2020-08-25 18:00:16 +02:00
{% macro known_content_details(details) %}
2020-07-12 01:56:29 +02:00
< div >
{% if details is string %}
< b > {{ details }} < / b >
{% else %}
This file is known as part of < b > {{ details[0] }}< / b >
version < b > {{ details[1] }}< / b > : < b > {{ details[2] }}< / b > .
{% if details[3] > 1%}
It is also present in < b > {{ details[3] -1 }}< / b > other libraries.
{%endif%}
{%endif%}
< / div >
{% endmacro %}
2020-09-03 16:31:45 +02:00
{% macro context_form(tree_uuid, urlnode_uuid, hostnode_uuid, hash, callback_str) %}
< button class = "btn btn-primary collapsed" type = "button" data-toggle = "collapse" data-target = "#context_response_{{ urlnode_uuid }}" aria-expanded = "false" aria-controls = "collapseContextForm" >
< span class = "if-collapsed" > Add context< / span >
< span class = "if-not-collapsed" > Hide context form< / span >
< / button >
< div class = "collapse" id = "context_response_{{ urlnode_uuid }}" >
< div class = "card card-body" >
< form role = "form" action = "{{ url_for('add_context', tree_uuid=tree_uuid, urlnode_uuid=urlnode_uuid) }}" method = post enctype = multipart/form-data >
< div class = "form-group" >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "legitimate" id = "legitimate" >
< label for = "legitimate" class = "form-check-label" > Legitimate< / label >
< / div >
< / div >
< div class = "form-group" >
< label for = "legitimate_domain" > Domain serving the file when considered legitimate:< / label >
< input type = "text" class = "form-control" name = "legitimate_domain" id = "legitimate_domain" placeholder = "Domain name" >
< / div >
< div class = "form-group" >
< label for = "legitimate_description" > Other context for this content (library name, owner, ...):< / label >
< input type = "text" class = "form-control" name = "legitimate_description" id = "legitimate_description" placeholder = "Description" >
< / div >
< div class = "form-group" >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "malicious" > < / input >
< label for = "malicious" class = "form-check-label" > Malicious< / label >
< / div >
< / div >
< div class = "form-group" >
< label for = "malicious_type" > Type of malicious content (phishing, malware, ...):< / label >
< input type = "text" class = "form-control" name = "malicious_type" id = "malicious_type" placeholder = "Type of malicious content" >
< / div >
< div class = "form-group" >
< label for = "malicious_target" > Legitimate target of the malicious content (expecially for phishing):< / label >
< input type = "text" class = "form-control" name = "malicious_target" id = "malicious_target" placeholder = "Target" >
< / div >
< input type = "hidden" id = "hash_to_contextualize" name = "hash_to_contextualize" value = "{{ hash }}" >
< input type = "hidden" id = "hostnode_uuid" name = "hostnode_uuid" value = "{{ hostnode_uuid }}" >
< input type = "hidden" id = "callback_str" name = "callback_str" value = "{{ callback_str }}" >
< button type = "submit" class = "btn btn-primary" id = "btn-looking" > Submit context< / button >
< / form >
< / div >
< / div >
{% endmacro %}
2020-09-03 14:39:38 +02:00
{% macro get_ressource_button(capture_uuid, urlnode_uuid, hash, text) %}
< form method = "post" action = "{{ url_for('get_ressource', tree_uuid=capture_uuid, node_uuid=urlnode_uuid) }}" >
< button class = "btn btn-primary" name = "ressource_hash" value = "{{ hash }}" > {{ text }}< / button >
< / form >
{% endmacro %}
2020-08-27 12:57:10 +02:00
{% macro ressource_legitimacy_details(details, ressource_size) %}
{% if details and details[0] == False %}
< img src = "/static/bomb.svg" title = "Known malicious content in the response." width = "21" height = "21" / >
{%endif%}
Body size: {{ sizeof_fmt(ressource_size) }}
{% if details %}
{% if details[0] %}
2020-09-01 17:33:36 +02:00
- This file is known < b > legitimate< / b > on the following domains: {{ ', '.join(details[1]) }}.
