From 9b66fa703fe46403960b83a70bfa6df13698ec63 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 3 May 2019 10:04:20 +0200
Subject: [PATCH 01/33] fix: [crawler] typo: domains down

---
 var/www/modules/hiddenServices/Flask_hiddenServices.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/var/www/modules/hiddenServices/Flask_hiddenServices.py b/var/www/modules/hiddenServices/Flask_hiddenServices.py
index fd68dc93..2d45b9c6 100644
--- a/var/www/modules/hiddenServices/Flask_hiddenServices.py
+++ b/var/www/modules/hiddenServices/Flask_hiddenServices.py
@@ -794,7 +794,7 @@ def domain_crawled_by_type_json():
             day_crawled = {}
             day_crawled['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
             day_crawled['UP']= nb_domain_up = r_serv_onion.scard('{}_up:{}'.format(type, date))
-            day_crawled['DOWN']= nb_domain_up = r_serv_onion.scard('{}_up:{}'.format(type, date))
+            day_crawled['DOWN']= nb_domain_up = r_serv_onion.scard('{}_down:{}'.format(type, date))
             range_decoder.append(day_crawled)
 
         return jsonify(range_decoder)

From 97fa1ddca4c201f43eb6d3c986f96e47fd383d64 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 3 May 2019 17:02:56 +0200
Subject: [PATCH 02/33] fix: [python requirements] rename file

---
 ansible/roles/ail-host/tasks/main.yml             | 8 +-------
 installing_deps.sh                                | 2 +-
 pip3_packages_requirement.txt => requirements.txt | 0
 3 files changed, 2 insertions(+), 8 deletions(-)
 rename pip3_packages_requirement.txt => requirements.txt (100%)

diff --git a/ansible/roles/ail-host/tasks/main.yml b/ansible/roles/ail-host/tasks/main.yml
index 43b23a8e..af520fe4 100644
--- a/ansible/roles/ail-host/tasks/main.yml
+++ b/ansible/roles/ail-host/tasks/main.yml
@@ -145,15 +145,9 @@
     extra_args: --upgrade
     virtualenv: /opt/AIL-framework/AILENV
 
-- name: Install pip requirements
-  pip:
-    requirements: /opt/AIL-framework/pip_packages_requirement.txt
-    extra_args: --upgrade
-    virtualenv: /opt/AIL-framework/AILENV
-
 - name: Install pip3 requirements
   pip:
-    requirements: /opt/AIL-framework/pip3_packages_requirement.txt
+    requirements: /opt/AIL-framework/requirements.txt
     executable: pip3
     extra_args: --upgrade
 
diff --git a/installing_deps.sh b/installing_deps.sh
index f8f2846f..f3e1d7b9 100755
--- a/installing_deps.sh
+++ b/installing_deps.sh
@@ -99,7 +99,7 @@ mkdir -p $AIL_HOME/PASTES
 
 pip3 install -U pip
 pip3 install 'git+https://github.com/D4-project/BGP-Ranking.git/@7e698f87366e6f99b4d0d11852737db28e3ddc62#egg=pybgpranking&subdirectory=client'
-pip3 install -U -r pip3_packages_requirement.txt
+pip3 install -U -r requirements.txt
 
 # Pyfaup
 pushd faup/src/lib/bindings/python/
diff --git a/pip3_packages_requirement.txt b/requirements.txt
similarity index 100%
rename from pip3_packages_requirement.txt
rename to requirements.txt

From cc61c99290900b164a11da49de608d2adc3c8286 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 6 May 2019 10:00:39 +0200
Subject: [PATCH 03/33] fix: [showpaste] fix: #346, avoid None screenshots

---
 var/www/modules/showpaste/Flask_showpaste.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/var/www/modules/showpaste/Flask_showpaste.py b/var/www/modules/showpaste/Flask_showpaste.py
index 474280b5..b94a1073 100644
--- a/var/www/modules/showpaste/Flask_showpaste.py
+++ b/var/www/modules/showpaste/Flask_showpaste.py
@@ -44,6 +44,8 @@ def get_item_screenshot_path(item):
     screenshot = r_serv_metadata.hget('paste_metadata:{}'.format(item), 'screenshot')
     if screenshot:
         screenshot =  os.path.join(screenshot[0:2], screenshot[2:4], screenshot[4:6], screenshot[6:8], screenshot[8:10], screenshot[10:12], screenshot[12:])
+    else:
+        screenshot = ''
     return screenshot
 
 def showpaste(content_range, requested_path):

From a4c03b4ba4f24cd53bb700836bf8000d92b0c90f Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 6 May 2019 11:46:20 +0200
Subject: [PATCH 04/33] fix: [Crawler] force domains/subdomains lower case
 (rfc4343)

---
 bin/Crawler.py | 48 ++++++++++++++++++++++++++++++++++++++----------
 bin/Onion.py   |  8 ++++++--
 2 files changed, 44 insertions(+), 12 deletions(-)

diff --git a/bin/Crawler.py b/bin/Crawler.py
index a7e9365b..d8e6a430 100755
--- a/bin/Crawler.py
+++ b/bin/Crawler.py
@@ -43,25 +43,49 @@ def unpack_url(url):
     to_crawl = {}
     faup.decode(url)
     url_unpack = faup.get()
-    to_crawl['domain'] = url_unpack['domain'].decode()
+    # # FIXME: # TODO: remove me
+    try:
+        to_crawl['domain'] = url_unpack['domain'].decode()
+    except:
+        to_crawl['domain'] = url_unpack['domain']
+    to_crawl['domain'] = to_crawl['domain'].lower()
+
+
+    # force lower case domain/subdomain (rfc4343)
+    # # FIXME: # TODO: remove me
+    try:
+        url_host = url_unpack['host'].decode()
+    except:
+        url_host = url_unpack['host']
+
+    new_url_host = url_host.lower()
+    url_lower_case = url.replace(url_host, new_url_host, 1)
 
     if url_unpack['scheme'] is None:
         to_crawl['scheme'] = 'http'
-        url= 'http://{}'.format(url_unpack['url'].decode())
+        url= 'http://{}'.format(url_lower_case)
     else:
-        scheme = url_unpack['scheme'].decode()
+        # # FIXME: # TODO: remove me
+        try:
+            scheme = url_unpack['scheme'].decode()
+        except Exception as e:
+            scheme = url_unpack['scheme']
         if scheme in default_proto_map:
             to_crawl['scheme'] = scheme
-            url = url_unpack['url'].decode()
+            url = url_lower_case
         else:
-            redis_crawler.sadd('new_proto', '{} {}'.format(scheme, url_unpack['url'].decode()))
+            redis_crawler.sadd('new_proto', '{} {}'.format(scheme, url_lower_case))
             to_crawl['scheme'] = 'http'
-            url= 'http://{}'.format(url_unpack['url'].decode().replace(scheme, '', 1))
+            url= 'http://{}'.format(url_lower_case.replace(scheme, '', 1))
 
     if url_unpack['port'] is None:
         to_crawl['port'] = default_proto_map[to_crawl['scheme']]
     else:
-        port = url_unpack['port'].decode()
+        # # FIXME: # TODO: remove me
+        try:
+            port = url_unpack['port'].decode()
+        except:
+            port = url_unpack['port']
         # Verify port number                        #################### make function to verify/correct port number
         try:
             int(port)
@@ -80,12 +104,16 @@ def unpack_url(url):
 
     to_crawl['url'] = url
     if to_crawl['port'] == 80:
-        to_crawl['domain_url'] = '{}://{}'.format(to_crawl['scheme'], url_unpack['host'].decode())
+        to_crawl['domain_url'] = '{}://{}'.format(to_crawl['scheme'], new_url_host)
     else:
-        to_crawl['domain_url'] = '{}://{}:{}'.format(to_crawl['scheme'], url_unpack['host'].decode(), to_crawl['port'])
+        to_crawl['domain_url'] = '{}://{}:{}'.format(to_crawl['scheme'], new_url_host, to_crawl['port'])
 
+    # # FIXME: # TODO: remove me
+    try:
+        to_crawl['tld'] = url_unpack['tld'].decode()
+    except:
+        to_crawl['tld'] = url_unpack['tld']
 
-    to_crawl['tld'] = url_unpack['tld'].decode()
     return to_crawl
 
 # get url, paste and service_type to crawl
diff --git a/bin/Onion.py b/bin/Onion.py
index cbe8bb9f..2aa56d8e 100755
--- a/bin/Onion.py
+++ b/bin/Onion.py
@@ -224,7 +224,11 @@ if __name__ == "__main__":
 
                             faup.decode(url)
                             url_unpack = faup.get()
-                            domain = url_unpack['domain'].decode()
+                            ## TODO: # FIXME: remove me
+                            try:
+                                domain = url_unpack['domain'].decode().lower()
+                            except Exception as e:
+                                 domain = url_unpack['domain'].lower()
 
                             ## TODO: blackilst by port ?
                             # check blacklist
@@ -233,7 +237,7 @@ if __name__ == "__main__":
 
                             subdomain = re.findall(url_regex, url)
                             if len(subdomain) > 0:
-                                subdomain = subdomain[0][4]
+                                subdomain = subdomain[0][4].lower()
                             else:
                                 continue
 

From 2606220c2bbc74a6c351c8713f84d6d4a111b02e Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 6 May 2019 13:38:13 +0200
Subject: [PATCH 05/33] fix: [faup] fix new return types (bytes to str)

---
 bin/Credential.py                             | 10 ++++++
 bin/LibInjection.py                           | 19 ++++++++--
 bin/Mail.py                                   |  4 +++
 bin/SQLInjectionDetection.py                  | 19 ++++++++--
 bin/Web.py                                    | 16 +++++----
 .../hiddenServices/Flask_hiddenServices.py    | 35 ++++++++++++++++---
 6 files changed, 87 insertions(+), 16 deletions(-)

diff --git a/bin/Credential.py b/bin/Credential.py
index 8da84883..2eeb3d55 100755
--- a/bin/Credential.py
+++ b/bin/Credential.py
@@ -124,6 +124,11 @@ if __name__ == "__main__":
             for url in sites:
                 faup.decode(url)
                 domain = faup.get()['domain']
+                ## TODO: # FIXME: remove me
+                try:
+                    domain = domain.decode()
+                except:
+                    pass
                 if domain in creds_sites.keys():
                     creds_sites[domain] += 1
                 else:
@@ -143,6 +148,11 @@ if __name__ == "__main__":
                 maildomains = re.findall("@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,20}", cred.lower())[0]
                 faup.decode(maildomains)
                 tld = faup.get()['tld']
+                ## TODO: # FIXME: remove me
+                try:
+                    tld = tld.decode()
+                except:
+                    pass
                 server_statistics.hincrby('credential_by_tld:'+date, tld, 1)
         else:
             publisher.info(to_print)
diff --git a/bin/LibInjection.py b/bin/LibInjection.py
index 4b851f21..65789e62 100755
--- a/bin/LibInjection.py
+++ b/bin/LibInjection.py
@@ -29,8 +29,17 @@ def analyse(url, path):
     faup.decode(url)
     url_parsed = faup.get()
     pprint.pprint(url_parsed)
-    resource_path = url_parsed['resource_path']
-    query_string = url_parsed['query_string']
+    ## TODO: # FIXME: remove me
+    try:
+        resource_path = url_parsed['resource_path'].encode()
+    except:
+        resource_path = url_parsed['resource_path']
+
+    ## TODO: # FIXME: remove me
+    try:
+        query_string = url_parsed['query_string'].encode()
+    except:
+        query_string = url_parsed['query_string']
 
     result_path = {'sqli' : False}
     result_query = {'sqli' : False}
@@ -56,7 +65,11 @@ def analyse(url, path):
         p.populate_set_out(msg, 'Tags')
 
         #statistics
-        tld = url_parsed['tld']
+        ## TODO: # FIXME: remove me
+        try:
+            tld = url_parsed['tld'].decode()
+        except:
+            tld = url_parsed['tld']
         if tld is not None:
             date = datetime.datetime.now().strftime("%Y%m")
             server_statistics.hincrby('SQLInjection_by_tld:'+date, tld, 1)
diff --git a/bin/Mail.py b/bin/Mail.py
index b8311d3c..b90ee4ab 100755
--- a/bin/Mail.py
+++ b/bin/Mail.py
@@ -95,6 +95,10 @@ if __name__ == "__main__":
 
                             faup.decode(mail)
                             tld = faup.get()['tld']
+                            try:
+                                tld = tld.decode()
+                            except:
+                                pass
                             server_statistics.hincrby('mail_by_tld:'+date, tld, MX_values[1][mail])
 
                     else:
diff --git a/bin/SQLInjectionDetection.py b/bin/SQLInjectionDetection.py
index a5595dc7..ffb21003 100755
--- a/bin/SQLInjectionDetection.py
+++ b/bin/SQLInjectionDetection.py
@@ -68,10 +68,20 @@ def analyse(url, path):
     result_query = 0
 
     if resource_path is not None:
-        result_path = is_sql_injection(resource_path.decode('utf8'))
+        ## TODO: # FIXME: remove me
+        try:
+            resource_path = resource_path.decode()
+        except:
+            pass
+        result_path = is_sql_injection(resource_path)
 
     if query_string is not None:
-        result_query = is_sql_injection(query_string.decode('utf8'))
+        ## TODO: # FIXME: remove me
+        try:
+            query_string = query_string.decode()
+        except:
+            pass
+        result_query = is_sql_injection(query_string)
 
     if (result_path > 0) or (result_query > 0):
         paste = Paste.Paste(path)
@@ -89,6 +99,11 @@ def analyse(url, path):
             #statistics
             tld = url_parsed['tld']
             if tld is not None:
+                ## TODO: # FIXME: remove me
+                try:
+                    tld = tld.decode()
+                except:
+                    pass
                 date = datetime.datetime.now().strftime("%Y%m")
                 server_statistics.hincrby('SQLInjection_by_tld:'+date, tld, 1)
 
diff --git a/bin/Web.py b/bin/Web.py
index 7cc96822..ca4366e8 100755
--- a/bin/Web.py
+++ b/bin/Web.py
@@ -94,18 +94,22 @@ if __name__ == "__main__":
                     faup.decode(url)
                     domain = faup.get_domain()
                     subdomain = faup.get_subdomain()
-                    f1 = None
 
                     publisher.debug('{} Published'.format(url))
 
-                    if f1 == "onion":
-                        print(domain)
-
                     if subdomain is not None:
-                        subdomain = subdomain.decode('utf8')
+                        ## TODO: # FIXME: remove me
+                        try:
+                            subdomain = subdomain.decode()
+                        except:
+                            pass
 
                     if domain is not None:
-                        domain = domain.decode('utf8')
+                        ## TODO: # FIXME: remove me
+                        try:
+                            domain = domain.decode()
+                        except:
+                            pass
                         domains_list.append(domain)
 
                     hostl = avoidNone(subdomain) + avoidNone(domain)
diff --git a/var/www/modules/hiddenServices/Flask_hiddenServices.py b/var/www/modules/hiddenServices/Flask_hiddenServices.py
index 2d45b9c6..0ee44974 100644
--- a/var/www/modules/hiddenServices/Flask_hiddenServices.py
+++ b/var/www/modules/hiddenServices/Flask_hiddenServices.py
@@ -115,7 +115,12 @@ def get_type_domain(domain):
 def get_domain_from_url(url):
     faup.decode(url)
     unpack_url = faup.get()
-    domain = unpack_url['domain'].decode()
+    domain = unpack_url['domain']
+    ## TODO: FIXME remove me
+    try:
+        domain = domain.decode()
+    except:
+        pass
     return domain
 
 def get_last_domains_crawled(type):
@@ -418,8 +423,19 @@ def create_spider_splash():
     # get service_type
     faup.decode(url)
     unpack_url = faup.get()
-    domain = unpack_url['domain'].decode()
-    if unpack_url['tld'] == b'onion':
+    ## TODO: # FIXME: remove me
+    try:
+        domain = unpack_url['domain'].decode()
+    except:
+        domain = unpack_url['domain']
+
+    ## TODO: # FIXME: remove me
+    try:
+        tld = unpack_url['tld'].decode()
+    except:
+        tld = unpack_url['tld']
+
+    if tld == 'onion':
         service_type = 'onion'
     else:
         service_type = 'regular'
@@ -694,10 +710,19 @@ def show_domain():
     port = request.args.get('port')
     faup.decode(domain)
     unpack_url = faup.get()
-    domain = unpack_url['domain'].decode()
+
+    ## TODO: # FIXME: remove me
+    try:
+        domain = unpack_url['domain'].decode()
+    except:
+        domain = unpack_url['domain']
+
     if not port:
         if unpack_url['port']:
-            port = unpack_url['port'].decode()
+            try:
+                port = unpack_url['port'].decode()
+            except:
+                port = unpack_url['port']
         else:
             port = 80
     try:

From 254441f19341da351adb7538d11f74aeee1120bc Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 13 May 2019 13:56:43 +0200
Subject: [PATCH 06/33] chg: [crawler] manual/auto crawler: always save
 screenshots

---
 bin/torcrawler/TorSplashCrawler.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/torcrawler/TorSplashCrawler.py b/bin/torcrawler/TorSplashCrawler.py
index d1417e6e..17710bf6 100644
--- a/bin/torcrawler/TorSplashCrawler.py
+++ b/bin/torcrawler/TorSplashCrawler.py
@@ -57,6 +57,7 @@ class TorSplashCrawler():
 
         def __init__(self, type, crawler_options, date, url, domain, port, original_item, *args, **kwargs):
             self.type = type
+            self.requested = crawler_options['requested']
             self.original_item = original_item
             self.root_key = None
             self.start_urls = url
@@ -183,7 +184,7 @@ class TorSplashCrawler():
                     if 'png' in response.data:
                         size_screenshot = (len(response.data['png'])*3) /4
 
-                        if size_screenshot < 5000000: #bytes
+                        if size_screenshot < 5000000 or self.requested: #bytes or manual/auto
                             image_content = base64.standard_b64decode(response.data['png'].encode())
                             hash = sha256(image_content).hexdigest()
                             img_dir_path = os.path.join(hash[0:2], hash[2:4], hash[4:6], hash[6:8], hash[8:10], hash[10:12])

From 0389b9c23b9280c74fc6b66911672415d4d944d0 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 13 May 2019 14:24:16 +0200
Subject: [PATCH 07/33] chg: [crawler] manual/auto crawler: always save
 screenshots

---
 bin/torcrawler/TorSplashCrawler.py | 10 +++++-----
 bin/torcrawler/tor_crawler.py      |  3 ++-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/bin/torcrawler/TorSplashCrawler.py b/bin/torcrawler/TorSplashCrawler.py
index 17710bf6..4e36c1c9 100644
--- a/bin/torcrawler/TorSplashCrawler.py
+++ b/bin/torcrawler/TorSplashCrawler.py
@@ -48,16 +48,16 @@ class TorSplashCrawler():
             'DEPTH_LIMIT': crawler_options['depth_limit']
             })
 
-    def crawl(self, type, crawler_options, date, url, domain, port, original_item):
-        self.process.crawl(self.crawler, type=type, crawler_options=crawler_options, date=date, url=url, domain=domain, port=port, original_item=original_item)
+    def crawl(self, type, crawler_options, date, requested_mode, url, domain, port, original_item):
+        self.process.crawl(self.crawler, type=type, crawler_options=crawler_options, date=date, requested_mode=requested_mode, url=url, domain=domain, port=port, original_item=original_item)
         self.process.start()
 
     class TorSplashSpider(Spider):
         name = 'TorSplashSpider'
 
-        def __init__(self, type, crawler_options, date, url, domain, port, original_item, *args, **kwargs):
+        def __init__(self, type, crawler_options, date, requested_mode, url, domain, port, original_item, *args, **kwargs):
             self.type = type
-            self.requested = crawler_options['requested']
+            self.requested_mode = requested_mode
             self.original_item = original_item
             self.root_key = None
             self.start_urls = url
@@ -184,7 +184,7 @@ class TorSplashCrawler():
                     if 'png' in response.data:
                         size_screenshot = (len(response.data['png'])*3) /4
 
-                        if size_screenshot < 5000000 or self.requested: #bytes or manual/auto
+                        if size_screenshot < 5000000 or self.requested_mode: #bytes or manual/auto
                             image_content = base64.standard_b64decode(response.data['png'].encode())
                             hash = sha256(image_content).hexdigest()
                             img_dir_path = os.path.join(hash[0:2], hash[2:4], hash[4:6], hash[6:8], hash[8:10], hash[10:12])
diff --git a/bin/torcrawler/tor_crawler.py b/bin/torcrawler/tor_crawler.py
index 13a67545..2d8365c4 100755
--- a/bin/torcrawler/tor_crawler.py
+++ b/bin/torcrawler/tor_crawler.py
@@ -43,8 +43,9 @@ if __name__ == '__main__':
     original_item = crawler_json['item']
     crawler_options = crawler_json['crawler_options']
     date = crawler_json['date']
+    requested_mode = crawler_json['requested']
 
     redis_cache.delete('crawler_request:{}'.format(uuid))
 
     crawler = TorSplashCrawler(splash_url, crawler_options)
-    crawler.crawl(service_type, crawler_options, date, url, domain, port, original_item)
+    crawler.crawl(service_type, crawler_options, date, requested_mode, url, domain, port, original_item)

From 05079c143c562b74abe1e95e018bbe9e7cdc7d89 Mon Sep 17 00:00:00 2001
From: kovacsbalu <kovacsbalu@gmail.com>
Date: Tue, 14 May 2019 16:06:20 +0200
Subject: [PATCH 08/33] Fix #314 Replace char on redis encoding error. Try to
 use local file on other error.

---
 bin/packages/Paste.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/bin/packages/Paste.py b/bin/packages/Paste.py
index f8be2f9b..884bd5ee 100755
--- a/bin/packages/Paste.py
+++ b/bin/packages/Paste.py
@@ -70,6 +70,7 @@ class Paste(object):
             host=cfg.get("Redis_Queues", "host"),
             port=cfg.getint("Redis_Queues", "port"),
             db=cfg.getint("Redis_Queues", "db"),
+            encoding_errors='replace',
             decode_responses=True)
         self.store = redis.StrictRedis(
             host=cfg.get("Redis_Data_Merging", "host"),
@@ -125,7 +126,13 @@ class Paste(object):
 
         """
 
-        paste = self.cache.get(self.p_path)
+        try:
+            paste = self.cache.get(self.p_path)
+        except Exception as e:
+            print("ERROR in: " + self.p_path)
+            print(e)
+            paste = None
+
         if paste is None:
             try:
                 with gzip.open(self.p_path, 'r') as f:

From 648074464170a9899b7815b162e9eee7400a0be4 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Tue, 14 May 2019 17:49:31 +0200
Subject: [PATCH 09/33] chg: [PgpDump] add PgpDump backend TODO: UI

---
 OVERVIEW.md                    |  50 +++++++++
 bin/Keys.py                    |   9 ++
 bin/PgpDump.py                 | 188 +++++++++++++++++++++++++++++++++
 bin/packages/config.cfg.sample |   3 +
 bin/packages/modules.cfg       |   4 +
 5 files changed, 254 insertions(+)
 create mode 100755 bin/PgpDump.py

diff --git a/OVERVIEW.md b/OVERVIEW.md
index 5d6dbc99..2b357f9f 100644
--- a/OVERVIEW.md
+++ b/OVERVIEW.md
@@ -152,6 +152,56 @@ Redis and ARDB overview
 | binary_hash:**hash** | **item** | **nb_seen** |
 | hexadecimal_hash:**hash** | **item** | **nb_seen** |
 
+#### PgpDump
+
+##### Hset:
+| Key | Field | Value |
+| ------ | ------ | ------ |
+| pgp_metadata_key:*key id* | first_seen | **date** |
+| | last_seen | **date** |
+| | |
+| pgp_metadata_name:*name* | first_seen | **date** |
+| | last_seen | **date** |
+| | |
+| pgp_metadata_mail:*mail* | first_seen | **date** |
+| | last_seen | **date** |
+
+##### set:
+| Key | Value |
+| ------ | ------ |
+| pgp_key:*key id* | *item_path* |
+| | |
+| pgp_name:*name* | *item_path* |
+| | |
+| pgp_mail:*mail* | *item_path* |
+
+##### Hset date:
+| Key | Field | Value |
+| ------ | ------ |
+| pgp:key:*date* | *key* | *nb seen* |
+| | |
+| pgp:name:*date* | *name* | *nb seen* |
+| | |
+| pgp:mail:*date* | *mail* | *nb seen* |
+
+##### zset:
+| Key | Field | Value |
+| ------ | ------ | ------ |
+| pgp_all:key | *key* | *nb seen* |
+| | |
+| pgp_all:name | *name* | *nb seen* |
+| | |
+| pgp_all:mail | *mail* | *nb seen* |
+
+##### set:
+| Key | Value |
+| ------ | ------ |
+| item_pgp_key:*item_path* | *key* |
+| | |
+| item_pgp_name:*item_path* | *name* |
+| | |
+| item_pgp_mail:*item_path* | *mail* |
+
 ## DB9 - Crawler:
 
 ##### Hset:
diff --git a/bin/Keys.py b/bin/Keys.py
index 7fcc7a1e..6d6e6166 100755
--- a/bin/Keys.py
+++ b/bin/Keys.py
@@ -108,6 +108,15 @@ def search_key(paste):
         p.populate_set_out(msg, 'Tags')
         find = True
 
+    if '-----BEGIN PGP PUBLIC KEY BLOCK-----' in content:
+        p.populate_set_out(message, 'PgpDump')
+
+    if '-----BEGIN PGP SIGNATURE-----' in content:
+        p.populate_set_out(message, 'PgpDump')
+
+    if '-----BEGIN PGP MESSAGE-----' in content:
+        p.populate_set_out(message, 'PgpDump')
+
     if find :
 
         #Send to duplicate
diff --git a/bin/PgpDump.py b/bin/PgpDump.py
new file mode 100755
index 00000000..6cf754d0
--- /dev/null
+++ b/bin/PgpDump.py
@@ -0,0 +1,188 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+"""
+    PgpDum module
+
+    Extract ID from PGP Blocks
+"""
+
+import os
+import re
+import redis
+import signal
+import datetime
+import subprocess
+
+from pubsublogger import publisher
+from bs4 import BeautifulSoup
+
+from Helper import Process
+from packages import Paste
+
+class TimeoutException(Exception):
+    pass
+
+def timeout_handler(signum, frame):
+    raise TimeoutException
+
+signal.signal(signal.SIGALRM, timeout_handler)
+
+def remove_html(item_content):
+    if bool(BeautifulSoup(item_content, "html.parser").find()):
+        soup = BeautifulSoup(item_content, 'html.parser')
+        # kill all script and style elements
+        for script in soup(["script", "style"]):
+            script.extract()    # remove
+
+        # get text
+        text = soup.get_text()
+        return text
+    else:
+        return item_content
+
+def extract_all_id(item_content, regex):
+    # max execution time on regex
+    signal.alarm(max_execution_time)
+    try:
+        pgp_extracted_block = re.findall(regex, item_content)
+    except TimeoutException:
+        pgp_extracted_block = []
+        p.incr_module_timeout_statistic() # add encoder type
+        print ("{0} processing timeout".format(paste.p_rel_path))
+    else:
+        signal.alarm(0)
+
+    for pgp_to_dump in pgp_extracted_block:
+        pgp_packet = get_pgp_packet(pgp_to_dump)
+        extract_id_from_output(pgp_packet)
+
+def get_pgp_packet(save_path):
+    save_path = '{}'.format(save_path)
+    process1 = subprocess.Popen([ 'echo', '-e', save_path], stdout=subprocess.PIPE)
+    process2 = subprocess.Popen([ 'pgpdump'], stdin=process1.stdout, stdout=subprocess.PIPE)
+    process1.stdout.close()
+    output = process2.communicate()[0].decode()
+    return output
+
+
+def extract_id_from_output(pgp_dump_outpout):
+    all_user_id = set(re.findall(regex_user_id, pgp_dump_outpout))
+    for user_id in all_user_id:
+        user_id = user_id.replace(user_id_str, '', 1)
+        mail = None
+        if ' <' in user_id:
+            name, mail = user_id.rsplit(' <', 1)
+            mail = mail[:-1]
+            set_name.add(name)
+            set_mail.add(mail)
+        else:
+            name = user_id
+            set_name.add(name)
+
+    all_key_id = set(re.findall(regex_key_id, pgp_dump_outpout))
+    for key_id in all_key_id:
+        key_id = key_id.replace(key_id_str, '', 1)
+        set_key.add(key_id)
+
+def save_pgp_data(type_pgp, date, item_path, data):
+    # create basic medata
+    if not serv_metadata.exists('pgp_{}:{}'.format(type_pgp, data)):
+        serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'first_seen', date)
+        serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+    else:
+        last_seen = serv_metadata.hget('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen')
+        if not last_seen:
+            serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+        else:
+            if int(last_seen) < int(date):
+                serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+
+    # global set
+    serv_metadata.sadd('pgp_{}:{}'.format(type_pgp, data), item_path)
+
+    # daily
+    serv_metadata.hincrby('pgp:{}:{}'.format(type_pgp, date), data, 1)
+
+    # all type
+    serv_metadata.zincrby('pgp_all:{}'.format(type_pgp), data, 1)
+
+    # item_metadata
+    serv_metadata.sadd('item_pgp_{}:{}'.format(type_pgp, item_path), data)
+
+
+if __name__ == '__main__':
+    # If you wish to use an other port of channel, do not forget to run a subscriber accordingly (see launch_logs.sh)
+    # Port of the redis instance used by pubsublogger
+    publisher.port = 6380
+    # Script is the default channel used for the modules.
+    publisher.channel = 'Script'
+
+    # Section name in bin/packages/modules.cfg
+    #config_section = 'PgpDump'
+    config_section = 'PgpDump'
+
+    # Setup the I/O queues
+    p = Process(config_section)
+
+    serv_metadata = redis.StrictRedis(
+        host=p.config.get("ARDB_Metadata", "host"),
+        port=p.config.getint("ARDB_Metadata", "port"),
+        db=p.config.getint("ARDB_Metadata", "db"),
+        decode_responses=True)
+
+    # Sent to the logging a description of the module
+    publisher.info("PgpDump started")
+
+    user_id_str = 'User ID - '
+    regex_user_id= '{}.+'.format(user_id_str)
+
+    key_id_str = 'Key ID - '
+    regex_key_id = '{}.+'.format(key_id_str)
+    regex_pgp_public_blocs = '-----BEGIN PGP PUBLIC KEY BLOCK-----[\s\S]+?-----END PGP PUBLIC KEY BLOCK-----'
+    regex_pgp_signature = '-----BEGIN PGP SIGNATURE-----[\s\S]+?-----END PGP SIGNATURE-----'
+    regex_pgp_message = '-----BEGIN PGP MESSAGE-----[\s\S]+?-----END PGP MESSAGE-----'
+
+    re.compile(regex_user_id)
+    re.compile(regex_key_id)
+    re.compile(regex_pgp_public_blocs)
+    re.compile(regex_pgp_signature)
+    re.compile(regex_pgp_message)
+
+    max_execution_time = p.config.getint("PgpDump", "max_execution_time")
+
+    # Endless loop getting messages from the input queue
+    while True:
+        # Get one message from the input queue
+        message = p.get_from_set()
+
+        if message is None:
+            publisher.debug("{} queue is empty, waiting".format(config_section))
+            time.sleep(1)
+            continue
+
+
+        set_key = set()
+        set_name = set()
+        set_mail = set()
+        paste = Paste.Paste(message)
+
+                # Do something with the message from the queue
+        date = str(paste._get_p_date())
+        content = paste.get_p_content()
+        content = remove_html(content)
+
+        extract_all_id(content, regex_pgp_public_blocs)
+        extract_all_id(content, regex_pgp_signature)
+        extract_all_id(content, regex_pgp_message)
+
+        for key_id in set_key:
+            print(key_id)
+            save_pgp_data('key', date, message, key_id)
+
+        for name_id in set_name:
+            print(name_id)
+            save_pgp_data('name', date, message, name_id)
+
+        for mail_id in set_mail:
+            print(mail_id)
+            save_pgp_data('mail', date, message, mail_id)
diff --git a/bin/packages/config.cfg.sample b/bin/packages/config.cfg.sample
index f9483476..ea0ea55c 100644
--- a/bin/packages/config.cfg.sample
+++ b/bin/packages/config.cfg.sample
@@ -71,6 +71,9 @@ max_execution_time = 90
 [Onion]
 max_execution_time = 180
 
+[PgpDump]
+max_execution_time = 60
+
 [Base64]
 path = Base64/
 max_execution_time = 60
diff --git a/bin/packages/modules.cfg b/bin/packages/modules.cfg
index c3c09a4e..f1fe5e3d 100644
--- a/bin/packages/modules.cfg
+++ b/bin/packages/modules.cfg
@@ -118,6 +118,10 @@ publish = Redis_Duplicate,Redis_Tags
 
 [Keys]
 subscribe = Redis_Global
+publish = Redis_Duplicate,Redis_PgpDump,Redis_Tags
+
+[PgpDump]
+subscribe = Redis_PgpDump
 publish = Redis_Duplicate,Redis_Tags
 
 [ApiKey]

From 6092f482e6037a76b28b067ebe4be425772e2ef3 Mon Sep 17 00:00:00 2001
From: kovacsbalu <kovacsbalu@gmail.com>
Date: Wed, 15 May 2019 09:57:18 +0200
Subject: [PATCH 10/33] Fix crawler rotation

Before this, crawler processed prioritized onions and after all starts prioritized regular.
---
 bin/Crawler.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/Crawler.py b/bin/Crawler.py
index d8e6a430..31f2d594 100755
--- a/bin/Crawler.py
+++ b/bin/Crawler.py
@@ -12,6 +12,7 @@ import time
 import subprocess
 import requests
 
+from collections import deque
 from pyfaup.faup import Faup
 
 sys.path.append(os.environ['AIL_BIN'])
@@ -303,7 +304,7 @@ if __name__ == '__main__':
     #mode = sys.argv[1]
     splash_port = sys.argv[1]
 
-    rotation_mode = ['onion', 'regular']
+    rotation_mode = deque(["onion", "regular"])
     default_proto_map = {'http': 80, 'https': 443}
 ######################################################## add ftp ???
 
@@ -361,6 +362,7 @@ if __name__ == '__main__':
 
         update_auto_crawler()
 
+        rotation_mode.rotate()
         to_crawl = get_elem_to_crawl(rotation_mode)
         if to_crawl:
             url_data = unpack_url(to_crawl['url'])

From 7765ab92e0d2a171cadc30b48f6c0560b1e908c2 Mon Sep 17 00:00:00 2001
From: kovacsbalu <kovacsbalu@gmail.com>
Date: Wed, 15 May 2019 10:00:51 +0200
Subject: [PATCH 11/33] Hopp, single quote :)

---
 bin/Crawler.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/Crawler.py b/bin/Crawler.py
index 31f2d594..e5864059 100755
--- a/bin/Crawler.py
+++ b/bin/Crawler.py
@@ -304,7 +304,7 @@ if __name__ == '__main__':
     #mode = sys.argv[1]
     splash_port = sys.argv[1]
 
-    rotation_mode = deque(["onion", "regular"])
+    rotation_mode = deque(['onion', 'regular'])
     default_proto_map = {'http': 80, 'https': 443}
 ######################################################## add ftp ???
 

