CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

new: Add handles for cookies

pull/79/head
Raphaël Vinot 2020-05-26 17:45:04 +02:00
parent e29f2d93af
commit 3a3be0cb46
4 changed files with 68 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lookyloo/helpers.py
View File

@ -187,15 +187,20 @@ def load_cookies(cookie_pseudofile: Optional[BufferedIOBase]=None) -> List[Dict[
to_return = []
try:
for cookie in cookies:
u = urlparse(cookie['Host raw']).netloc.split(':', 1)[0]
to_add = {'path': cookie['Path raw'],
'name': cookie['Name raw'],
'httpOnly': cookie['HTTP only raw'] == 'true',
'secure': cookie['Send for'] == 'Encrypted connections only',
'expires': (datetime.now() + timedelta(days=10)).strftime('%Y-%m-%dT%H:%M:%S') + 'Z',
'domain': u,
'value': cookie['Content raw']
}
if 'Host raw' in cookie:
# Cookie export format for Cookie Quick Manager
u = urlparse(cookie['Host raw']).netloc.split(':', 1)[0]
to_add = {'path': cookie['Path raw'],
'name': cookie['Name raw'],
'httpOnly': cookie['HTTP only raw'] == 'true',
'secure': cookie['Send for'] == 'Encrypted connections only',
'expires': (datetime.now() + timedelta(days=10)).strftime('%Y-%m-%dT%H:%M:%S') + 'Z',
'domain': u,
'value': cookie['Content raw']
}
else:
# Cookie from lookyloo/splash
to_add = cookie
to_return.append(to_add)
except Exception as e:
print(f'Unable to load the cookie file: {e}')

7
lookyloo/lookyloo.py
View File

@ -121,7 +121,7 @@ class Lookyloo():
def get_modules_responses(self, capture_dir: Path) -> Optional[Dict[str, Any]]:
ct = self._load_pickle(capture_dir / 'tree.pickle')
if not ct:
self.logger.warning('Unable to get the modules responses unless the tree ({capture_dir}) is cached.')
self.logger.warning(f'Unable to get the modules responses unless the tree ({capture_dir}) is cached.')
return None
to_return: Dict[str, Any] = {}
if hasattr(self, 'vt') and self.vt.available:
@ -314,6 +314,9 @@ class Lookyloo():
def get_html(self, capture_dir: Path, all_html: bool=False) -> BytesIO:
return self._get_raw(capture_dir, 'html', all_html)
def get_cookies(self, capture_dir: Path, all_cookies: bool=False) -> BytesIO:
return self._get_raw(capture_dir, 'cookies.json', all_cookies)
def get_screenshot(self, capture_dir: Path, all_images: bool=False) -> BytesIO:
return self._get_raw(capture_dir, 'png', all_images)
@ -334,7 +337,7 @@ class Lookyloo():
try:
ip = socket.gethostbyname(splitted_url.hostname)
except socket.gaierror:
self.logger.info(f'Name or service not known')
self.logger.info('Name or service not known')
return False
if not ipaddress.ip_address(ip).is_global:
return False

38
website/web/__init__.py
View File

@ -190,6 +190,32 @@ def hostnode_popup(tree_uuid: str, node_uuid: str):
keys_request=keys_request)
@app.route('/tree/<string:tree_uuid>/url/<string:node_uuid>/request_cookies', methods=['GET'])
def urlnode_request_cookies(tree_uuid: str, node_uuid: str):
capture_dir = lookyloo.lookup_capture_dir(tree_uuid)
if not capture_dir:
return
urlnode = lookyloo.get_urlnode_from_tree(capture_dir, node_uuid)
if not urlnode.request_cookie:
return
return send_file(BytesIO(json.dumps(urlnode.request_cookie, indent=2).encode()),
mimetype='text/plain', as_attachment=True, attachment_filename='request_cookies.txt')
@app.route('/tree/<string:tree_uuid>/url/<string:node_uuid>/response_cookies', methods=['GET'])
def urlnode_response_cookies(tree_uuid: str, node_uuid: str):
capture_dir = lookyloo.lookup_capture_dir(tree_uuid)
if not capture_dir:
return
urlnode = lookyloo.get_urlnode_from_tree(capture_dir, node_uuid)
if not urlnode.response_cookie:
return
return send_file(BytesIO(json.dumps(urlnode.response_cookie, indent=2).encode()),
mimetype='text/plain', as_attachment=True, attachment_filename='response_cookies.txt')
@app.route('/tree/<string:tree_uuid>/url/<string:node_uuid>/posted_data', methods=['GET'])
def urlnode_post_request(tree_uuid: str, node_uuid: str):
capture_dir = lookyloo.lookup_capture_dir(tree_uuid)
@ -300,6 +326,16 @@ def html(tree_uuid: str):
as_attachment=True, attachment_filename='page.html')
@app.route('/tree/<string:tree_uuid>/cookies', methods=['GET'])
def cookies(tree_uuid: str):
capture_dir = lookyloo.lookup_capture_dir(tree_uuid)
if not capture_dir:
return Response('Not available.', mimetype='text/text')
to_return = lookyloo.get_cookies(capture_dir)
return send_file(to_return, mimetype='application/json',
as_attachment=True, attachment_filename='cookies.json')
@app.route('/tree/<string:tree_uuid>/export', methods=['GET'])
def export(tree_uuid: str):
capture_dir = lookyloo.lookup_capture_dir(tree_uuid)
@ -352,7 +388,7 @@ def tree(tree_uuid: str):
cache = lookyloo.capture_cache(capture_dir)
if not cache:
flash(f'Invalid cache.', 'error')
flash('Invalid cache.', 'error')
return redirect(url_for('index'))
if 'error' in cache:

12
website/web/templates/hostname_popup.html
View File

@ -27,7 +27,13 @@
<div>
{% for key, path in keys_response.items() %}
{% if url[key] %}
{% if key == "response_cookie" %}
<a href="{{ url_for('urlnode_response_cookies', tree_uuid=tree_uuid, node_uuid=url.uuid) }}">
<img src="{{ path }}" alt="{{ key }}" width="21" height="21"/>
</a>
{% else %}
<img src="{{ path }}" alt="{{ key }}" width="21" height="21"/>
{%endif%}
{%endif%}
{% endfor %}
</div>
@ -60,7 +66,13 @@
<div>
{% for key, path in keys_request.items() %}
{% if url[key] %}
{% if key == "request_cookie" %}
<a href="{{ url_for('urlnode_request_cookies', tree_uuid=tree_uuid, node_uuid=url.uuid) }}">
<img src="{{ path }}" alt="{{ key }}" width="21" height="21"/>
</a>
{% else %}
<img src="{{ path }}" alt="{{ key }}" width="21" height="21"/>
{%endif%}
{%endif%}
{% endfor %}
</div>