============================================
#Jason A. Evans
#Joseph "Brian" Kelly
#AMSAA
#CPEG 697

#Resources

import taxii2client

#Set up client connection to server.
from taxii2client import Server
server = Server('https://test.freetaxii.com:8000/taxii/') #Currently the only known open TAXII 2.0 server available.

#Print out server details.
print ("Title: " + str(server.title))
print("Description: " + str(server.description))
print("URL: " + str(server.url))
print("Contact: " + str(server.contact))
print("Default: " + str(server.default))
print("# API Roots: " + str(len(server.api_roots)))

if(len(server.api_roots) > 0):
    api_root = server.api_roots[0]
    
    if len(server.api_roots[0].collections) > 0:
        collection = api_root.collections[0]

        print("\nAPI Root #" + str(1) + ", Collection #" + str(1) + " URL: " + collection.objects_url)        
        print("\n" + str(collection.get_objects())) #.get_object("indicator--9cb664cf-05dd-435a-94ee-bc6d44b6ccd1")))

server.close
=============================================
Title: FreeTAXII Discovery Service
Description: A listing of API-Roots that this server knows about
Default: <taxii2client.ApiRoot object at 0x0353D430>
# API Roots: 2
{'collections': [{'id': 'd57c89ba-d128-4592-aca6-4ab6c1c097b3', 'title': 'ZeuS IP blocklist', 'description': 'A list of bad IPs (excluding hijacked sites and free hosting providers) from abuse.ch', 'can_read': True, 'can_write': False, 'media_types': ['application/vnd.oasis.stix+json']}, {'id': '34f8c42d-213a-480d-9046-0bd8a8f25680', 'title': 'ZeuS domain blocklist', 'description': 'A list of bad domains (excluding hijacked sites) from abuse.ch', 'can_read': True, 'can_write': False, 'media_types': ['application/vnd.oasis.stix+json']}]}

Traceback (most recent call last):
  File "D:\Work\STIX_TAXII\taxii2_client.py", line 31, in <module>
    print("\n" + str(collection.get_objects())) #.get_object("indicator--9cb664cf-05dd-435a-94ee-bc6d44b6ccd1")))
  File "D:\Work\STIX_TAXII\taxii2client\__init__.py", line 204, in get_objects
    return self._conn.get(self.objects_url, accept=MEDIA_TYPE_STIX_V20)
  File "D:\Work\STIX_TAXII\taxii2client\__init__.py", line 484, in get
    raise TAXIIServiceException(msg.format(content_type))
taxii2client.TAXIIServiceException: Unexpected Response Content-Type: text/plain; charset=utf-8
=============================================

On Tue, Nov 7, 2017 at 1:13 PM, Piazza, Rich <rpiazza@mitre.org> wrote:

Hi Jason,

 

There was a problem with content types.  It was fixed last month.  I would get the latest version of the cti-taxii-client from github (PyPi’s version might not be up-to-date)

 

Bret Jordan recently changed freetaxii so it returns version “2.0”.  So you might have to check into that too.

 

If you are still having issues, get back to us

 

                Rich

 

From: <cti-users@lists.oasis-open.org> on behalf of "Jason A. Evans" <jasonevans77@gmail.com>
Date: Tuesday, November 7, 2017 at 12:41 PM
To: Bret Jordan <Bret_Jordan@symantec.com>
Cc: "cti-users@lists.oasis-open.org" <cti-users@lists.oasis-open.org>
Subject: [cti-users] Re: [EXT] [cti-users] Client Python Code

 

Hi Bret,

 

Thanks for getting back to me. However, The information you provided didn't help me out. I'm using the taxii2client code from here: https://github.com/oasis-open/cti-taxii-client

 

On line 484 of __init__.py there is a check that takes place. The snippet is as follows:

 

content_type = resp.headers['Content-Type']

if content_type != accept:

msg = "Unexpected Response Content-Type: {}"

raise TAXIIServiceException(msg.format(content_type))

return resp.json()

 

My execution goes into Unexpected Response Content-Type because the header from https://test.freetaxii.com:8000/taxii/ returns:

 

File "D:\Work\STIX_TAXII\taxii2client\__init__.py", line 484, in get raise TAXIIServiceException(msg.format(content_type)) taxii2client.TAXIIServiceException: Unexpected Response Content-Type: text/plain; charset=utf-8

 

I'm expecting something like:

 

MEDIA_TYPE_STIX_V20 = "application/vnd.oasis.stix+json; version=2.1; charset=utf-8"

 

The discovery server returned what I was expecting last night. Now it is giving me "text/plain".

 

Thanks!

Jason

 

On Tue, Nov 7, 2017 at 11:31 AM, Bret Jordan <Bret_Jordan@symantec.com> wrote:

Jason,

 

When making a request to the TAXII server, for TAXII resources like discovery, API roots, collections, etc you need to use the TAXII media type, aka "application/vnd.oasis.taxii+json".  

 

When you make a request at the objects resource, you need to use a STIX media type, aka "application/vnd.oasis.stix+json"

 

Let me know if that helps.

 

Bret


From:cti-users@lists.oasis-open.org <cti-users@lists.oasis-open.org> on behalf of Jason A. Evans <jasonevans77@gmail.com>
Sent: Tuesday, November 7, 2017 7:30:39 AM
To: cti-users@lists.oasis-open.org
Subject: [EXT] [cti-users] Client Python Code

 

I had some Python client code working last night. Making the following minor change:

 

MEDIA_TYPE_STIX_V20 = "application/vnd.oasis.stix+json; version=2.1; charset=utf-8"

 

With this change, I was able to call get_objects() as well as get_object(id).

 

However, this morning the following response is being returned:

 

File "D:\Work\STIX_TAXII\taxii2client\__init__.py", line 484, in get

    raise TAXIIServiceException(msg.format(content_type))

taxii2client.TAXIIServiceException: Unexpected Response Content-Type: text/plain; charset=utf-8

 

I can modify MEDIA_TYPE_STIX_V20 to match what is returned, but it only gets me to a future error where it looks like json is expected, not plain text.

 

Anyone else experiencing this?

 



Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."













[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]