From cca69def7196749e8db0d0e5da6843601c6d8f4f Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 15 May 2019 17:23:58 +0200
Subject: [PATCH 12/33] chg: [decoded items] bootstrap 4 migration

---
 .../modules/hashDecoded/Flask_hashDecoded.py  |  10 +-
 .../hashDecoded/templates/hashDecoded.html    | 493 +++++++++---------
 .../hashDecoded/templates/showHash.html       | 322 ++++++------
 var/www/templates/decoded/menu_sidebar.html   |  30 ++
 var/www/templates/nav_bar.html                |   2 +-
 5 files changed, 449 insertions(+), 408 deletions(-)
 create mode 100644 var/www/templates/decoded/menu_sidebar.html

diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index 8a7945d2..1c5f8e89 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -66,13 +66,13 @@ def get_file_icon(estimated_type):
     if file_type == 'application':
         file_icon = 'fa-file '
     elif file_type == 'audio':
-        file_icon = 'fa-file-video-o '
+        file_icon = 'fa-file-audio '
     elif file_type == 'image':
-        file_icon = 'fa-file-image-o'
+        file_icon = 'fa-file-image'
     elif file_type == 'text':
-        file_icon = 'fa-file-text-o'
+        file_icon = 'fa-file-alt'
     else:
-        file_icon =  'fa-file-o'
+        file_icon =  'fa-sticky-note'
 
     return file_icon
 
@@ -88,7 +88,7 @@ def get_file_icon_text(estimated_type):
     elif file_type == 'text':
         file_icon_text = '\uf15c'
     else:
-        file_icon_text = '\uf15b'
+        file_icon_text = '\uf249'
 
     return file_icon_text
 
diff --git a/var/www/modules/hashDecoded/templates/hashDecoded.html b/var/www/modules/hashDecoded/templates/hashDecoded.html
index 19ddcdaf..bf0a12bf 100644
--- a/var/www/modules/hashDecoded/templates/hashDecoded.html
+++ b/var/www/modules/hashDecoded/templates/hashDecoded.html
@@ -1,157 +1,147 @@
 <!DOCTYPE html>
 <html>
 
-	<head>
-	  <meta charset="utf-8">
-	  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+<head>
+  <title>Decoded - AIL</title>
+	<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
 
-	  <title>HashesDecoded - AIL</title>
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
 
-	  <!-- Core CSS -->
-		<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='font-awesome/css/font-awesome.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='css/sb-admin-2.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='css/dataTables.bootstrap.css') }}" rel="stylesheet" type="text/css" />
-		<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet" type="text/css" />
-	  <!-- JS -->
-		<script language="javascript" src="{{ url_for('static', filename='js/jquery.js')}}"></script>
-    <script src="{{ url_for('static', filename='js/bootstrap.min.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.dataTables.min.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/dataTables.bootstrap.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.time.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.stack.js') }}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
-		<style>
-			.input-group .form-control {
-				position: unset;
-			}
-			.red_table thead{
-				background: #d91f2d;
-				color: #fff;
-			}
-			.line {
-    		fill: none;
-    		stroke: #000;
-    		stroke-width: 2.0px;
-			}
-			.bar {
-        fill: steelblue;
-      }
-      .bar:hover{
-        fill: brown;
-				cursor: pointer;
-      }
-			.bar_stack:hover{
-				cursor: pointer;
-      }
-			.pie_path:hover{
-				cursor: pointer;
-			}
-			.svgText {
-    		pointer-events: none;
-			}
-			div.tooltip {
-				position: absolute;
-				text-align: center;
-				padding: 2px;
-				font: 12px sans-serif;
-				background: #ebf4fb;
-				border: 2px solid #b7ddf2;
-				border-radius: 8px;
-				pointer-events: none;
-				color: #000000;
-			}
-		</style>
-	</head>
-	<body>
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
 
-            {% include 'navbar.html' %}
+	<style>
+		.input-group .form-control {
+			position: unset;
+		}
+		.line {
+  		fill: none;
+  		stroke: #000;
+  		stroke-width: 2.0px;
+		}
+		.bar {
+      fill: steelblue;
+    }
+    .bar:hover{
+      fill: brown;
+			cursor: pointer;
+    }
+		.bar_stack:hover{
+			cursor: pointer;
+    }
+		.pie_path:hover{
+			cursor: pointer;
+		}
+		.svgText {
+  		pointer-events: none;
+		}
+		div.tooltip {
+			position: absolute;
+			text-align: center;
+			padding: 2px;
+			font: 12px sans-serif;
+			background: #ebf4fb;
+			border: 2px solid #b7ddf2;
+			border-radius: 8px;
+			pointer-events: none;
+			color: #000000;
+		}
+	</style>
+</head>
+<body>
+
+	{% include 'nav_bar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'decoded/menu_sidebar.html' %}
+
+			<div class="col-12 col-lg-10" id="core_content">
 
-            <div id="page-wrapper">
 				<div class="row">
-				  <div class="col-lg-12">
-					  <h1 class="page-header" data-page="page-termsfrequency" >Hashed Files</h1>
-						<div>
-
-	          </div>
-				  </div>
-				  <!-- /.col-lg-12 -->
-
-					<div class="row">
-						<div class="col-md-10">
-							<div id="barchart_type">
-		          </div>
-						</div>
-
-							<div class="col-md-2">
-								<div class="panel panel-info" style="text-align:center;">
-									<div class="panel-heading">
-										Select a date range :
-										<form action="{{ url_for('hashDecoded.all_hash_search') }}" id="hash_selector_form" method='post'>
-											<div class="input-group">
-												<span class="input-group-addon"><i class="fa fa-calendar  fa" aria-hidden="true"></i></span>
-												<input class="form-control" id="date-range-from" placeholder="yyyy-mm-dd" value="{{ date_from }}" name="date_from">
-											</div>
-											<div class="input-group">
-												<span class="input-group-addon"><i class="fa fa-calendar  fa" aria-hidden="true"></i></span>
-												<input class="form-control" id="date-range-to" placeholder="yyyy-mm-dd" value="{{ date_to }}" name="date_to">
-											</div>
-											Encoding :
-											<select class="form-control" name="encoding" style="width=100%;">
-										    <option>All encoding</option>
-												{% for encod in all_encoding %}
-													{% if encoding|string() == encod|string() %}
-													<option selected>{{ encod }}</option>
-													{% else %}
-													<option>{{ encod }}</option>
-													{% endif %}
-												{% endfor %}
-											</select>
-											File Type :
-											<select class="form-control" name="type" style="width=100%;">
-										    <option>All types</option>
-												{% for typ in l_type %}
-													{% if type|string() == typ|string() %}
-													<option selected>{{ typ }}</option>
-													{% else %}
-													<option>{{ typ }}</option>
-													{% endif %}
-												{% endfor %}
-											</select>
-											<div class="checkbox">
-												<label>
-													<input type="checkbox" name="show_decoded_files" value="True" {% if show_decoded_files %}checked{% endif %}>
-													<div style="color:#286090; display:inline-block">
-														Show decoded files <i class="fa fa-file"></i>
-													</div>
-												</label>
-											</div>
-											<button class="btn btn-primary" style="text-align:center;">
-												<i class="fa fa-files-o"></i> Search
-											</button>
-										<form>
-									</div>
-								</div>
-								<div id="pie_chart_encoded">
-			          </div>
-								<div id="pie_chart_top5_types">
-			          </div>
-							</div>
+					<div class="col-xl-10">
+						<div class="mt-1" id="barchart_type">
 						</div>
 					</div>
 
-						<!-- /#page-wrapper -->
-						{% if  l_64|length != 0 %}
-								{% if date_from|string == date_to|string %}
-								<h3> {{ date_from }} Hashed files: </h3>
-								{% else %}
-								<h3> {{ date_from }} to {{ date_to }} Hashed files: </h3>
-								{% endif %}
-								<table id="tableb64" class="red_table table table-striped table-bordered">
-								<thead>
+					<div class="col-xl-2">
+
+						<div class="card mb-3 mt-2" style="background-color:#d9edf7;">
+						  <div class="card-body text-center py-2">
+						    <h6 class="card-title" style="color:#286090;">Select a date range :</h5>
+								<form action="{{ url_for('hashDecoded.all_hash_search') }}" id="hash_selector_form" method='post'>
+									<div class="input-group" id="date-range-from">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-from-input" placeholder="yyyy-mm-dd" value="{{ date_from }}" name="date_from" autocomplete="off">
+									</div>
+									<div class="input-group" id="date-range-to">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-to-input" placeholder="yyyy-mm-dd" value="{{ date_to }}" name="date_to" autocomplete="off">
+									</div>
+									<div class="mt-1" style="font-size: 14px;color:#286090;">Encoding :</div>
+									<select class="custom-select" name="encoding">
+										<option>All encoding</option>
+										{% for encod in all_encoding %}
+											{% if encoding|string() == encod|string() %}
+											<option selected>{{ encod }}</option>
+											{% else %}
+											<option>{{ encod }}</option>
+											{% endif %}
+										{% endfor %}
+									</select>
+									<div class="mt-1" style="font-size: 14px;color:#286090;">File Type :</div>
+									<select class="custom-select" name="type">
+										<option>All types</option>
+										{% for typ in l_type %}
+											{% if type|string() == typ|string() %}
+											<option selected>{{ typ }}</option>
+											{% else %}
+											<option>{{ typ }}</option>
+											{% endif %}
+										{% endfor %}
+									</select>
+									<div class="form-check my-1">
+										<input class="form-check-input" type="checkbox" id="checkbox-input-show" name="show_decoded_files" value="True" {% if show_decoded_files %}checked{% endif %}>
+										<label class="form-check-label" for="checkbox-input-show">
+											<div style="color:#286090; font-size: 14px;">
+												Show decoded files <i class="fas fa-file"></i>
+											</div>
+										</label>
+									</div>
+									<button class="btn btn-primary" style="text-align:center;">
+										<i class="fas fa-copy"></i> Search
+									</button>
+								<form>
+						  </div>
+						</div>
+
+						<div id="pie_chart_encoded">
+						</div>
+						<div id="pie_chart_top5_types">
+						</div>
+					</div>
+				</div>
+
+				{% if  l_64|length != 0 %}
+						{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }} Decoded files: </h3>
+						{% else %}
+							<h3> {{ date_from }} to {{ date_to }} Decoded files: </h3>
+						{% endif %}
+						<table id="tableb64" class="table table-striped table-bordered">
+							<thead class="bg-dark text-white">
 								<tr>
 										<th>estimated type</th>
 										<th>hash</th>
@@ -162,121 +152,136 @@
 										<th>Virus Total</th>
 										<th>Sparkline</th>
 								</tr>
-								</thead>
-								<tbody>
-								{% for b64 in l_64 %}
-										<tr>
-												<td><i class="fa {{ b64[0] }}"></i>&nbsp;&nbsp;{{ b64[1] }}</td>
-												<td><a target="_blank" href="{{ url_for('hashDecoded.showHash') }}?hash={{ b64[2] }}">{{ b64[2] }}</a></td>
-												<td>{{ b64[5] }}</td>
-												<td>{{ b64[6] }}</td>
-												<td>{{ b64[3] }}</td>
-												<td>{{ b64[4] }}</td>
-												<td style="text-align:center;max-width:150px;">
-													{% if  vt_enabled %}
-														{% if not b64[7] %}
-															<darkbutton_{{ b64[2] }}>
-																<button id="submit_vt_{{ b64[2] }}" class="btn btn-primary" onclick="sendFileToVT('{{ b64[2] }}')">
-																	<i class="fa fa-paper-plane"></i>&nbsp;Send this file to VT
-																</button>
-															</darkbutton_{{ b64[2] }}>
-														{% else %}
-															<a class="btn btn-primary" target="_blank" href="{{ b64[8] }}"><i class="fa fa-link"> VT Report</i></a>
-														{% endif %}
-														<button class="btn btn-default" onclick="updateVTReport('{{ b64[2] }}')">
-															<div id="report_vt_{{ b64[2] }}"><span class="glyphicon glyphicon-refresh"></span>&nbsp;{{ b64[9] }}</div>
+							</thead>
+							<tbody style="font-size: 15px;">
+							{% for b64 in l_64 %}
+									<tr>
+										<td><i class="fas {{ b64[0] }}"></i>&nbsp;&nbsp;{{ b64[1] }}</td>
+										<td><a target="_blank" href="{{ url_for('hashDecoded.showHash') }}?hash={{ b64[2] }}">{{ b64[2] }}</a></td>
+										<td>{{ b64[5] }}</td>
+										<td>{{ b64[6] }}</td>
+										<td>{{ b64[3] }}</td>
+										<td>{{ b64[4] }}</td>
+										<td>
+											{% if  vt_enabled %}
+												{% if not b64[7] %}
+													<darkbutton_{{ b64[2] }}>
+														<button id="submit_vt_{{ b64[2] }}" class="btn btn-secondary" style="font-size: 14px;" onclick="sendFileToVT('{{ b64[2] }}')">
+															<i class="fas fa-paper-plane"></i>&nbsp;Send this file to VT
 														</button>
-													{% else %}
-														Virus Total submission is disabled
-													{% endif %}
+													</darkbutton_{{ b64[2] }}>
+												{% else %}
+													<a class="btn btn-secondary" target="_blank" href="{{ b64[8] }}" style="font-size: 14px;"><i class="fas fa-link"></i>&nbsp;VT Report</a>
+												{% endif %}
+												<button class="btn btn-outline-dark" onclick="updateVTReport('{{ b64[2] }}')" style="font-size: 14px;">
+													<div id="report_vt_{{ b64[2] }}"><i class="fas fa-sync-alt"></i>&nbsp;{{ b64[9] }}</div>
+												</button>
+												{% else %}
+													Virus Total submission is disabled
+												{% endif %}
 
-												</td>
-												<td id="sparklines_{{ b64[2] }}" style="text-align:center;">
-												</td>
-										</tr>
-								{% endfor %}
-								</tbody>
-								</table>
-						{% else %}
-							{% if show_decoded_files %}
-								{% if date_from|string == date_to|string %}
-								<h3> {{ date_from }}, No Hashes</h3>
-								{% else %}
-								<h3> {{ date_from }} to {{ date_to }}, No Hashes</h3>
-								{% endif %}
+										</td>
+										<td id="sparklines_{{ b64[2] }}" style="text-align:center;"></td>
+									</tr>
+							{% endfor %}
+							</tbody>
+						</table>
+					{% else %}
+						{% if show_decoded_files %}
+							{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }}, No Hashes</h3>
+							{% else %}
+							<h3> {{ date_from }} to {{ date_to }}, No Hashes</h3>
 							{% endif %}
 						{% endif %}
-					</div>
-
+					{% endif %}
 				</div>
-				<!-- /.row -->
 
-            <script>
-							var chart = {};
-                $(document).ready(function(){
-                    activePage = "page-hashDecoded"
-                    $("#"+activePage).addClass("active");
+			</div>
+		</div>
+	</div>
 
-										$('#date-range-from').dateRangePicker({
-											separator : ' to ',
-											getValue: function()
-											{
-												if ($('#date-range-from').val() && $('#date-range-to').val() )
-													return $('#date-range-from').val() + ' to ' + $('#date-range-to').val();
-												else
-													return '';
-											},
-											setValue: function(s,s1,s2)
-											{
-												$('#date-range-from').val(s1);
-												$('#date-range-to').val(s2);
-											}
-						  			});
-										$('#date-range-to').dateRangePicker({
-											separator : ' to ',
-											getValue: function()
-											{
-												if ($('#date-range-from').val() && $('#date-range-to').val() )
-													return $('#date-range-from').val() + ' to ' + $('#date-range-to').val();
-												else
-													return '';
-											},
-											setValue: function(s,s1,s2)
-											{
-												$('#date-range-from').val(s1);
-												$('#date-range-to').val(s2);
-											}
-						  			});
+<script>
+		var chart = {};
+    $(document).ready(function(){
+				$("#page-Decoded").addClass("active");
+        $("#nav_dashboard").addClass("active");
 
-										$('#tableb64').DataTable({
-						  				"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
-						  				"iDisplayLength": 10,
-						  				"order": [[ 3, "desc" ]]
-						  			});
+				$('#date-range-from').dateRangePicker({
+						separator : ' to ',
+						getValue: function()
+						{
+								if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+										return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+								else
+										return '';
+						},
+						setValue: function(s,s1,s2)
+						{
+								$('#date-range-from-input').val(s1);
+								$('#date-range-to-input').val(s2);
+						}
+					});
+					$('#date-range-to').dateRangePicker({
+							separator : ' to ',
+							getValue: function()
+							{
+									if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+											return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+									else
+											return '';
+							},
+							setValue: function(s,s1,s2)
+							{
+									$('#date-range-from-input').val(s1);
+									$('#date-range-to-input').val(s2);
+							}
+					});
 
-										{% if  type %}
-										chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.hash_by_type_json') }}?type={{type}}", 'id');
-										{% elif  daily_type_chart %}
-										chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
-										{% else %}
-										chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
-										{% endif %}
+					$('#tableb64').DataTable({
+							"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
+							"iDisplayLength": 10,
+							"order": [[ 3, "desc" ]]
+					});
 
-										draw_pie_chart("pie_chart_encoded" ,"{{ url_for('hashDecoded.decoder_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}&encoding=");
-										draw_pie_chart("pie_chart_top5_types" ,"{{ url_for('hashDecoded.top5_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type=");
+					{% if  type %}
+					chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.hash_by_type_json') }}?type={{type}}", 'id');
+					{% elif  daily_type_chart %}
+					chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
+					{% else %}
+					chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
+					{% endif %}
+
+					draw_pie_chart("pie_chart_encoded" ,"{{ url_for('hashDecoded.decoder_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}&encoding=");
+					draw_pie_chart("pie_chart_top5_types" ,"{{ url_for('hashDecoded.top5_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type=");
+
+					chart.onResize();
+					$(window).on("resize", function() {
+							chart.onResize();
+					});
+  });
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
 
-										chart.onResize();
-										$(window).on("resize", function() {
-											chart.onResize();
-										});
-                });
-            </script>
 <script>
 	function updateVTReport(hash) {
 		//updateReport
 		$.getJSON("{{ url_for('hashDecoded.update_vt_result') }}?hash="+hash,
 			function(data) {
-				content = '<span class="glyphicon glyphicon-refresh"></span> ' +data['report_vt']
+				content = '<i class="fas fa-sync-alt"></i> ' +data['report_vt']
 				$( "#report_vt_"+hash ).html(content);
 		});
 	}
@@ -489,7 +494,7 @@ function removePopovers () {
 function showPopover (d) {
   $(this).popover({
     title: d.name,
-    placement: 'auto top',
+    placement: 'top',
     container: 'body',
     trigger: 'manual',
     html : true,
@@ -692,6 +697,6 @@ function barchart_type(url, id) {
 </script>
 
 
-        </body>
+</body>
 
 </html>
diff --git a/var/www/modules/hashDecoded/templates/showHash.html b/var/www/modules/hashDecoded/templates/showHash.html
index b0bcaa50..45faf5c8 100644
--- a/var/www/modules/hashDecoded/templates/showHash.html
+++ b/var/www/modules/hashDecoded/templates/showHash.html
@@ -3,27 +3,20 @@
 
 	<head>
 	  <meta charset="utf-8">
-	  <meta name="viewport" content="width=device-width, initial-scale=1.0">
 
 	  <title>Hash Information - AIL</title>
+		<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
 
 	  <!-- Core CSS -->
-		<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='font-awesome/css/font-awesome.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='css/sb-admin-2.css') }}" rel="stylesheet">
-    <link href="{{ url_for('static', filename='css/dataTables.bootstrap.css') }}" rel="stylesheet" type="text/css" />
-		<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet" type="text/css" />
+		<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+		<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+
 	  <!-- JS -->
-		<script language="javascript" src="{{ url_for('static', filename='js/jquery.js')}}"></script>
-    <script src="{{ url_for('static', filename='js/bootstrap.min.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.dataTables.min.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/dataTables.bootstrap.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.time.js') }}"></script>
-    <script src="{{ url_for('static', filename='js/jquery.flot.stack.js') }}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
+		<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
 		<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
+
 		<style>
 		line.link {
 			stroke: #666;
@@ -88,178 +81,191 @@
 	</head>
 	<body>
 
-            {% include 'navbar.html' %}
+		{% include 'nav_bar.html' %}
 
-            <div id="page-wrapper">
-				<div class="row">
+		<div class="container-fluid">
+			<div class="row">
 
+				{% include 'decoded/menu_sidebar.html' %}
 
-					</div>
-
-						<!-- /#page-wrapper -->
-						<div class="panel panel-info">
-									<div class="panel-heading panelText">
-										<h3>{{ hash }} :</h3>
-										<span class="pull-right">&nbsp;&nbsp;&nbsp;</span>
-										<span class="badge pull-right">6 / 26</span>
-							 	<ul class="list-group"><li class="list-group-item">
+				<div class="col-12 col-lg-10" id="core_content">
 
+					<div class="card my-3">
+						<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
+							<h4 class="text-secondary">{{ hash }} :</h4>
+							<ul class="list-group mb-2">
+								<li class="list-group-item py-0">
 									<div class="row">
 										<div class="col-md-10">
-
-											<table class="table table-condensed">
-							          <thead>
-							            <tr>
-							              <th>Estimated type</th>
-							              <th>First_seen</th>
-							              <th>Last_seen</th>
-							              <th>Size (Kb)</th>
-							              <th>Nb seen</th>
-							            </tr>
-							          </thead>
-							          <tbody>
-							            <tr>
-								            <td class="panelText"><i class="fa {{ file_icon }}"></i>&nbsp;&nbsp;{{ estimated_type }}</td>
-								            <td class="panelText">{{ first_seen }}</td>
-								            <td class="panelText">{{ last_seen }}</td>
-								            <td class="panelText">{{ size }}</td>
-								            <td class="panelText">{{ nb_seen_in_all_pastes }}</td>
-							            </tr>
-							          </tbody>
-							        </table>
+											<table class="table">
+												<thead>
+													<tr>
+														<th>Estimated type</th>
+														<th>First_seen</th>
+														<th>Last_seen</th>
+														<th>Size (Kb)</th>
+														<th>Nb seen</th>
+													</tr>
+												</thead>
+												<tbody>
+													<tr>
+														<td><i class="fas {{ file_icon }}"></i>&nbsp;&nbsp;{{ estimated_type }}</td>
+														<td>{{ first_seen }}</td>
+														<td>{{ last_seen }}</td>
+														<td>{{ size }}</td>
+														<td>{{ nb_seen_in_all_pastes }}</td>
+													</tr>
+												</tbody>
+											</table>
 										</div>
 										<div class="col-md-1">
 											<div id="sparkline"></div>
 										</div>
 									</div>
-								</li></ul>
+								</li>
+							</ul>
 
-								{% if  vt_enabled %}
-									{% if not b64_vt %}
-										<darkbutton>
-											<button id="submit_vt_b" class="btn btn-primary" onclick="sendFileToVT('{{ hash }}')">
-												<i class="fa fa-paper-plane"></i>&nbsp;Send this file to VT
-											</button>
-										</darkbutton>
-									{% else %}
-										<a class="btn btn-primary" target="_blank" href="{{ b64_vt_link }}"><i class="fa fa-link"> VT Report</i></a>
-									{% endif %}
-									<button class="btn btn-default" onclick="updateVTReport('{{ hash }}')">
-										<div id="report_vt_b"><span class="glyphicon glyphicon-refresh"></span>&nbsp;{{ b64_vt_report }}</div>
-									</button>
+							{% if  vt_enabled %}
+								{% if not b64_vt %}
+									<darkbutton>
+										<button id="submit_vt_b" class="btn btn-primary" onclick="sendFileToVT('{{ hash }}')" style="font-size: 15px">
+											<i class="fas fa-paper-plane"></i>&nbsp;Send this file to VT
+										</button>
+									</darkbutton>
 								{% else %}
-									Virus Total submission is disabled
+									<a class="btn btn-primary" target="_blank" href="{{ b64_vt_link }}" style="font-size: 15px"><i class="fas fa-link"></i> VT Report</a>
 								{% endif %}
+								<button class="btn btn-outline-secondary" onclick="updateVTReport('{{ hash }}')" style="font-size: 15px">
+									<div id="report_vt_b"><i class="fas fa-sync-alt"></i>&nbsp;{{ b64_vt_report }}</div>
+								</button>
+							{% else %}
+								Virus Total submission is disabled
+							{% endif %}
 
-								<a href="{{ url_for('hashDecoded.downloadHash') }}?hash={{hash}}" target="blank">
-									<button class='btn btn-info pull-right'><i id="flash-tld" class="glyphicon glyphicon-download-alt " flash-tld=""></i> Download Hashed file
-									</button>
-								</a>
-								</div></div>
+							<a href="{{ url_for('hashDecoded.downloadHash') }}?hash={{hash}}" target="blank" class="float-right" style="font-size: 15px">
+								<button class='btn btn-info'><i class="fas fa-download"></i> Download Decoded file
+								</button>
+							</a>
+						</div>
+					</div>
 
-								<div class="row">
-									<div class="col-md-10">
-
-										<div class="panel panel-default">
-					            <div class="panel-heading">
-					              <i id="flash-tld" class="glyphicon glyphicon-flash " flash-tld=""></i> Graph
-					            </div>
-					            <div class="panel-body graph_panel">
-												<div id="graph">
-									     	</div>
-					            </div>
-					          </div>
-									</div>
-
-									<div class="col-md-2">
-
-										<div class="panel panel-info">
-											<div class="panel-heading">
-												<i class="fa fa-unlock-alt" aria-hidden="true"></i> Encoding
-											</div>
-											<div class="panel-body" style="text-align:center;">
-												{% for encoding in list_hash_decoder %}
-												<button id="" class="btn btn-default">
-													{{encoding['encoding']}} <span class="badge">{{encoding['nb_seen']}}</span>
-												</button>
-												{% endfor %}
-											</div>
-										</div>
-
-										<div class="panel panel-default">
-											<div class="panel-heading">
-												<i id="flash-tld" class="glyphicon glyphicon-flash " flash-tld=""></i> Graph
-											</div>
-											<div class="panel-body" style="text-align:center;">
-												<button class="btn btn-primary" onclick="resize_graph();">
-			                    <span class="glyphicon glyphicon-refresh"></span>&nbsp;Resize Graph</div>
-			                  </button>
-
-
-												<ul class="list-group">
-												  <li class="list-group-item list-group-item-info" style="text-align:center;"><i class="fa fa-info-circle fa-2x"></i></li>
-													<li class="list-group-item">
-														<p>Double click on a node to open Hash/Paste<br><br>
-															<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
-															Current Hash<br>
-															<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
-															Hashes<br>
-															<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
-															Pastes
-														</p>
-													</li>
-												  <li class="list-group-item list-group-item-info">
-														Hash Types:
-													</li>
-												  <li class="list-group-item">
-														<i class="fa fa-file"></i>  Application<br>
-												  	<i class="fa fa-file-video-o"></i>  Audio<br>
-														<i class="fa fa-file-image-o"></i>  Image<br>
-														<i class="fa fa-file-text-o"></i>  Text<br>
-														<i class="fa fa-file-o"></i>  Other
-													</li>
-												</ul>
-											</div>
-										</div>
-									</div>
-
-									<div class="panel panel-default">
-										<div class="panel-heading">
-											<i id="flash-tld" class="glyphicon glyphicon-stats" flash-tld=""></i> Graph
-										</div>
-										<div class="panel-body ">
-											<div id="graph_line">
-											</div>
-										</div>
-									</div>
+					<div class="row">
+						<div class="col-xl-10">
 
+							<div class="card mb-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
 								</div>
+								<div class="card-body graph_panel">
+									<div id="graph">
+									</div>
+								</div>
+							</div>
+						</div>
 
+						<div class="col-xl-2">
+
+							<div class="card">
+								<div class="card-header">
+									<i class="fas fa-unlock-alt" aria-hidden="true"></i> Encoding
+								</div>
+								<div class="card-body text-center">
+									{% for encoding in list_hash_decoder %}
+									<button class="btn" disabled>
+										{{encoding['encoding']}} <span class="badge">{{encoding['nb_seen']}}</span>
+									</button>
+									{% endfor %}
+								</div>
+							</div>
+
+							<div class="card my-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
+								</div>
+								<div class="card-body text-center px-0 py-0">
+									<button class="btn btn-primary my-4" onclick="resize_graph();">
+										<i class="fas fa-sync"></i>&nbsp;Resize Graph
+									</button>
+
+
+									<ul class="list-group">
+										<li class="list-group-item list-group-item-info"><i class="fas fa-info-circle fa-2x"></i></li>
+										<li class="list-group-item text-left">
+											<p>Double click on a node to open Hash/Paste<br><br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
+												Current Hash<br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
+												Hashes<br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
+												Pastes
+											</p>
+										</li>
+										<li class="list-group-item list-group-item-info">
+											Hash Types:
+										</li>
+										<li class="list-group-item text-left">
+											<i class="fas fa-file"></i>  Application<br>
+											<i class="fas fa-file-video"></i>  Audio<br>
+											<i class="fas fa-file-image"></i>  Image<br>
+											<i class="fas fa-file-alt"></i>  Text<br>
+											<i class="fas fa-sticky-note"></i>  Other
+										</li>
+									</ul>
+								</div>
+							</div>
+						</div>
+					</div>
+
+					<div class="card">
+						<div class="card-header">
+							<i class="fas fa-chart-bar"></i> Graph
+						</div>
+						<div class="panel-body ">
+							<div id="graph_line">
+							</div>
+						</div>
 					</div>
 
 				</div>
-				<!-- /.row -->
+			</div>
+		</div>
 
-            <script>
-							var all_graph = {};
-                $(document).ready(function(){
-									sparklines("sparkline", {{ sparkline_values }})
+<script>
+var all_graph = {};
+$(document).ready(function(){
+		$("#page-Decoded").addClass("active");
+		sparklines("sparkline", {{ sparkline_values }})
 
-									all_graph.node_graph = create_graph("{{ url_for('hashDecoded.hash_graph_node_json') }}?hash={{hash}}");
-									all_graph.line_chart = create_line_chart('graph_line', "{{ url_for('hashDecoded.hash_graph_line_json') }}?hash={{hash}}");
-									all_graph.onResize();
-                });
+		all_graph.node_graph = create_graph("{{ url_for('hashDecoded.hash_graph_node_json') }}?hash={{hash}}");
+		all_graph.line_chart = create_line_chart('graph_line', "{{ url_for('hashDecoded.hash_graph_line_json') }}?hash={{hash}}");
+		all_graph.onResize();
+});
+
+$(window).on("resize", function() {
+		all_graph.onResize();
+});
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
 
-								$(window).on("resize", function() {
-									all_graph.onResize();
-								});
-            </script>
 <script>
 	function sendFileToVT(hash) {
 		//send file to vt
 		$.getJSON("{{ url_for('hashDecoded.send_file_to_vt_js') }}?hash="+hash,
 			function(data) {
-				var content = '<a id="submit_vt_b" class="btn btn-primary" target="_blank" href="'+ data['vt_link'] +'"><i class="fa fa-link"> '+ ' VT Report' +'</i></a>';
+				var content = '<a id="submit_vt_b" class="btn btn-primary" target="_blank" href="'+ data['vt_link'] +'"><i class="fas fa-link"> '+ ' VT Report' +'</i></a>';
 				$('#submit_vt_b').remove();
 				$('darkbutton').append(content);
 		});
@@ -269,7 +275,7 @@
 		//updateReport
 		$.getJSON("{{ url_for('hashDecoded.update_vt_result') }}?hash="+hash,
 			function(data) {
-				var content = '<span class="glyphicon glyphicon-refresh"></span> ' +data['report_vt'];
+				var content = '<i class="fas fa-sync-alt"></i> ' +data['report_vt'];
 				$( "#report_vt_b" ).html(content);
 		});
 	}
diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html
new file mode 100644
index 00000000..3cb5868b
--- /dev/null
+++ b/var/www/templates/decoded/menu_sidebar.html
@@ -0,0 +1,30 @@
+      <div class="col-12 col-lg-2 p-0 bg-light border-right" id="side_menu">
+
+      	<button type="button" class="btn btn-outline-secondary mt-1 ml-3" onclick="toggle_sidebar()">
+          <i class="fas fa-align-left"></i>
+      	  <span>Toggle Sidebar</span>
+      	</button>
+
+      	<nav class="navbar navbar-expand navbar-light bg-light flex-md-column flex-row align-items-start py-2" id="nav_menu">
+      		<h5 class="d-flex text-muted w-100">
+      		  <span>Items Decoded </span>
+      			<a class="ml-auto" href="{{url_for('hiddenServices.manual')}}">
+      				<i class="fas fa-plus-circle ml-auto"></i>
+      			</a>
+      		</h5>
+      	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
+      	    <li class="nav-item">
+      	      <a class="nav-link" href="{{url_for('hashDecoded.hashDecoded_page')}}" id="nav_dashboard">
+      	        <i class="fas fa-search"></i>
+      	        <span>Dashboard</span>
+      	      </a>
+      	    </li>
+      	    <li class="nav-item">
+      	      <a class="nav-link" href="{{url_for('hiddenServices.Crawler_Splash_last_by_type')}}?type=onion" id="nav_onion_crawler">
+      					<i class="fas fa-user-secret"></i>
+      	       	Onion Crawler
+      	      </a>
+      	    </li>
+          </ul>
+      	</nav>
+      </div>
diff --git a/var/www/templates/nav_bar.html b/var/www/templates/nav_bar.html
index d30019a2..c878da4c 100644
--- a/var/www/templates/nav_bar.html
+++ b/var/www/templates/nav_bar.html
@@ -25,7 +25,7 @@
         <a class="nav-link" id="page-Crawler" href="{{ url_for('hiddenServices.dashboard') }}" tabindex="-1" aria-disabled="true"><i class="fas fa-spider"></i> Crawlers</a>
       </li>
       <li class="nav-item mr-3">
-        <a class="nav-link" href="{{ url_for('hashDecoded.hashDecoded_page') }}" aria-disabled="true"><i class="fas fa-lock-open"></i> Decoded</a>
+        <a class="nav-link" id="page-Decoded" href="{{ url_for('hashDecoded.hashDecoded_page') }}" aria-disabled="true"><i class="fas fa-lock-open"></i> Decoded</a>
       </li>
       <li class="nav-item mr-3">
         <a class="nav-link" href="{{ url_for('trendingmodules.moduletrending') }}" aria-disabled="true"><i class="fas fa-chart-bar"></i> Statistics</a>

From f61d830678b636ab777534a1fe39a51f8c54d8dd Mon Sep 17 00:00:00 2001
From: kovacsbalu <kovacsbalu@gmail.com>
Date: Thu, 16 May 2019 14:24:03 +0200
Subject: [PATCH 13/33] Use default encoding error from redis.

---
 bin/packages/Paste.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/packages/Paste.py b/bin/packages/Paste.py
index 884bd5ee..1087880b 100755
--- a/bin/packages/Paste.py
+++ b/bin/packages/Paste.py
@@ -70,7 +70,6 @@ class Paste(object):
             host=cfg.get("Redis_Queues", "host"),
             port=cfg.getint("Redis_Queues", "port"),
             db=cfg.getint("Redis_Queues", "db"),
-            encoding_errors='replace',
             decode_responses=True)
         self.store = redis.StrictRedis(
             host=cfg.get("Redis_Data_Merging", "host"),
@@ -128,6 +127,8 @@ class Paste(object):
 
         try:
             paste = self.cache.get(self.p_path)
+        except UnicodeDecodeError:
+            paste = None
         except Exception as e:
             print("ERROR in: " + self.p_path)
             print(e)

From 7e8ba8cdaf8a6fec9a423c679b23c4d026373f10 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 17 May 2019 17:51:07 +0200
Subject: [PATCH 14/33] chg: [decoded UI] add PgpDump UI + fix hashdecoded js

---
 .../modules/hashDecoded/Flask_hashDecoded.py  | 342 +++++++++
 .../hashDecoded/templates/PgpDecoded.html     | 657 ++++++++++++++++++
 .../hashDecoded/templates/hashDecoded.html    |  21 +-
 .../hashDecoded/templates/showHash.html       |  47 +-
 .../hashDecoded/templates/showPgpDump.html    | 569 +++++++++++++++
 var/www/templates/decoded/menu_sidebar.html   |  14 +-
 6 files changed, 1620 insertions(+), 30 deletions(-)
 create mode 100644 var/www/modules/hashDecoded/templates/PgpDecoded.html
 create mode 100644 var/www/modules/hashDecoded/templates/showPgpDump.html

diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index 1c5f8e89..f775d058 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -60,6 +60,15 @@ def list_sparkline_values(date_range_sparkline, hash):
         sparklines_value.append(int(nb_seen_this_day))
     return sparklines_value
 
+def list_sparkline_pgp_values(date_range_sparkline, type_id, key_id):
+    sparklines_value = []
+    for date_day in date_range_sparkline:
+        nb_seen_this_day = r_serv_metadata.hget('pgp:{}:{}'.format(type_id, date_day), key_id)
+        if nb_seen_this_day is None:
+            nb_seen_this_day = 0
+        sparklines_value.append(int(nb_seen_this_day))
+    return sparklines_value
+
 def get_file_icon(estimated_type):
     file_type = estimated_type.split('/')[0]
     # set file icon
@@ -92,6 +101,48 @@ def get_file_icon_text(estimated_type):
 
     return file_icon_text
 
+def get_pgp_id_icon_text(type_id):
+    # set file icon
+    if type_id == 'key':
+        file_icon_text = '\uf084'
+    elif type_id == 'name':
+        file_icon_text = '\uf507'
+    elif type_id == 'mail':
+        file_icon_text = '\uf1fa'
+    else:
+        file_icon_text = '\uf249'
+    return file_icon_text
+
+def verify_pgp_type_id(type_id):
+    if type_id in ['key', 'name', 'mail']:
+        return True
+    else:
+        return False
+
+def get_key_id_metadata(type_id, key_id):
+    key_id_metadata = {}
+    if r_serv_metadata.exists('pgp_metadata_{}:{}'.format(type_id, key_id)):
+        key_id_metadata['first_seen'] = r_serv_metadata.hget('pgp_metadata_{}:{}'.format(type_id, key_id), 'first_seen')
+        key_id_metadata['first_seen'] = '{}/{}/{}'.format(key_id_metadata['first_seen'][0:4], key_id_metadata['first_seen'][4:6], key_id_metadata['first_seen'][6:8])
+        key_id_metadata['last_seen'] = r_serv_metadata.hget('pgp_metadata_{}:{}'.format(type_id, key_id), 'last_seen')
+        key_id_metadata['last_seen'] = '{}/{}/{}'.format(key_id_metadata['last_seen'][0:4], key_id_metadata['last_seen'][4:6], key_id_metadata['last_seen'][6:8])
+        key_id_metadata['nb_seen'] = r_serv_metadata.scard('pgp_{}:{}'.format(type_id, key_id))
+    return key_id_metadata
+
+def get_all_pgp_from_item(item_path):
+    all_pgp_dump = set()
+    if item_path is not None:
+        res = r_serv_metadata.smembers('item_pgp_key:{}'.format(item_path))
+        for pgp_dump in res:
+            all_pgp_dump.add( (pgp_dump, 'key') )
+        res = r_serv_metadata.smembers('item_pgp_name:{}'.format(item_path))
+        for pgp_dump in res:
+            all_pgp_dump.add( (pgp_dump, 'name') )
+        res = r_serv_metadata.smembers('item_pgp_mail:{}'.format(item_path))
+        for pgp_dump in res:
+            all_pgp_dump.add( (pgp_dump, 'mail') )
+    return all_pgp_dump
+
 def one():
     return 1
 
@@ -105,6 +156,14 @@ def all_hash_search():
     show_decoded_files = request.form.get('show_decoded_files')
     return redirect(url_for('hashDecoded.hashDecoded_page', date_from=date_from, date_to=date_to, type=type, encoding=encoding, show_decoded_files=show_decoded_files))
 
+@hashDecoded.route("/hashDecoded/all_pgp_dump_search", methods=['POST'])
+def all_pgp_dump_search():
+    date_from = request.form.get('date_from')
+    date_to = request.form.get('date_to')
+    type_id = request.form.get('type')
+    show_decoded_files = request.form.get('show_decoded_files')
+    return redirect(url_for('hashDecoded.pgpdump_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files))
+
 
 @hashDecoded.route("/hashDecoded/", methods=['GET'])
 def hashDecoded_page():
@@ -706,5 +765,288 @@ def update_vt_result():
         # TODO FIXME make json response
         return jsonify()
 