2020-08-27 12:57:10 +02:00
{% elif details[0] == False %}
2020-09-01 17:33:36 +02:00
< / br >
The response sould be considered as
{% if details[1] is mapping and details[1].get('tag') %}
< b > {{ ', '.join(details[1]['tag']) }}< / b >
{% else %}
< b > phishing< / b >
{%endif%}
{% if details[1] is mapping and details[1].get('target') %}
unless it is served by < b > the following domain(s)< / b > : {{ ', '.join(details[1]['target']) }}
2020-08-27 12:57:10 +02:00
{% else %}
2020-09-01 17:33:36 +02:00
unless it is served by < b > the following domain(s)< / b > : {{ ', '.join(details[1]) }}
2020-08-27 12:57:10 +02:00
{%endif%}
2020-09-01 17:33:36 +02:00
< / br >
2020-08-27 12:57:10 +02:00
{%endif%}
{%endif%}
{% endmacro %}
2020-07-12 01:56:29 +02:00
{% macro indexed_hash(details, identifier_for_toggle) %}
2020-09-01 17:33:36 +02:00
{% set total_captures = details[0] %}
{% set other_captures = details[1] %}
2020-07-12 01:56:29 +02:00
{# Only show details if the hits are in an other capture #}
{% if total_captures > 0 %}
< p >
2020-07-16 01:08:39 +02:00
The same file was seen in < b > {{ total_captures }}< / b > other captures.
2020-07-17 18:39:50 +02:00
< button class = "btn btn-primary collapsed" type = "button" data-toggle = "collapse" data-target = "#captureslist_{{ identifier_for_toggle }}" aria-expanded = "false" aria-controls = "collapseExample" >
< span class = "if-collapsed" > Show other captures< / span >
< span class = "if-not-collapsed" > Hide other captures< / span >
2020-07-12 01:56:29 +02:00
< / button >
< / p >
{# Lists of other captures loading the same content... #}
< div class = "collapse" id = "captureslist_{{ identifier_for_toggle }}" >
< div class = "card card-body" >
2020-09-01 17:33:36 +02:00
{% if other_captures['different_url']|length > 0 %}
2020-07-12 01:56:29 +02:00
{# ... on other URLs #}
< div >
< p > The following captures get the same file from a < b > different URL< / b > < / p >
2020-09-01 17:33:36 +02:00
{{ other_captures_table(other_captures['different_url']) }}
2020-07-12 01:56:29 +02:00
< / div >
{% endif %}
< / br >
2020-09-01 17:33:36 +02:00
{% if other_captures['same_url']|length > 0 %}
2020-07-12 01:56:29 +02:00
{# ... on the same URL #}
< div >
< p > The following captures get the same file from the < b > same URL< / b > < / p >
2020-09-01 17:33:36 +02:00
{{ other_captures_table(other_captures['same_url']) }}
2020-07-12 01:56:29 +02:00
< / div >
2020-07-16 01:08:39 +02:00
{% endif %}
2020-07-12 01:56:29 +02:00
< / div >
< / div >
{% else %}
< p > This file is loaded multiple times in this capture.< / p >
{% endif %}
{% endmacro %}
2020-07-12 14:59:01 +02:00
2020-08-10 15:42:26 +02:00
{% macro other_captures_table(entries) %}
< div class = "table-responsive" >
< table id = "table_other_captures" class = "table" >
< thead >
< tr >
< th > Title< / th >
< th > Timestamp< / th >
< th > Domain< / th >
< / tr >
< / thead >
< tbody >
{% for capture_uuid, urlnode_uuid, title, timestamp, hostname in entries %}
< tr >
< td >
< a href = "#/" onclick = "openTreeInNewTab('{{ capture_uuid }}', '{{ urlnode_uuid }}')" > {{ title }}< / a >
< / td >
< td > {{ timestamp }}< / td >
< td > {{ hostname }}< / td >
< / tr >
{% endfor %}
< / tbody >
< / table >
< / div >
{% endmacro %}
2020-07-12 14:59:01 +02:00
{% macro indexed_cookies(header_text, button_text, cookies) %}
