new: Improve the HHH details page

2023-07-24 14:53:00 +02:00 · 2023-07-24 14:53:00 +02:00 · 0604ccfdee
parent 8cd6f5490a
commit 0604ccfdee
3 changed files with 48 additions and 7 deletions
--- a/lookyloo/lookyloo.py
+++ b/lookyloo/lookyloo.py
@ -986,14 +986,18 @@ class Lookyloo():
                   for domain, freq in self.indexing.get_cookie_domains(cookie_name)]
        return captures, domains

-    def get_hhh_investigator(self, hhh: str, /) -> List[Tuple[str, str, str]]:
+    def get_hhh_investigator(self, hhh: str, /) -> Tuple[List[Tuple[str, str, str, str]], List[Tuple[str, str]]]:
        '''Returns all the captures related to a cookie name entry, used in the web interface.'''
        all_captures = dict(self.indexing.get_http_headers_hashes_captures(hhh))
        cached_captures = self.sorted_capture_cache([entry for entry in all_captures])
        captures = [(cache.uuid,
                     self.get_urlnode_from_tree(cache.uuid, all_captures[cache.uuid]).hostnode_uuid,
+                     self.get_urlnode_from_tree(cache.uuid, all_captures[cache.uuid]).name,
                     cache.title) for cache in cached_captures]
-        return captures
+        # get the headers and format them as they were in the response
+        urlnode = self.get_urlnode_from_tree(cached_captures[0].uuid, all_captures[cached_captures[0].uuid])
+        headers = [(header["name"], header["value"]) for header in urlnode.response['headers']]
+        return captures, headers

    def hash_lookup(self, blob_hash: str, url: str, capture_uuid: str) -> Tuple[int, Dict[str, List[Tuple[str, str, str, str, str]]]]:
        '''Search all the captures a specific hash was seen.
--- a/website/web/init.py
+++ b/website/web/init.py
@ -1168,8 +1168,8 @@ def cookies_name_detail(cookie_name: str):

@app.route('/hhhdetails/<string:hhh>', methods=['GET'])
 def hhh_detail(hhh: str):
-    captures = lookyloo.get_hhh_investigator(hhh.strip())
-    return render_template('hhh_details.html', hhh=hhh, captures=captures)
+    captures, headers = lookyloo.get_hhh_investigator(hhh.strip())
+    return render_template('hhh_details.html', hhh=hhh, captures=captures, headers=headers)


@app.route('/body_hashes/<string:body_hash>', methods=['GET'])
--- a/website/web/templates/hhh_details.html
+++ b/website/web/templates/hhh_details.html
@ -8,10 +8,47 @@
  <center>
      <h2>{{ hhh }}</h2>
  </center>
+  <div class="table-responsive">
+      <table id="table" class="table">
+          <thead>
+              <tr>
+                  <th>Name</th>
+                  <th>Value</th>
+              </tr>
+          </thead>
+          <tbody>
+              {%for name, value in headers%}
+              <tr>
+                  <td>{{name}}</td>
+                  <td>{{value}}</td>
+              </tr>
+              {%endfor%}
+          </tbody>
+      </table>
+  </div>
  <p>The same HTTP Headers Hash was seen in these captures:</p>
  <ul>
-  {% for capture_uuid, hostnode_uuid, title in captures %}
-    <li><a href="{{ url_for('tree', tree_uuid=capture_uuid, node_uuid=hostnode_uuid) }}">{{ title }}</a></li>
-  {% endfor %}
+  <div class="table-responsive">
+      <table id="table" class="table">
+          <thead>
+              <tr>
+                  <th>Capture Title</th>
+                  <th>URL matching the HHH</th>
+              </tr>
+          </thead>
+          <tbody>
+            {% for capture_uuid, hostnode_uuid, url, title in captures %}
+            <tr>
+                <td>
+                    <a href="{{ url_for('tree', tree_uuid=capture_uuid, node_uuid=hostnode_uuid) }}">
+                        {{ title }}
+                    </a>
+                </td>
+                <td>{{url}}</td>
+            </tr>
+            {% endfor %}
+          </tbody>
+      </table>
+  </div>
  </ul>
 {% endblock %}