+## PGPDump ##
+
+@hashDecoded.route("/decoded/pgpdump", methods=['GET'])
+def pgpdump_page():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    type_id = request.args.get('type_id')
+
+    show_decoded_files = request.args.get('show_decoded_files')
+
+    if type_id == 'All types':
+        type_id = None
+
+    # verify type input
+    if type_id is not None:
+        #retrieve char
+        type_id = type_id.replace(' ', '')
+        if not verify_pgp_type_id(type_id):
+            type_id = None
+
+    date_range = []
+    if date_from is not None and date_to is not None:
+        #change format
+        try:
+            if len(date_from) != 8:
+                date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
+                date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
+            date_range = substract_date(date_from, date_to)
+        except:
+            pass
+
+    if not date_range:
+        date_range.append(datetime.date.today().strftime("%Y%m%d"))
+        date_from = date_range[0][0:4] + '-' + date_range[0][4:6] + '-' + date_range[0][6:8]
+        date_to = date_from
+
+    else:
+        date_from = date_from[0:4] + '-' + date_from[4:6] + '-' + date_from[6:8]
+        date_to = date_to[0:4] + '-' + date_to[4:6] + '-' + date_to[6:8]
+
+    # display day type bar chart
+    if len(date_range) == 1 and type is None:
+        daily_type_chart = True
+        daily_date = date_range[0]
+    else:
+        daily_type_chart = False
+        daily_date = None
+
+    if type_id is None:
+        all_type_id = ['key', 'name', 'mail']
+    else:
+        all_type_id = type_id
+
+    l_pgp_dump = set()
+    if show_decoded_files:
+        for date in date_range:
+            if isinstance(all_type_id, str):
+                l_dump = r_serv_metadata.hkeys('pgp:{}:{}'.format(all_type_id, date))
+                if l_dump:
+                    for dump in l_dump:
+                        l_pgp_dump.add( (dump, all_type_id) )
+            else:
+                for typ_id in all_type_id:
+                    l_dump = r_serv_metadata.hkeys('pgp:{}:{}'.format(typ_id, date))
+                    if l_dump:
+                        for dump in l_dump:
+                            l_pgp_dump.add( (dump, typ_id) )
+
+
+    num_day_sparkline = 6
+    date_range_sparkline = get_date_range(num_day_sparkline)
+
+    sparkline_id = 0
+    pgp_metadata = {}
+    for dump_res in l_pgp_dump:
+        dump_id, typ_id = dump_res
+
+        pgp_metadata[dump_id] = get_key_id_metadata(typ_id, dump_id)
+
+        if pgp_metadata[dump_id]:
+            pgp_metadata[dump_id]['type_id'] = typ_id
+            #file_icon = get_file_icon(estimated_type)
+
+            pgp_metadata[dump_id]['sparklines_data'] = list_sparkline_pgp_values(date_range_sparkline, typ_id, dump_id)
+            pgp_metadata[dump_id]['sparklines_id'] = sparkline_id
+            sparkline_id += 1
+
+    l_type = ['key', 'name', 'mail']
+
+    return render_template("PgpDecoded.html", l_pgpdump=pgp_metadata,
+                                                l_type=l_type, type_id=type_id, daily_type_chart=daily_type_chart, daily_date=daily_date,
+                                                date_from=date_from, date_to=date_to, show_decoded_files=show_decoded_files)
+
+
+
+
+
+@hashDecoded.route('/decoded/show_pgpdump')
+def show_pgpdump():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+
+    if verify_pgp_type_id(type_id):
+        key_id_metadata = get_key_id_metadata(type_id, key_id)
+        if key_id_metadata:
+
+            num_day_sparkline = 6
+            date_range_sparkline = get_date_range(num_day_sparkline)
+
+            sparkline_values = list_sparkline_pgp_values(date_range_sparkline, type_id, key_id)
+            return render_template('showPgpDump.html', key_id=key_id, type_id=type_id,
+                            key_id_metadata=key_id_metadata,
+                            sparkline_values=sparkline_values)
+        else:
+            return '404'
+    else:
+        return 'error'
+
+@hashDecoded.route('/decoded/pgp_dump_graph_node_json')
+def pgp_dump_graph_node_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+
+    if key_id is not None and verify_pgp_type_id(type_id):
+
+        nodes_set_pgp_dump = set()
+        nodes_set_paste = set()
+        links_set = set()
+
+        pgp_id_metadata = get_key_id_metadata(type_id, key_id)
+
+        #key_id = '</b><script>alert("Hello! I am an alert box!!");</script>'
+
+        nodes_set_pgp_dump.add((key_id, 1, type_id, pgp_id_metadata['first_seen'], pgp_id_metadata['last_seen'], pgp_id_metadata['nb_seen']))
+
+        #get related paste
+        l_pastes = r_serv_metadata.smembers('pgp_{}:{}'.format(type_id, key_id))
+        for paste in l_pastes:
+            nodes_set_paste.add((paste, 2))
+            links_set.add((key_id, paste))
+
+            l_pgpdump = get_all_pgp_from_item(paste)
+            for pgp_dump_with_type in l_pgpdump:
+                pgp_dump, pgp_type_id = pgp_dump_with_type
+                if pgp_dump != key_id:
+
+                    pgp_id_metadata = get_key_id_metadata(pgp_type_id, pgp_dump)
+
+                    nodes_set_pgp_dump.add((pgp_dump, 3, pgp_type_id, pgp_id_metadata['first_seen'], pgp_id_metadata['last_seen'], pgp_id_metadata['nb_seen']))
+                    links_set.add((pgp_dump, paste))
+
+        nodes = []
+        for node in nodes_set_pgp_dump:
+            nodes.append({"id": node[0], "group": node[1], "first_seen": node[3], "last_seen": node[4], "nb_seen_in_paste": node[5], 'icon': get_pgp_id_icon_text(node[2]),"url": url_for('hashDecoded.showHash', hash=node[0]), 'hash': True})
+        for node in nodes_set_paste:
+            nodes.append({"id": node[0], "group": node[1],"url": url_for('showsavedpastes.showsavedpaste', paste=node[0]), 'hash': False})
+        links = []
+        for link in links_set:
+            links.append({"source": link[0], "target": link[1]})
+        json = {"nodes": nodes, "links": links}
+        return jsonify(json)
+
+    else:
+        return jsonify({})
+
+@hashDecoded.route('/hashDecoded/pgp_graph_line_json')
+def pgp_graph_line_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+
+    # verify input
+    if key_id is not None and verify_pgp_type_id(type_id) and r_serv_metadata.exists('pgp_metadata_{}:{}'.format(type_id, key_id)):
+
+        if date_from is None or date_to is None:
+            nb_days_seen_in_pastes = 30
+        else:
+            # # TODO: # FIXME:
+            nb_days_seen_in_pastes = 30
+
+        date_range_seen_in_pastes = get_date_range(nb_days_seen_in_pastes)
+
+        json_seen_in_paste = []
+        for date in date_range_seen_in_pastes:
+            nb_seen_this_day = r_serv_metadata.zscore('hash_date:'+date, hash)
+            if nb_seen_this_day is None:
+                nb_seen_this_day = 0
+            date = date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+            json_seen_in_paste.append({'date': date, 'value': int(nb_seen_this_day)})
+
+        return jsonify(json_seen_in_paste)
+    else:
+        return jsonify()
+
+@hashDecoded.route('/decoded/pgp_range_type_json')
+def pgp_range_type_json():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+
+    date_range = []
+    if date_from is not None and date_to is not None:
+        #change format
+        if len(date_from) != 8:
+            date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
+            date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
+        date_range = substract_date(date_from, date_to)
+
+    if not date_range:
+        date_range.append(datetime.date.today().strftime("%Y%m%d"))
+
+    range_type = []
+
+    list_type_id = ['key', 'name', 'mail']
+
+
+    if len(date_range) == 1:
+        for type_id in list_type_id:
+            day_type = {}
+            day_type['key'] = 0
+            day_type['name'] = 0
+            day_type['mail'] = 0
+            day_type['date'] = type_id
+            num_day_type_id = 0
+            all_keys = r_serv_metadata.hvals('pgp:{}:{}'.format(type_id, date_range[0]))
+            if all_keys:
+                for val in all_keys:
+                    num_day_type_id += int(val)
+            day_type[type_id]= num_day_type_id
+
+            #if day_type[type_id] != 0:
+            range_type.append(day_type)
+
+    else:
+        # display type_id
+        for date in date_range:
+            day_type = {}
+            day_type['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+            for type_id in list_type_id:
+                num_day_type_id = 0
+                all_keys = r_serv_metadata.hvals('pgp:{}:{}'.format(type_id, date))
+                if all_keys:
+                    for val in all_keys:
+                        num_day_type_id += int(val)
+                day_type[type_id]= num_day_type_id
+            range_type.append(day_type)
+
+    return jsonify(range_type)
+
+@hashDecoded.route('/decoded/pgp_by_type_json') ####################################
+def pgp_by_type_json():
+    type_id = request.args.get('type_id')
+
+    #retrieve + char
+    type_id = type_id.replace(' ', '+')
+
+    num_day_type = 30
+    date_range = get_date_range(num_day_type)
+
+    #verify input
+    if verify_pgp_type_id(type_id):
+
+        r_serv_metadata.smembers('hash_all_type'):
+            type_value = []
+            all_decoder = r_serv_metadata.smembers('all_decoder')
+
+            range_decoder = []
+            for date in date_range:
+                day_decoder = {}
+                day_decoder['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+                for decoder in all_decoder:
+                    num_day_decoder = r_serv_metadata.zscore(decoder+'_type:'+type, date)
+                    if num_day_decoder is None:
+                        num_day_decoder = 0
+                    day_decoder[decoder]= num_day_decoder
+                range_decoder.append(day_decoder)
+
+
+
+        return jsonify(range_decoder)
+    else:
+        return jsonify()
+
 # ========= REGISTRATION =========
 app.register_blueprint(hashDecoded, url_prefix=baseUrl)
diff --git a/var/www/modules/hashDecoded/templates/PgpDecoded.html b/var/www/modules/hashDecoded/templates/PgpDecoded.html
new file mode 100644
index 00000000..da568936
--- /dev/null
+++ b/var/www/modules/hashDecoded/templates/PgpDecoded.html
@@ -0,0 +1,657 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <title>Decoded - AIL</title>
+	<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
+
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
+
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
+
+	<style>
+		.input-group .form-control {
+			position: unset;
+		}
+		.line {
+  		fill: none;
+  		stroke: #000;
+  		stroke-width: 2.0px;
+		}
+		.bar {
+      fill: steelblue;
+    }
+    .bar:hover{
+      fill: brown;
+			cursor: pointer;
+    }
+		.bar_stack:hover{
+			cursor: pointer;
+    }
+		.pie_path:hover{
+			cursor: pointer;
+		}
+		.svgText {
+  		pointer-events: none;
+		}
+		div.tooltip {
+			position: absolute;
+			text-align: center;
+			padding: 2px;
+			font: 12px sans-serif;
+			background: #ebf4fb;
+			border: 2px solid #b7ddf2;
+			border-radius: 8px;
+			pointer-events: none;
+			color: #000000;
+		}
+	</style>
+</head>
+<body>
+
+	{% include 'nav_bar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'decoded/menu_sidebar.html' %}
+
+			<div class="col-12 col-lg-10" id="core_content">
+
+				<div class="row">
+					<div class="col-xl-10">
+						<div class="mt-1" id="barchart_type">
+						</div>
+					</div>
+
+					<div class="col-xl-2">
+
+						<div class="card mb-3 mt-2" style="background-color:#d9edf7;">
+						  <div class="card-body text-center py-2">
+						    <h6 class="card-title" style="color:#286090;">Select a date range :</h5>
+								<form action="{{ url_for('hashDecoded.all_pgp_dump_search') }}" id="hash_selector_form" method='post'>
+									<div class="input-group" id="date-range-from">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-from-input" placeholder="yyyy-mm-dd" value="{{ date_from }}" name="date_from" autocomplete="off">
+									</div>
+									<div class="input-group" id="date-range-to">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-to-input" placeholder="yyyy-mm-dd" value="{{ date_to }}" name="date_to" autocomplete="off">
+									</div>
+									<div class="mt-1" style="font-size: 14px;color:#286090;">Type ID :</div>
+									<select class="custom-select" name="type">
+										<option>All types</option>
+										{% for typ in l_type %}
+											{% if type_id|string() == typ|string() %}
+											<option selected>{{ typ }}</option>
+											{% else %}
+											<option>{{ typ }}</option>
+											{% endif %}
+										{% endfor %}
+									</select>
+									<div class="form-check my-1">
+										<input class="form-check-input" type="checkbox" id="checkbox-input-show" name="show_decoded_files" value="True" {% if show_decoded_files %}checked{% endif %}>
+										<label class="form-check-label" for="checkbox-input-show">
+											<div style="color:#286090; font-size: 14px;">
+												Show dumped keys <i class="fas fa-key"></i>
+											</div>
+										</label>
+									</div>
+									<button class="btn btn-primary" style="text-align:center;">
+										<i class="fas fa-copy"></i> Search
+									</button>
+								<form>
+						  </div>
+						</div>
+
+						<div id="pie_chart_encoded">
+						</div>
+						<div id="pie_chart_top5_types">
+						</div>
+					</div>
+				</div>
+
+				{% if  l_pgpdump|length != 0 %}
+						{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }} Dumped Keys: </h3>
+						{% else %}
+							<h3> {{ date_from }} to {{ date_to }} Dumped Keys: </h3>
+						{% endif %}
+						<table id="tableb64" class="table table-striped table-bordered">
+							<thead class="bg-dark text-white">
+								<tr>
+										<th>type id</th>
+										<th>key id</th>
+										<th>first seen</th>
+										<th>last seen</th>
+										<th>nb paste</th>
+										<th>Sparkline</th>
+								</tr>
+							</thead>
+							<tbody style="font-size: 15px;">
+							{% for pgp_dump in l_pgpdump %}
+									<tr>
+										<td><i class="fas {{ er }}"></i>&nbsp;&nbsp;{{ l_pgpdump[pgp_dump]['type_id'] }}</td>
+										<td><a target="_blank" href="{{ url_for('hashDecoded.show_pgpdump') }}?type_id={{ l_pgpdump[pgp_dump]['type_id'] }}&key_id={{ pgp_dump }}">{{ pgp_dump }}</a></td>
+										<td>{{ l_pgpdump[pgp_dump]['first_seen'] }}</td>
+										<td>{{ l_pgpdump[pgp_dump]['last_seen'] }}</td>
+										<td>{{ l_pgpdump[pgp_dump]['nb_seen'] }}</td>
+										<td id="sparklines_{{ l_pgpdump[pgp_dump]['sparklines_id'] }}" style="text-align:center;"></td>
+									</tr>
+							{% endfor %}
+							</tbody>
+						</table>
+					{% else %}
+						{% if show_decoded_files %}
+							{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }}, No Dumped Keys</h3>
+							{% else %}
+							<h3> {{ date_from }} to {{ date_to }}, No Dumped Keys</h3>
+							{% endif %}
+						{% endif %}
+					{% endif %}
+				</div>
+
+			</div>
+		</div>
+	</div>
+
+<script>
+		var chart = {};
+    $(document).ready(function(){
+				$("#page-Decoded").addClass("active");
+        $("#nav_dashboard_pgp").addClass("active");
+
+				$('#date-range-from').dateRangePicker({
+						separator : ' to ',
+						getValue: function()
+						{
+								if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+										return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+								else
+										return '';
+						},
+						setValue: function(s,s1,s2)
+						{
+								$('#date-range-from-input').val(s1);
+								$('#date-range-to-input').val(s2);
+						}
+					});
+					$('#date-range-to').dateRangePicker({
+							separator : ' to ',
+							getValue: function()
+							{
+									if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+											return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+									else
+											return '';
+							},
+							setValue: function(s,s1,s2)
+							{
+									$('#date-range-from-input').val(s1);
+									$('#date-range-to-input').val(s2);
+							}
+					});
+
+					$('#tableb64').DataTable({
+							"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
+							"iDisplayLength": 10,
+							"order": [[ 3, "desc" ]]
+					});
+
+					{% if  type %}
+					//chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?type_id={{type}}", 'id');
+					{% elif  daily_type_chart %}
+					chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
+					{% else %}
+					chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
+					{% endif %}
+
+					//draw_pie_chart("pie_chart_encoded" ,"{{ url_for('hashDecoded.decoder_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}&encoding=");
+					//draw_pie_chart("pie_chart_top5_types" ,"{{ url_for('hashDecoded.top5_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type=");
+
+					chart.onResize();
+					$(window).on("resize", function() {
+							chart.onResize();
+					});
+  });
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+<script>
+//var data = [6,3,3,2,5,3,9];
+
+// a sparklines plot
+function sparklines(id, points) {
+    var width = 100, height = 60;
+
+    var data = []
+    for (i = 0; i < points.length; i++) {
+        data[i] = {
+            'x': i,
+            'y': +points[i]
+        }
+    }
+
+    var x = d3.scaleLinear()
+        .range([0, width - 10])
+        .domain([0,5]);
+
+    var y = d3.scaleLinear()
+        .range([height, 0])
+        .domain([0,10]);
+
+    var line = d3.line()
+                .x(function(d) {return x(d.x)})
+                .y(function(d) {return y(d.y)});
+
+    d3.select("#"+id).append('svg')
+            .attr('width', width)
+            .attr('height', height)
+         .append('path')
+            .attr('class','line')
+            .datum(data)
+            .attr('d', line);
+
+}
+</script>
+<script>
+	{% for pgp_dump in l_pgpdump %}
+		sparklines("sparklines_{{ l_pgpdump[pgp_dump]['sparklines_id'] }}", {{ l_pgpdump[pgp_dump]['sparklines_data'] }})
+	{% endfor %}
+</script>
+
+<script>
+var margin = {top: 20, right: 100, bottom: 55, left: 45},
+				width  = 1000 - margin.left - margin.right,
+				height = 500  - margin.top  - margin.bottom;
+var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
+
+var y = d3.scaleLinear().rangeRound([height, 0]);
+
+var xAxis = d3.axisBottom(x);
+
+var yAxis = d3.axisLeft(y);
+
+var color = d3.scaleOrdinal(d3.schemeSet3);
+
+var svg = d3.select("#barchart_type").append("svg")
+				.attr("id", "thesvg")
+				.attr("viewBox", "0 0 1000 500")
+				.attr("width",  width  + margin.left + margin.right)
+				.attr("height", height + margin.top  + margin.bottom)
+			.append("g")
+				.attr("transform", "translate(" + margin.left + "," + margin.top + ")");
+
+function barchart_type_stack(url, id) {
+
+  d3.json(url)
+    .then(function(data){
+
+			var labelVar = 'date';  //A
+		  var varNames = d3.keys(data[0])
+		      .filter(function (key) { return key !== labelVar;}); //B
+
+		  data.forEach(function (d) { //D
+		    var y0 = 0;
+		    d.mapping = varNames.map(function (name) {
+		      return {
+		        name: name,
+		        label: d[labelVar],
+		        y0: y0,
+		        y1: y0 += +d[name]
+		      };
+		    });
+		    d.total = d.mapping[d.mapping.length - 1].y1;
+		  });
+
+		  x.domain(data.map(function (d) { return (d.date); })); //E
+		  y.domain([0, d3.max(data, function (d) { return d.total; })]);
+
+			svg.append("g")
+        .attr("class", "x axis")
+        .attr("transform", "translate(0," + height + ")")
+        .call(xAxis)
+				.selectAll("text")
+					.attr("class", "bar")
+					{% if  date_from|string == date_to|string and type is none %}
+						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from={{date_from}}&date_to={{date_to}}&type_id="+d })
+						.attr("transform", "rotate(-18)" )
+					{% elif  date_from|string == date_to|string and type is not none %}
+						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from="+d+'&date_to='+d })
+						.attr("transform", "rotate(-18)" )
+					{% else %}
+						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from="+d+'&date_to='+d })
+						.attr("transform", "rotate(-40)" )
+					{% endif %}
+					.style("text-anchor", "end");
+
+    	svg.append("g")
+        .attr("class", "y axis")
+        .call(yAxis)
+      	.append("text")
+        	.attr("transform", "rotate(-90)")
+        	.attr("y", 6)
+        	.attr("dy", ".71em")
+        	.style("text-anchor", "end");
+
+			var selection = svg.selectAll(".series")
+		    .data(data)
+		    .enter().append("g")
+		      .attr("class", "series")
+		      .attr("transform", function (d) { return "translate(" + x((d.date)) + ",0)"; });
+
+			selection.selectAll("rect")
+	      .data(function (d) { return d.mapping; })
+	    .enter().append("rect")
+				.attr("class", "bar_stack")
+	      .attr("width", x.bandwidth())
+	      .attr("y", function (d) { return y(d.y1); })
+	      .attr("height", function (d) { return y(d.y0) - y(d.y1); })
+	      .style("fill", function (d) { return color(d.name); })
+	      .style("stroke", "grey")
+	      .on("mouseover", function (d) { showPopover.call(this, d); })
+				.on("mouseout", function (d) { removePopovers(); })
+				{% if  date_from|string == date_to|string and type is none %}
+					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.label+'&encoding='+d.name; });
+				{% elif  date_from|string == date_to|string and type is not none %}
+					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?type_id={{type_id}}&date_from='+d.label+'&date_to='+d.label+'&encoding='+d.name; });
+				{% else %}
+					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?type_id='+ d.name +'&date_from='+d.label+'&date_to='+d.label; });
+				{% endif %}
+
+				data.forEach(function(d) {
+					if(d.total != 0){
+						svg.append("text")
+								.attr("class", "bar")
+								.attr("dy", "-.35em")
+								.attr('x', x(d.date) + x.bandwidth()/2)
+								.attr('y', y(d.total))
+								{% if  date_from|string == date_to|string and type is none %}
+									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}"+'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.date })
+								{% elif  date_from|string == date_to|string and type is not none %}
+									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?type_id={{type_id}}&date_from="+d.date+'&date_to='+d.date })
+								{% else %}
+									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}"+'?date_from='+d.date+'&date_to='+d.date })
+								{% endif %}
+								.style("text-anchor", "middle")
+								.text(d.total);
+					}
+				});
+
+			drawLegend(varNames);
+    });
+
+}
+
+function drawLegend (varNames) {
+    var legend = svg.selectAll(".legend")
+        .data(varNames.slice().reverse())
+      .enter().append("g")
+        .attr("class", "legend")
+        .attr("transform", function (d, i) { return "translate(0," + i * 20 + ")"; });
+
+    legend.append("rect")
+        .attr("x", 943)
+        .attr("width", 10)
+        .attr("height", 10)
+        .style("fill", color)
+        .style("stroke", "grey");
+
+    legend.append("text")
+				.attr("class", "svgText")
+        .attr("x", 941)
+        .attr("y", 6)
+        .attr("dy", ".35em")
+        .style("text-anchor", "end")
+        .text(function (d) { return d; });
+}
+
+function removePopovers () {
+    $('.popover').each(function() {
+      $(this).remove();
+    });
+  }
+
+function showPopover (d) {
+  $(this).popover({
+    title: "<b><span id='tooltip-id-name-bar'></span></b>",
+    placement: 'top',
+    container: 'body',
+    trigger: 'manual',
+    html : true,
+    content: function() {
+      return "<span id='tooltip-id-label'></span>" +
+            "<br/>num: <span id='tooltip-id-value-bar'></span>"; }
+  });
+  $(this).popover('show');
+  $("#tooltip-id-name-bar").text(d.name);
+  $("#tooltip-id-label").text(d.label);
+  $("#tooltip-id-value-bar").text(d3.format(",")(d.value ? d.value: d.y1 - d.y0));
+}
+
+chart.onResize = function () {
+    var aspect = 1000 / 500, chart = $("#thesvg");
+    var targetWidth = chart.parent().width();
+    chart.attr("width", targetWidth);
+    chart.attr("height", targetWidth / aspect);
+  }
+
+window.chart = chart;
+
+</script>
+
+<script>
+function draw_pie_chart(id, url_json, pie_on_click_url) {
+
+		var width_pie = 200;
+		var height_pie = 200;
+		var padding_pie = 10;
+		var opacity_pie = .8;
+
+		var radius_pie = Math.min(width_pie - padding_pie, height_pie - padding_pie) / 2;
+		//var color_pie = d3.scaleOrdinal(d3.schemeCategory10);
+		var color_pie = d3.scaleOrdinal(d3.schemeSet3);
+
+		var div_pie = d3.select("body").append("div")
+				.attr("class", "tooltip")
+				.style("opacity", 0);
+
+		var svg_pie = d3.select("#"+id)
+				.append('svg')
+				.attr("width", '100%')
+				.attr("height", '100%')
+				.attr('viewBox','0 0 '+Math.min(width_pie,height_pie) +' '+Math.min(width_pie,height_pie) )
+				.attr('preserveAspectRatio','xMinYMin')
+
+
+		var g_pie = svg_pie.append('g')
+				.attr('transform', 'translate(' + (width_pie/2) + ',' + (height_pie/2) + ')');
+
+		var arc_pie = d3.arc()
+				.innerRadius(0)
+				.outerRadius(radius_pie);
+
+		d3.json(url_json)
+			.then(function(data){
+
+			var pie_pie = d3.pie()
+					.value(function(d) { return d.value; })
+					.sort(null);
+
+			var path_pie = g_pie.selectAll('path')
+				  .data(pie_pie(data))
+				  .enter()
+				  .append("g")
+				  .append('path')
+				  .attr('d', arc_pie)
+				  .attr('fill', (d,i) => color_pie(i))
+					.attr('class', 'pie_path')
+					.on("mouseover", mouseovered_pie)
+					.on("mouseout", mouseouted_pie)
+					.on("click", function (d) {window.location.href = pie_on_click_url+d.data.name })
+				  .style('opacity', opacity_pie)
+				  .style('stroke', 'white');
+			});
+
+
+		function mouseovered_pie(d) {
+      //remove old content
+      $("#tooltip-id-name").remove();
+      $("#tooltip-id-value").remove();
+
+			// tooltip
+			var content;
+
+			content = "<b><span id='tooltip-id-name'></span></b><br/>"+
+								"<br/>"+
+								"<i>Decoded</i>: <span id='tooltip-id-value'></span><br/>"
+
+			div_pie.transition()
+				.duration(200)
+				.style("opacity", .9);
+			div_pie.html(content)
+				.style("left", (d3.event.pageX) + "px")
+				.style("top", (d3.event.pageY - 28) + "px");
+
+      $("#tooltip-id-name").text(d.data.name);
+      $("#tooltip-id-value").text(d.data.value);
+		}
+
+		function mouseouted_pie() {
+			div_pie.transition()
+				.duration(500)
+				.style("opacity", 0);
+		}
+}
+
+</script>
+
+
+
+<script>
+function barchart_type(url, id) {
+
+
+  var margin = {top: 20, right: 20, bottom: 70, left: 40};
+
+  var width = 960 - margin.left - margin.right;
+  var height = 500 - margin.top - margin.bottom;
+
+  var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
+  var y = d3.scaleLinear().rangeRound([height, 0]);
+
+  var xAxis = d3.axisBottom(x)
+    //.tickFormat(d3.time.format("%Y-%m"));
+
+  var yAxis = d3.axisLeft(y)
+    .ticks(10);
+
+/*var svg = d3.select(id).append("svg")
+      .attr("width", width + margin.left + margin.right)
+      .attr("height", height + margin.top + margin.bottom)
+			.attr("id", "thesvg")
+      .append("g")
+        .attr("transform",
+          "translate(" + margin.left + "," + margin.top + ")");*/
+
+
+  d3.json(url)
+    .then(function(data){
+
+        data.forEach(function(d) {
+          d.value = +d.value;
+        });
+
+				x.domain(data.map(function(d) { return d.date; }));
+        y.domain([0, d3.max(data, function(d) { return d.value; })]);
+
+        var label = svg.append("g")
+            .attr("class", "x axis")
+            .attr("transform", "translate(0," + height + ")")
+            .call(xAxis)
+          .selectAll("text")
+            .style("text-anchor", "end")
+            .attr("dx", "-.8em")
+            .attr("dy", "-.55em")
+						{% if  daily_type_chart %}
+						.attr("transform", "rotate(-20)" );
+						{% else %}
+						.attr("transform", "rotate(-70)" )
+						.attr("class", "bar")
+						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}"+'?date_from='+d+'&date_to='+d });
+						{% endif %}
+
+        svg.append("g")
+            .attr("class", "y axis")
+            .call(yAxis)
+          .append("text")
+            .attr("transform", "rotate(-90)")
+            .attr("y", 6)
+            .attr("dy", ".71em")
+            .style("text-anchor", "end")
+            .text("Value ($)");
+
+        var bar = svg.selectAll("bar")
+            .data(data)
+          .enter().append("rect")
+            .attr("class", "bar")
+            //.style("fill", "steelblue")
+						.attr("x", function(d) { return x(d.date); })
+            .attr("width", x.bandwidth())
+            .attr("y", function(d) { return y(d.value); })
+            .attr("height", function(d) { return height - y(d.value); })
+						{% if  type %}
+            .on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type={{type}}&date_from='+ d.date +'&date_to='+ d.date; });
+						{% endif  %}
+						{% if  daily_type_chart %}
+						.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type='+d.date+'&date_from={{ daily_date }}&date_to={{ daily_date }}'; });
+						{% endif  %}
+
+
+        data.forEach(function(d) {
+          if(d.value != 0){
+            svg.append("text")
+                .attr("class", "bar")
+                .attr("dy", "-.35em")
+                //.text(function(d) { return d.value; });
+                .text(d.value)
+								.style("text-anchor", "middle")
+								.attr('x', x(d.date) + x.bandwidth()/2)
+                .attr('y', y(d.value));
+          }
+        });
+
+    });
+
+}
+</script>
+
+
+</body>
+
+</html>
diff --git a/var/www/modules/hashDecoded/templates/hashDecoded.html b/var/www/modules/hashDecoded/templates/hashDecoded.html
index bf0a12bf..e031530a 100644
--- a/var/www/modules/hashDecoded/templates/hashDecoded.html
+++ b/var/www/modules/hashDecoded/templates/hashDecoded.html
@@ -493,16 +493,19 @@ function removePopovers () {
 
 function showPopover (d) {
   $(this).popover({
-    title: d.name,
+    title: "<b><span id='tooltip-id-name-bar'></span></b>",
     placement: 'top',
     container: 'body',
     trigger: 'manual',
     html : true,
     content: function() {
-      return d.label +
-            "<br/>num: " + d3.format(",")(d.value ? d.value: d.y1 - d.y0); }
+      return "<span id='tooltip-id-label'></span>" +
+            "<br/>num: <span id='tooltip-id-value-bar'></span>"; }
   });
-  $(this).popover('show')
+  $(this).popover('show');
+  $("#tooltip-id-name-bar").text(d.name);
+  $("#tooltip-id-label").text(d.label);
+  $("#tooltip-id-value-bar").text(d3.format(",")(d.value ? d.value: d.y1 - d.y0));
 }
 
 chart.onResize = function () {
@@ -571,13 +574,16 @@ function draw_pie_chart(id, url_json, pie_on_click_url) {
 
 
 		function mouseovered_pie(d) {
+      //remove old content
+      $("#tooltip-id-name").remove();
+      $("#tooltip-id-value").remove();
 
 			// tooltip
 			var content;
 
-			content = "<b>"+d.data.name+"</b>"+"<br/>"+
+			content = "<b><span id='tooltip-id-name'></span></b><br/>"+
 								"<br/>"+
-								"<i>Decoded</i>: "+d.data.value+"<br/>"
+								"<i>Decoded</i>: <span id='tooltip-id-value'></span><br/>"
 
 			div_pie.transition()
 				.duration(200)
@@ -585,6 +591,9 @@ function draw_pie_chart(id, url_json, pie_on_click_url) {
 			div_pie.html(content)
 				.style("left", (d3.event.pageX) + "px")
 				.style("top", (d3.event.pageY - 28) + "px");
+
+      $("#tooltip-id-name").text(d.data.name);
+      $("#tooltip-id-value").text(d.data.value);
 		}
 
 		function mouseouted_pie() {
diff --git a/var/www/modules/hashDecoded/templates/showHash.html b/var/www/modules/hashDecoded/templates/showHash.html
index 45faf5c8..c7cac4d8 100644
--- a/var/www/modules/hashDecoded/templates/showHash.html
+++ b/var/www/modules/hashDecoded/templates/showHash.html
@@ -171,8 +171,8 @@
 								</div>
 								<div class="card-body text-center">
 									{% for encoding in list_hash_decoder %}
-									<button class="btn" disabled>
-										{{encoding['encoding']}} <span class="badge">{{encoding['nb_seen']}}</span>
+									<button class="btn btn-outline-dark" disabled>
+										{{encoding['encoding']}} <span class="badge badge-dark">{{encoding['nb_seen']}}</span>
 									</button>
 									{% endfor %}
 								</div>
@@ -398,8 +398,7 @@ d3.json(url)
 	node.append('text')
 		  .attr('text-anchor', 'middle')
 		  .attr('dominant-baseline', 'central')
-		  .attr("class", "graph_node_icon")
-    	.attr('font-family', 'FontAwesome')
+		  .attr("class", "graph_node_icon fa")
     	.attr('font-size', '8px' )
 			.attr('pointer-events', 'none')
     	.text(function(d) {
@@ -475,24 +474,36 @@ function mouseovered(d) {
 var content;
 
 if(d.hash == true){
-	content = "<b>"+d.id+"</b>"+"<br/>"+
+	content = "<b><span id='tooltip-id-name'></span></b><br/>"+
 						"<br/>"+
-						"<i>First seen</i>: "+d.first_seen+"<br/>"+
-						"<i>Last seen</i>: "+d.last_seen+"<br/>"+
-						"<i>nb_seen_in_paste</i>: "+d.nb_seen_in_paste+"<br/>"+
-						"<i>Size (kb)</i>: "+d.size+"<br/>"+
-						"<br/>"+
-						"<i>Estimated type</i>: "+d.estimated_type;
-} else {
-	content = "<b>"+d.id+"</b>"+"<br/>";
-}
+						"<i>First seen</i>: <span id='tooltip-id-first_seen'></span><br/>"+
+						"<i>Last seen</i>: <span id='tooltip-id-last_seen'></span><br/>"+
+						"<i>nb_seen</i>: <span id='tooltip-id-nb_seen'></span>";
 
 	div.transition()
-		.duration(200)
-		.style("opacity", .9);
+		 .duration(200)
+				.style("opacity", .9);
 	div.html(content)
-		.style("left", (d3.event.pageX) + "px")
-		.style("top", (d3.event.pageY - 28) + "px");
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+	$("#tooltip-id-first_seen").text(d.first_seen);
+	$("#tooltip-id-last_seen").text(d.last_seen);
+	$("#tooltip-id-nb_seen").text(d.nb_seen_in_paste);
+
+} else {
+	content = "<b><span id='tooltip-id-name'></span></b><br/>";
+
+	div.transition()
+		 .duration(200)
+				.style("opacity", .9);
+	div.html(content)
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+}
 