{% if cookies %}
< div > {{ header_text }}< / div >
< ul >
{% for cookie, details in cookies.items() %}
{% set cookie_name_value = cookie.split('=', 1) %}
{% for detail in details %}
{% if detail|length == 1 %}
< li >
{{ detail[0] }}: < a href = "{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0]) }}" >
2020-07-17 18:39:50 +02:00
{{ cookie_name_value[0] }}< / a > ={{ shorten_string(cookie_name_value[1], 200) }}
2020-07-12 14:59:01 +02:00
< / li >
{% else %}
< li >
{{ detail[0] }}: < a href = "{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0]) }}" >
2020-07-17 18:39:50 +02:00
{{ cookie_name_value[0] }}< / a > ={{ shorten_string(cookie_name_value[1], 200) }} -
2020-07-23 17:47:12 +02:00
< / br >
{{ button_text }}
< button type = "button" class = "btn btn-info" onclick = "whereAmI('{{ detail[1] }}')" > Locate< / button >
2020-07-12 14:59:01 +02:00
< / li >
{% endif %}
{% endfor %}
{% endfor %}
< / ul >
{% endif %}
{% endmacro %}
2020-07-15 13:51:45 +02:00
{% macro popup_icons(lookup_dict, urlnode, tree_uuid) %}
< div >
{% for key, path in lookup_dict.items() %}
{% if urlnode[key] %}
{% if key == "request_cookie" %}
2020-07-16 01:08:39 +02:00
< a href = "{{ url_for('urlnode_request_cookies', tree_uuid=tree_uuid, node_uuid=urlnode.uuid) }}" title = "Download all the cookies in the request to the server" >
2020-07-15 13:51:45 +02:00
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
< / a >
{% elif key == "response_cookie"%}
2020-07-16 01:08:39 +02:00
< a href = "{{ url_for('urlnode_response_cookies', tree_uuid=tree_uuid, node_uuid=urlnode.uuid) }}" title = "Download all the cookies in the response from the server" >
2020-07-15 13:51:45 +02:00
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
< / a >
2020-07-16 01:08:39 +02:00
{% elif key in ["js", "exe", "css", "font", "html", "json", "image", "video", "unknown_mimetype", "text", "unset_mimetype", "octet-stream", "livestream"] and not urlnode.empty_response %}
2020-09-03 14:39:38 +02:00
< a href = "{{ url_for('get_ressource', tree_uuid=tree_uuid, node_uuid=urlnode.uuid) }}" title = "Download the content of the response" >
2020-07-16 01:08:39 +02:00
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
< / a >
2020-07-29 14:00:46 +02:00
{% elif key == "redirect" %}
2020-07-29 18:43:41 +02:00
{% for child in urlnode.children if child.name == urlnode.redirect_url %}
2020-08-07 15:14:13 +02:00
< a href = "#/" role = "button" onclick = "whereAmI('{{ child.hostnode_uuid }}')" title = "See the node the URL redirects to." >
2020-07-29 14:00:46 +02:00
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
< / a >
2020-07-29 18:43:41 +02:00
{% else %}
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
{% endfor %}
{% if urlnode.redirect_url %}
2020-07-30 17:45:07 +02:00
< div title = '{{ urlnode.redirect_url }}' > Redirect to: {{ shorten_string(urlnode.redirect_url, 50) }}< / div >
2020-07-29 18:43:41 +02:00
{%endif%}
2020-07-15 13:51:45 +02:00
{% else %}
< img src = "{{ path }}" alt = "{{ key }}" width = "21" height = "21" / >
{%endif%}
{%endif%}
{% endfor %}
< / div >
{% endmacro %}
2020-07-15 18:04:34 +02:00
{% macro shorten_string(string, cut_length) %}
{% if string|length > cut_length %}
{{ string[:cut_length] }} [...]
{% else %}
{{ string }}
{%endif%}
{% endmacro %}