KeyError on Nist Controls JSON Load
nbyt3 opened this issue · comments
I'm running into an issue running Pyattck==5.0.0 on python3.8.
I'm instantiating pyattck and loading just the enterprise JSON v8.2 and am receiving errors against the nist_controls_json object.
from pyattck import Attck
attack = Attck(
nested_subtechniques=False,
enterprise_attck_json="/home/-----/projects/------/enterprise-attack.json",
)
Traceback (most recent call last):
File "/home/------/projects/-----/mitre/ingest.py", line 25, in <module>
for technique in attack.enterprise.techniques:
File "/home/------/.local/lib/python3.8/site-packages/pyattck/attck.py", line 263, in enterprise
from .enterprise.enterprise import Enterprise
File "/home/------/.local/lib/python3.8/site-packages/pyattck/enterprise/__init__.py", line 1, in <module>
from .enterprise import Enterprise
File "/home/---/.local/lib/python3.8/site-packages/pyattck/enterprise/enterprise.py", line 1, in <module>
from .technique import AttckTechnique
File "/home/-----/.local/lib/python3.8/site-packages/pyattck/enterprise/technique.py", line 1, in <module>
from .attckobject import AttckObject
File "/home/---/.local/lib/python3.8/site-packages/pyattck/enterprise/attckobject.py", line 4, in <module>
class AttckObject(object):
File "/home/---/.local/lib/python3.8/site-packages/pyattck/enterprise/attckobject.py", line 17, in AttckObject
nist_controls_json = Configuration.get_data('nist_controls_json')['objects']
KeyError: 'objects'
While not an extensive review, a temporary solution seems to be to remove ['objects']
from line 17 in attackobject.py and from line 273 in enterprise.py.
So far this has allowed me to use the enterprise property again. However, I am not yet sure what the long-term effect of this removal could cause.
Thanks for this @TheComputerDan . Just noticed that they changed the URL path (again - argggg!) so I'll add some logic in to fail gracefully if this happens again.
Sorry about that.
They changed the path to https://raw.githubusercontent.com/center-for-threat-informed-defense/attack-control-framework-mappings/main/frameworks/attack_10_1/nist800_53_r4/stix/nist800-53-r4-controls.json FYI