 	//links
 	/*link.style("stroke-opacity", function(o) {
diff --git a/var/www/modules/hashDecoded/templates/showPgpDump.html b/var/www/modules/hashDecoded/templates/showPgpDump.html
new file mode 100644
index 00000000..8f7b05aa
--- /dev/null
+++ b/var/www/modules/hashDecoded/templates/showPgpDump.html
@@ -0,0 +1,569 @@
+<!DOCTYPE html>
+<html>
+
+	<head>
+	  <meta charset="utf-8">
+
+	  <title>AIL - framework</title>
+		<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
+
+	  <!-- Core CSS -->
+		<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+		<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+
+	  <!-- JS -->
+		<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
+		<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
+
+		<style>
+		line.link {
+			stroke: #666;
+		}
+		line.link:hover{
+			stroke: red;
+			stroke-width: 2px
+		}
+		.line_sparkline {
+			fill: none;
+			stroke: #000;
+			stroke-width: 2.0px;
+		}
+		.node {
+			pointer-events: all;
+		}
+
+		circle {
+			stroke: none;
+		}
+
+		.graph_text_node {
+			font: 8px sans-serif;
+			pointer-events: none;
+		}
+
+		.graph_node_icon {
+			pointer-events: none;
+		}
+
+		.node text {
+			font: 8px sans-serif;
+			pointer-events: auto;
+		}
+
+		div.tooltip {
+			position: absolute;
+			text-align: center;
+			padding: 2px;
+			font: 12px sans-serif;
+			background: #ebf4fb;
+			border: 2px solid #b7ddf2;
+			border-radius: 8px;
+			pointer-events: none;
+			color: #000000;
+		}
+
+		.graph_panel {
+			padding: unset;
+		}
+
+		.line_graph {
+		  fill: none;
+		  stroke: steelblue;
+		  stroke-width: 2px;
+			stroke-linejoin: round;
+			stroke-linecap: round;
+			stroke-width: 1.5;
+			/*attr('stroke', '#bcbd22').*/
+		}
+		</style>
+	</head>
+	<body>
+
+		{% include 'nav_bar.html' %}
+
+		<div class="container-fluid">
+			<div class="row">
+
+				{% include 'decoded/menu_sidebar.html' %}
+
+				<div class="col-12 col-lg-10" id="core_content">
+
+					<div class="card my-3">
+						<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
+							<h4 class="text-secondary">{{ key_id }} :</h4>
+							<ul class="list-group mb-2">
+								<li class="list-group-item py-0">
+									<div class="row">
+										<div class="col-md-10">
+											<table class="table">
+												<thead>
+													<tr>
+														<th>type</th>
+														<th>First_seen</th>
+														<th>Last_seen</th>
+														<th>Nb seen</th>
+													</tr>
+												</thead>
+												<tbody>
+													<tr>
+														<td><i class="fas {{ d }}"></i>&nbsp;&nbsp;{{ type_id }}</td>
+														<td>{{ key_id_metadata['first_seen'] }}</td>
+														<td>{{ key_id_metadata['last_seen'] }}</td>
+														<td>{{ key_id_metadata['nb_seen'] }}</td>
+													</tr>
+												</tbody>
+											</table>
+										</div>
+										<div class="col-md-1">
+											<div id="sparkline"></div>
+										</div>
+									</div>
+								</li>
+							</ul>
+						</div>
+					</div>
+
+					<div class="row">
+						<div class="col-xl-10">
+
+							<div class="card mb-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
+								</div>
+								<div class="card-body graph_panel">
+									<div id="graph">
+									</div>
+								</div>
+							</div>
+						</div>
+
+						<div class="col-xl-2">
+
+							<div class="card my-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
+								</div>
+								<div class="card-body text-center px-0 py-0">
+									<button class="btn btn-primary my-4" onclick="resize_graph();">
+										<i class="fas fa-sync"></i>&nbsp;Resize Graph
+									</button>
+
+
+									<ul class="list-group">
+										<li class="list-group-item list-group-item-info"><i class="fas fa-info-circle fa-2x"></i></li>
+										<li class="list-group-item text-left">
+											<p>Double click on a node to open Hash/Paste<br><br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
+												Current Hash<br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
+												Hashes<br>
+												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
+												Pastes
+											</p>
+										</li>
+										<li class="list-group-item list-group-item-info">
+											Hash Types:
+										</li>
+										<li class="list-group-item text-left">
+											<i class="fas fa-key"></i>  Key<br>
+											<i class="fas fa-user-tag"></i>  Name<br>
+											<i class="fas fa-at"></i>  Mail<br>
+										</li>
+									</ul>
+								</div>
+							</div>
+						</div>
+					</div>
+
+					<div class="card">
+						<div class="card-header">
+							<i class="fas fa-chart-bar"></i> Graph
+						</div>
+						<div class="panel-body ">
+							<div id="graph_line">
+							</div>
+						</div>
+					</div>
+
+				</div>
+			</div>
+		</div>
+
+<script>
+var all_graph = {};
+$(document).ready(function(){
+		$("#page-Decoded").addClass("active");
+		sparklines("sparkline", {{ sparkline_values }})
+
+		all_graph.node_graph = create_graph("{{ url_for('hashDecoded.pgp_dump_graph_node_json') }}?type_id={{type_id}}&key_id={{key_id}}");
+		all_graph.line_chart = create_line_chart('graph_line', "{{ url_for('hashDecoded.pgp_graph_line_json') }}?type_id={{type_id}}&key_id={{key_id}}");
+		all_graph.onResize();
+});
+
+$(window).on("resize", function() {
+		all_graph.onResize();
+});
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+
+<script>
+	function resize_graph() {
+		zoom.translateTo(svg_node, 200, 200);
+		zoom.scaleTo(svg_node, 2);
+	}
+
+</script>
+<script>
+//var data = [6,3,3,2,5,3,9];
+
+// a sparklines plot
+function sparklines(id, points) {
+    var width_spark = 100, height_spark = 60;
+
+    var data = []
+    for (i = 0; i < points.length; i++) {
+        data[i] = {
+            'x': i,
+            'y': +points[i]
+        }
+    }
+
+    var x = d3.scaleLinear()
+        .range([0, width_spark - 10])
+        .domain([0,5]);
+
+    var y = d3.scaleLinear()
+        .range([height_spark, 0])
+        .domain([0,10]);
+
+    var line = d3.line()
+                .x(function(d) {return x(d.x)})
+                .y(function(d) {return y(d.y)});
+
+    d3.select("#"+id).append('svg')
+            .attr('width', width_spark)
+            .attr('height', height_spark)
+         .append('path')
+            .attr('class','line_sparkline')
+            .datum(data)
+            .attr('d', line);
+
+}
+</script>
+
+<script>
+var width = 400,
+		height = 400;
+
+var link;
+
+var zoom = d3.zoom()
+	.scaleExtent([.2, 10])
+	.on("zoom", zoomed);
+
+//var transform = d3.zoomIdentity;
+
+var color = d3.scaleOrdinal(d3.schemeCategory10);
+
+var div = d3.select("body").append("div")
+		.attr("class", "tooltip")
+		.style("opacity", 0);
+
+var simulation = d3.forceSimulation()
+		.force("link", d3.forceLink().id(function(d) { return d.id; }))
+		.force("charge", d3.forceManyBody())
+		.force("center", d3.forceCenter(width / 2, height / 2));
+		//.on("tick", ticked);
+
+var svg_node = d3.select("#graph").append("svg")
+		.attr("id", "graph_div")
+		.attr("width", width)
+		.attr("height", height)
+		.call(d3.zoom().scaleExtent([1, 8]).on("zoom", zoomed))
+		.on("dblclick.zoom", null)
+
+var container_graph = svg_node.append("g");
+		//.attr("transform", "translate(40,0)")
+		//.attr("transform", "scale(2)");
+
+function create_graph(url){
+
+d3.json(url)
+.then(function(data){
+
+	link = container_graph.append("g")
+	.selectAll("line")
+	.data(data.links)
+	.enter().append("line")
+		.attr("class", "link");
+		//.attr("stroke-width", function(d) { return Math.sqrt(d.value); })
+
+	var node = container_graph.selectAll(".node")
+				.data(data.nodes)
+			.enter().append("g")
+			.attr("class", "nodes")
+			.on("dblclick", doubleclick)
+			.on("click", click)
+			.on("mouseover", mouseovered)
+			.on("mouseout", mouseouted)
+			.call(d3.drag()
+					.on("start", drag_start)
+					.on("drag", dragged)
+					.on("end", drag_end));
+
+
+	node.append("circle")
+			.attr("r", function(d) {
+				return (d.hash) ? 6 : 5; })
+			.attr("fill", function(d) {
+				if(!d.hash){ return color(d.group);}
+				if(d.group == 1){ return "orange";}
+				return "rgb(141, 211, 199)"; });
+
+	node.append('text')
+		  .attr('text-anchor', 'middle')
+		  .attr('dominant-baseline', 'central')
+		  .attr("class", "graph_node_icon fa")
+    	.attr('font-size', '8px' )
+			.attr('pointer-events', 'none')
+    	.text(function(d) {
+				if(d.hash){
+					return d.icon
+				} });
+
+	zoom.translateTo(svg_node, 200, 200);
+	zoom.scaleTo(svg_node, 2);
+
+/*	node.append("text")
+		      .attr("dy", 3)
+					.attr("dx", 7)
+					.attr("class", "graph_text_node")
+		      //.style("text-anchor", function(d) { return d.children ? "end" : "start"; })
+		      .text(function(d) { return d.id; });*/
+
+	simulation
+			.nodes(data.nodes)
+			.on("tick", ticked);
+
+	simulation.force("link")
+			.links(data.links);
+
+	function ticked() {
+		link
+				.attr("x1", function(d) { return d.source.x; })
+				.attr("y1", function(d) { return d.source.y; })
+				.attr("x2", function(d) { return d.target.x; })
+				.attr("y2", function(d) { return d.target.y; });
+
+		/*node
+				.attr("cx", function(d) { return d.x; })
+				.attr("cy", function(d) { return d.y; });*/
+		node.attr("transform", function(d) { return "translate(" + d.x + "," + d.y + ")"; });
+	}
+
+});
+}
+
+function zoomed() {
+	container_graph.attr("transform", d3.event.transform);
+}
+
+function doubleclick (d) {
+window.open(d.url, '_blank');
+}
+
+function click (d) {
+console.log('clicked')
+}
+
+function drag_start(d) {
+if (!d3.event.active) simulation.alphaTarget(0.3).restart();
+d.fx = d.x;
+d.fy = d.y;
+}
+
+function dragged(d) {
+d.fx = d3.event.x;
+d.fy = d3.event.y;
+}
+
+function drag_end(d) {
+if (!d3.event.active) simulation.alphaTarget(0);
+d.fx = d.x;
+d.fy = d.y;
+}
+
+function mouseovered(d) {
+
+// tooltip
+var content;
+
+if(d.hash == true){
+	content = "<b><span id='tooltip-id-name'></span></b><br/>"+
+						"<br/>"+
+						"<i>First seen</i>: <span id='tooltip-id-first_seen'></span><br/>"+
+						"<i>Last seen</i>: <span id='tooltip-id-last_seen'></span><br/>"+
+						"<i>nb_seen</i>: <span id='tooltip-id-nb_seen'></span>";
+
+	div.transition()
+		 .duration(200)
+				.style("opacity", .9);
+	div.html(content)
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+	$("#tooltip-id-first_seen").text(d.first_seen);
+	$("#tooltip-id-last_seen").text(d.last_seen);
+	$("#tooltip-id-nb_seen").text(d.nb_seen_in_paste);
+
+} else {
+	content = "<b><span id='tooltip-id-name'></span></b><br/>";
+
+	div.transition()
+		 .duration(200)
+				.style("opacity", .9);
+	div.html(content)
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+
+}
+
+	//links
+	/*link.style("stroke-opacity", function(o) {
+			return o.source === d || o.target === d ? 1 : opacity;
+	});*/
+	link.style("stroke", function(o){
+			return o.source === d || o.target === d ? "#666" : "#ddd";
+	});
+}
+
+function mouseouted() {
+	div.transition()
+		.duration(500)
+		.style("opacity", 0);
+
+	link.style("stroke", "#666");
+}
+
+all_graph.onResize = function () {
+	var aspect = 1000 / 500, all_graph = $("#graph_div");
+	var targetWidth = all_graph.parent().width();
+	all_graph.attr("width", targetWidth);
+	all_graph.attr("height", targetWidth / aspect);
+}
+
+window.all_graph = all_graph;
+</script>
+
+<script>
+function create_line_chart(id, url){
+
+	var width = 900;
+	var height = Math.round(width / 4);
+
+	var margin = {top: 20, right: 55, bottom: 50, left: 40};
+
+	var x = d3.scaleTime().range([0, width]);
+	var y = d3.scaleLinear().rangeRound([height, 0]);
+
+	var xAxis = d3.axisBottom(x);
+	var yAxis = d3.axisLeft(y);
+
+	var parseTime = d3.timeParse("%Y-%m-%d");
+
+	var line = d3.line()
+							.x(function(d) {
+          			return x(d.date);
+        			}).y(function(d) {
+          			return y(d.value);
+        			});
+
+	var svg_line = d3.select('#'+id).append('svg')
+				.attr("id", "graph_div")
+				.attr("width", width + margin.left + margin.right)
+				.attr("height", height + margin.top + margin.bottom)
+				.append('g')
+						.attr('transform', "translate("+ margin.left +","+ margin.top +")");
+
+	var div = d3.select('body').append('div')
+				.attr('class', 'tooltip')
+				.style('opacity', 0);
+
+	//add div tooltip
+
+d3.json(url)
+	.then(function(data){
+
+		data.forEach(function(d) {
+			d.date_label = d.date;
+			d.date = parseTime(d.date);
+			d.value = +d.value;
+		});
+
+		// fit the data
+		x.domain(d3.extent(data, function(d) { return d.date; }));
+		//x.domain(data.map(function (d) { return d.date; })); //E
+		y.domain([0, d3.max(data, function(d){ return d.value ; })]);
+
+		//line
+		svg_line.append("path")
+				.data([data])
+				.attr("class", "line_graph")
+				.attr("d", line);
+
+		// add X axis
+		svg_line.append("g")
+		    .attr("transform", "translate(0," + height + ")")
+		    .call(d3.axisBottom(x))
+				.selectAll("text")
+					.style("text-anchor", "end")
+					.attr("transform", "rotate(-45)" );
+
+		// Add the Y Axis
+		svg_line.append("g")
+		    .call(d3.axisLeft(y));
+
+		//add a dot circle
+    svg_line.selectAll('dot')
+				.data(data).enter()
+				.append('circle')
+						.attr('r', 2)
+							.attr('cx', function(d) { return x(d.date); })
+							.attr('cy', function(d) { return y(d.value); })
+
+            	.on('mouseover', function(d) {
+	            	div.transition().style('opacity', .9);
+	            	div.html('' + d.date_label+ '<br/>' + d.value).style('left', (d3.event.pageX) + 'px')
+								.style("left", (d3.event.pageX) + "px")
+								.style("top", (d3.event.pageY - 28) + "px");
+          		})
+            	.on('mouseout', function(d)
+          			{
+            			div.transition().style('opacity', 0);
+          			});
+
+	});
+}
+</script>
+
+        </body>
+
+</html>
diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html
index 3cb5868b..48fefd56 100644
--- a/var/www/templates/decoded/menu_sidebar.html
+++ b/var/www/templates/decoded/menu_sidebar.html
@@ -8,9 +8,6 @@
       	<nav class="navbar navbar-expand navbar-light bg-light flex-md-column flex-row align-items-start py-2" id="nav_menu">
       		<h5 class="d-flex text-muted w-100">
       		  <span>Items Decoded </span>
-      			<a class="ml-auto" href="{{url_for('hiddenServices.manual')}}">
-      				<i class="fas fa-plus-circle ml-auto"></i>
-      			</a>
       		</h5>
       	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
       	    <li class="nav-item">
@@ -19,10 +16,15 @@
       	        <span>Dashboard</span>
       	      </a>
       	    </li>
+          </ul>
+          <h5 class="d-flex text-muted w-100">
+      		  <span>PGP Dumps</span>
+      		</h5>
+      	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
       	    <li class="nav-item">
-      	      <a class="nav-link" href="{{url_for('hiddenServices.Crawler_Splash_last_by_type')}}?type=onion" id="nav_onion_crawler">
-      					<i class="fas fa-user-secret"></i>
-      	       	Onion Crawler
+      	      <a class="nav-link" href="{{url_for('hashDecoded.hashDecoded_page')}}" id="nav_dashboard_pgp">
+      	        <i class="fas fa-search"></i>
+      	        <span>PGP Dumps</span>
       	      </a>
       	    </li>
           </ul>

From 9639a51abdd9b9fefafd3df15878d49abbbe955e Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 20 May 2019 11:57:49 +0200
Subject: [PATCH 15/33] chg: [PgpDump] fix graph + add new tags: pgp-signature
 pgp-public-key-block + avoid keys injection in pgp user_id

---
 bin/Keys.py                                   | 22 +++++++---
 bin/PgpDump.py                                |  3 ++
 .../modules/hashDecoded/Flask_hashDecoded.py  | 43 +++++++++++--------
 .../hashDecoded/templates/PgpDecoded.html     | 15 ++++---
 var/www/templates/decoded/menu_sidebar.html   |  2 +-
 5 files changed, 54 insertions(+), 31 deletions(-)

diff --git a/bin/Keys.py b/bin/Keys.py
index 6d6e6166..eb06601a 100755
--- a/bin/Keys.py
+++ b/bin/Keys.py
@@ -25,13 +25,26 @@ from Helper import Process
 def search_key(paste):
     content = paste.get_p_content()
     find = False
+    get_pgp_content = False
     if '-----BEGIN PGP MESSAGE-----' in content:
         publisher.warning('{} has a PGP enc message'.format(paste.p_name))
 
         msg = 'infoleak:automatic-detection="pgp-message";{}'.format(message)
         p.populate_set_out(msg, 'Tags')
+        get_pgp_content = True
         find = True
 
+    if '-----BEGIN PGP PUBLIC KEY BLOCK-----' in content:
+        msg = 'infoleak:automatic-detection="pgp-public-key-block";{}'.format(message)
+        p.populate_set_out(msg, 'Tags')
+        get_pgp_content = True
+
+    if '-----BEGIN PGP SIGNATURE-----' in content:
+        msg = 'infoleak:automatic-detection="pgp-signature";{}'.format(message)
+        p.populate_set_out(msg, 'Tags')
+        get_pgp_content = True
+
+
     if '-----BEGIN CERTIFICATE-----' in content:
         publisher.warning('{} has a certificate message'.format(paste.p_name))
 
@@ -108,13 +121,8 @@ def search_key(paste):
         p.populate_set_out(msg, 'Tags')
         find = True
 
-    if '-----BEGIN PGP PUBLIC KEY BLOCK-----' in content:
-        p.populate_set_out(message, 'PgpDump')
-
-    if '-----BEGIN PGP SIGNATURE-----' in content:
-        p.populate_set_out(message, 'PgpDump')
-
-    if '-----BEGIN PGP MESSAGE-----' in content:
+    # pgp content
+    if get_pgp_content:
         p.populate_set_out(message, 'PgpDump')
 
     if find :
diff --git a/bin/PgpDump.py b/bin/PgpDump.py
index 6cf754d0..20009235 100755
--- a/bin/PgpDump.py
+++ b/bin/PgpDump.py
@@ -68,6 +68,9 @@ def get_pgp_packet(save_path):
 def extract_id_from_output(pgp_dump_outpout):
     all_user_id = set(re.findall(regex_user_id, pgp_dump_outpout))
     for user_id in all_user_id:
+        # avoid key injection in user_id:
+        pgp_dump_outpout.replace(user_id, '', 1)
+
         user_id = user_id.replace(user_id_str, '', 1)
         mail = None
         if ' <' in user_id:
diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index f775d058..c5e34d0f 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -1014,35 +1014,44 @@ def pgp_range_type_json():
 
     return jsonify(range_type)
 
-@hashDecoded.route('/decoded/pgp_by_type_json') ####################################
+@hashDecoded.route('/decoded/pgp_by_type_json') ## TODO: REFRACTOR
 def pgp_by_type_json():
     type_id = request.args.get('type_id')
+    date_from = request.args.get('date_from')
+
+    if date_from is None:
+        date_from = datetime.date.today().strftime("%Y%m%d")
 
     #retrieve + char
     type_id = type_id.replace(' ', '+')
+    default = False
+
+    if type_id is None:
+        default = True
+        all_type = ['key', 'name', 'mail']
+    else:
+        all_type = [ type_id ]
 
     num_day_type = 30
     date_range = get_date_range(num_day_type)
 
     #verify input
-    if verify_pgp_type_id(type_id):
-
-        r_serv_metadata.smembers('hash_all_type'):
-            type_value = []
-            all_decoder = r_serv_metadata.smembers('all_decoder')
-
-            range_decoder = []
-            for date in date_range:
-                day_decoder = {}
-                day_decoder['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
-                for decoder in all_decoder:
-                    num_day_decoder = r_serv_metadata.zscore(decoder+'_type:'+type, date)
-                    if num_day_decoder is None:
-                        num_day_decoder = 0
-                    day_decoder[decoder]= num_day_decoder
-                range_decoder.append(day_decoder)
+    if verify_pgp_type_id(type_id) or default:
 
+        type_value = []
 
+        range_decoder = []
+        for date in date_range:
+            day_type_id = {}
+            day_type_id['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+            for type_pgp in all_type:
+                all_vals_key = r_serv_metadata.hvals('pgp:{}:date'.format(type_id, date))
+                num_day_type_id = 0
+                if all_vals_key is not None:
+                    for val_key in all_vals_key:
+                        num_day_type_id += int(val_key)
+                day_type_id[type_pgp]= num_day_type_id
+            range_decoder.append(day_type_id)
 
         return jsonify(range_decoder)
     else:
diff --git a/var/www/modules/hashDecoded/templates/PgpDecoded.html b/var/www/modules/hashDecoded/templates/PgpDecoded.html
index da568936..e7e21feb 100644
--- a/var/www/modules/hashDecoded/templates/PgpDecoded.html
+++ b/var/www/modules/hashDecoded/templates/PgpDecoded.html
@@ -187,7 +187,7 @@
 						{
 								$('#date-range-from-input').val(s1);
 								$('#date-range-to-input').val(s2);
-						}
+						},
 					});
 					$('#date-range-to').dateRangePicker({
 							separator : ' to ',
@@ -202,18 +202,22 @@
 							{
 									$('#date-range-from-input').val(s1);
 									$('#date-range-to-input').val(s2);
-							}
+							},
 					});
 
+          $('#date-range-from').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
+          $('#date-range-to').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
+
 					$('#tableb64').DataTable({
 							"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
 							"iDisplayLength": 10,
 							"order": [[ 3, "desc" ]]
 					});
 
-					{% if  type %}
-					//chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?type_id={{type}}", 'id');
-					{% elif  daily_type_chart %}
+					{% if  type_id %}
+					//chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?date_from={{daily_date}}&type_id={{type_id}}", 'id');
+          chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type_id={{type_id}}", 'id');
+					{% elif  type_id or daily_type_chart %}
 					chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
 					{% else %}
 					chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
@@ -243,7 +247,6 @@ function toggle_sidebar(){
 }
 </script>
 <script>
-//var data = [6,3,3,2,5,3,9];
 
 // a sparklines plot
 function sparklines(id, points) {
diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html
index 48fefd56..7a5a981c 100644
--- a/var/www/templates/decoded/menu_sidebar.html
+++ b/var/www/templates/decoded/menu_sidebar.html
@@ -22,7 +22,7 @@
       		</h5>
       	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
       	    <li class="nav-item">
-      	      <a class="nav-link" href="{{url_for('hashDecoded.hashDecoded_page')}}" id="nav_dashboard_pgp">
+      	      <a class="nav-link" href="{{url_for('hashDecoded.pgpdump_page')}}" id="nav_dashboard_pgp">
       	        <i class="fas fa-search"></i>
       	        <span>PGP Dumps</span>
       	      </a>

From 49f7429c5f090e846939a2b5040d28510d906e81 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 20 May 2019 13:02:09 +0200
Subject: [PATCH 16/33] chg: [Update] force update order

---
 bin/Update.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bin/Update.py b/bin/Update.py
index 4001c5d0..45b72918 100755
--- a/bin/Update.py
+++ b/bin/Update.py
@@ -145,10 +145,14 @@ def get_git_upper_tags_remote(current_tag, is_fork):
             list_upper_tags = []
             if list_all_tags[-1][1:] == current_tag:
                 list_upper_tags.append( (list_all_tags[-1], None) )
+                # force update order
+                list_upper_tags.sort()
                 return list_upper_tags
             for tag in list_all_tags:
                 if float(tag[1:]) >= float(current_tag):
                     list_upper_tags.append( (tag, None) )
+            # force update order
+            list_upper_tags.sort()
             return list_upper_tags
         else:
             print('{}{}{}'.format(TERMINAL_RED, process.stderr.decode(), TERMINAL_DEFAULT))
@@ -165,6 +169,8 @@ def get_git_upper_tags_remote(current_tag, is_fork):
             list_upper_tags = []
             if last_tag[1:] == current_tag:
                 list_upper_tags.append( (last_tag, last_commit) )
+                # force update order
+                list_upper_tags.sort()
                 return list_upper_tags
             else:
                 for mess_tag in list_all_tags:
@@ -177,6 +183,8 @@ def get_git_upper_tags_remote(current_tag, is_fork):
                 # add last commit
                 if last_tag not in list_upper_tags[-1][0]:
                     list_upper_tags.append( (last_tag, last_commit) )
+                # force update order
+                list_upper_tags.sort()
                 return list_upper_tags
 
         else:

From da5579875db909b6503452742bbda78d2d225c5f Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 20 May 2019 14:32:07 +0200
Subject: [PATCH 17/33] chg: [pgpdump] reprocess tagged items + fix pgpdump

---
 bin/LAUNCH.sh                                 |  2 +
 bin/PgpDump.py                                |  1 +
 bin/helper/reprocess_pgp_message.py           | 50 +++++++++++++++++++
 .../modules/hashDecoded/Flask_hashDecoded.py  | 16 +++++-
 .../hashDecoded/templates/PgpDecoded.html     |  2 +-
 5 files changed, 68 insertions(+), 3 deletions(-)
 create mode 100755 bin/helper/reprocess_pgp_message.py

diff --git a/bin/LAUNCH.sh b/bin/LAUNCH.sh
index 6d7c6bf7..e4175b90 100755
--- a/bin/LAUNCH.sh
+++ b/bin/LAUNCH.sh
@@ -187,6 +187,8 @@ function launching_scripts {
     sleep 0.1
     screen -S "Script_AIL" -X screen -t "Keys" bash -c "cd ${AIL_BIN}; ${ENV_PY} ./Keys.py; read x"
     sleep 0.1
+    screen -S "Script_AIL" -X screen -t "PgpDump" bash -c "cd ${AIL_BIN}; ${ENV_PY} ./PgpDump.py; read x"
+    sleep 0.1
     screen -S "Script_AIL" -X screen -t "Decoder" bash -c "cd ${AIL_BIN}; ${ENV_PY} ./Decoder.py; read x"
     sleep 0.1
     screen -S "Script_AIL" -X screen -t "Bitcoin" bash -c "cd ${AIL_BIN}; ${ENV_PY} ./Bitcoin.py; read x"
diff --git a/bin/PgpDump.py b/bin/PgpDump.py
index 20009235..f46cbce9 100755
--- a/bin/PgpDump.py
+++ b/bin/PgpDump.py
@@ -8,6 +8,7 @@
 
 import os
 import re
+import time
 import redis
 import signal
 import datetime
diff --git a/bin/helper/reprocess_pgp_message.py b/bin/helper/reprocess_pgp_message.py
new file mode 100755
index 00000000..bf8d78ee
--- /dev/null
+++ b/bin/helper/reprocess_pgp_message.py
@@ -0,0 +1,50 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+import os
+import sys
+import gzip
+import base64
+import uuid
+import datetime
+import base64
+import redis
+import json
+import time
+
+sys.path.append(os.environ['AIL_BIN'])
+from Helper import Process
+
+def substract_date(date_from, date_to):
+    date_from = datetime.date(int(date_from[0:4]), int(date_from[4:6]), int(date_from[6:8]))
+    date_to = datetime.date(int(date_to[0:4]), int(date_to[4:6]), int(date_to[6:8]))
+    delta = date_to - date_from # timedelta
+    l_date = []
+    for i in range(delta.days + 1):
+        date = date_from + datetime.timedelta(i)
+        l_date.append( date.strftime('%Y%m%d') )
+    return l_date
+
+config_section = 'Keys'
+p = Process(config_section)
+
+r_tags = redis.StrictRedis(
+    host=p.config.get("ARDB_Tags", "host"),
+    port=p.config.getint("ARDB_Tags", "port"),
+    db=p.config.getint("ARDB_Tags", "db"),
+    decode_responses=True)
+
+tag = 'infoleak:automatic-detection="pgp-message"'
+
+# get tag first/last seen
+first_seen = r_tags.hget('tag_metadata:{}'.format(tag), 'first_seen')
+last_seen = r_tags.hget('tag_metadata:{}'.format(tag), 'last_seen')
+
+l_dates = substract_date(first_seen, last_seen)
+
+# get all tagged items
+for date in l_dates:
+    daily_tagged_items = r_tags.smembers('{}:{}'.format(tag, date))
+
+    for item in daily_tagged_items:
+        p.populate_set_out(item, 'PgpDump')
diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index c5e34d0f..29a48726 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -102,7 +102,7 @@ def get_file_icon_text(estimated_type):
     return file_icon_text
 
 def get_pgp_id_icon_text(type_id):
-    # set file icon
+    # set type_id icon
     if type_id == 'key':
         file_icon_text = '\uf084'
     elif type_id == 'name':
@@ -113,6 +113,18 @@ def get_pgp_id_icon_text(type_id):
         file_icon_text = '\uf249'
     return file_icon_text
 
+def get_pgp_icon(type_id):
+    # set type_id icon
+    if type_id == 'key':
+        pgp_icon_text = 'key'
+    elif type_id == 'name':
+        pgp_icon_text = 'user-tag'
+    elif type_id == 'mail':
+        pgp_icon_text = 'at'
+    else:
+        pgp_icon_text = 'times'
+    return pgp_icon_text
+
 def verify_pgp_type_id(type_id):
     if type_id in ['key', 'name', 'mail']:
         return True
@@ -846,7 +858,7 @@ def pgpdump_page():
 
         if pgp_metadata[dump_id]:
             pgp_metadata[dump_id]['type_id'] = typ_id
-            #file_icon = get_file_icon(estimated_type)
+            pgp_metadata[dump_id]['type_icon'] = get_pgp_icon(typ_id)
 
             pgp_metadata[dump_id]['sparklines_data'] = list_sparkline_pgp_values(date_range_sparkline, typ_id, dump_id)
             pgp_metadata[dump_id]['sparklines_id'] = sparkline_id
diff --git a/var/www/modules/hashDecoded/templates/PgpDecoded.html b/var/www/modules/hashDecoded/templates/PgpDecoded.html
index e7e21feb..88da78e0 100644
--- a/var/www/modules/hashDecoded/templates/PgpDecoded.html
+++ b/var/www/modules/hashDecoded/templates/PgpDecoded.html
@@ -143,7 +143,7 @@
 							<tbody style="font-size: 15px;">
 							{% for pgp_dump in l_pgpdump %}
 									<tr>
-										<td><i class="fas {{ er }}"></i>&nbsp;&nbsp;{{ l_pgpdump[pgp_dump]['type_id'] }}</td>
+										<td><i class="fas fa-{{ l_pgpdump[pgp_dump]['type_icon'] }}"></i>&nbsp;&nbsp;{{ l_pgpdump[pgp_dump]['type_id'] }}</td>
 										<td><a target="_blank" href="{{ url_for('hashDecoded.show_pgpdump') }}?type_id={{ l_pgpdump[pgp_dump]['type_id'] }}&key_id={{ pgp_dump }}">{{ pgp_dump }}</a></td>
 										<td>{{ l_pgpdump[pgp_dump]['first_seen'] }}</td>
 										<td>{{ l_pgpdump[pgp_dump]['last_seen'] }}</td>

From ff3d6e22ef3b55b6b941f9ee6d633f32533650fb Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Mon, 20 May 2019 14:48:20 +0200
Subject: [PATCH 18/33] chg: [update v1.7] add update scripts

---
 installing_deps.sh    |  8 +++++++
 update/v1.7/Update.py | 33 ++++++++++++++++++++++++++
 update/v1.7/Update.sh | 54 +++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 95 insertions(+)
 create mode 100755 update/v1.7/Update.py
 create mode 100755 update/v1.7/Update.sh

diff --git a/installing_deps.sh b/installing_deps.sh
index f3e1d7b9..e8de3fd6 100755
--- a/installing_deps.sh
+++ b/installing_deps.sh
@@ -67,6 +67,14 @@ sudo ldconfig
 popd
 popd
 
+# pgpdump
+test ! -d pgpdump && git clone https://github.com/kazu-yamamoto/pgpdump.git
+pushd pgpdump/
+./configure
+make
+sudo make install
+popd
+
 # ARDB #
 test ! -d ardb/ && git clone https://github.com/yinqiwen/ardb.git
 pushd ardb/
diff --git a/update/v1.7/Update.py b/update/v1.7/Update.py
new file mode 100755
index 00000000..d2a826e6
--- /dev/null
+++ b/update/v1.7/Update.py
@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+import os
+import sys
+import time
+import redis
+import datetime
+import configparser
+
+if __name__ == '__main__':
+
+    start_deb = time.time()
+
+    configfile = os.path.join(os.environ['AIL_BIN'], 'packages/config.cfg')
+    if not os.path.exists(configfile):
+        raise Exception('Unable to find the configuration file. \
+                        Did you set environment variables? \
+                        Or activate the virtualenv.')
+    cfg = configparser.ConfigParser()
+    cfg.read(configfile)
+
+    r_serv = redis.StrictRedis(
+        host=cfg.get("ARDB_DB", "host"),
+        port=cfg.getint("ARDB_DB", "port"),
+        db=cfg.getint("ARDB_DB", "db"),
+        decode_responses=True)
+
+    #Set current ail version
+    r_serv.set('ail:version', 'v1.7')
+
+    #Set current ail version
+    r_serv.set('ail:update_date_v1.7', datetime.datetime.now().strftime("%Y%m%d"))
diff --git a/update/v1.7/Update.sh b/update/v1.7/Update.sh
new file mode 100755
index 00000000..8eb6c5a1
--- /dev/null
+++ b/update/v1.7/Update.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+[ -z "$AIL_HOME" ] && echo "Needs the env var AIL_HOME. Run the script from the virtual environment." && exit 1;
+[ -z "$AIL_REDIS" ] && echo "Needs the env var AIL_REDIS. Run the script from the virtual environment." && exit 1;
+[ -z "$AIL_ARDB" ] && echo "Needs the env var AIL_ARDB. Run the script from the virtual environment." && exit 1;
+[ -z "$AIL_BIN" ] && echo "Needs the env var AIL_ARDB. Run the script from the virtual environment." && exit 1;
+[ -z "$AIL_FLASK" ] && echo "Needs the env var AIL_FLASK. Run the script from the virtual environment." && exit 1;
+
+export PATH=$AIL_HOME:$PATH
+export PATH=$AIL_REDIS:$PATH
+export PATH=$AIL_ARDB:$PATH
+export PATH=$AIL_BIN:$PATH
+export PATH=$AIL_FLASK:$PATH
+
+GREEN="\\033[1;32m"
+DEFAULT="\\033[0;39m"
+
+echo -e $GREEN"Shutting down AIL ..."$DEFAULT
+bash ${AIL_BIN}/LAUNCH.sh -k &
+wait
+
+echo ""
+echo -e $GREEN"Update DomainClassifier"$DEFAULT
+echo ""
+
+cd $AIL_HOME
+git clone https://github.com/kazu-yamamoto/pgpdump.git
+cd pgpdump
+./configure
+make
+sudo make install
+wait
+echo ""
+
+bash ${AIL_BIN}LAUNCH.sh -lav &
+wait
+echo ""
+
+echo ""
+echo -e $GREEN"Updating AIL VERSION ..."$DEFAULT
+echo ""
+python ${AIL_HOME}/update/v1.7/Update.py &
+wait
+echo ""
+echo ""
+
+echo ""
+echo -e $GREEN"Shutting down ARDB ..."$DEFAULT
+bash ${AIL_BIN}/LAUNCH.sh -k &
+wait
+
+echo ""
+
+exit 0

From ff23a2bce2b7fb06ca17d0826f5b4217cd5b20f4 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Tue, 21 May 2019 16:14:09 +0200
Subject: [PATCH 19/33] chg: [Bitcoin] map cryptocurrency: bitcoin (DB pivot)

---
 OVERVIEW.md                                   | 32 ++++++++++
 bin/Bitcoin.py                                | 28 +++++++++
 .../modules/hashDecoded/Flask_hashDecoded.py  | 60 ++++++++++++++++++-
 3 files changed, 119 insertions(+), 1 deletion(-)

diff --git a/OVERVIEW.md b/OVERVIEW.md
index 2b357f9f..ab413a0c 100644
--- a/OVERVIEW.md
+++ b/OVERVIEW.md
@@ -202,6 +202,38 @@ Redis and ARDB overview
 | | |
 | item_pgp_mail:*item_path* | *mail* |
 
+#### Cryptocurrency
+
+Supported cryptocurrency:
+- bitcoin
+
+##### Hset:
+| Key | Field | Value |
+| ------ | ------ | ------ |
+| cryptocurrency_metadata_**cryptocurrency name**:**cryptocurrency address** | first_seen | **date** |
+| | last_seen | **date** |
+
+##### set:
+| Key | Value |
+| ------ | ------ |
+| set_cryptocurrency_**cryptocurrency name**:**cryptocurrency address** | **item_path** |
+
+##### Hset date:
+| Key | Field | Value |
+| ------ | ------ |
+| cryptocurrency_**cryptocurrency name**:**date** | **cryptocurrency address** | **nb seen** |
+
+##### zset:
+| Key | Field | Value |
+| ------ | ------ | ------ |
+| cryptocurrency_all:**cryptocurrency name** | **cryptocurrency address** | **nb seen** |
+
+##### set:
+| Key | Value |
+| ------ | ------ |
+| item_cryptocurrency_**cryptocurrency name**:**item_path** | **cryptocurrency address** |
+
+
 ## DB9 - Crawler:
 
 ##### Hset:
diff --git a/bin/Bitcoin.py b/bin/Bitcoin.py
index ff76c5f0..a84aae3c 100755
--- a/bin/Bitcoin.py
+++ b/bin/Bitcoin.py
@@ -44,6 +44,7 @@ def check_bc(bc):
 def search_key(content, message, paste):
     bitcoin_address = re.findall(regex_bitcoin_public_address, content)
     bitcoin_private_key = re.findall(regex_bitcoin_private_key, content)
+    date = str(paste._get_p_date())
     validate_address = False
     key = False
     if(len(bitcoin_address) >0):
@@ -56,6 +57,8 @@ def search_key(content, message, paste):
                     for private_key in bitcoin_private_key:
                         print('Bitcoin private key found : {}'.format(private_key))
                         key = True
+                # build bitcoin correlation
+                save_bitcoin_data(date, message, address):
 
         if(validate_address):
             p.populate_set_out(message, 'Duplicate')
@@ -75,6 +78,31 @@ def search_key(content, message, paste):
                 publisher.warning('{}Detected {} Bitcoin private key;{}'.format(
                     to_print, len(bitcoin_private_key),paste.p_rel_path))
 
+def save_bitcoin_data(cryptocurrency_name, date, item_path, cryptocurrency_address):
+    # create basic medata
+    if not serv_metadata.exists('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address)):
+        serv_metadata.hset('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'first_seen', date)
+        serv_metadata.hset('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'last_seen', date)
+    else:
+        last_seen = serv_metadata.hget('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'last_seen')
+        if not last_seen:
+            serv_metadata.hset('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'last_seen', date)
+        else:
+            if int(last_seen) < int(date):
+                serv_metadata.hset('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'last_seen', date)
+
+    # global set
+    serv_metadata.sadd('set_cryptocurrency_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), item_path)
+
+    # daily
+    serv_metadata.hincrby('cryptocurrency_{}:{}'.format(cryptocurrency_name, date), cryptocurrency_address, 1)
+
+    # all type
+    serv_metadata.zincrby('cryptocurrency_all:{}'.format(cryptocurrency_name), cryptocurrency_address, 1)
+
+    # item_metadata
+    serv_metadata.sadd('item_cryptocurrency_{}:{}'.format(cryptocurrency_name, item_path), cryptocurrency_address)
+
 if __name__ == "__main__":
     publisher.port = 6380
     publisher.channel = "Script"
diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index 29a48726..28747bc2 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -13,6 +13,8 @@ from Date import Date
 from io import BytesIO
 import zipfile
 
+from hashlib import sha256
+
 import requests
 from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, send_file
 
@@ -158,6 +160,38 @@ def get_all_pgp_from_item(item_path):
 def one():
     return 1
 
+def decode_base58(bc, length):
+    n = 0
+    for char in bc:
+        n = n * 58 + digits58.index(char)
+    return n.to_bytes(length, 'big')
+
+def check_bc(bc):
+    try:
+        bcbytes = decode_base58(bc, 25)
+        return bcbytes[-4:] == sha256(sha256(bcbytes[:-4]).digest()).digest()[:4]
+    except Exception:
+        return False
+
+def get_bitcoin_address_metadata(bitcoin_address):
+    address_metadata = {}
+    if r_serv_metadata.exists('bitcoin_metadata:{}'.format(bitcoin_address)):
+        address_metadata['first_seen'] = r_serv_metadata.hget('bitcoin_metadata:{}'.format(bitcoin_address), 'first_seen')
+        address_metadata['first_seen'] = '{}/{}/{}'.format(address_metadata['first_seen'][0:4], address_metadata['first_seen'][4:6], address_metadata['first_seen'][6:8])
+        address_metadata['last_seen'] = r_serv_metadata.hget('bitcoin_metadata:{}'.format(bitcoin_address), 'last_seen')
+        address_metadata['last_seen'] = '{}/{}/{}'.format(address_metadata['last_seen'][0:4], address_metadata['last_seen'][4:6], address_metadata['last_seen'][6:8])
+        address_metadata['nb_seen'] = r_serv_metadata.scard('bitcoin:{}'.format(bitcoin_address))
+    return address_metadata
+
+def list_sparkline_bitcoin_values(date_range_sparkline, bitcoin_address):
+    sparklines_value = []
+    for date_day in date_range_sparkline:
+        nb_seen_this_day = r_serv_metadata.hget('bitcoin:{}'.format(bitcoin_address), bitcoin_address)
+        if nb_seen_this_day is None:
+            nb_seen_this_day = 0
+        sparklines_value.append(int(nb_seen_this_day))
+    return sparklines_value
+
 # ============= ROUTES ==============
 @hashDecoded.route("/hashDecoded/all_hash_search", methods=['POST'])
 def all_hash_search():
@@ -777,7 +811,7 @@ def update_vt_result():
         # TODO FIXME make json response
         return jsonify()
 
-## PGPDump ##
+############################ PGPDump ############################
 
 @hashDecoded.route("/decoded/pgpdump", methods=['GET'])
 def pgpdump_page():
@@ -1069,5 +1103,29 @@ def pgp_by_type_json():
     else:
         return jsonify()
 
+############################ Bitcoin ############################
+'''
+@hashDecoded.route('/correlation/show_bitcoin_address')
+def show_bitcoin_address():
+    bitcoin_address = request.args.get('bitcoin_address')
+
+    # validate user input
+    if check_bc(bitcoin_address):
+        bitcoin_address_metadata = get_bitcoin_address_metadata(bitcoin_address)
+        if bitcoin_address_metadata:
+
+            num_day_sparkline = 6
+            date_range_sparkline = get_date_range(num_day_sparkline)
+
+            sparkline_values = list_sparkline_bitcoin_values(date_range_sparkline, bitcoin_address)
+            return render_template('showPgpDump.html', bitcoin_address=bitcoin_address,
+                            key_id_metadata=bitcoin_address_metadata,
+                            sparkline_values=sparkline_values)
+        else:
+            return '404'
+    else:
+        return 'error'
+'''
+
 # ========= REGISTRATION =========
 app.register_blueprint(hashDecoded, url_prefix=baseUrl)

From 4794cafe01a5d262305182c05cfa1e9056afee7f Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 12:02:43 +0200
Subject: [PATCH 20/33] chg: [correlation] add cryptocurrency + refractor
 correlation

---
 OVERVIEW.md                                   |  32 +-
 bin/Bitcoin.py                                |  13 +-
 bin/PgpDump.py                                |  20 +-
 .../modules/hashDecoded/Flask_hashDecoded.py  | 796 ++++++++++--------
 .../templates/DaysCorrelation.html            | 660 +++++++++++++++
 .../templates/showCorrelation.html            | 553 ++++++++++++
 .../decoded/show_helper_cryptocurrency.html   |  20 +
 .../decoded/show_helper_pgpdump.html          |  21 +
 8 files changed, 1745 insertions(+), 370 deletions(-)
 create mode 100644 var/www/modules/hashDecoded/templates/DaysCorrelation.html
 create mode 100644 var/www/modules/hashDecoded/templates/showCorrelation.html
 create mode 100644 var/www/templates/decoded/show_helper_cryptocurrency.html
 create mode 100644 var/www/templates/decoded/show_helper_pgpdump.html

diff --git a/OVERVIEW.md b/OVERVIEW.md
index ab413a0c..6378e631 100644
--- a/OVERVIEW.md
+++ b/OVERVIEW.md
@@ -157,50 +157,50 @@ Redis and ARDB overview
 ##### Hset:
 | Key | Field | Value |
 | ------ | ------ | ------ |
-| pgp_metadata_key:*key id* | first_seen | **date** |
+| pgpdump_metadata_key:*key id* | first_seen | **date** |
 | | last_seen | **date** |
 | | |
-| pgp_metadata_name:*name* | first_seen | **date** |
+| pgpdump_metadata_name:*name* | first_seen | **date** |
 | | last_seen | **date** |
 | | |
-| pgp_metadata_mail:*mail* | first_seen | **date** |
+| pgpdump_metadata_mail:*mail* | first_seen | **date** |
 | | last_seen | **date** |
 
 ##### set:
 | Key | Value |
 | ------ | ------ |
-| pgp_key:*key id* | *item_path* |
+| set_pgpdump_key:*key id* | *item_path* |
 | | |
-| pgp_name:*name* | *item_path* |
+| set_pgpdump_name:*name* | *item_path* |
 | | |
-| pgp_mail:*mail* | *item_path* |
+| set_pgpdump_mail:*mail* | *item_path* |
 
 ##### Hset date:
 | Key | Field | Value |
 | ------ | ------ |
-| pgp:key:*date* | *key* | *nb seen* |
+| pgpdump:key:*date* | *key* | *nb seen* |
 | | |
-| pgp:name:*date* | *name* | *nb seen* |
+| pgpdump:name:*date* | *name* | *nb seen* |
 | | |
-| pgp:mail:*date* | *mail* | *nb seen* |
+| pgpdump:mail:*date* | *mail* | *nb seen* |
 
 ##### zset:
 | Key | Field | Value |
 | ------ | ------ | ------ |
-| pgp_all:key | *key* | *nb seen* |
+| pgpdump_all:key | *key* | *nb seen* |
 | | |
-| pgp_all:name | *name* | *nb seen* |
+| pgpdump_all:name | *name* | *nb seen* |
 | | |
-| pgp_all:mail | *mail* | *nb seen* |
+| pgpdump_all:mail | *mail* | *nb seen* |
 
 ##### set:
 | Key | Value |
 | ------ | ------ |
-| item_pgp_key:*item_path* | *key* |
+| item_pgpdump_key:*item_path* | *key* |
 | | |
-| item_pgp_name:*item_path* | *name* |
+| item_pgpdump_name:*item_path* | *name* |
 | | |
-| item_pgp_mail:*item_path* | *mail* |
+| item_pgpdump_mail:*item_path* | *mail* |
 
 #### Cryptocurrency
 
@@ -221,7 +221,7 @@ Supported cryptocurrency:
 ##### Hset date:
 | Key | Field | Value |
 | ------ | ------ |
-| cryptocurrency_**cryptocurrency name**:**date** | **cryptocurrency address** | **nb seen** |
+| cryptocurrency:**cryptocurrency name**:**date** | **cryptocurrency address** | **nb seen** |
 
 ##### zset:
 | Key | Field | Value |
diff --git a/bin/Bitcoin.py b/bin/Bitcoin.py
index a84aae3c..a3cfcfc7 100755
--- a/bin/Bitcoin.py
+++ b/bin/Bitcoin.py
@@ -21,6 +21,7 @@ from pubsublogger import publisher
 
 import re
 import time
+import redis
 
 from hashlib import sha256
 
@@ -58,7 +59,7 @@ def search_key(content, message, paste):
                         print('Bitcoin private key found : {}'.format(private_key))
                         key = True
                 # build bitcoin correlation
-                save_bitcoin_data(date, message, address):
+                save_cryptocurrency_data('bitcoin', date, message, address)
 
         if(validate_address):
             p.populate_set_out(message, 'Duplicate')
@@ -78,7 +79,7 @@ def search_key(content, message, paste):
                 publisher.warning('{}Detected {} Bitcoin private key;{}'.format(
                     to_print, len(bitcoin_private_key),paste.p_rel_path))
 
-def save_bitcoin_data(cryptocurrency_name, date, item_path, cryptocurrency_address):
+def save_cryptocurrency_data(cryptocurrency_name, date, item_path, cryptocurrency_address):
     # create basic medata
     if not serv_metadata.exists('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address)):
         serv_metadata.hset('cryptocurrency_metadata_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), 'first_seen', date)
@@ -95,7 +96,7 @@ def save_bitcoin_data(cryptocurrency_name, date, item_path, cryptocurrency_addre
     serv_metadata.sadd('set_cryptocurrency_{}:{}'.format(cryptocurrency_name, cryptocurrency_address), item_path)
 
     # daily
-    serv_metadata.hincrby('cryptocurrency_{}:{}'.format(cryptocurrency_name, date), cryptocurrency_address, 1)
+    serv_metadata.hincrby('cryptocurrency:{}:{}'.format(cryptocurrency_name, date), cryptocurrency_address, 1)
 
     # all type
     serv_metadata.zincrby('cryptocurrency_all:{}'.format(cryptocurrency_name), cryptocurrency_address, 1)
@@ -112,6 +113,12 @@ if __name__ == "__main__":
     # Setup the I/O queues
     p = Process(config_section)
 
+    serv_metadata = redis.StrictRedis(
+        host=p.config.get("ARDB_Metadata", "host"),
+        port=p.config.getint("ARDB_Metadata", "port"),
+        db=p.config.getint("ARDB_Metadata", "db"),
+        decode_responses=True)
+
     # Sent to the logging a description of the module
     publisher.info("Run Keys module ")
 
diff --git a/bin/PgpDump.py b/bin/PgpDump.py
index f46cbce9..b982b9c5 100755
--- a/bin/PgpDump.py
+++ b/bin/PgpDump.py
@@ -90,28 +90,28 @@ def extract_id_from_output(pgp_dump_outpout):
 
 def save_pgp_data(type_pgp, date, item_path, data):
     # create basic medata
-    if not serv_metadata.exists('pgp_{}:{}'.format(type_pgp, data)):
-        serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'first_seen', date)
-        serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+    if not serv_metadata.exists('pgpdump_metadata_{}:{}'.format(type_pgp, data)):
+        serv_metadata.hset('pgpdump_metadata_{}:{}'.format(type_pgp, data), 'first_seen', date)
+        serv_metadata.hset('pgpdump_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
     else:
-        last_seen = serv_metadata.hget('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen')
+        last_seen = serv_metadata.hget('pgpdump_metadata_{}:{}'.format(type_pgp, data), 'last_seen')
         if not last_seen:
-            serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+            serv_metadata.hset('pgpdump_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
         else:
             if int(last_seen) < int(date):
-                serv_metadata.hset('pgp_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
+                serv_metadata.hset('pgpdump_metadata_{}:{}'.format(type_pgp, data), 'last_seen', date)
 
     # global set
-    serv_metadata.sadd('pgp_{}:{}'.format(type_pgp, data), item_path)
+    serv_metadata.sadd('set_pgpdump_{}:{}'.format(type_pgp, data), item_path)
 
     # daily
-    serv_metadata.hincrby('pgp:{}:{}'.format(type_pgp, date), data, 1)
+    serv_metadata.hincrby('pgpdump:{}:{}'.format(type_pgp, date), data, 1)
 
     # all type
-    serv_metadata.zincrby('pgp_all:{}'.format(type_pgp), data, 1)
+    serv_metadata.zincrby('pgpdump_all:{}'.format(type_pgp), data, 1)
 
     # item_metadata
-    serv_metadata.sadd('item_pgp_{}:{}'.format(type_pgp, item_path), data)
+    serv_metadata.sadd('item_pgpdump_{}:{}'.format(type_pgp, item_path), data)
 
 
 if __name__ == '__main__':
diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index 28747bc2..597190c1 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -31,6 +31,10 @@ PASTES_FOLDER = Flask_config.PASTES_FOLDER
 
 hashDecoded = Blueprint('hashDecoded', __name__, template_folder='templates')
 
+## TODO: put me in option
+all_cryptocurrency = ['bitcoin', 'monero']
+all_pgpdump = ['key', 'name', 'mail']
+
 # ============ FUNCTIONS ============
 
 def get_date_range(num_day):
@@ -62,15 +66,6 @@ def list_sparkline_values(date_range_sparkline, hash):
         sparklines_value.append(int(nb_seen_this_day))
     return sparklines_value
 
-def list_sparkline_pgp_values(date_range_sparkline, type_id, key_id):
-    sparklines_value = []
-    for date_day in date_range_sparkline:
-        nb_seen_this_day = r_serv_metadata.hget('pgp:{}:{}'.format(type_id, date_day), key_id)
-        if nb_seen_this_day is None:
-            nb_seen_this_day = 0
-        sparklines_value.append(int(nb_seen_this_day))
-    return sparklines_value
-
 def get_file_icon(estimated_type):
     file_type = estimated_type.split('/')[0]
     # set file icon
@@ -103,63 +98,98 @@ def get_file_icon_text(estimated_type):
 
     return file_icon_text
 
-def get_pgp_id_icon_text(type_id):
-    # set type_id icon
-    if type_id == 'key':
-        file_icon_text = '\uf084'
-    elif type_id == 'name':
-        file_icon_text = '\uf507'
-    elif type_id == 'mail':
-        file_icon_text = '\uf1fa'
-    else:
-        file_icon_text = '\uf249'
-    return file_icon_text
+def get_icon(correlation_type, type_id):
+    icon_text =  'fas fa-sticky-note'
+    if correlation_type == 'pgpdump':
+        # set type_id icon
+        if type_id == 'key':
+            icon_text = 'fas fa-key'
+        elif type_id == 'name':
+            icon_text = 'fas fa-user-tag'
+        elif type_id == 'mail':
+            icon_text = 'fas fa-at'
+        else:
+            icon_text = 'times'
+    elif correlation_type == 'cryptocurrency':
+        if type_id == 'bitcoin':
+            icon_text = 'fab fa-btc'
+        elif type_id == 'monero':
+            icon_text = 'fab fa-monero'
+        elif type_id == 'ethereum':
+            icon_text = 'fab fa-ethereum'
+        else:
+            icon_text = 'fas fa-coins'
+    return icon_text
 
-def get_pgp_icon(type_id):
-    # set type_id icon
-    if type_id == 'key':
-        pgp_icon_text = 'key'
-    elif type_id == 'name':
-        pgp_icon_text = 'user-tag'
-    elif type_id == 'mail':
-        pgp_icon_text = 'at'
-    else:
-        pgp_icon_text = 'times'
-    return pgp_icon_text
+def get_icon_text(correlation_type, type_id):
+    icon_text = '\uf249'
+    if correlation_type == 'pgpdump':
+        if type_id == 'key':
+            icon_text = '\uf084'
+        elif type_id == 'name':
+            icon_text = '\uf507'
+        elif type_id == 'mail':
+            icon_text = '\uf1fa'
+        else:
+            icon_text = 'times'
+    elif correlation_type == 'cryptocurrency':
+        if type_id == 'bitcoin':
+            icon_text = '\uf15a'
+        elif type_id == 'monero':
+            icon_text = '\uf3d0'
+        elif type_id == 'ethereum':
+            icon_text = '\uf42e'
+        else:
+            icon_text = '\uf51e'
+    return icon_text
 
-def verify_pgp_type_id(type_id):
-    if type_id in ['key', 'name', 'mail']:
+def get_all_types_id(correlation_type):
+    if correlation_type  == 'pgpdump':
+        return all_pgpdump
+    elif correlation_type == 'cryptocurrency':
+        return all_cryptocurrency
+    else:
+        return []
+
+def is_valid_type_id(correlation_type, type_id):
+    all_type_id = get_all_types_id(correlation_type)
+    if type_id in all_type_id:
         return True
     else:
         return False
 
-def get_key_id_metadata(type_id, key_id):
+def get_key_id_metadata(correlation_type, type_id, key_id):
     key_id_metadata = {}
-    if r_serv_metadata.exists('pgp_metadata_{}:{}'.format(type_id, key_id)):
-        key_id_metadata['first_seen'] = r_serv_metadata.hget('pgp_metadata_{}:{}'.format(type_id, key_id), 'first_seen')
+    if r_serv_metadata.exists('{}_metadata_{}:{}'.format(correlation_type, type_id, key_id)):
+        key_id_metadata['first_seen'] = r_serv_metadata.hget('{}_metadata_{}:{}'.format(correlation_type, type_id, key_id), 'first_seen')
         key_id_metadata['first_seen'] = '{}/{}/{}'.format(key_id_metadata['first_seen'][0:4], key_id_metadata['first_seen'][4:6], key_id_metadata['first_seen'][6:8])
-        key_id_metadata['last_seen'] = r_serv_metadata.hget('pgp_metadata_{}:{}'.format(type_id, key_id), 'last_seen')
+        key_id_metadata['last_seen'] = r_serv_metadata.hget('{}_metadata_{}:{}'.format(correlation_type, type_id, key_id), 'last_seen')
         key_id_metadata['last_seen'] = '{}/{}/{}'.format(key_id_metadata['last_seen'][0:4], key_id_metadata['last_seen'][4:6], key_id_metadata['last_seen'][6:8])
-        key_id_metadata['nb_seen'] = r_serv_metadata.scard('pgp_{}:{}'.format(type_id, key_id))
+        key_id_metadata['nb_seen'] = r_serv_metadata.scard('set_{}_{}:{}'.format(correlation_type, type_id, key_id))
     return key_id_metadata
 
-def get_all_pgp_from_item(item_path):
-    all_pgp_dump = set()
+def list_sparkline_type_id_values(date_range_sparkline, correlation_type, type_id, key_id):
+    sparklines_value = []
+    for date_day in date_range_sparkline:
+        nb_seen_this_day = r_serv_metadata.hget('{}:{}:{}'.format(correlation_type, type_id, date_day), key_id)
+        if nb_seen_this_day is None:
+            nb_seen_this_day = 0
+        sparklines_value.append(int(nb_seen_this_day))
+    return sparklines_value
+
+def get_all_keys_id_from_item(correlation_type, item_path):
+    all_keys_id_dump = set()
     if item_path is not None:
-        res = r_serv_metadata.smembers('item_pgp_key:{}'.format(item_path))
-        for pgp_dump in res:
-            all_pgp_dump.add( (pgp_dump, 'key') )
-        res = r_serv_metadata.smembers('item_pgp_name:{}'.format(item_path))
-        for pgp_dump in res:
-            all_pgp_dump.add( (pgp_dump, 'name') )
-        res = r_serv_metadata.smembers('item_pgp_mail:{}'.format(item_path))
-        for pgp_dump in res:
-            all_pgp_dump.add( (pgp_dump, 'mail') )
-    return all_pgp_dump
+        for type_id in get_all_types_id(correlation_type):
+            res = r_serv_metadata.smembers('item_{}_{}:{}'.format(correlation_type, type_id, item_path))
+            for key_id in res:
+                all_keys_id_dump.add( (key_id, type_id) )
+    return all_keys_id_dump
 
 def one():
     return 1
 
+'''
 def decode_base58(bc, length):
     n = 0
     for char in bc:
@@ -172,25 +202,275 @@ def check_bc(bc):
         return bcbytes[-4:] == sha256(sha256(bcbytes[:-4]).digest()).digest()[:4]
     except Exception:
         return False
+'''
 
-def get_bitcoin_address_metadata(bitcoin_address):
-    address_metadata = {}
-    if r_serv_metadata.exists('bitcoin_metadata:{}'.format(bitcoin_address)):
-        address_metadata['first_seen'] = r_serv_metadata.hget('bitcoin_metadata:{}'.format(bitcoin_address), 'first_seen')
-        address_metadata['first_seen'] = '{}/{}/{}'.format(address_metadata['first_seen'][0:4], address_metadata['first_seen'][4:6], address_metadata['first_seen'][6:8])
-        address_metadata['last_seen'] = r_serv_metadata.hget('bitcoin_metadata:{}'.format(bitcoin_address), 'last_seen')
-        address_metadata['last_seen'] = '{}/{}/{}'.format(address_metadata['last_seen'][0:4], address_metadata['last_seen'][4:6], address_metadata['last_seen'][6:8])
-        address_metadata['nb_seen'] = r_serv_metadata.scard('bitcoin:{}'.format(bitcoin_address))
-    return address_metadata
+def get_correlation_type_search_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.all_pgpdump_search'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.all_cryptocurrency_search'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
 
-def list_sparkline_bitcoin_values(date_range_sparkline, bitcoin_address):
-    sparklines_value = []
-    for date_day in date_range_sparkline:
-        nb_seen_this_day = r_serv_metadata.hget('bitcoin:{}'.format(bitcoin_address), bitcoin_address)
-        if nb_seen_this_day is None:
-            nb_seen_this_day = 0
-        sparklines_value.append(int(nb_seen_this_day))
-    return sparklines_value
+def get_correlation_type_page_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.pgpdump_page'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.cryptocurrency_page'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
+
+def get_show_key_id_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.show_pgpdump'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.show_cryptocurrency'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
+
+def get_range_type_json_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.pgpdump_range_type_json'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.cryptocurrency_range_type_json'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
+
+def get_graph_node_json_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.pgpdump_graph_node_json'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.cryptocurrency_graph_node_json'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
+
+def get_graph_line_json_endpoint(correlation_type):
+    if correlation_type == 'pgpdump':
+        endpoint = 'hashDecoded.pgpdump_graph_line_json'
+    elif correlation_type == 'cryptocurrency':
+        endpoint = 'hashDecoded.cryptocurrency_graph_line_json'
+    else:
+        endpoint = 'hashDecoded.hashDecoded_page'
+    return endpoint
+
+def get_font_family(correlation_type):
+    if correlation_type == 'pgpdump':
+        font = 'fa'
+    elif correlation_type == 'cryptocurrency':
+        font = 'fab'
+    else:
+        font = 'fa'
+    return font
+
+############ CORE CORRELATION ############
+
+def main_correlation_page(correlation_type, type_id, date_from, date_to, show_decoded_files):
+
+    if type_id == 'All types':
+        type_id = None
+
+    # verify type input
+    if type_id is not None:
+        #retrieve char
+        type_id = type_id.replace(' ', '')
+        if not is_valid_type_id(correlation_type, type_id):
+            type_id = None
+
+    date_range = []
+    if date_from is not None and date_to is not None:
+        #change format
+        try:
+            if len(date_from) != 8:
+                date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
+                date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
+            date_range = substract_date(date_from, date_to)
+        except:
+            pass
+
+    if not date_range:
+        date_range.append(datetime.date.today().strftime("%Y%m%d"))
+        date_from = date_range[0][0:4] + '-' + date_range[0][4:6] + '-' + date_range[0][6:8]
+        date_to = date_from
+
+    else:
+        date_from = date_from[0:4] + '-' + date_from[4:6] + '-' + date_from[6:8]
+        date_to = date_to[0:4] + '-' + date_to[4:6] + '-' + date_to[6:8]
+
+    # display day type bar chart
+    if len(date_range) == 1 and type is None:
+        daily_type_chart = True
+        daily_date = date_range[0]
+    else:
+        daily_type_chart = False
+        daily_date = None
+
+    if type_id is None:
+        all_type_id = get_all_types_id(correlation_type)
+    else:
+        all_type_id = type_id
+
+    l_keys_id_dump = set()
+    if show_decoded_files:
+        for date in date_range:
+            if isinstance(all_type_id, str):
+                l_dump = r_serv_metadata.hkeys('{}:{}:{}'.format(correlation_type, all_type_id, date))
+                if l_dump:
+                    for dump in l_dump:
+                        l_keys_id_dump.add( (dump, all_type_id) )
+            else:
+                for typ_id in all_type_id:
+                    l_dump = r_serv_metadata.hkeys('{}:{}:{}'.format(correlation_type, typ_id, date))
+                    if l_dump:
+                        for dump in l_dump:
+                            l_keys_id_dump.add( (dump, typ_id) )
+
+
+    num_day_sparkline = 6
+    date_range_sparkline = get_date_range(num_day_sparkline)
+
+    sparkline_id = 0
+    keys_id_metadata = {}
+    for dump_res in l_keys_id_dump:
+        new_key_id, typ_id = dump_res
+
+        keys_id_metadata[new_key_id] = get_key_id_metadata(correlation_type, typ_id, new_key_id)
+
+        if keys_id_metadata[new_key_id]:
+            keys_id_metadata[new_key_id]['type_id'] = typ_id
+            keys_id_metadata[new_key_id]['type_icon'] = get_icon(correlation_type, typ_id)
+
+            keys_id_metadata[new_key_id]['sparklines_data'] = list_sparkline_type_id_values(date_range_sparkline, correlation_type, typ_id, new_key_id)
+            keys_id_metadata[new_key_id]['sparklines_id'] = sparkline_id
+            sparkline_id += 1
+
+    l_type = get_all_types_id(correlation_type)
+
+    return render_template("DaysCorrelation.html", all_metadata=keys_id_metadata,
+                                                correlation_type=correlation_type,
+                                                correlation_type_endpoint=get_correlation_type_page_endpoint(correlation_type),
+                                                correlation_type_search_endpoint=get_correlation_type_search_endpoint(correlation_type),
+                                                show_key_id_endpoint=get_show_key_id_endpoint(correlation_type),
+                                                range_type_json_endpoint=get_range_type_json_endpoint(correlation_type),
+                                                l_type=l_type, type_id=type_id,
+                                                daily_type_chart=daily_type_chart, daily_date=daily_date,
+                                                date_from=date_from, date_to=date_to,
+                                                show_decoded_files=show_decoded_files)
+
+def show_correlation(correlation_type, type_id, key_id):
+    if is_valid_type_id(correlation_type, type_id):
+        key_id_metadata = get_key_id_metadata(correlation_type, type_id, key_id)
+        if key_id_metadata:
+
+            num_day_sparkline = 6
+            date_range_sparkline = get_date_range(num_day_sparkline)
+
+            sparkline_values = list_sparkline_type_id_values(date_range_sparkline, correlation_type, type_id, key_id)
+            return render_template('showCorrelation.html', key_id=key_id, type_id=type_id,
+                            correlation_type=correlation_type,
+                            graph_node_endpoint=get_graph_node_json_endpoint(correlation_type),
+                            graph_line_endpoint=get_graph_line_json_endpoint(correlation_type),
+                            font_family=get_font_family(correlation_type),
+                            key_id_metadata=key_id_metadata,
+                            type_icon=get_icon(correlation_type, type_id),
+                            sparkline_values=sparkline_values)
+        else:
+            return '404'
+    else:
+        return 'error'
+
+def correlation_type_range_type_json(correlation_type, date_from, date_to):
+    date_range = []
+    if date_from is not None and date_to is not None:
+        #change format
+        if len(date_from) != 8:
+            date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
+            date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
+        date_range = substract_date(date_from, date_to)
+
+    if not date_range:
+        date_range.append(datetime.date.today().strftime("%Y%m%d"))
+
+    range_type = []
+    all_types_id = get_all_types_id(correlation_type)
+
+    # one day
+    if len(date_range) == 1:
+        for type_id in all_types_id:
+            day_type = {}
+            # init 0
+            for typ_id in all_types_id:
+                day_type[typ_id] = 0
+            day_type['date'] = type_id
+            num_day_type_id = 0
+            all_keys = r_serv_metadata.hvals('{}:{}:{}'.format(correlation_type, type_id, date_range[0]))
+            if all_keys:
+                for val in all_keys:
+                    num_day_type_id += int(val)
+            day_type[type_id]= num_day_type_id
+
+            #if day_type[type_id] != 0:
+            range_type.append(day_type)
+
+    else:
+        # display type_id
+        for date in date_range:
+            day_type = {}
+            day_type['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+            for type_id in all_types_id:
+                num_day_type_id = 0
+                all_keys = r_serv_metadata.hvals('{}:{}:{}'.format(correlation_type, type_id, date))
+                if all_keys:
+                    for val in all_keys:
+                        num_day_type_id += int(val)
+                day_type[type_id]= num_day_type_id
+            range_type.append(day_type)
+
+    return jsonify(range_type)
+
+def correlation_graph_node_json(correlation_type, type_id, key_id):
+    if key_id is not None and is_valid_type_id(correlation_type, type_id):
+
+        nodes_set_dump = set()
+        nodes_set_paste = set()
+        links_set = set()
+
+        key_id_metadata = get_key_id_metadata(correlation_type, type_id, key_id)
+
+        nodes_set_dump.add((key_id, 1, type_id, key_id_metadata['first_seen'], key_id_metadata['last_seen'], key_id_metadata['nb_seen']))
+
+        #get related paste
+        l_pastes = r_serv_metadata.smembers('set_{}_{}:{}'.format(correlation_type, type_id, key_id))
+        for paste in l_pastes:
+            nodes_set_paste.add((paste, 2))
+            links_set.add((key_id, paste))
+
+            for key_id_with_type_id in get_all_keys_id_from_item(correlation_type, paste):
+                new_key_id, typ_id = key_id_with_type_id
+                if new_key_id != key_id:
+
+                    key_id_metadata = get_key_id_metadata(correlation_type, typ_id, new_key_id)
+
+                    nodes_set_dump.add((new_key_id, 3, typ_id, key_id_metadata['first_seen'], key_id_metadata['last_seen'], key_id_metadata['nb_seen']))
+                    links_set.add((new_key_id, paste))
+
+        nodes = []
+        for node in nodes_set_dump:
+            nodes.append({"id": node[0], "group": node[1], "first_seen": node[3], "last_seen": node[4], "nb_seen_in_paste": node[5], 'icon': get_icon_text(correlation_type, node[2]),"url": url_for(get_show_key_id_endpoint(correlation_type), hash=node[0]), 'hash': True})
+        for node in nodes_set_paste:
+            nodes.append({"id": node[0], "group": node[1],"url": url_for('showsavedpastes.showsavedpaste', paste=node[0]), 'hash': False})
+        links = []
+        for link in links_set:
+            links.append({"source": link[0], "target": link[1]})
+        json = {"nodes": nodes, "links": links}
+        return jsonify(json)
+
+    else:
+        return jsonify({})
 
 # ============= ROUTES ==============
 @hashDecoded.route("/hashDecoded/all_hash_search", methods=['POST'])
@@ -202,15 +482,6 @@ def all_hash_search():
     show_decoded_files = request.form.get('show_decoded_files')
     return redirect(url_for('hashDecoded.hashDecoded_page', date_from=date_from, date_to=date_to, type=type, encoding=encoding, show_decoded_files=show_decoded_files))
 
-@hashDecoded.route("/hashDecoded/all_pgp_dump_search", methods=['POST'])
-def all_pgp_dump_search():
-    date_from = request.form.get('date_from')
-    date_to = request.form.get('date_to')
-    type_id = request.form.get('type')
-    show_decoded_files = request.form.get('show_decoded_files')
-    return redirect(url_for('hashDecoded.pgpdump_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files))
-
-
 @hashDecoded.route("/hashDecoded/", methods=['GET'])
 def hashDecoded_page():
     date_from = request.args.get('date_from')
@@ -813,253 +1084,6 @@ def update_vt_result():
 
 ############################ PGPDump ############################
 
-@hashDecoded.route("/decoded/pgpdump", methods=['GET'])
-def pgpdump_page():
-    date_from = request.args.get('date_from')
-    date_to = request.args.get('date_to')
-    type_id = request.args.get('type_id')
-
-    show_decoded_files = request.args.get('show_decoded_files')
-
-    if type_id == 'All types':
-        type_id = None
-
-    # verify type input
-    if type_id is not None:
-        #retrieve char
-        type_id = type_id.replace(' ', '')
-        if not verify_pgp_type_id(type_id):
-            type_id = None
-
-    date_range = []
-    if date_from is not None and date_to is not None:
-        #change format
-        try:
-            if len(date_from) != 8:
-                date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
-                date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
-            date_range = substract_date(date_from, date_to)
-        except:
-            pass
-
-    if not date_range:
-        date_range.append(datetime.date.today().strftime("%Y%m%d"))
-        date_from = date_range[0][0:4] + '-' + date_range[0][4:6] + '-' + date_range[0][6:8]
-        date_to = date_from
-
-    else:
-        date_from = date_from[0:4] + '-' + date_from[4:6] + '-' + date_from[6:8]
-        date_to = date_to[0:4] + '-' + date_to[4:6] + '-' + date_to[6:8]
-
-    # display day type bar chart
-    if len(date_range) == 1 and type is None:
-        daily_type_chart = True
-        daily_date = date_range[0]
-    else:
-        daily_type_chart = False
-        daily_date = None
-
-    if type_id is None:
-        all_type_id = ['key', 'name', 'mail']
-    else:
-        all_type_id = type_id
-
-    l_pgp_dump = set()
-    if show_decoded_files:
-        for date in date_range:
-            if isinstance(all_type_id, str):
-                l_dump = r_serv_metadata.hkeys('pgp:{}:{}'.format(all_type_id, date))
-                if l_dump:
-                    for dump in l_dump:
-                        l_pgp_dump.add( (dump, all_type_id) )
-            else:
-                for typ_id in all_type_id:
-                    l_dump = r_serv_metadata.hkeys('pgp:{}:{}'.format(typ_id, date))
-                    if l_dump:
-                        for dump in l_dump:
-                            l_pgp_dump.add( (dump, typ_id) )
-
-
-    num_day_sparkline = 6
-    date_range_sparkline = get_date_range(num_day_sparkline)
-
-    sparkline_id = 0
-    pgp_metadata = {}
-    for dump_res in l_pgp_dump:
-        dump_id, typ_id = dump_res
-
-        pgp_metadata[dump_id] = get_key_id_metadata(typ_id, dump_id)
-
-        if pgp_metadata[dump_id]:
-            pgp_metadata[dump_id]['type_id'] = typ_id
-            pgp_metadata[dump_id]['type_icon'] = get_pgp_icon(typ_id)
-
-            pgp_metadata[dump_id]['sparklines_data'] = list_sparkline_pgp_values(date_range_sparkline, typ_id, dump_id)
-            pgp_metadata[dump_id]['sparklines_id'] = sparkline_id
-            sparkline_id += 1
-
-    l_type = ['key', 'name', 'mail']
-
-    return render_template("PgpDecoded.html", l_pgpdump=pgp_metadata,
-                                                l_type=l_type, type_id=type_id, daily_type_chart=daily_type_chart, daily_date=daily_date,
-                                                date_from=date_from, date_to=date_to, show_decoded_files=show_decoded_files)
-
-
-
-
-
-@hashDecoded.route('/decoded/show_pgpdump')
-def show_pgpdump():
-    type_id = request.args.get('type_id')
-    key_id = request.args.get('key_id')
-
-    if verify_pgp_type_id(type_id):
-        key_id_metadata = get_key_id_metadata(type_id, key_id)
-        if key_id_metadata:
-
-            num_day_sparkline = 6
-            date_range_sparkline = get_date_range(num_day_sparkline)
-
-            sparkline_values = list_sparkline_pgp_values(date_range_sparkline, type_id, key_id)
-            return render_template('showPgpDump.html', key_id=key_id, type_id=type_id,
-                            key_id_metadata=key_id_metadata,
-                            sparkline_values=sparkline_values)
-        else:
-            return '404'
-    else:
-        return 'error'
-
-@hashDecoded.route('/decoded/pgp_dump_graph_node_json')
-def pgp_dump_graph_node_json():
-    type_id = request.args.get('type_id')
-    key_id = request.args.get('key_id')
-
-    if key_id is not None and verify_pgp_type_id(type_id):
-
-        nodes_set_pgp_dump = set()
-        nodes_set_paste = set()
-        links_set = set()
-
-        pgp_id_metadata = get_key_id_metadata(type_id, key_id)
-
-        #key_id = '</b><script>alert("Hello! I am an alert box!!");</script>'
-
-        nodes_set_pgp_dump.add((key_id, 1, type_id, pgp_id_metadata['first_seen'], pgp_id_metadata['last_seen'], pgp_id_metadata['nb_seen']))
-
-        #get related paste
-        l_pastes = r_serv_metadata.smembers('pgp_{}:{}'.format(type_id, key_id))
-        for paste in l_pastes:
-            nodes_set_paste.add((paste, 2))
-            links_set.add((key_id, paste))
-
-            l_pgpdump = get_all_pgp_from_item(paste)
-            for pgp_dump_with_type in l_pgpdump:
-                pgp_dump, pgp_type_id = pgp_dump_with_type
-                if pgp_dump != key_id:
-
-                    pgp_id_metadata = get_key_id_metadata(pgp_type_id, pgp_dump)
-
-                    nodes_set_pgp_dump.add((pgp_dump, 3, pgp_type_id, pgp_id_metadata['first_seen'], pgp_id_metadata['last_seen'], pgp_id_metadata['nb_seen']))
-                    links_set.add((pgp_dump, paste))
-
-        nodes = []
-        for node in nodes_set_pgp_dump:
-            nodes.append({"id": node[0], "group": node[1], "first_seen": node[3], "last_seen": node[4], "nb_seen_in_paste": node[5], 'icon': get_pgp_id_icon_text(node[2]),"url": url_for('hashDecoded.showHash', hash=node[0]), 'hash': True})
-        for node in nodes_set_paste:
-            nodes.append({"id": node[0], "group": node[1],"url": url_for('showsavedpastes.showsavedpaste', paste=node[0]), 'hash': False})
-        links = []
-        for link in links_set:
-            links.append({"source": link[0], "target": link[1]})
-        json = {"nodes": nodes, "links": links}
-        return jsonify(json)
-
-    else:
-        return jsonify({})
-
-@hashDecoded.route('/hashDecoded/pgp_graph_line_json')
-def pgp_graph_line_json():
-    type_id = request.args.get('type_id')
-    key_id = request.args.get('key_id')
-    date_from = request.args.get('date_from')
-    date_to = request.args.get('date_to')
-
-    # verify input
-    if key_id is not None and verify_pgp_type_id(type_id) and r_serv_metadata.exists('pgp_metadata_{}:{}'.format(type_id, key_id)):
-
-        if date_from is None or date_to is None:
-            nb_days_seen_in_pastes = 30
-        else:
-            # # TODO: # FIXME:
-            nb_days_seen_in_pastes = 30
-
-        date_range_seen_in_pastes = get_date_range(nb_days_seen_in_pastes)
-
-        json_seen_in_paste = []
-        for date in date_range_seen_in_pastes:
-            nb_seen_this_day = r_serv_metadata.zscore('hash_date:'+date, hash)
-            if nb_seen_this_day is None:
-                nb_seen_this_day = 0
-            date = date[0:4] + '-' + date[4:6] + '-' + date[6:8]
-            json_seen_in_paste.append({'date': date, 'value': int(nb_seen_this_day)})
-
-        return jsonify(json_seen_in_paste)
-    else:
-        return jsonify()
-
-@hashDecoded.route('/decoded/pgp_range_type_json')
-def pgp_range_type_json():
-    date_from = request.args.get('date_from')
-    date_to = request.args.get('date_to')
-
-    date_range = []
-    if date_from is not None and date_to is not None:
-        #change format
-        if len(date_from) != 8:
-            date_from = date_from[0:4] + date_from[5:7] + date_from[8:10]
-            date_to = date_to[0:4] + date_to[5:7] + date_to[8:10]
-        date_range = substract_date(date_from, date_to)
-
-    if not date_range:
-        date_range.append(datetime.date.today().strftime("%Y%m%d"))
-
-    range_type = []
-
-    list_type_id = ['key', 'name', 'mail']
-
-
-    if len(date_range) == 1:
-        for type_id in list_type_id:
-            day_type = {}
-            day_type['key'] = 0
-            day_type['name'] = 0
-            day_type['mail'] = 0
-            day_type['date'] = type_id
-            num_day_type_id = 0
-            all_keys = r_serv_metadata.hvals('pgp:{}:{}'.format(type_id, date_range[0]))
-            if all_keys:
-                for val in all_keys:
-                    num_day_type_id += int(val)
-            day_type[type_id]= num_day_type_id
-
-            #if day_type[type_id] != 0:
-            range_type.append(day_type)
-
-    else:
-        # display type_id
-        for date in date_range:
-            day_type = {}
-            day_type['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8]
-            for type_id in list_type_id:
-                num_day_type_id = 0
-                all_keys = r_serv_metadata.hvals('pgp:{}:{}'.format(type_id, date))
-                if all_keys:
-                    for val in all_keys:
-                        num_day_type_id += int(val)
-                day_type[type_id]= num_day_type_id
-            range_type.append(day_type)
-
-    return jsonify(range_type)
-
 @hashDecoded.route('/decoded/pgp_by_type_json') ## TODO: REFRACTOR
 def pgp_by_type_json():
     type_id = request.args.get('type_id')
@@ -1103,29 +1127,119 @@ def pgp_by_type_json():
     else:
         return jsonify()
 
-############################ Bitcoin ############################
-'''
-@hashDecoded.route('/correlation/show_bitcoin_address')
-def show_bitcoin_address():
-    bitcoin_address = request.args.get('bitcoin_address')
+############################ Correlation ############################
+@hashDecoded.route("/correlation/pgpdump", methods=['GET'])
+def pgpdump_page():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    type_id = request.args.get('type_id')
 
-    # validate user input
-    if check_bc(bitcoin_address):
-        bitcoin_address_metadata = get_bitcoin_address_metadata(bitcoin_address)
-        if bitcoin_address_metadata:
+    show_decoded_files = request.args.get('show_decoded_files')
+    res = main_correlation_page('pgpdump', type_id, date_from, date_to, show_decoded_files)
+    return res
 
-            num_day_sparkline = 6
-            date_range_sparkline = get_date_range(num_day_sparkline)
+@hashDecoded.route("/correlation/cryptocurrency", methods=['GET'])
+def cryptocurrency_page():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    type_id = request.args.get('type_id')
 
-            sparkline_values = list_sparkline_bitcoin_values(date_range_sparkline, bitcoin_address)
-            return render_template('showPgpDump.html', bitcoin_address=bitcoin_address,
-                            key_id_metadata=bitcoin_address_metadata,
-                            sparkline_values=sparkline_values)
+    show_decoded_files = request.args.get('show_decoded_files')
+    res = main_correlation_page('cryptocurrency', type_id, date_from, date_to, show_decoded_files)
+    return res
+
+@hashDecoded.route("/correlation/all_pgpdump_search", methods=['POST'])
+def all_pgpdump_search():
+    date_from = request.form.get('date_from')
+    date_to = request.form.get('date_to')
+    type_id = request.form.get('type')
+    show_decoded_files = request.form.get('show_decoded_files')
+    return redirect(url_for('hashDecoded.pgpdump_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files))
+
+@hashDecoded.route("/correlation/all_cryptocurrency_search", methods=['POST'])
+def all_cryptocurrency_search():
+    date_from = request.form.get('date_from')
+    date_to = request.form.get('date_to')
+    type_id = request.form.get('type')
+    show_decoded_files = request.form.get('show_decoded_files')
+    return redirect(url_for('hashDecoded.cryptocurrency_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files))
+
+@hashDecoded.route('/correlation/show_pgpdump')
+def show_pgpdump():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    return show_correlation('pgpdump', type_id, key_id)
+
+
+@hashDecoded.route('/correlation/show_cryptocurrency')
+def show_cryptocurrency():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    return show_correlation('cryptocurrency', type_id, key_id)
+
+@hashDecoded.route('/correlation/cryptocurrency_range_type_json')
+def cryptocurrency_range_type_json():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    return correlation_type_range_type_json('cryptocurrency', date_from, date_to)
+
+@hashDecoded.route('/correlation/pgpdump_range_type_json')
+def pgpdump_range_type_json():
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    return correlation_type_range_type_json('pgpdump', date_from, date_to)
+
+@hashDecoded.route('/correlation/pgpdump_graph_node_json')
+def pgpdump_graph_node_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    return correlation_graph_node_json('pgpdump', type_id, key_id)
+
+@hashDecoded.route('/correlation/cryptocurrency_graph_node_json')
+def cryptocurrency_graph_node_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    return correlation_graph_node_json('cryptocurrency', type_id, key_id)
+
+@hashDecoded.route('/correlation/pgpdump_graph_line_json')
+def pgpdump_graph_line_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    return correlation_graph_line_json('pgpdump', type_id, key_id, date_from, date_to)
+
+def correlation_graph_line_json(correlation_type, type_id, key_id, date_from, date_to):
+    # verify input
+    if key_id is not None and is_valid_type_id(correlation_type, type_id) and r_serv_metadata.exists('{}_metadata_{}:{}'.format(correlation_type, type_id, key_id)):
+
+        if date_from is None or date_to is None:
+            nb_days_seen_in_pastes = 30
         else:
-            return '404'
+            # # TODO: # FIXME:
+            nb_days_seen_in_pastes = 30
+
+        date_range_seen_in_pastes = get_date_range(nb_days_seen_in_pastes)
+
+        json_seen_in_paste = []
+        for date in date_range_seen_in_pastes:
+            nb_seen_this_day = r_serv_metadata.hget('{}:{}:{}'.format(correlation_type, type_id, date), key_id)
+            if nb_seen_this_day is None:
+                nb_seen_this_day = 0
+            date = date[0:4] + '-' + date[4:6] + '-' + date[6:8]
+            json_seen_in_paste.append({'date': date, 'value': int(nb_seen_this_day)})
+
+        return jsonify(json_seen_in_paste)
     else:
-        return 'error'
-'''
+        return jsonify()
+
+@hashDecoded.route('/correlation/cryptocurrency_graph_line_json')
+def cryptocurrency_graph_line_json():
+    type_id = request.args.get('type_id')
+    key_id = request.args.get('key_id')
+    date_from = request.args.get('date_from')
+    date_to = request.args.get('date_to')
+    return correlation_graph_line_json('cryptocurrency', type_id, key_id, date_from, date_to)
 
 # ========= REGISTRATION =========
 app.register_blueprint(hashDecoded, url_prefix=baseUrl)
diff --git a/var/www/modules/hashDecoded/templates/DaysCorrelation.html b/var/www/modules/hashDecoded/templates/DaysCorrelation.html
new file mode 100644
index 00000000..84868f22
--- /dev/null
+++ b/var/www/modules/hashDecoded/templates/DaysCorrelation.html
@@ -0,0 +1,660 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <title>Decoded - AIL</title>
+	<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
+
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
+
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
+	<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
+
+	<style>
+		.input-group .form-control {
+			position: unset;
+		}
+		.line {
+  		fill: none;
+  		stroke: #000;
+  		stroke-width: 2.0px;
+		}
+		.bar {
+      fill: steelblue;
+    }
+    .bar:hover{
+      fill: brown;
+			cursor: pointer;
+    }
+		.bar_stack:hover{
+			cursor: pointer;
+    }
+		.pie_path:hover{
+			cursor: pointer;
+		}
+		.svgText {
+  		pointer-events: none;
+		}
+		div.tooltip {
+			position: absolute;
+			text-align: center;
+			padding: 2px;
+			font: 12px sans-serif;
+			background: #ebf4fb;
+			border: 2px solid #b7ddf2;
+			border-radius: 8px;
+			pointer-events: none;
+			color: #000000;
+		}
+	</style>
+</head>
+<body>
+
+	{% include 'nav_bar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'decoded/menu_sidebar.html' %}
+
+			<div class="col-12 col-lg-10" id="core_content">
+
+				<div class="row">
+					<div class="col-xl-10">
+						<div class="mt-1" id="barchart_type">
+						</div>
+					</div>
+
+					<div class="col-xl-2">
+
+						<div class="card mb-3 mt-2" style="background-color:#d9edf7;">
+						  <div class="card-body text-center py-2">
+						    <h6 class="card-title" style="color:#286090;">Select a date range :</h5>
+								<form action="{{ url_for(correlation_type_search_endpoint) }}" id="hash_selector_form" method='post'>
+									<div class="input-group" id="date-range-from">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-from-input" placeholder="yyyy-mm-dd" value="{{ date_from }}" name="date_from" autocomplete="off">
+									</div>
+									<div class="input-group" id="date-range-to">
+										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
+										<input class="form-control" id="date-range-to-input" placeholder="yyyy-mm-dd" value="{{ date_to }}" name="date_to" autocomplete="off">
+									</div>
+									<div class="mt-1" style="font-size: 14px;color:#286090;">Type ID :</div>
+									<select class="custom-select" name="type">
+										<option>All types</option>
+										{% for typ in l_type %}
+											{% if type_id|string() == typ|string() %}
+											<option selected>{{ typ }}</option>
+											{% else %}
+											<option>{{ typ }}</option>
+											{% endif %}
+										{% endfor %}
+									</select>
+									<div class="form-check my-1">
+										<input class="form-check-input" type="checkbox" id="checkbox-input-show" name="show_decoded_files" value="True" {% if show_decoded_files %}checked{% endif %}>
+										<label class="form-check-label" for="checkbox-input-show">
+											<div style="color:#286090; font-size: 14px;">
+												Show {{correlation_type}} <i class="fas fa-key"></i>
+											</div>
+										</label>
+									</div>
+									<button class="btn btn-primary" style="text-align:center;">
+										<i class="fas fa-copy"></i> Search
+									</button>
+								<form>
+						  </div>
+						</div>
+
+						<div id="pie_chart_encoded">
+						</div>
+						<div id="pie_chart_top5_types">
+						</div>
+					</div>
+				</div>
+
+				{% if  all_metadata|length != 0 %}
+						{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }} {{correlation_type}}: </h3>
+						{% else %}
+							<h3> {{ date_from }} to {{ date_to }} {{correlation_type}}: </h3>
+						{% endif %}
+						<table id="tableb64" class="table table-striped table-bordered">
+							<thead class="bg-dark text-white">
+								<tr>
+										<th>type id</th>
+										<th>key id</th>
+										<th>first seen</th>
+										<th>last seen</th>
+										<th>nb paste</th>
+										<th>Sparkline</th>
+								</tr>
+							</thead>
+							<tbody style="font-size: 15px;">
+							{% for key_id in all_metadata %}
+									<tr>
+										<td><i class="{{ all_metadata[key_id]['type_icon'] }}"></i>&nbsp;&nbsp;{{ all_metadata[key_id]['type_id'] }}</td>
+										<td><a target="_blank" href="{{ url_for(show_key_id_endpoint) }}?type_id={{ all_metadata[key_id]['type_id'] }}&key_id={{ key_id }}">{{ key_id }}</a></td>
+										<td>{{ all_metadata[key_id]['first_seen'] }}</td>
+										<td>{{ all_metadata[key_id]['last_seen'] }}</td>
+										<td>{{ all_metadata[key_id]['nb_seen'] }}</td>
+										<td id="sparklines_{{ all_metadata[key_id]['sparklines_id'] }}" style="text-align:center;"></td>
+									</tr>
+							{% endfor %}
+							</tbody>
+						</table>
+					{% else %}
+						{% if show_decoded_files %}
+							{% if date_from|string == date_to|string %}
+							<h3> {{ date_from }}, No Dumped Keys</h3>
+							{% else %}
+							<h3> {{ date_from }} to {{ date_to }}, No {{correlation_type}}</h3>
+							{% endif %}
+						{% endif %}
+					{% endif %}
+				</div>
+
+			</div>
+		</div>
+	</div>
+
+<script>
+		var chart = {};
+    $(document).ready(function(){
+				$("#page-Decoded").addClass("active");
+        $("#nav_dashboard_{{correlation_type}}").addClass("active");
+
+				$('#date-range-from').dateRangePicker({
+						separator : ' to ',
+						getValue: function()
+						{
+								if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+										return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+								else
+										return '';
+						},
+						setValue: function(s,s1,s2)
+						{
+								$('#date-range-from-input').val(s1);
+								$('#date-range-to-input').val(s2);
+						},
+					});
+					$('#date-range-to').dateRangePicker({
+							separator : ' to ',
+							getValue: function()
+							{
+									if ($('#date-range-from-input').val() && $('#date-range-to').val() )
+											return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
+									else
+											return '';
+							},
+							setValue: function(s,s1,s2)
+							{
+									$('#date-range-from-input').val(s1);
+									$('#date-range-to-input').val(s2);
+							},
+					});
+
+          $('#date-range-from').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
+          $('#date-range-to').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
+
+					$('#tableb64').DataTable({
+							"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
+							"iDisplayLength": 10,
+							"order": [[ 3, "desc" ]]
+					});
+
+					{% if  type_id %}
+					//chart.stackBarChart =barchart_type_stack("{{ url_for(range_type_json_endpoint) }}?date_from={{daily_date}}&type_id={{type_id}}", 'id');
+          chart.stackBarChart = barchart_type_stack("{{ url_for(range_type_json_endpoint) }}?date_from={{date_from}}&date_to={{date_to}}&type_id={{type_id}}", 'id');
+					{% elif  type_id or daily_type_chart %}
+					chart.stackBarChart =barchart_type_stack("{{ url_for(range_type_json_endpoint) }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
+					{% else %}
+					chart.stackBarChart = barchart_type_stack("{{ url_for(range_type_json_endpoint) }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
+					{% endif %}
+
+					//draw_pie_chart("pie_chart_encoded" ,"{{ url_for('hashDecoded.decoder_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}&encoding=");
+					//draw_pie_chart("pie_chart_top5_types" ,"{{ url_for('hashDecoded.top5_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type=");
+
+					chart.onResize();
+					$(window).on("resize", function() {
+							chart.onResize();
+					});
+  });
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+<script>
+
+// a sparklines plot
+function sparklines(id, points) {
+    var width = 100, height = 60;
+
+    var data = []
+    for (i = 0; i < points.length; i++) {
+        data[i] = {
+            'x': i,
+            'y': +points[i]
+        }
+    }
+
+    var x = d3.scaleLinear()
+        .range([0, width - 10])
+        .domain([0,5]);
+
+    var y = d3.scaleLinear()
+        .range([height, 0])
+        .domain([0,10]);
+
+    var line = d3.line()
+                .x(function(d) {return x(d.x)})
+                .y(function(d) {return y(d.y)});
+
+    d3.select("#"+id).append('svg')
+            .attr('width', width)
+            .attr('height', height)
+         .append('path')
+            .attr('class','line')
+            .datum(data)
+            .attr('d', line);
+
+}
+</script>
+<script>
+	{% for key_id in all_metadata %}
+		sparklines("sparklines_{{ all_metadata[key_id]['sparklines_id'] }}", {{ all_metadata[key_id]['sparklines_data'] }})
+	{% endfor %}
+</script>
+
+<script>
+var margin = {top: 20, right: 100, bottom: 55, left: 45},
+				width  = 1000 - margin.left - margin.right,
+				height = 500  - margin.top  - margin.bottom;
+var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
+
+var y = d3.scaleLinear().rangeRound([height, 0]);
+
+var xAxis = d3.axisBottom(x);
+
+var yAxis = d3.axisLeft(y);
+
+var color = d3.scaleOrdinal(d3.schemeSet3);
+
+var svg = d3.select("#barchart_type").append("svg")
+				.attr("id", "thesvg")
+				.attr("viewBox", "0 0 1000 500")
+				.attr("width",  width  + margin.left + margin.right)
+				.attr("height", height + margin.top  + margin.bottom)
+			.append("g")
+				.attr("transform", "translate(" + margin.left + "," + margin.top + ")");
+
+function barchart_type_stack(url, id) {
+
+  d3.json(url)
+    .then(function(data){
+
+			var labelVar = 'date';  //A
+		  var varNames = d3.keys(data[0])
+		      .filter(function (key) { return key !== labelVar;}); //B
+
+		  data.forEach(function (d) { //D
+		    var y0 = 0;
+		    d.mapping = varNames.map(function (name) {
+		      return {
+		        name: name,
+		        label: d[labelVar],
+		        y0: y0,
+		        y1: y0 += +d[name]
+		      };
+		    });
+		    d.total = d.mapping[d.mapping.length - 1].y1;
+		  });
+
+		  x.domain(data.map(function (d) { return (d.date); })); //E
+		  y.domain([0, d3.max(data, function (d) { return d.total; })]);
+
+			svg.append("g")
+        .attr("class", "x axis")
+        .attr("transform", "translate(0," + height + ")")
+        .call(xAxis)
+				.selectAll("text")
+					.attr("class", "bar")
+					{% if  date_from|string == date_to|string and type is none %}
+						.on("click", function (d) { window.location.href = "{{ url_for(correlation_type_endpoint) }}?date_from={{date_from}}&date_to={{date_to}}&type_id="+d })
+						.attr("transform", "rotate(-18)" )
+					{% elif  date_from|string == date_to|string and type is not none %}
+						.on("click", function (d) { window.location.href = "{{ url_for(correlation_type_endpoint) }}?date_from="+d+'&date_to='+d })
+						.attr("transform", "rotate(-18)" )
+					{% else %}
+						.on("click", function (d) { window.location.href = "{{ url_for(correlation_type_endpoint) }}?date_from="+d+'&date_to='+d })
+						.attr("transform", "rotate(-40)" )
+					{% endif %}
+					.style("text-anchor", "end");
+
+    	svg.append("g")
+        .attr("class", "y axis")
+        .call(yAxis)
+      	.append("text")
+        	.attr("transform", "rotate(-90)")
+        	.attr("y", 6)
+        	.attr("dy", ".71em")
+        	.style("text-anchor", "end");
+
+			var selection = svg.selectAll(".series")
+		    .data(data)
+		    .enter().append("g")
+		      .attr("class", "series")
+		      .attr("transform", function (d) { return "translate(" + x((d.date)) + ",0)"; });
+
+			selection.selectAll("rect")
+	      .data(function (d) { return d.mapping; })
+	    .enter().append("rect")
+				.attr("class", "bar_stack")
+	      .attr("width", x.bandwidth())
+	      .attr("y", function (d) { return y(d.y1); })
+	      .attr("height", function (d) { return y(d.y0) - y(d.y1); })
+	      .style("fill", function (d) { return color(d.name); })
+	      .style("stroke", "grey")
+	      .on("mouseover", function (d) { showPopover.call(this, d); })
+				.on("mouseout", function (d) { removePopovers(); })
+				{% if  date_from|string == date_to|string and type is none %}
+					.on("click", function(d){ window.location.href = "{{ url_for(correlation_type_endpoint) }}" +'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.label+'&encoding='+d.name; });
+				{% elif  date_from|string == date_to|string and type is not none %}
+					.on("click", function(d){ window.location.href = "{{ url_for(correlation_type_endpoint) }}" +'?type_id={{type_id}}&date_from='+d.label+'&date_to='+d.label+'&encoding='+d.name; });
+				{% else %}
+					.on("click", function(d){ window.location.href = "{{ url_for(correlation_type_endpoint) }}" +'?type_id='+ d.name +'&date_from='+d.label+'&date_to='+d.label; });
+				{% endif %}
+
+				data.forEach(function(d) {
+					if(d.total != 0){
+						svg.append("text")
+								.attr("class", "bar")
+								.attr("dy", "-.35em")
+								.attr('x', x(d.date) + x.bandwidth()/2)
+								.attr('y', y(d.total))
+								{% if  date_from|string == date_to|string and type is none %}
+									.on("click", function () {window.location.href = "{{ url_for(correlation_type_endpoint) }}"+'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.date })
+								{% elif  date_from|string == date_to|string and type is not none %}
+									.on("click", function () {window.location.href = "{{ url_for(correlation_type_endpoint) }}?type_id={{type_id}}&date_from="+d.date+'&date_to='+d.date })
+								{% else %}
+									.on("click", function () {window.location.href = "{{ url_for(correlation_type_endpoint) }}"+'?date_from='+d.date+'&date_to='+d.date })
+								{% endif %}
+								.style("text-anchor", "middle")
+								.text(d.total);
+					}
+				});
+
+			drawLegend(varNames);
+    });
+
+}
+
+function drawLegend (varNames) {
+    var legend = svg.selectAll(".legend")
+        .data(varNames.slice().reverse())
+      .enter().append("g")
+        .attr("class", "legend")
+        .attr("transform", function (d, i) { return "translate(0," + i * 20 + ")"; });
+
+    legend.append("rect")
+        .attr("x", 943)
+        .attr("width", 10)
+        .attr("height", 10)
+        .style("fill", color)
+        .style("stroke", "grey");
+
+    legend.append("text")
+				.attr("class", "svgText")
+        .attr("x", 941)
+        .attr("y", 6)
+        .attr("dy", ".35em")
+        .style("text-anchor", "end")
+        .text(function (d) { return d; });
+}
+
+function removePopovers () {
+    $('.popover').each(function() {
+      $(this).remove();
+    });
+  }
+
+function showPopover (d) {
+  $(this).popover({
+    title: "<b><span id='tooltip-id-name-bar'></span></b>",
+    placement: 'top',
+    container: 'body',
+    trigger: 'manual',
+    html : true,
+    content: function() {
+      return "<span id='tooltip-id-label'></span>" +
+            "<br/>num: <span id='tooltip-id-value-bar'></span>"; }
+  });
+  $(this).popover('show');
+  $("#tooltip-id-name-bar").text(d.name);
+  $("#tooltip-id-label").text(d.label);
+  $("#tooltip-id-value-bar").text(d3.format(",")(d.value ? d.value: d.y1 - d.y0));
+}
+
+chart.onResize = function () {
+    var aspect = 1000 / 500, chart = $("#thesvg");
+    var targetWidth = chart.parent().width();
+    chart.attr("width", targetWidth);
+    chart.attr("height", targetWidth / aspect);
+  }
+
+window.chart = chart;
+
+</script>
+
+<script>
+function draw_pie_chart(id, url_json, pie_on_click_url) {
+
+		var width_pie = 200;
+		var height_pie = 200;
+		var padding_pie = 10;
+		var opacity_pie = .8;
+
+		var radius_pie = Math.min(width_pie - padding_pie, height_pie - padding_pie) / 2;
+		//var color_pie = d3.scaleOrdinal(d3.schemeCategory10);
+		var color_pie = d3.scaleOrdinal(d3.schemeSet3);
+
+		var div_pie = d3.select("body").append("div")
+				.attr("class", "tooltip")
+				.style("opacity", 0);
+
+		var svg_pie = d3.select("#"+id)
+				.append('svg')
+				.attr("width", '100%')
+				.attr("height", '100%')
+				.attr('viewBox','0 0 '+Math.min(width_pie,height_pie) +' '+Math.min(width_pie,height_pie) )
+				.attr('preserveAspectRatio','xMinYMin')
+
+
+		var g_pie = svg_pie.append('g')
+				.attr('transform', 'translate(' + (width_pie/2) + ',' + (height_pie/2) + ')');
+
+		var arc_pie = d3.arc()
+				.innerRadius(0)
+				.outerRadius(radius_pie);
+
+		d3.json(url_json)
+			.then(function(data){
+
+			var pie_pie = d3.pie()
+					.value(function(d) { return d.value; })
+					.sort(null);
+
+			var path_pie = g_pie.selectAll('path')
+				  .data(pie_pie(data))
+				  .enter()
+				  .append("g")
+				  .append('path')
+				  .attr('d', arc_pie)
+				  .attr('fill', (d,i) => color_pie(i))
+					.attr('class', 'pie_path')
+					.on("mouseover", mouseovered_pie)
+					.on("mouseout", mouseouted_pie)
+					.on("click", function (d) {window.location.href = pie_on_click_url+d.data.name })
+				  .style('opacity', opacity_pie)
+				  .style('stroke', 'white');
+			});
+
+
+		function mouseovered_pie(d) {
+      //remove old content
+      $("#tooltip-id-name").remove();
+      $("#tooltip-id-value").remove();
+
+			// tooltip
+			var content;
+
+			content = "<b><span id='tooltip-id-name'></span></b><br/>"+
+								"<br/>"+
+								"<i>Decoded</i>: <span id='tooltip-id-value'></span><br/>"
+
+			div_pie.transition()
+				.duration(200)
+				.style("opacity", .9);
+			div_pie.html(content)
+				.style("left", (d3.event.pageX) + "px")
+				.style("top", (d3.event.pageY - 28) + "px");
+
+      $("#tooltip-id-name").text(d.data.name);
+      $("#tooltip-id-value").text(d.data.value);
+		}
+
+		function mouseouted_pie() {
+			div_pie.transition()
+				.duration(500)
+				.style("opacity", 0);
+		}
+}
+
+</script>
+
+
+
+<script>
+function barchart_type(url, id) {
+
+
+  var margin = {top: 20, right: 20, bottom: 70, left: 40};
+
+  var width = 960 - margin.left - margin.right;
+  var height = 500 - margin.top - margin.bottom;
+
+  var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
+  var y = d3.scaleLinear().rangeRound([height, 0]);
+
+  var xAxis = d3.axisBottom(x)
+    //.tickFormat(d3.time.format("%Y-%m"));
+
+  var yAxis = d3.axisLeft(y)
+    .ticks(10);
+
+/*var svg = d3.select(id).append("svg")
+      .attr("width", width + margin.left + margin.right)
+      .attr("height", height + margin.top + margin.bottom)
+			.attr("id", "thesvg")
+      .append("g")
+        .attr("transform",
+          "translate(" + margin.left + "," + margin.top + ")");*/
+
+
+  d3.json(url)
+    .then(function(data){
+
+        data.forEach(function(d) {
+          d.value = +d.value;
+        });
+
+				x.domain(data.map(function(d) { return d.date; }));
+        y.domain([0, d3.max(data, function(d) { return d.value; })]);
+
+        var label = svg.append("g")
+            .attr("class", "x axis")
+            .attr("transform", "translate(0," + height + ")")
+            .call(xAxis)
+          .selectAll("text")
+            .style("text-anchor", "end")
+            .attr("dx", "-.8em")
+            .attr("dy", "-.55em")
+						{% if  daily_type_chart %}
+						.attr("transform", "rotate(-20)" );
+						{% else %}
+						.attr("transform", "rotate(-70)" )
+						.attr("class", "bar")
+						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}"+'?date_from='+d+'&date_to='+d });
+						{% endif %}
+
+        svg.append("g")
+            .attr("class", "y axis")
+            .call(yAxis)
+          .append("text")
+            .attr("transform", "rotate(-90)")
+            .attr("y", 6)
+            .attr("dy", ".71em")
+            .style("text-anchor", "end")
+            .text("Value ($)");
+
+        var bar = svg.selectAll("bar")
+            .data(data)
+          .enter().append("rect")
+            .attr("class", "bar")
+            //.style("fill", "steelblue")
+						.attr("x", function(d) { return x(d.date); })
+            .attr("width", x.bandwidth())
+            .attr("y", function(d) { return y(d.value); })
+            .attr("height", function(d) { return height - y(d.value); })
+						{% if  type %}
+            .on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type={{type}}&date_from='+ d.date +'&date_to='+ d.date; });
+						{% endif  %}
+						{% if  daily_type_chart %}
+						.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type='+d.date+'&date_from={{ daily_date }}&date_to={{ daily_date }}'; });
+						{% endif  %}
+
+
+        data.forEach(function(d) {
+          if(d.value != 0){
+            svg.append("text")
+                .attr("class", "bar")
+                .attr("dy", "-.35em")
+                //.text(function(d) { return d.value; });
+                .text(d.value)
+								.style("text-anchor", "middle")
+								.attr('x', x(d.date) + x.bandwidth()/2)
+                .attr('y', y(d.value));
+          }
+        });
+
+    });
+
+}
+</script>
+
+
+</body>
+
+</html>
diff --git a/var/www/modules/hashDecoded/templates/showCorrelation.html b/var/www/modules/hashDecoded/templates/showCorrelation.html
new file mode 100644
index 00000000..35ec63ec
--- /dev/null
+++ b/var/www/modules/hashDecoded/templates/showCorrelation.html
@@ -0,0 +1,553 @@
+<!DOCTYPE html>
+<html>
+
+	<head>
+	  <meta charset="utf-8">
+
+	  <title>AIL - framework</title>
+		<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
+
+	  <!-- Core CSS -->
+		<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
+		<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
+
+	  <!-- JS -->
+		<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+		<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
+		<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
+
+		<style>
+		line.link {
+			stroke: #666;
+		}
+		line.link:hover{
+			stroke: red;
+			stroke-width: 2px
+		}
+		.line_sparkline {
+			fill: none;
+			stroke: #000;
+			stroke-width: 2.0px;
+		}
+		.node {
+			pointer-events: all;
+		}
+
+		circle {
+			stroke: none;
+		}
+
+		.graph_text_node {
+			font: 8px sans-serif;
+			pointer-events: none;
+		}
+
+		.graph_node_icon {
+			pointer-events: none;
+		}
+
+		.node text {
+			font: 8px sans-serif;
+			pointer-events: auto;
+		}
+
+		div.tooltip {
+			position: absolute;
+			text-align: center;
+			padding: 2px;
+			font: 12px sans-serif;
+			background: #ebf4fb;
+			border: 2px solid #b7ddf2;
+			border-radius: 8px;
+			pointer-events: none;
+			color: #000000;
+		}
+
+		.graph_panel {
+			padding: unset;
+		}
+
+		.line_graph {
+		  fill: none;
+		  stroke: steelblue;
+		  stroke-width: 2px;
+			stroke-linejoin: round;
+			stroke-linecap: round;
+			stroke-width: 1.5;
+			/*attr('stroke', '#bcbd22').*/
+		}
+		</style>
+	</head>
+	<body>
+
+		{% include 'nav_bar.html' %}
+
+		<div class="container-fluid">
+			<div class="row">
+
+				{% include 'decoded/menu_sidebar.html' %}
+
+				<div class="col-12 col-lg-10" id="core_content">
+
+					<div class="card my-3">
+						<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
+							<h4 class="text-secondary">{{ key_id }} :</h4>
+							<ul class="list-group mb-2">
+								<li class="list-group-item py-0">
+									<div class="row">
+										<div class="col-md-10">
+											<table class="table">
+												<thead>
+													<tr>
+														<th>type</th>
+														<th>First_seen</th>
+														<th>Last_seen</th>
+														<th>Nb seen</th>
+													</tr>
+												</thead>
+												<tbody>
+													<tr>
+														<td><i class="{{ type_icon }}"></i>&nbsp;&nbsp;{{ type_id }}</td>
+														<td>{{ key_id_metadata['first_seen'] }}</td>
+														<td>{{ key_id_metadata['last_seen'] }}</td>
+														<td>{{ key_id_metadata['nb_seen'] }}</td>
+													</tr>
+												</tbody>
+											</table>
+										</div>
+										<div class="col-md-1">
+											<div id="sparkline"></div>
+										</div>
+									</div>
+								</li>
+							</ul>
+						</div>
+					</div>
+
+					<div class="row">
+						<div class="col-xl-10">
+
+							<div class="card mb-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
+								</div>
+								<div class="card-body graph_panel">
+									<div id="graph">
+									</div>
+								</div>
+							</div>
+						</div>
+
+						<div class="col-xl-2">
+
+							<div class="card my-3">
+								<div class="card-header">
+									<i class="fas fa-project-diagram"></i> Graph
+								</div>
+								<div class="card-body text-center px-0 py-0">
+									<button class="btn btn-primary my-4" onclick="resize_graph();">
+										<i class="fas fa-sync"></i>&nbsp;Resize Graph
+									</button>
+
+									{% if correlation_type=='pgpdump' %}
+										{% include 'decoded/show_helper_pgpdump.html' %}
+									{% elif correlation_type=='cryptocurrency' %}
+										{% include 'decoded/show_helper_cryptocurrency.html' %}
+									{% endif %}
+
+								</div>
+							</div>
+						</div>
+					</div>
+
+					<div class="card">
+						<div class="card-header">
+							<i class="fas fa-chart-bar"></i> Graph
+						</div>
+						<div class="panel-body ">
+							<div id="graph_line">
+							</div>
+						</div>
+					</div>
+
+				</div>
+			</div>
+		</div>
+
+<script>
+var all_graph = {};
+$(document).ready(function(){
+		$("#page-Decoded").addClass("active");
+		sparklines("sparkline", {{ sparkline_values }})
+
+		all_graph.node_graph = create_graph("{{ url_for(graph_node_endpoint) }}?type_id={{type_id}}&key_id={{key_id}}");
+		all_graph.line_chart = create_line_chart('graph_line', "{{ url_for(graph_line_endpoint) }}?type_id={{type_id}}&key_id={{key_id}}");
+		all_graph.onResize();
+});
+
+$(window).on("resize", function() {
+		all_graph.onResize();
+});
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+
+<script>
+	function resize_graph() {
+		zoom.translateTo(svg_node, 200, 200);
+		zoom.scaleTo(svg_node, 2);
+	}
+
+</script>
+<script>
+//var data = [6,3,3,2,5,3,9];
+
+// a sparklines plot
+function sparklines(id, points) {
+    var width_spark = 100, height_spark = 60;
+
+    var data = []
+    for (i = 0; i < points.length; i++) {
+        data[i] = {
+            'x': i,
+            'y': +points[i]
+        }
+    }
+
+    var x = d3.scaleLinear()
+        .range([0, width_spark - 10])
+        .domain([0,5]);
+
+    var y = d3.scaleLinear()
+        .range([height_spark, 0])
+        .domain([0,10]);
+
+    var line = d3.line()
+                .x(function(d) {return x(d.x)})
+                .y(function(d) {return y(d.y)});
+
+    d3.select("#"+id).append('svg')
+            .attr('width', width_spark)
+            .attr('height', height_spark)
+         .append('path')
+            .attr('class','line_sparkline')
+            .datum(data)
+            .attr('d', line);
+
+}
+</script>
+
+<script>
+var width = 400,
+		height = 400;
+
+var link;
+
+var zoom = d3.zoom()
+	.scaleExtent([.2, 10])
+	.on("zoom", zoomed);
+
+//var transform = d3.zoomIdentity;
+
+var color = d3.scaleOrdinal(d3.schemeCategory10);
+
+var div = d3.select("body").append("div")
+		.attr("class", "tooltip")
+		.style("opacity", 0);
+
+var simulation = d3.forceSimulation()
+		.force("link", d3.forceLink().id(function(d) { return d.id; }))
+		.force("charge", d3.forceManyBody())
+		.force("center", d3.forceCenter(width / 2, height / 2));
+		//.on("tick", ticked);
+
+var svg_node = d3.select("#graph").append("svg")
+		.attr("id", "graph_div")
+		.attr("width", width)
+		.attr("height", height)
+		.call(d3.zoom().scaleExtent([1, 8]).on("zoom", zoomed))
+		.on("dblclick.zoom", null)
+
+var container_graph = svg_node.append("g");
+		//.attr("transform", "translate(40,0)")
+		//.attr("transform", "scale(2)");
+
+function create_graph(url){
+
+d3.json(url)
+.then(function(data){
+
+	link = container_graph.append("g")
+	.selectAll("line")
+	.data(data.links)
+	.enter().append("line")
+		.attr("class", "link");
+		//.attr("stroke-width", function(d) { return Math.sqrt(d.value); })
+
+	var node = container_graph.selectAll(".node")
+				.data(data.nodes)
+			.enter().append("g")
+			.attr("class", "nodes")
+			.on("dblclick", doubleclick)
+			.on("click", click)
+			.on("mouseover", mouseovered)
+			.on("mouseout", mouseouted)
+			.call(d3.drag()
+					.on("start", drag_start)
+					.on("drag", dragged)
+					.on("end", drag_end));
+
+
+	node.append("circle")
+			.attr("r", function(d) {
+				return (d.hash) ? 6 : 5; })
+			.attr("fill", function(d) {
+				if(!d.hash){ return color(d.group);}
+				if(d.group == 1){ return "orange";}
+				return "rgb(141, 211, 199)"; });
+
+	node.append('text')
+		  .attr('text-anchor', 'middle')
+		  .attr('dominant-baseline', 'central')
+		  .attr("class", "graph_node_icon {{font_family}}")
+    	.attr('font-size', '8px' )
+			.attr('pointer-events', 'none')
+    	.text(function(d) {
+				if(d.hash){
+					return d.icon
+				} });
+
+	zoom.translateTo(svg_node, 200, 200);
+	zoom.scaleTo(svg_node, 2);
+
+/*	node.append("text")
+		      .attr("dy", 3)
+					.attr("dx", 7)
+					.attr("class", "graph_text_node")
+		      //.style("text-anchor", function(d) { return d.children ? "end" : "start"; })
+		      .text(function(d) { return d.id; });*/
+
+	simulation
+			.nodes(data.nodes)
+			.on("tick", ticked);
+
+	simulation.force("link")
+			.links(data.links);
+
+	function ticked() {
+		link
+				.attr("x1", function(d) { return d.source.x; })
+				.attr("y1", function(d) { return d.source.y; })
+				.attr("x2", function(d) { return d.target.x; })
+				.attr("y2", function(d) { return d.target.y; });
+
+		/*node
+				.attr("cx", function(d) { return d.x; })
+				.attr("cy", function(d) { return d.y; });*/
+		node.attr("transform", function(d) { return "translate(" + d.x + "," + d.y + ")"; });
+	}
+
+});
+}
+
+function zoomed() {
+	container_graph.attr("transform", d3.event.transform);
+}
+
+function doubleclick (d) {
+window.open(d.url, '_blank');
+}
+
+function click (d) {
+console.log('clicked')
+}
+
+function drag_start(d) {
+if (!d3.event.active) simulation.alphaTarget(0.3).restart();
+d.fx = d.x;
+d.fy = d.y;
+}
+
+function dragged(d) {
+d.fx = d3.event.x;
+d.fy = d3.event.y;
+}
+
+function drag_end(d) {
+if (!d3.event.active) simulation.alphaTarget(0);
+d.fx = d.x;
+d.fy = d.y;
+}
+
+function mouseovered(d) {
+
+// tooltip
+var content;
+
+if(d.hash == true){
+	content = "<b><span id='tooltip-id-name'></span></b><br/>"+
+						"<br/>"+
+						"<i>First seen</i>: <span id='tooltip-id-first_seen'></span><br/>"+
+						"<i>Last seen</i>: <span id='tooltip-id-last_seen'></span><br/>"+
+						"<i>nb_seen</i>: <span id='tooltip-id-nb_seen'></span>";
+
+	div.transition()
+		 .duration(200)
+				.style("opacity", .9);
+	div.html(content)
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+	$("#tooltip-id-first_seen").text(d.first_seen);
+	$("#tooltip-id-last_seen").text(d.last_seen);
+	$("#tooltip-id-nb_seen").text(d.nb_seen_in_paste);
+
+} else {
+	content = "<b><span id='tooltip-id-name'></span></b><br/>";
+
+	div.transition()
+		 .duration(200)
+				.style("opacity", .9);
+	div.html(content)
+		 .style("left", (d3.event.pageX) + "px")
+		 .style("top", (d3.event.pageY - 28) + "px");
+
+	$("#tooltip-id-name").text(d.id);
+
+}
+
+	//links
+	/*link.style("stroke-opacity", function(o) {
+			return o.source === d || o.target === d ? 1 : opacity;
+	});*/
+	link.style("stroke", function(o){
+			return o.source === d || o.target === d ? "#666" : "#ddd";
+	});
+}
+
+function mouseouted() {
+	div.transition()
+		.duration(500)
+		.style("opacity", 0);
+
+	link.style("stroke", "#666");
+}
+
+all_graph.onResize = function () {
+	var aspect = 1000 / 500, all_graph = $("#graph_div");
+	var targetWidth = all_graph.parent().width();
+	all_graph.attr("width", targetWidth);
+	all_graph.attr("height", targetWidth / aspect);
+}
+
+window.all_graph = all_graph;
+</script>
+
+<script>
+function create_line_chart(id, url){
+
+	var width = 900;
+	var height = Math.round(width / 4);
+
+	var margin = {top: 20, right: 55, bottom: 50, left: 40};
+
+	var x = d3.scaleTime().range([0, width]);
+	var y = d3.scaleLinear().rangeRound([height, 0]);
+
+	var xAxis = d3.axisBottom(x);
+	var yAxis = d3.axisLeft(y);
+
+	var parseTime = d3.timeParse("%Y-%m-%d");
+
+	var line = d3.line()
+							.x(function(d) {
+          			return x(d.date);
+        			}).y(function(d) {
+          			return y(d.value);
+        			});
+
+	var svg_line = d3.select('#'+id).append('svg')
+				.attr("id", "graph_div")
+				.attr("width", width + margin.left + margin.right)
+				.attr("height", height + margin.top + margin.bottom)
+				.append('g')
+						.attr('transform', "translate("+ margin.left +","+ margin.top +")");
+
+	var div = d3.select('body').append('div')
+				.attr('class', 'tooltip')
+				.style('opacity', 0);
+
+	//add div tooltip
+
+d3.json(url)
+	.then(function(data){
+
+		data.forEach(function(d) {
+			d.date_label = d.date;
+			d.date = parseTime(d.date);
+			d.value = +d.value;
+		});
+
+		// fit the data
+		x.domain(d3.extent(data, function(d) { return d.date; }));
+		//x.domain(data.map(function (d) { return d.date; })); //E
+		y.domain([0, d3.max(data, function(d){ return d.value ; })]);
+
+		//line
+		svg_line.append("path")
+				.data([data])
+				.attr("class", "line_graph")
+				.attr("d", line);
+
+		// add X axis
+		svg_line.append("g")
+		    .attr("transform", "translate(0," + height + ")")
+		    .call(d3.axisBottom(x))
+				.selectAll("text")
+					.style("text-anchor", "end")
+					.attr("transform", "rotate(-45)" );
+
+		// Add the Y Axis
+		svg_line.append("g")
+		    .call(d3.axisLeft(y));
+
+		//add a dot circle
+    svg_line.selectAll('dot')
+				.data(data).enter()
+				.append('circle')
+						.attr('r', 2)
+							.attr('cx', function(d) { return x(d.date); })
+							.attr('cy', function(d) { return y(d.value); })
+
+            	.on('mouseover', function(d) {
+	            	div.transition().style('opacity', .9);
+	            	div.html('' + d.date_label+ '<br/>' + d.value).style('left', (d3.event.pageX) + 'px')
+								.style("left", (d3.event.pageX) + "px")
+								.style("top", (d3.event.pageY - 28) + "px");
+          		})
+            	.on('mouseout', function(d)
+          			{
+            			div.transition().style('opacity', 0);
+          			});
+
+	});
+}
+</script>
+
+        </body>
+
+</html>
diff --git a/var/www/templates/decoded/show_helper_cryptocurrency.html b/var/www/templates/decoded/show_helper_cryptocurrency.html
new file mode 100644
index 00000000..7ca07720
--- /dev/null
+++ b/var/www/templates/decoded/show_helper_cryptocurrency.html
@@ -0,0 +1,20 @@
+									<ul class="list-group">
+  									<li class="list-group-item list-group-item-info"><i class="fas fa-info-circle fa-2x"></i></li>
+  									<li class="list-group-item text-left">
+  									  <p>Double click on a node to open Cryptocurrency/Paste<br><br>
+  									    <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
+  									    Current Cryptocurrency<br>
+  									    <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
+									      Cryptocurrency<br>
+  									    <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
+  									    Pastes
+  									  </p>
+  									</li>
+  									<li class="list-group-item list-group-item-info">
+									    Cryptocurrency Types:
+									  </li>
+  									<li class="list-group-item text-left">
+									    <i class="fab fa-btc"></i>  Bitcoin<br>
+									    <i class="fab fa-monero"></i>  Monero<br>
+									  </li>
+									</ul>
diff --git a/var/www/templates/decoded/show_helper_pgpdump.html b/var/www/templates/decoded/show_helper_pgpdump.html
new file mode 100644
index 00000000..1dbf42ba
--- /dev/null
+++ b/var/www/templates/decoded/show_helper_pgpdump.html
@@ -0,0 +1,21 @@
+									<ul class="list-group">
+  									<li class="list-group-item list-group-item-info"><i class="fas fa-info-circle fa-2x"></i></li>
+									  <li class="list-group-item text-left">
+									    <p>Double click on a node to open PgpDump/Paste<br><br>
+									      <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
+									      Current PgpDump<br>
+									      <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
+									      PgpDump<br>
+									      <svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
+									      Pastes
+									    </p>
+									  </li>
+									  <li class="list-group-item list-group-item-info">
+									    PgpDump Types:
+  									</li>
+  									<li class="list-group-item text-left">
+  									  <i class="fas fa-key"></i>  Key<br>
+  									  <i class="fas fa-user-tag"></i>  Name<br>
+  									  <i class="fas fa-at"></i>  Mail<br>
+									  </li>
+									</ul>

From ffc10decc6bee938719faa187e1a4bdb2a17e0f4 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 13:04:00 +0200
Subject: [PATCH 21/33] chg: [update v1.7] update thirdparty

---
 update/v1.7/Update.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/update/v1.7/Update.sh b/update/v1.7/Update.sh
index 8eb6c5a1..601b3cab 100755
--- a/update/v1.7/Update.sh
+++ b/update/v1.7/Update.sh
@@ -49,6 +49,12 @@ echo -e $GREEN"Shutting down ARDB ..."$DEFAULT
 bash ${AIL_BIN}/LAUNCH.sh -k &
 wait
 
+echo ""
+echo -e $GREEN"Update thirdparty ..."$DEFAULT
+bash ${AIL_BIN}/LAUNCH.sh -t &
+wait
+
+
 echo ""
 
 exit 0

From eb9c81acef5bce3f749b49ef8fc5ba5f019f9f26 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 13:08:10 +0200
Subject: [PATCH 22/33] chg: [correlation] clean files

---
 bin/helper/reprocess_bitcoin.py               |  50 ++
 .../hashDecoded/templates/PgpDecoded.html     | 660 ------------------
 .../hashDecoded/templates/showPgpDump.html    | 569 ---------------
 var/www/templates/decoded/menu_sidebar.html   |  15 +-
 4 files changed, 63 insertions(+), 1231 deletions(-)
 create mode 100755 bin/helper/reprocess_bitcoin.py
 delete mode 100644 var/www/modules/hashDecoded/templates/PgpDecoded.html
 delete mode 100644 var/www/modules/hashDecoded/templates/showPgpDump.html

diff --git a/bin/helper/reprocess_bitcoin.py b/bin/helper/reprocess_bitcoin.py
new file mode 100755
index 00000000..5e609f1f
--- /dev/null
+++ b/bin/helper/reprocess_bitcoin.py
@@ -0,0 +1,50 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+import os
+import sys
+import gzip
+import base64
+import uuid
+import datetime
+import base64
+import redis
+import json
+import time
+
+sys.path.append(os.environ['AIL_BIN'])
+from Helper import Process
+
+def substract_date(date_from, date_to):
+    date_from = datetime.date(int(date_from[0:4]), int(date_from[4:6]), int(date_from[6:8]))
+    date_to = datetime.date(int(date_to[0:4]), int(date_to[4:6]), int(date_to[6:8]))
+    delta = date_to - date_from # timedelta
+    l_date = []
+    for i in range(delta.days + 1):
+        date = date_from + datetime.timedelta(i)
+        l_date.append( date.strftime('%Y%m%d') )
+    return l_date
+
+config_section = 'Global'
+p = Process(config_section)
+
+r_tags = redis.StrictRedis(
+    host=p.config.get("ARDB_Tags", "host"),
+    port=p.config.getint("ARDB_Tags", "port"),
+    db=p.config.getint("ARDB_Tags", "db"),
+    decode_responses=True)
+
+tag = 'infoleak:automatic-detection="bitcoin-address"'
+
+# get tag first/last seen
+first_seen = r_tags.hget('tag_metadata:{}'.format(tag), 'first_seen')
+last_seen = r_tags.hget('tag_metadata:{}'.format(tag), 'last_seen')
+
+l_dates = substract_date(first_seen, last_seen)
+
+# get all tagged items
+for date in l_dates:
+    daily_tagged_items = r_tags.smembers('{}:{}'.format(tag, date))
+
+    for item in daily_tagged_items:
+        p.populate_set_out(item)
diff --git a/var/www/modules/hashDecoded/templates/PgpDecoded.html b/var/www/modules/hashDecoded/templates/PgpDecoded.html
deleted file mode 100644
index 88da78e0..00000000
--- a/var/www/modules/hashDecoded/templates/PgpDecoded.html
+++ /dev/null
@@ -1,660 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
-  <title>Decoded - AIL</title>
-	<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
-
-  <!-- Core CSS -->
-	<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
-	<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
-	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
-	<link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet">
-
-  <!-- JS -->
-	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
-	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
-	<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
-	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
-	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
-	<script language="javascript" src="{{ url_for('static', filename='js/moment.min.js') }}"></script>
-	<script language="javascript" src="{{ url_for('static', filename='js/jquery.daterangepicker.min.js') }}"></script>
-	<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
-
-	<style>
-		.input-group .form-control {
-			position: unset;
-		}
-		.line {
-  		fill: none;
-  		stroke: #000;
-  		stroke-width: 2.0px;
-		}
-		.bar {
-      fill: steelblue;
-    }
-    .bar:hover{
-      fill: brown;
-			cursor: pointer;
-    }
-		.bar_stack:hover{
-			cursor: pointer;
-    }
-		.pie_path:hover{
-			cursor: pointer;
-		}
-		.svgText {
-  		pointer-events: none;
-		}
-		div.tooltip {
-			position: absolute;
-			text-align: center;
-			padding: 2px;
-			font: 12px sans-serif;
-			background: #ebf4fb;
-			border: 2px solid #b7ddf2;
-			border-radius: 8px;
-			pointer-events: none;
-			color: #000000;
-		}
-	</style>
-</head>
-<body>
-
-	{% include 'nav_bar.html' %}
-
-	<div class="container-fluid">
-		<div class="row">
-
-			{% include 'decoded/menu_sidebar.html' %}
-
-			<div class="col-12 col-lg-10" id="core_content">
-
-				<div class="row">
-					<div class="col-xl-10">
-						<div class="mt-1" id="barchart_type">
-						</div>
-					</div>
-
-					<div class="col-xl-2">
-
-						<div class="card mb-3 mt-2" style="background-color:#d9edf7;">
-						  <div class="card-body text-center py-2">
-						    <h6 class="card-title" style="color:#286090;">Select a date range :</h5>
-								<form action="{{ url_for('hashDecoded.all_pgp_dump_search') }}" id="hash_selector_form" method='post'>
-									<div class="input-group" id="date-range-from">
-										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
-										<input class="form-control" id="date-range-from-input" placeholder="yyyy-mm-dd" value="{{ date_from }}" name="date_from" autocomplete="off">
-									</div>
-									<div class="input-group" id="date-range-to">
-										<div class="input-group-prepend"><span class="input-group-text"><i class="far fa-calendar-alt" aria-hidden="true"></i></span></div>
-										<input class="form-control" id="date-range-to-input" placeholder="yyyy-mm-dd" value="{{ date_to }}" name="date_to" autocomplete="off">
-									</div>
-									<div class="mt-1" style="font-size: 14px;color:#286090;">Type ID :</div>
-									<select class="custom-select" name="type">
-										<option>All types</option>
-										{% for typ in l_type %}
-											{% if type_id|string() == typ|string() %}
-											<option selected>{{ typ }}</option>
-											{% else %}
-											<option>{{ typ }}</option>
-											{% endif %}
-										{% endfor %}
-									</select>
-									<div class="form-check my-1">
-										<input class="form-check-input" type="checkbox" id="checkbox-input-show" name="show_decoded_files" value="True" {% if show_decoded_files %}checked{% endif %}>
-										<label class="form-check-label" for="checkbox-input-show">
-											<div style="color:#286090; font-size: 14px;">
-												Show dumped keys <i class="fas fa-key"></i>
-											</div>
-										</label>
-									</div>
-									<button class="btn btn-primary" style="text-align:center;">
-										<i class="fas fa-copy"></i> Search
-									</button>
-								<form>
-						  </div>
-						</div>
-
-						<div id="pie_chart_encoded">
-						</div>
-						<div id="pie_chart_top5_types">
-						</div>
-					</div>
-				</div>
-
-				{% if  l_pgpdump|length != 0 %}
-						{% if date_from|string == date_to|string %}
-							<h3> {{ date_from }} Dumped Keys: </h3>
-						{% else %}
-							<h3> {{ date_from }} to {{ date_to }} Dumped Keys: </h3>
-						{% endif %}
-						<table id="tableb64" class="table table-striped table-bordered">
-							<thead class="bg-dark text-white">
-								<tr>
-										<th>type id</th>
-										<th>key id</th>
-										<th>first seen</th>
-										<th>last seen</th>
-										<th>nb paste</th>
-										<th>Sparkline</th>
-								</tr>
-							</thead>
-							<tbody style="font-size: 15px;">
-							{% for pgp_dump in l_pgpdump %}
-									<tr>
-										<td><i class="fas fa-{{ l_pgpdump[pgp_dump]['type_icon'] }}"></i>&nbsp;&nbsp;{{ l_pgpdump[pgp_dump]['type_id'] }}</td>
-										<td><a target="_blank" href="{{ url_for('hashDecoded.show_pgpdump') }}?type_id={{ l_pgpdump[pgp_dump]['type_id'] }}&key_id={{ pgp_dump }}">{{ pgp_dump }}</a></td>
-										<td>{{ l_pgpdump[pgp_dump]['first_seen'] }}</td>
-										<td>{{ l_pgpdump[pgp_dump]['last_seen'] }}</td>
-										<td>{{ l_pgpdump[pgp_dump]['nb_seen'] }}</td>
-										<td id="sparklines_{{ l_pgpdump[pgp_dump]['sparklines_id'] }}" style="text-align:center;"></td>
-									</tr>
-							{% endfor %}
-							</tbody>
-						</table>
-					{% else %}
-						{% if show_decoded_files %}
-							{% if date_from|string == date_to|string %}
-							<h3> {{ date_from }}, No Dumped Keys</h3>
-							{% else %}
-							<h3> {{ date_from }} to {{ date_to }}, No Dumped Keys</h3>
-							{% endif %}
-						{% endif %}
-					{% endif %}
-				</div>
-
-			</div>
-		</div>
-	</div>
-
-<script>
-		var chart = {};
-    $(document).ready(function(){
-				$("#page-Decoded").addClass("active");
-        $("#nav_dashboard_pgp").addClass("active");
-
-				$('#date-range-from').dateRangePicker({
-						separator : ' to ',
-						getValue: function()
-						{
-								if ($('#date-range-from-input').val() && $('#date-range-to').val() )
-										return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
-								else
-										return '';
-						},
-						setValue: function(s,s1,s2)
-						{
-								$('#date-range-from-input').val(s1);
-								$('#date-range-to-input').val(s2);
-						},
-					});
-					$('#date-range-to').dateRangePicker({
-							separator : ' to ',
-							getValue: function()
-							{
-									if ($('#date-range-from-input').val() && $('#date-range-to').val() )
-											return $('#date-range-from-input').val() + ' to ' + $('#date-range-to').val();
-									else
-											return '';
-							},
-							setValue: function(s,s1,s2)
-							{
-									$('#date-range-from-input').val(s1);
-									$('#date-range-to-input').val(s2);
-							},
-					});
-
-          $('#date-range-from').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
-          $('#date-range-to').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}');
-
-					$('#tableb64').DataTable({
-							"aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]],
-							"iDisplayLength": 10,
-							"order": [[ 3, "desc" ]]
-					});
-
-					{% if  type_id %}
-					//chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?date_from={{daily_date}}&type_id={{type_id}}", 'id');
-          chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type_id={{type_id}}", 'id');
-					{% elif  type_id or daily_type_chart %}
-					chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id');
-					{% else %}
-					chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id');
-					{% endif %}
-
-					//draw_pie_chart("pie_chart_encoded" ,"{{ url_for('hashDecoded.decoder_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}&encoding=");
-					//draw_pie_chart("pie_chart_top5_types" ,"{{ url_for('hashDecoded.top5_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type={{type}}", "{{ url_for('hashDecoded.hashDecoded_page') }}?date_from={{date_from}}&date_to={{date_to}}&type=");
-
-					chart.onResize();
-					$(window).on("resize", function() {
-							chart.onResize();
-					});
-  });
-
-function toggle_sidebar(){
-	if($('#nav_menu').is(':visible')){
-		$('#nav_menu').hide();
-		$('#side_menu').removeClass('border-right')
-		$('#side_menu').removeClass('col-lg-2')
-		$('#core_content').removeClass('col-lg-10')
-	}else{
-		$('#nav_menu').show();
-		$('#side_menu').addClass('border-right')
-		$('#side_menu').addClass('col-lg-2')
-		$('#core_content').addClass('col-lg-10')
-	}
-}
-</script>
-<script>
-
-// a sparklines plot
-function sparklines(id, points) {
-    var width = 100, height = 60;
-
-    var data = []
-    for (i = 0; i < points.length; i++) {
-        data[i] = {
-            'x': i,
-            'y': +points[i]
-        }
-    }
-
-    var x = d3.scaleLinear()
-        .range([0, width - 10])
-        .domain([0,5]);
-
-    var y = d3.scaleLinear()
-        .range([height, 0])
-        .domain([0,10]);
-
-    var line = d3.line()
-                .x(function(d) {return x(d.x)})
-                .y(function(d) {return y(d.y)});
-
-    d3.select("#"+id).append('svg')
-            .attr('width', width)
-            .attr('height', height)
-         .append('path')
-            .attr('class','line')
-            .datum(data)
-            .attr('d', line);
-
-}
-</script>
-<script>
-	{% for pgp_dump in l_pgpdump %}
-		sparklines("sparklines_{{ l_pgpdump[pgp_dump]['sparklines_id'] }}", {{ l_pgpdump[pgp_dump]['sparklines_data'] }})
-	{% endfor %}
-</script>
-
-<script>
-var margin = {top: 20, right: 100, bottom: 55, left: 45},
-				width  = 1000 - margin.left - margin.right,
-				height = 500  - margin.top  - margin.bottom;
-var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
-
-var y = d3.scaleLinear().rangeRound([height, 0]);
-
-var xAxis = d3.axisBottom(x);
-
-var yAxis = d3.axisLeft(y);
-
-var color = d3.scaleOrdinal(d3.schemeSet3);
-
-var svg = d3.select("#barchart_type").append("svg")
-				.attr("id", "thesvg")
-				.attr("viewBox", "0 0 1000 500")
-				.attr("width",  width  + margin.left + margin.right)
-				.attr("height", height + margin.top  + margin.bottom)
-			.append("g")
-				.attr("transform", "translate(" + margin.left + "," + margin.top + ")");
-
-function barchart_type_stack(url, id) {
-
-  d3.json(url)
-    .then(function(data){
-
-			var labelVar = 'date';  //A
-		  var varNames = d3.keys(data[0])
-		      .filter(function (key) { return key !== labelVar;}); //B
-
-		  data.forEach(function (d) { //D
-		    var y0 = 0;
-		    d.mapping = varNames.map(function (name) {
-		      return {
-		        name: name,
-		        label: d[labelVar],
-		        y0: y0,
-		        y1: y0 += +d[name]
-		      };
-		    });
-		    d.total = d.mapping[d.mapping.length - 1].y1;
-		  });
-
-		  x.domain(data.map(function (d) { return (d.date); })); //E
-		  y.domain([0, d3.max(data, function (d) { return d.total; })]);
-
-			svg.append("g")
-        .attr("class", "x axis")
-        .attr("transform", "translate(0," + height + ")")
-        .call(xAxis)
-				.selectAll("text")
-					.attr("class", "bar")
-					{% if  date_from|string == date_to|string and type is none %}
-						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from={{date_from}}&date_to={{date_to}}&type_id="+d })
-						.attr("transform", "rotate(-18)" )
-					{% elif  date_from|string == date_to|string and type is not none %}
-						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from="+d+'&date_to='+d })
-						.attr("transform", "rotate(-18)" )
-					{% else %}
-						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?date_from="+d+'&date_to='+d })
-						.attr("transform", "rotate(-40)" )
-					{% endif %}
-					.style("text-anchor", "end");
-
-    	svg.append("g")
-        .attr("class", "y axis")
-        .call(yAxis)
-      	.append("text")
-        	.attr("transform", "rotate(-90)")
-        	.attr("y", 6)
-        	.attr("dy", ".71em")
-        	.style("text-anchor", "end");
-
-			var selection = svg.selectAll(".series")
-		    .data(data)
-		    .enter().append("g")
-		      .attr("class", "series")
-		      .attr("transform", function (d) { return "translate(" + x((d.date)) + ",0)"; });
-
-			selection.selectAll("rect")
-	      .data(function (d) { return d.mapping; })
-	    .enter().append("rect")
-				.attr("class", "bar_stack")
-	      .attr("width", x.bandwidth())
-	      .attr("y", function (d) { return y(d.y1); })
-	      .attr("height", function (d) { return y(d.y0) - y(d.y1); })
-	      .style("fill", function (d) { return color(d.name); })
-	      .style("stroke", "grey")
-	      .on("mouseover", function (d) { showPopover.call(this, d); })
-				.on("mouseout", function (d) { removePopovers(); })
-				{% if  date_from|string == date_to|string and type is none %}
-					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.label+'&encoding='+d.name; });
-				{% elif  date_from|string == date_to|string and type is not none %}
-					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?type_id={{type_id}}&date_from='+d.label+'&date_to='+d.label+'&encoding='+d.name; });
-				{% else %}
-					.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}" +'?type_id='+ d.name +'&date_from='+d.label+'&date_to='+d.label; });
-				{% endif %}
-
-				data.forEach(function(d) {
-					if(d.total != 0){
-						svg.append("text")
-								.attr("class", "bar")
-								.attr("dy", "-.35em")
-								.attr('x', x(d.date) + x.bandwidth()/2)
-								.attr('y', y(d.total))
-								{% if  date_from|string == date_to|string and type is none %}
-									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}"+'?date_from={{date_from}}&date_to={{date_to}}&type_id='+d.date })
-								{% elif  date_from|string == date_to|string and type is not none %}
-									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}?type_id={{type_id}}&date_from="+d.date+'&date_to='+d.date })
-								{% else %}
-									.on("click", function () {window.location.href = "{{ url_for('hashDecoded.pgpdump_page') }}"+'?date_from='+d.date+'&date_to='+d.date })
-								{% endif %}
-								.style("text-anchor", "middle")
-								.text(d.total);
-					}
-				});
-
-			drawLegend(varNames);
-    });
-
-}
-
-function drawLegend (varNames) {
-    var legend = svg.selectAll(".legend")
-        .data(varNames.slice().reverse())
-      .enter().append("g")
-        .attr("class", "legend")
-        .attr("transform", function (d, i) { return "translate(0," + i * 20 + ")"; });
-
-    legend.append("rect")
-        .attr("x", 943)
-        .attr("width", 10)
-        .attr("height", 10)
-        .style("fill", color)
-        .style("stroke", "grey");
-
-    legend.append("text")
-				.attr("class", "svgText")
-        .attr("x", 941)
-        .attr("y", 6)
-        .attr("dy", ".35em")
-        .style("text-anchor", "end")
-        .text(function (d) { return d; });
-}
-
-function removePopovers () {
-    $('.popover').each(function() {
-      $(this).remove();
-    });
-  }
-
-function showPopover (d) {
-  $(this).popover({
-    title: "<b><span id='tooltip-id-name-bar'></span></b>",
-    placement: 'top',
-    container: 'body',
-    trigger: 'manual',
-    html : true,
-    content: function() {
-      return "<span id='tooltip-id-label'></span>" +
-            "<br/>num: <span id='tooltip-id-value-bar'></span>"; }
-  });
-  $(this).popover('show');
-  $("#tooltip-id-name-bar").text(d.name);
-  $("#tooltip-id-label").text(d.label);
-  $("#tooltip-id-value-bar").text(d3.format(",")(d.value ? d.value: d.y1 - d.y0));
-}
-
-chart.onResize = function () {
-    var aspect = 1000 / 500, chart = $("#thesvg");
-    var targetWidth = chart.parent().width();
-    chart.attr("width", targetWidth);
-    chart.attr("height", targetWidth / aspect);
-  }
-
-window.chart = chart;
-
-</script>
-
-<script>
-function draw_pie_chart(id, url_json, pie_on_click_url) {
-
-		var width_pie = 200;
-		var height_pie = 200;
-		var padding_pie = 10;
-		var opacity_pie = .8;
-
-		var radius_pie = Math.min(width_pie - padding_pie, height_pie - padding_pie) / 2;
-		//var color_pie = d3.scaleOrdinal(d3.schemeCategory10);
-		var color_pie = d3.scaleOrdinal(d3.schemeSet3);
-
-		var div_pie = d3.select("body").append("div")
-				.attr("class", "tooltip")
-				.style("opacity", 0);
-
-		var svg_pie = d3.select("#"+id)
-				.append('svg')
-				.attr("width", '100%')
-				.attr("height", '100%')
-				.attr('viewBox','0 0 '+Math.min(width_pie,height_pie) +' '+Math.min(width_pie,height_pie) )
-				.attr('preserveAspectRatio','xMinYMin')
-
-
-		var g_pie = svg_pie.append('g')
-				.attr('transform', 'translate(' + (width_pie/2) + ',' + (height_pie/2) + ')');
-
-		var arc_pie = d3.arc()
-				.innerRadius(0)
-				.outerRadius(radius_pie);
-
-		d3.json(url_json)
-			.then(function(data){
-
-			var pie_pie = d3.pie()
-					.value(function(d) { return d.value; })
-					.sort(null);
-
-			var path_pie = g_pie.selectAll('path')
-				  .data(pie_pie(data))
-				  .enter()
-				  .append("g")
-				  .append('path')
-				  .attr('d', arc_pie)
-				  .attr('fill', (d,i) => color_pie(i))
-					.attr('class', 'pie_path')
-					.on("mouseover", mouseovered_pie)
-					.on("mouseout", mouseouted_pie)
-					.on("click", function (d) {window.location.href = pie_on_click_url+d.data.name })
-				  .style('opacity', opacity_pie)
-				  .style('stroke', 'white');
-			});
-
-
-		function mouseovered_pie(d) {
-      //remove old content
-      $("#tooltip-id-name").remove();
-      $("#tooltip-id-value").remove();
-
-			// tooltip
-			var content;
-
-			content = "<b><span id='tooltip-id-name'></span></b><br/>"+
-								"<br/>"+
-								"<i>Decoded</i>: <span id='tooltip-id-value'></span><br/>"
-
-			div_pie.transition()
-				.duration(200)
-				.style("opacity", .9);
-			div_pie.html(content)
-				.style("left", (d3.event.pageX) + "px")
-				.style("top", (d3.event.pageY - 28) + "px");
-
-      $("#tooltip-id-name").text(d.data.name);
-      $("#tooltip-id-value").text(d.data.value);
-		}
-
-		function mouseouted_pie() {
-			div_pie.transition()
-				.duration(500)
-				.style("opacity", 0);
-		}
-}
-
-</script>
-
-
-
-<script>
-function barchart_type(url, id) {
-
-
-  var margin = {top: 20, right: 20, bottom: 70, left: 40};
-
-  var width = 960 - margin.left - margin.right;
-  var height = 500 - margin.top - margin.bottom;
-
-  var x = d3.scaleBand().rangeRound([0, width]).padding(0.1);
-  var y = d3.scaleLinear().rangeRound([height, 0]);
-
-  var xAxis = d3.axisBottom(x)
-    //.tickFormat(d3.time.format("%Y-%m"));
-
-  var yAxis = d3.axisLeft(y)
-    .ticks(10);
-
-/*var svg = d3.select(id).append("svg")
-      .attr("width", width + margin.left + margin.right)
-      .attr("height", height + margin.top + margin.bottom)
-			.attr("id", "thesvg")
-      .append("g")
-        .attr("transform",
-          "translate(" + margin.left + "," + margin.top + ")");*/
-
-
-  d3.json(url)
-    .then(function(data){
-
-        data.forEach(function(d) {
-          d.value = +d.value;
-        });
-
-				x.domain(data.map(function(d) { return d.date; }));
-        y.domain([0, d3.max(data, function(d) { return d.value; })]);
-
-        var label = svg.append("g")
-            .attr("class", "x axis")
-            .attr("transform", "translate(0," + height + ")")
-            .call(xAxis)
-          .selectAll("text")
-            .style("text-anchor", "end")
-            .attr("dx", "-.8em")
-            .attr("dy", "-.55em")
-						{% if  daily_type_chart %}
-						.attr("transform", "rotate(-20)" );
-						{% else %}
-						.attr("transform", "rotate(-70)" )
-						.attr("class", "bar")
-						.on("click", function (d) { window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}"+'?date_from='+d+'&date_to='+d });
-						{% endif %}
-
-        svg.append("g")
-            .attr("class", "y axis")
-            .call(yAxis)
-          .append("text")
-            .attr("transform", "rotate(-90)")
-            .attr("y", 6)
-            .attr("dy", ".71em")
-            .style("text-anchor", "end")
-            .text("Value ($)");
-
-        var bar = svg.selectAll("bar")
-            .data(data)
-          .enter().append("rect")
-            .attr("class", "bar")
-            //.style("fill", "steelblue")
-						.attr("x", function(d) { return x(d.date); })
-            .attr("width", x.bandwidth())
-            .attr("y", function(d) { return y(d.value); })
-            .attr("height", function(d) { return height - y(d.value); })
-						{% if  type %}
-            .on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type={{type}}&date_from='+ d.date +'&date_to='+ d.date; });
-						{% endif  %}
-						{% if  daily_type_chart %}
-						.on("click", function(d){ window.location.href = "{{ url_for('hashDecoded.hashDecoded_page') }}" +'?type='+d.date+'&date_from={{ daily_date }}&date_to={{ daily_date }}'; });
-						{% endif  %}
-
-
-        data.forEach(function(d) {
-          if(d.value != 0){
-            svg.append("text")
-                .attr("class", "bar")
-                .attr("dy", "-.35em")
-                //.text(function(d) { return d.value; });
-                .text(d.value)
-								.style("text-anchor", "middle")
-								.attr('x', x(d.date) + x.bandwidth()/2)
-                .attr('y', y(d.value));
-          }
-        });
-
-    });
-
-}
-</script>
-
-
-</body>
-
-</html>
diff --git a/var/www/modules/hashDecoded/templates/showPgpDump.html b/var/www/modules/hashDecoded/templates/showPgpDump.html
deleted file mode 100644
index 8f7b05aa..00000000
--- a/var/www/modules/hashDecoded/templates/showPgpDump.html
+++ /dev/null
@@ -1,569 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-	<head>
-	  <meta charset="utf-8">
-
-	  <title>AIL - framework</title>
-		<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png') }}">
-
-	  <!-- Core CSS -->
-		<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
-		<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
-
-	  <!-- JS -->
-		<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
-		<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
-		<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
-		<script language="javascript" src="{{ url_for('static', filename='js/d3.min.js') }}"></script>
-
-		<style>
-		line.link {
-			stroke: #666;
-		}
-		line.link:hover{
-			stroke: red;
-			stroke-width: 2px
-		}
-		.line_sparkline {
-			fill: none;
-			stroke: #000;
-			stroke-width: 2.0px;
-		}
-		.node {
-			pointer-events: all;
-		}
-
-		circle {
-			stroke: none;
-		}
-
-		.graph_text_node {
-			font: 8px sans-serif;
-			pointer-events: none;
-		}
-
-		.graph_node_icon {
-			pointer-events: none;
-		}
-
-		.node text {
-			font: 8px sans-serif;
-			pointer-events: auto;
-		}
-
-		div.tooltip {
-			position: absolute;
-			text-align: center;
-			padding: 2px;
-			font: 12px sans-serif;
-			background: #ebf4fb;
-			border: 2px solid #b7ddf2;
-			border-radius: 8px;
-			pointer-events: none;
-			color: #000000;
-		}
-
-		.graph_panel {
-			padding: unset;
-		}
-
-		.line_graph {
-		  fill: none;
-		  stroke: steelblue;
-		  stroke-width: 2px;
-			stroke-linejoin: round;
-			stroke-linecap: round;
-			stroke-width: 1.5;
-			/*attr('stroke', '#bcbd22').*/
-		}
-		</style>
-	</head>
-	<body>
-
-		{% include 'nav_bar.html' %}
-
-		<div class="container-fluid">
-			<div class="row">
-
-				{% include 'decoded/menu_sidebar.html' %}
-
-				<div class="col-12 col-lg-10" id="core_content">
-
-					<div class="card my-3">
-						<div class="card-header" style="background-color:#d9edf7;font-size: 15px">
-							<h4 class="text-secondary">{{ key_id }} :</h4>
-							<ul class="list-group mb-2">
-								<li class="list-group-item py-0">
-									<div class="row">
-										<div class="col-md-10">
-											<table class="table">
-												<thead>
-													<tr>
-														<th>type</th>
-														<th>First_seen</th>
-														<th>Last_seen</th>
-														<th>Nb seen</th>
-													</tr>
-												</thead>
-												<tbody>
-													<tr>
-														<td><i class="fas {{ d }}"></i>&nbsp;&nbsp;{{ type_id }}</td>
-														<td>{{ key_id_metadata['first_seen'] }}</td>
-														<td>{{ key_id_metadata['last_seen'] }}</td>
-														<td>{{ key_id_metadata['nb_seen'] }}</td>
-													</tr>
-												</tbody>
-											</table>
-										</div>
-										<div class="col-md-1">
-											<div id="sparkline"></div>
-										</div>
-									</div>
-								</li>
-							</ul>
-						</div>
-					</div>
-
-					<div class="row">
-						<div class="col-xl-10">
-
-							<div class="card mb-3">
-								<div class="card-header">
-									<i class="fas fa-project-diagram"></i> Graph
-								</div>
-								<div class="card-body graph_panel">
-									<div id="graph">
-									</div>
-								</div>
-							</div>
-						</div>
-
-						<div class="col-xl-2">
-
-							<div class="card my-3">
-								<div class="card-header">
-									<i class="fas fa-project-diagram"></i> Graph
-								</div>
-								<div class="card-body text-center px-0 py-0">
-									<button class="btn btn-primary my-4" onclick="resize_graph();">
-										<i class="fas fa-sync"></i>&nbsp;Resize Graph
-									</button>
-
-
-									<ul class="list-group">
-										<li class="list-group-item list-group-item-info"><i class="fas fa-info-circle fa-2x"></i></li>
-										<li class="list-group-item text-left">
-											<p>Double click on a node to open Hash/Paste<br><br>
-												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="orange"></circle></g></svg>
-												Current Hash<br>
-												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="rgb(141, 211, 199)"></circle></g></svg>
-												Hashes<br>
-												<svg height="12" width="12"><g class="nodes"><circle cx="6" cy="6" r="6" fill="#1f77b4"></circle></g></svg>
-												Pastes
-											</p>
-										</li>
-										<li class="list-group-item list-group-item-info">
-											Hash Types:
-										</li>
-										<li class="list-group-item text-left">
-											<i class="fas fa-key"></i>  Key<br>
-											<i class="fas fa-user-tag"></i>  Name<br>
-											<i class="fas fa-at"></i>  Mail<br>
-										</li>
-									</ul>
-								</div>
-							</div>
-						</div>
-					</div>
-
-					<div class="card">
-						<div class="card-header">
-							<i class="fas fa-chart-bar"></i> Graph
-						</div>
-						<div class="panel-body ">
-							<div id="graph_line">
-							</div>
-						</div>
-					</div>
-
-				</div>
-			</div>
-		</div>
-
-<script>
-var all_graph = {};
-$(document).ready(function(){
-		$("#page-Decoded").addClass("active");
-		sparklines("sparkline", {{ sparkline_values }})
-
-		all_graph.node_graph = create_graph("{{ url_for('hashDecoded.pgp_dump_graph_node_json') }}?type_id={{type_id}}&key_id={{key_id}}");
-		all_graph.line_chart = create_line_chart('graph_line', "{{ url_for('hashDecoded.pgp_graph_line_json') }}?type_id={{type_id}}&key_id={{key_id}}");
-		all_graph.onResize();
-});
-
-$(window).on("resize", function() {
-		all_graph.onResize();
-});
-
-function toggle_sidebar(){
-	if($('#nav_menu').is(':visible')){
-		$('#nav_menu').hide();
-		$('#side_menu').removeClass('border-right')
-		$('#side_menu').removeClass('col-lg-2')
-		$('#core_content').removeClass('col-lg-10')
-	}else{
-		$('#nav_menu').show();
-		$('#side_menu').addClass('border-right')
-		$('#side_menu').addClass('col-lg-2')
-		$('#core_content').addClass('col-lg-10')
-	}
-}
-</script>
-
-<script>
-	function resize_graph() {
-		zoom.translateTo(svg_node, 200, 200);
-		zoom.scaleTo(svg_node, 2);
-	}
-
-</script>
-<script>
-//var data = [6,3,3,2,5,3,9];
-
-// a sparklines plot
-function sparklines(id, points) {
-    var width_spark = 100, height_spark = 60;
-
-    var data = []
-    for (i = 0; i < points.length; i++) {
-        data[i] = {
-            'x': i,
-            'y': +points[i]
-        }
-    }
-
-    var x = d3.scaleLinear()
-        .range([0, width_spark - 10])
-        .domain([0,5]);
-
-    var y = d3.scaleLinear()
-        .range([height_spark, 0])
-        .domain([0,10]);
-
-    var line = d3.line()
-                .x(function(d) {return x(d.x)})
-                .y(function(d) {return y(d.y)});
-
-    d3.select("#"+id).append('svg')
-            .attr('width', width_spark)
-            .attr('height', height_spark)
-         .append('path')
-            .attr('class','line_sparkline')
-            .datum(data)
-            .attr('d', line);
-
-}
-</script>
-
-<script>
-var width = 400,
-		height = 400;
-
-var link;
-
-var zoom = d3.zoom()
-	.scaleExtent([.2, 10])
-	.on("zoom", zoomed);
-
-//var transform = d3.zoomIdentity;
-
-var color = d3.scaleOrdinal(d3.schemeCategory10);
-
-var div = d3.select("body").append("div")
-		.attr("class", "tooltip")
-		.style("opacity", 0);
-
-var simulation = d3.forceSimulation()
-		.force("link", d3.forceLink().id(function(d) { return d.id; }))
-		.force("charge", d3.forceManyBody())
-		.force("center", d3.forceCenter(width / 2, height / 2));
-		//.on("tick", ticked);
-
-var svg_node = d3.select("#graph").append("svg")
-		.attr("id", "graph_div")
-		.attr("width", width)
-		.attr("height", height)
-		.call(d3.zoom().scaleExtent([1, 8]).on("zoom", zoomed))
-		.on("dblclick.zoom", null)
-
-var container_graph = svg_node.append("g");
-		//.attr("transform", "translate(40,0)")
-		//.attr("transform", "scale(2)");
-
-function create_graph(url){
-
-d3.json(url)
-.then(function(data){
-
-	link = container_graph.append("g")
-	.selectAll("line")
-	.data(data.links)
-	.enter().append("line")
-		.attr("class", "link");
-		//.attr("stroke-width", function(d) { return Math.sqrt(d.value); })
-
-	var node = container_graph.selectAll(".node")
-				.data(data.nodes)
-			.enter().append("g")
-			.attr("class", "nodes")
-			.on("dblclick", doubleclick)
-			.on("click", click)
-			.on("mouseover", mouseovered)
-			.on("mouseout", mouseouted)
-			.call(d3.drag()
-					.on("start", drag_start)
-					.on("drag", dragged)
-					.on("end", drag_end));
-
-
-	node.append("circle")
-			.attr("r", function(d) {
-				return (d.hash) ? 6 : 5; })
-			.attr("fill", function(d) {
-				if(!d.hash){ return color(d.group);}
-				if(d.group == 1){ return "orange";}
-				return "rgb(141, 211, 199)"; });
-
-	node.append('text')
-		  .attr('text-anchor', 'middle')
-		  .attr('dominant-baseline', 'central')
-		  .attr("class", "graph_node_icon fa")
-    	.attr('font-size', '8px' )
-			.attr('pointer-events', 'none')
-    	.text(function(d) {
-				if(d.hash){
-					return d.icon
-				} });
-
-	zoom.translateTo(svg_node, 200, 200);
-	zoom.scaleTo(svg_node, 2);
-
-/*	node.append("text")
-		      .attr("dy", 3)
-					.attr("dx", 7)
-					.attr("class", "graph_text_node")
-		      //.style("text-anchor", function(d) { return d.children ? "end" : "start"; })
-		      .text(function(d) { return d.id; });*/
-
-	simulation
-			.nodes(data.nodes)
-			.on("tick", ticked);
-
-	simulation.force("link")
-			.links(data.links);
-
-	function ticked() {
-		link
-				.attr("x1", function(d) { return d.source.x; })
-				.attr("y1", function(d) { return d.source.y; })
-				.attr("x2", function(d) { return d.target.x; })
-				.attr("y2", function(d) { return d.target.y; });
-
-		/*node
-				.attr("cx", function(d) { return d.x; })
-				.attr("cy", function(d) { return d.y; });*/
-		node.attr("transform", function(d) { return "translate(" + d.x + "," + d.y + ")"; });
-	}
-
-});
-}
-
-function zoomed() {
-	container_graph.attr("transform", d3.event.transform);
-}
-
-function doubleclick (d) {
-window.open(d.url, '_blank');
-}
-
-function click (d) {
-console.log('clicked')
-}
-
-function drag_start(d) {
-if (!d3.event.active) simulation.alphaTarget(0.3).restart();
-d.fx = d.x;
-d.fy = d.y;
-}
-
-function dragged(d) {
-d.fx = d3.event.x;
-d.fy = d3.event.y;
-}
-
-function drag_end(d) {
-if (!d3.event.active) simulation.alphaTarget(0);
-d.fx = d.x;
-d.fy = d.y;
-}
-
-function mouseovered(d) {
-
-// tooltip
-var content;
-
-if(d.hash == true){
-	content = "<b><span id='tooltip-id-name'></span></b><br/>"+
-						"<br/>"+
-						"<i>First seen</i>: <span id='tooltip-id-first_seen'></span><br/>"+
-						"<i>Last seen</i>: <span id='tooltip-id-last_seen'></span><br/>"+
-						"<i>nb_seen</i>: <span id='tooltip-id-nb_seen'></span>";
-
-	div.transition()
-		 .duration(200)
-				.style("opacity", .9);
-	div.html(content)
-		 .style("left", (d3.event.pageX) + "px")
-		 .style("top", (d3.event.pageY - 28) + "px");
-
-	$("#tooltip-id-name").text(d.id);
-	$("#tooltip-id-first_seen").text(d.first_seen);
-	$("#tooltip-id-last_seen").text(d.last_seen);
-	$("#tooltip-id-nb_seen").text(d.nb_seen_in_paste);
-
-} else {
-	content = "<b><span id='tooltip-id-name'></span></b><br/>";
-
-	div.transition()
-		 .duration(200)
-				.style("opacity", .9);
-	div.html(content)
-		 .style("left", (d3.event.pageX) + "px")
-		 .style("top", (d3.event.pageY - 28) + "px");
-
-	$("#tooltip-id-name").text(d.id);
-
-}
-
-	//links
-	/*link.style("stroke-opacity", function(o) {
-			return o.source === d || o.target === d ? 1 : opacity;
-	});*/
-	link.style("stroke", function(o){
-			return o.source === d || o.target === d ? "#666" : "#ddd";
-	});
-}
-
-function mouseouted() {
-	div.transition()
-		.duration(500)
-		.style("opacity", 0);
-
-	link.style("stroke", "#666");
-}
-
-all_graph.onResize = function () {
-	var aspect = 1000 / 500, all_graph = $("#graph_div");
-	var targetWidth = all_graph.parent().width();
-	all_graph.attr("width", targetWidth);
-	all_graph.attr("height", targetWidth / aspect);
-}
-
-window.all_graph = all_graph;
-</script>
-
-<script>
-function create_line_chart(id, url){
-
-	var width = 900;
-	var height = Math.round(width / 4);
-
-	var margin = {top: 20, right: 55, bottom: 50, left: 40};
-
-	var x = d3.scaleTime().range([0, width]);
-	var y = d3.scaleLinear().rangeRound([height, 0]);
-
-	var xAxis = d3.axisBottom(x);
-	var yAxis = d3.axisLeft(y);
-
-	var parseTime = d3.timeParse("%Y-%m-%d");
-
-	var line = d3.line()
-							.x(function(d) {
-          			return x(d.date);
-        			}).y(function(d) {
-          			return y(d.value);
-        			});
-
-	var svg_line = d3.select('#'+id).append('svg')
-				.attr("id", "graph_div")
-				.attr("width", width + margin.left + margin.right)
-				.attr("height", height + margin.top + margin.bottom)
-				.append('g')
-						.attr('transform', "translate("+ margin.left +","+ margin.top +")");
-
-	var div = d3.select('body').append('div')
-				.attr('class', 'tooltip')
-				.style('opacity', 0);
-
-	//add div tooltip
-
-d3.json(url)
-	.then(function(data){
-
-		data.forEach(function(d) {
-			d.date_label = d.date;
-			d.date = parseTime(d.date);
-			d.value = +d.value;
-		});
-
-		// fit the data
-		x.domain(d3.extent(data, function(d) { return d.date; }));
-		//x.domain(data.map(function (d) { return d.date; })); //E
-		y.domain([0, d3.max(data, function(d){ return d.value ; })]);
-
-		//line
-		svg_line.append("path")
-				.data([data])
-				.attr("class", "line_graph")
-				.attr("d", line);
-
-		// add X axis
-		svg_line.append("g")
-		    .attr("transform", "translate(0," + height + ")")
-		    .call(d3.axisBottom(x))
-				.selectAll("text")
-					.style("text-anchor", "end")
-					.attr("transform", "rotate(-45)" );
-
-		// Add the Y Axis
-		svg_line.append("g")
-		    .call(d3.axisLeft(y));
-
-		//add a dot circle
-    svg_line.selectAll('dot')
-				.data(data).enter()
-				.append('circle')
-						.attr('r', 2)
-							.attr('cx', function(d) { return x(d.date); })
-							.attr('cy', function(d) { return y(d.value); })
-
-            	.on('mouseover', function(d) {
-	            	div.transition().style('opacity', .9);
-	            	div.html('' + d.date_label+ '<br/>' + d.value).style('left', (d3.event.pageX) + 'px')
-								.style("left", (d3.event.pageX) + "px")
-								.style("top", (d3.event.pageY - 28) + "px");
-          		})
-            	.on('mouseout', function(d)
-          			{
-            			div.transition().style('opacity', 0);
-          			});
-
-	});
-}
-</script>
-
-        </body>
-
-</html>
diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html
index 7a5a981c..61c17a08 100644
--- a/var/www/templates/decoded/menu_sidebar.html
+++ b/var/www/templates/decoded/menu_sidebar.html
@@ -22,11 +22,22 @@
       		</h5>
       	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
       	    <li class="nav-item">
-      	      <a class="nav-link" href="{{url_for('hashDecoded.pgpdump_page')}}" id="nav_dashboard_pgp">
-      	        <i class="fas fa-search"></i>
+      	      <a class="nav-link" href="{{url_for('hashDecoded.pgpdump_page')}}" id="nav_dashboard_pgpdump">
+      	        <i class="fas fa-key"></i>
       	        <span>PGP Dumps</span>
       	      </a>
       	    </li>
           </ul>
+          <h5 class="d-flex text-muted w-100">
+      		  <span>Cryptocurrency</span>
+      		</h5>
+      	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
+      	    <li class="nav-item">
+      	      <a class="nav-link" href="{{url_for('hashDecoded.pgpdump_page')}}" id="nav_dashboard_cryptocurrency">
+      	        <i class="fas fa-coins"></i>
+      	        <span>Cryptocurrency</span>
+      	      </a>
+      	    </li>
+          </ul>
       	</nav>
       </div>

From bc6332dae4b77930eb8498934e0c3bd3c70479e0 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 13:19:11 +0200
Subject: [PATCH 23/33] fix: [correlation] fix endpoint

---
 var/www/templates/decoded/menu_sidebar.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/var/www/templates/decoded/menu_sidebar.html b/var/www/templates/decoded/menu_sidebar.html
index 61c17a08..f8b63426 100644
--- a/var/www/templates/decoded/menu_sidebar.html
+++ b/var/www/templates/decoded/menu_sidebar.html
@@ -33,7 +33,7 @@
       		</h5>
       	  <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
       	    <li class="nav-item">
-      	      <a class="nav-link" href="{{url_for('hashDecoded.pgpdump_page')}}" id="nav_dashboard_cryptocurrency">
+      	      <a class="nav-link" href="{{url_for('hashDecoded.cryptocurrency_page')}}" id="nav_dashboard_cryptocurrency">
       	        <i class="fas fa-coins"></i>
       	        <span>Cryptocurrency</span>
       	      </a>

From c27dfc035a0090eb594fcb044800cdf8e6068957 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thirion=20Aur=C3=A9lien?= <Terrtia@users.noreply.github.com>
Date: Fri, 24 May 2019 13:32:50 +0200
Subject: [PATCH 24/33] Update README.md

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1b6eab35..9f9d8d4d 100644
--- a/README.md
+++ b/README.md
@@ -62,11 +62,12 @@ Features
 * Create events on [MISP](https://github.com/MISP/MISP) and cases on [The Hive](https://github.com/TheHive-Project/TheHive)
 * Automatic paste export at detection on [MISP](https://github.com/MISP/MISP) (events) and [The Hive](https://github.com/TheHive-Project/TheHive) (alerts) on selected tags
 * Extracted and decoded files can be searched by date range, type of file (mime-type) and encoding discovered
-* Graph relationships between decoded file (hashes)
+* Graph relationships between decoded file (hashes), similar PGP UIDs and addresses of cryptocurrencies
 * Tor hidden services crawler to crawl and parse output
 * Tor onion availability is monitored to detect up and down of hidden services
 * Browser hidden services are screenshot and integrated in the analysed output including a blurring screenshot interface (to avoid "burning the eyes" of the security analysis with specific content)
 * Tor hidden services is part of the standard framework, all the AIL modules are available to the crawled hidden services
+* Generic web crawler to trigger crawling on demand or at regular interval URL or Tor hidden services
 
 
 Installation

From fae3530fec149ad2e97f472e7b94924702d69916 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 24 May 2019 14:10:06 +0200
Subject: [PATCH 25/33] chg: [PgpDump] PMF fix - longer keys are truncated

TODO: Need to be updated by an async process handling the keys
---
 bin/PgpDump.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/PgpDump.py b/bin/PgpDump.py
index b982b9c5..0dc43621 100755
--- a/bin/PgpDump.py
+++ b/bin/PgpDump.py
@@ -59,6 +59,9 @@ def extract_all_id(item_content, regex):
 
 def get_pgp_packet(save_path):
     save_path = '{}'.format(save_path)
+    print (len(save_path))
+    if len(save_path) > 131072:
+        save_path = save_path[:131071]
     process1 = subprocess.Popen([ 'echo', '-e', save_path], stdout=subprocess.PIPE)
     process2 = subprocess.Popen([ 'pgpdump'], stdin=process1.stdout, stdout=subprocess.PIPE)
     process1.stdout.close()

From 8dfe8fec911eeb3217c9a3c9371d311b7821c229 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 14:14:07 +0200
Subject: [PATCH 26/33] fix: [correlation] fix graph node endpoint

---
 var/www/modules/hashDecoded/Flask_hashDecoded.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py
index 597190c1..1cbf4f98 100644
--- a/var/www/modules/hashDecoded/Flask_hashDecoded.py
+++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py
@@ -460,7 +460,7 @@ def correlation_graph_node_json(correlation_type, type_id, key_id):
 
         nodes = []
         for node in nodes_set_dump:
-            nodes.append({"id": node[0], "group": node[1], "first_seen": node[3], "last_seen": node[4], "nb_seen_in_paste": node[5], 'icon': get_icon_text(correlation_type, node[2]),"url": url_for(get_show_key_id_endpoint(correlation_type), hash=node[0]), 'hash': True})
+            nodes.append({"id": node[0], "group": node[1], "first_seen": node[3], "last_seen": node[4], "nb_seen_in_paste": node[5], 'icon': get_icon_text(correlation_type, node[2]),"url": url_for(get_show_key_id_endpoint(correlation_type), type_id=node[2], key_id=node[0]), 'hash': True})
         for node in nodes_set_paste:
             nodes.append({"id": node[0], "group": node[1],"url": url_for('showsavedpastes.showsavedpaste', paste=node[0]), 'hash': False})
         links = []

From 67897eeef150cce86b46870471b29edf9d833755 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Fri, 24 May 2019 14:31:08 +0200
Subject: [PATCH 27/33] fix: [update v1.7] add bs4 requirement

---
 requirements.txt      | 2 ++
 update/v1.7/Update.sh | 5 +++++
 2 files changed, 7 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index 3991e158..fe98901d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -51,6 +51,8 @@ DomainClassifier
 #Indexer requirements
 whoosh
 
+beautifulsoup4
+
 ipaddress
 pycountry
 
diff --git a/update/v1.7/Update.sh b/update/v1.7/Update.sh
index 601b3cab..fe941541 100755
--- a/update/v1.7/Update.sh
+++ b/update/v1.7/Update.sh
@@ -32,6 +32,11 @@ sudo make install
 wait
 echo ""
 
+echo ""
+echo -e $GREEN"Update requirement"$DEFAULT
+echo ""
+pip3 install beautifulsoup4
+
 bash ${AIL_BIN}LAUNCH.sh -lav &
 wait
 echo ""

From f09bb63a358197a0a843836e536d32422b1a018c Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sat, 25 May 2019 09:51:49 +0200
Subject: [PATCH 28/33] chg: [template] the "item" project

---
 var/www/modules/hashDecoded/templates/DaysCorrelation.html | 2 +-
 var/www/modules/hashDecoded/templates/hashDecoded.html     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/var/www/modules/hashDecoded/templates/DaysCorrelation.html b/var/www/modules/hashDecoded/templates/DaysCorrelation.html
index 84868f22..2051cef0 100644
--- a/var/www/modules/hashDecoded/templates/DaysCorrelation.html
+++ b/var/www/modules/hashDecoded/templates/DaysCorrelation.html
@@ -136,7 +136,7 @@
 										<th>key id</th>
 										<th>first seen</th>
 										<th>last seen</th>
-										<th>nb paste</th>
+										<th>nb item</th>
 										<th>Sparkline</th>
 								</tr>
 							</thead>
diff --git a/var/www/modules/hashDecoded/templates/hashDecoded.html b/var/www/modules/hashDecoded/templates/hashDecoded.html
index e031530a..766f618a 100644
--- a/var/www/modules/hashDecoded/templates/hashDecoded.html
+++ b/var/www/modules/hashDecoded/templates/hashDecoded.html
@@ -147,7 +147,7 @@
 										<th>hash</th>
 										<th>first seen</th>
 										<th>last seen</th>
-										<th>nb paste</th>
+										<th>nb item</th>
 										<th>size</th>
 										<th>Virus Total</th>
 										<th>Sparkline</th>

From 9cb6312279020024a6a3d00c0c0829bc30aaa711 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Tue, 4 Jun 2019 14:22:46 +0200
Subject: [PATCH 29/33] fix: [UI crawler endpoints] display crawler status +
 fix #353

---
 var/www/Flask_server.py                                     | 4 ----
 var/www/modules/Flask_config.py                             | 2 ++
 var/www/modules/hiddenServices/Flask_hiddenServices.py      | 6 +++++-
 .../templates/Crawler_Splash_last_by_type.html              | 2 ++
 .../hiddenServices/templates/Crawler_Splash_manual.html     | 1 +
 var/www/modules/hiddenServices/templates/Crawler_auto.html  | 2 ++
 .../modules/hiddenServices/templates/Crawler_dashboard.html | 2 ++
 var/www/templates/crawler/crawler_disabled.html             | 6 ++++++
 8 files changed, 20 insertions(+), 5 deletions(-)
 create mode 100644 var/www/templates/crawler/crawler_disabled.html

diff --git a/var/www/Flask_server.py b/var/www/Flask_server.py
index 95433757..ff6d5bac 100755
--- a/var/www/Flask_server.py
+++ b/var/www/Flask_server.py
@@ -48,10 +48,6 @@ except IOError:
     f = open('templates/ignored_modules.txt', 'w')
     f.close()
 
-activate_crawler = cfg.get("Crawler", "activate_crawler")
-if activate_crawler != 'True':
-    toIgnoreModule.add('hiddenServices')
-
 # Dynamically import routes and functions from modules
 # Also, prepare header.html
 to_add_to_header_dico = {}
diff --git a/var/www/modules/Flask_config.py b/var/www/modules/Flask_config.py
index d4251e5f..899a26b5 100644
--- a/var/www/modules/Flask_config.py
+++ b/var/www/modules/Flask_config.py
@@ -173,6 +173,8 @@ REPO_ORIGIN = 'https://github.com/CIRCL/AIL-framework.git'
 
 max_dashboard_logs = int(cfg.get("Flask", "max_dashboard_logs"))
 
+crawler_enabled = cfg.getboolean("Crawler", "activate_crawler")
+
 # VT
 try:
     from virusTotalKEYS import vt_key
diff --git a/var/www/modules/hiddenServices/Flask_hiddenServices.py b/var/www/modules/hiddenServices/Flask_hiddenServices.py
index 0ee44974..ed5cbcd4 100644
--- a/var/www/modules/hiddenServices/Flask_hiddenServices.py
+++ b/var/www/modules/hiddenServices/Flask_hiddenServices.py
@@ -25,6 +25,7 @@ baseUrl = Flask_config.baseUrl
 r_cache = Flask_config.r_cache
 r_serv_onion = Flask_config.r_serv_onion
 r_serv_metadata = Flask_config.r_serv_metadata
+crawler_enabled = Flask_config.crawler_enabled
 bootstrap_label = Flask_config.bootstrap_label
 
 hiddenServices = Blueprint('hiddenServices', __name__, template_folder='templates')
@@ -247,6 +248,7 @@ def dashboard():
     statDomains_regular = get_stats_last_crawled_domains('regular', date)
 
     return render_template("Crawler_dashboard.html", crawler_metadata_onion = crawler_metadata_onion,
+                                crawler_enabled=crawler_enabled,
                                 crawler_metadata_regular=crawler_metadata_regular,
                                 statDomains_onion=statDomains_onion, statDomains_regular=statDomains_regular)
 
@@ -256,7 +258,7 @@ def hiddenServices_page_test():
 
 @hiddenServices.route("/crawlers/manual", methods=['GET'])
 def manual():
-    return render_template("Crawler_Splash_manual.html")
+    return render_template("Crawler_Splash_manual.html", crawler_enabled=crawler_enabled)
 
 @hiddenServices.route("/crawlers/crawler_splash_onion", methods=['GET'])
 def crawler_splash_onion():
@@ -294,6 +296,7 @@ def Crawler_Splash_last_by_type():
     crawler_metadata = get_crawler_splash_status(type)
 
     return render_template("Crawler_Splash_last_by_type.html", type=type, type_name=type_name,
+                            crawler_enabled=crawler_enabled,
                             last_domains=list_domains, statDomains=statDomains,
                             crawler_metadata=crawler_metadata, date_from=date_string, date_to=date_string)
 
@@ -507,6 +510,7 @@ def auto_crawler():
 
     return render_template("Crawler_auto.html", page=page, nb_page_max=nb_page_max,
                                 last_domains=last_domains,
+                                crawler_enabled=crawler_enabled,
                                 auto_crawler_domain_onions_metadata=auto_crawler_domain_onions_metadata,
                                 auto_crawler_domain_regular_metadata=auto_crawler_domain_regular_metadata)
 
diff --git a/var/www/modules/hiddenServices/templates/Crawler_Splash_last_by_type.html b/var/www/modules/hiddenServices/templates/Crawler_Splash_last_by_type.html
index a42e3880..bafe3ecf 100644
--- a/var/www/modules/hiddenServices/templates/Crawler_Splash_last_by_type.html
+++ b/var/www/modules/hiddenServices/templates/Crawler_Splash_last_by_type.html
@@ -46,6 +46,8 @@
 
 			<div class="col-12 col-lg-10" id="core_content">
 
+				{% include 'crawler/crawler_disabled.html' %}
+
 				<div class="row">
 					<div class="col-12 col-xl-6">
 
diff --git a/var/www/modules/hiddenServices/templates/Crawler_Splash_manual.html b/var/www/modules/hiddenServices/templates/Crawler_Splash_manual.html
index bc2e6024..11df7730 100644
--- a/var/www/modules/hiddenServices/templates/Crawler_Splash_manual.html
+++ b/var/www/modules/hiddenServices/templates/Crawler_Splash_manual.html
@@ -30,6 +30,7 @@
 
 			<div class="col-12 col-lg-10" id="core_content">
 
+				{% include 'crawler/crawler_disabled.html' %}
 
 						<div class="card text-white bg-dark mb-3 mt-1">
 						  <div class="card-header">
diff --git a/var/www/modules/hiddenServices/templates/Crawler_auto.html b/var/www/modules/hiddenServices/templates/Crawler_auto.html
index 977aed1e..87dd7569 100644
--- a/var/www/modules/hiddenServices/templates/Crawler_auto.html
+++ b/var/www/modules/hiddenServices/templates/Crawler_auto.html
@@ -29,6 +29,8 @@
 
 			<div class="col-12 col-lg-10" id="core_content">
 
+				{% include 'crawler/crawler_disabled.html' %}
+
 				{%if last_domains%}
 					<div class="table-responsive mt-1 mb-3 table-hover table-borderless table-striped">
 						<table class="table">
diff --git a/var/www/modules/hiddenServices/templates/Crawler_dashboard.html b/var/www/modules/hiddenServices/templates/Crawler_dashboard.html
index 91d300af..b746b05c 100644
--- a/var/www/modules/hiddenServices/templates/Crawler_dashboard.html
+++ b/var/www/modules/hiddenServices/templates/Crawler_dashboard.html
@@ -26,6 +26,8 @@
 
 			<div class="col-12 col-lg-10" id="core_content">
 
+				{% include 'crawler/crawler_disabled.html' %}
+
 				<div class="row">
 					<div class="col-xl-6">
 
diff --git a/var/www/templates/crawler/crawler_disabled.html b/var/www/templates/crawler/crawler_disabled.html
new file mode 100644
index 00000000..455f350e
--- /dev/null
+++ b/var/www/templates/crawler/crawler_disabled.html
@@ -0,0 +1,6 @@
+{% if not crawler_enabled %}
+  <div class="alert alert-secondary text-center my-2" role="alert">
+    <h1><i class="fas fa-times-circle text-danger"></i> Crawler Disabled</h1>
+    <p>...</p>
+  </div>
+{% endif %}

From 1929b2c6a797944cf3f94914b80dc675624aa016 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 5 Jun 2019 16:18:30 +0200
Subject: [PATCH 30/33] fix: [paste_submit UI] filter empty file field

---
 var/www/modules/PasteSubmit/Flask_PasteSubmit.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
index cc38de77..68cd75ae 100644
--- a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
+++ b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
@@ -294,6 +294,12 @@ def submit():
     ltagsgalaxies = request.form['tags_galaxies']
     paste_content = request.form['paste_content']
 
+    is_file = False
+    file = request.files['file']
+    if file:
+        if file.filename:
+            is_file = True
+
     submitted_tag = 'infoleak:submission="manual"'
 
     #active taxonomies
@@ -312,9 +318,7 @@ def submit():
     else:
         ltags = submitted_tag
 
-    if 'file' in request.files:
-
-        file = request.files['file']
+    if is_file:
         if file:
 
             if file and allowed_file(file.filename):

From 17af705231592951ac3190cd4999d7a7c7a9d427 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 5 Jun 2019 16:20:26 +0200
Subject: [PATCH 31/33] fix: [PgpDump] process large pgp blocks

---
 bin/PgpDump.py | 125 ++++++++++++++++++++++++++++++++++---------------
 1 file changed, 86 insertions(+), 39 deletions(-)

diff --git a/bin/PgpDump.py b/bin/PgpDump.py
index 0dc43621..21ffd263 100755
--- a/bin/PgpDump.py
+++ b/bin/PgpDump.py
@@ -9,6 +9,7 @@
 import os
 import re
 import time
+import uuid
 import redis
 import signal
 import datetime
@@ -28,6 +29,15 @@ def timeout_handler(signum, frame):
 
 signal.signal(signal.SIGALRM, timeout_handler)
 
+# save pgp message in directory, process one time each day
+def save_in_file(message, pgp_content):
+    print('save in file')
+    UUID = str(uuid.uuid4())
+    file_name = os.path.join(pgp_dump_dir_to_process, UUID)
+    with open(file_name, 'w') as f:
+        f.write(pgp_content)
+    r_serv_db.sadd('pgpdumb:uuid', '{};{}'.format(UUID, message))
+
 def remove_html(item_content):
     if bool(BeautifulSoup(item_content, "html.parser").find()):
         soup = BeautifulSoup(item_content, 'html.parser')
@@ -41,33 +51,44 @@ def remove_html(item_content):
     else:
         return item_content
 
-def extract_all_id(item_content, regex):
-    # max execution time on regex
-    signal.alarm(max_execution_time)
-    try:
-        pgp_extracted_block = re.findall(regex, item_content)
-    except TimeoutException:
-        pgp_extracted_block = []
-        p.incr_module_timeout_statistic() # add encoder type
-        print ("{0} processing timeout".format(paste.p_rel_path))
-    else:
-        signal.alarm(0)
+def extract_all_id(message, item_content, regex=None, is_file=False):
 
-    for pgp_to_dump in pgp_extracted_block:
-        pgp_packet = get_pgp_packet(pgp_to_dump)
+    if is_file:
+        pgp_packet = get_pgp_packet_file(item_content)
         extract_id_from_output(pgp_packet)
 
-def get_pgp_packet(save_path):
-    save_path = '{}'.format(save_path)
-    print (len(save_path))
-    if len(save_path) > 131072:
-        save_path = save_path[:131071]
-    process1 = subprocess.Popen([ 'echo', '-e', save_path], stdout=subprocess.PIPE)
-    process2 = subprocess.Popen([ 'pgpdump'], stdin=process1.stdout, stdout=subprocess.PIPE)
-    process1.stdout.close()
-    output = process2.communicate()[0].decode()
-    return output
+    else:
+        # max execution time on regex
+        signal.alarm(max_execution_time)
+        try:
+            pgp_extracted_block = re.findall(regex, item_content)
+        except TimeoutException:
+            pgp_extracted_block = []
+            p.incr_module_timeout_statistic() # add encoder type
+            print ("{0} processing timeout".format(paste.p_rel_path))
+        else:
+            signal.alarm(0)
 
+        for pgp_to_dump in pgp_extracted_block:
+            pgp_packet = get_pgp_packet(message, pgp_to_dump)
+            extract_id_from_output(pgp_packet)
+
+def get_pgp_packet(message, save_path):
+    save_path = '{}'.format(save_path)
+    if len(save_path) > 131072:
+        save_in_file(message, save_path)
+        return ''
+    else:
+        process1 = subprocess.Popen([ 'echo', '-e', save_path], stdout=subprocess.PIPE)
+        process2 = subprocess.Popen([ 'pgpdump'], stdin=process1.stdout, stdout=subprocess.PIPE)
+        process1.stdout.close()
+        output = process2.communicate()[0].decode()
+        return output
+
+def get_pgp_packet_file(file):
+    process1 = subprocess.Popen([ 'pgpdump', file], stdout=subprocess.PIPE)
+    output = process1.communicate()[0].decode()
+    return output
 
 def extract_id_from_output(pgp_dump_outpout):
     all_user_id = set(re.findall(regex_user_id, pgp_dump_outpout))
@@ -131,6 +152,12 @@ if __name__ == '__main__':
     # Setup the I/O queues
     p = Process(config_section)
 
+    r_serv_db = redis.StrictRedis(
+        host=p.config.get("ARDB_DB", "host"),
+        port=p.config.getint("ARDB_DB", "port"),
+        db=p.config.getint("ARDB_DB", "db"),
+        decode_responses=True)
+
     serv_metadata = redis.StrictRedis(
         host=p.config.get("ARDB_Metadata", "host"),
         port=p.config.getint("ARDB_Metadata", "port"),
@@ -140,6 +167,11 @@ if __name__ == '__main__':
     # Sent to the logging a description of the module
     publisher.info("PgpDump started")
 
+    # check/create pgpdump queue directory (used for huge pgp blocks)
+    pgp_dump_dir_to_process = os.path.join(os.environ['AIL_HOME'], 'temp', 'pgpdump')
+    if not os.path.isdir(pgp_dump_dir_to_process):
+        os.makedirs(pgp_dump_dir_to_process)
+
     user_id_str = 'User ID - '
     regex_user_id= '{}.+'.format(user_id_str)
 
@@ -159,28 +191,43 @@ if __name__ == '__main__':
 
     # Endless loop getting messages from the input queue
     while True:
-        # Get one message from the input queue
-        message = p.get_from_set()
-
-        if message is None:
-            publisher.debug("{} queue is empty, waiting".format(config_section))
-            time.sleep(1)
-            continue
-
 
+        is_file = False
         set_key = set()
         set_name = set()
         set_mail = set()
-        paste = Paste.Paste(message)
 
-                # Do something with the message from the queue
-        date = str(paste._get_p_date())
-        content = paste.get_p_content()
-        content = remove_html(content)
+        if r_serv_db.scard('pgpdumb:uuid') > 0:
+            res = r_serv_db.spop('pgpdumb:uuid')
+            file_to_process, message = res.split(';', 1)
+            file_to_process = os.path.join(pgp_dump_dir_to_process, file_to_process)
+            date = datetime.datetime.now().strftime("%Y/%m/%d")
+            paste = Paste.Paste(message)
+            date = str(paste._get_p_date())
+            print(message)
+            extract_all_id(message, file_to_process, is_file=True)
+            os.remove(file_to_process)
 
-        extract_all_id(content, regex_pgp_public_blocs)
-        extract_all_id(content, regex_pgp_signature)
-        extract_all_id(content, regex_pgp_message)
+        else:
+            # Get one message from the input queue
+            message = p.get_from_set()
+
+            if message is None:
+                publisher.debug("{} queue is empty, waiting".format(config_section))
+                time.sleep(1)
+                continue
+
+            paste = Paste.Paste(message)
+
+            date = str(paste._get_p_date())
+            content = paste.get_p_content()
+            content = remove_html(content)
+
+            print(message)
+
+            extract_all_id(message, content, regex_pgp_public_blocs)
+            extract_all_id(message, content, regex_pgp_signature)
+            extract_all_id(message, content, regex_pgp_message)
 
         for key_id in set_key:
             print(key_id)

From 601ea8f13e4d972a17d86af7cf75b6f469a1f7af Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 5 Jun 2019 16:31:35 +0200
Subject: [PATCH 32/33] chg: [paste_submit UI] add debug

---
 var/www/modules/PasteSubmit/Flask_PasteSubmit.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
index 68cd75ae..51b5f2b2 100644
--- a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
+++ b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
@@ -310,6 +310,7 @@ def submit():
     if ltags or ltagsgalaxies:
         if not addTagsVerification(ltags, ltagsgalaxies):
             content = 'INVALID TAGS'
+            print(content)
             return content, 400
 
     # add submitted tags
@@ -358,6 +359,7 @@ def submit():
 
             else:
                 content = 'wrong file type, allowed_extensions: sh, pdf, zip, gz, tar.gz or remove the extension'
+                print(content)
                 return content, 400
 
 
@@ -380,9 +382,11 @@ def submit():
 
         else:
             content = 'size error'
+            print(content)
             return content, 400
 
         content = 'submit aborded'
+        print(content)
         return content, 400
 
 

From 0d3d4aae1d14ed0973bb99e689f28c20668eeff0 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 5 Jun 2019 16:41:59 +0200
Subject: [PATCH 33/33] fix: [paste_submit UI] filter empty file field

---
 var/www/modules/PasteSubmit/Flask_PasteSubmit.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
index 51b5f2b2..6b7f5360 100644
--- a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
+++ b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py
@@ -295,10 +295,11 @@ def submit():
     paste_content = request.form['paste_content']
 
     is_file = False
-    file = request.files['file']
-    if file:
-        if file.filename:
-            is_file = True
+    if 'file' in request.files:
+        file = request.files['file']
+        if file:
+            if file.filename:
+                is_file = True
 
     submitted_tag = 'infoleak:submission="manual"'