From 89725b8ed0ecd7bcfc3176a71990a69ef8819a5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Sat, 11 Jul 2020 02:10:56 +0200 Subject: [PATCH] new: Download embedded resource --- lookyloo/lookyloo.py | 6 +++--- website/web/__init__.py | 15 +++++++++++++++ website/web/templates/hostname_popup.html | 7 +++++++ 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/lookyloo/lookyloo.py b/lookyloo/lookyloo.py index 7e9ce381..e863705c 100644 --- a/lookyloo/lookyloo.py +++ b/lookyloo/lookyloo.py @@ -781,10 +781,10 @@ class Lookyloo(): if h in to_append['embedded_ressources']: # Skip duplicates continue - freq = self.indexing.body_hash_fequency(h) - to_append['embedded_ressources'][h] = freq + freq_embedded = self.indexing.body_hash_fequency(h) + to_append['embedded_ressources'][h] = freq_embedded to_append['embedded_ressources'][h]['type'] = mimetype - if freq['hash_freq'] > 1: + if freq_embedded['hash_freq'] > 1: to_append['embedded_ressources'][h]['other_captures'] = self.hash_lookup(h, url.name, capture_uuid) if hasattr(self, 'sanejs') and self.sanejs.available: to_lookup = list(to_append['embedded_ressources'].keys()) diff --git a/website/web/__init__.py b/website/web/__init__.py index 814a93f8..36ef58cf 100644 --- a/website/web/__init__.py +++ b/website/web/__init__.py @@ -227,6 +227,21 @@ def urlnode_post_request(tree_uuid: str, node_uuid: str): as_attachment=True, attachment_filename='posted_data.txt') +@app.route('/tree//url//embedded_ressource', methods=['POST']) +def get_embedded_ressource(tree_uuid: str, node_uuid: str): + url = lookyloo.get_urlnode_from_tree(tree_uuid, node_uuid) + h_request = request.form.get('ressource_hash') + for mimetype, blobs in url.embedded_ressources.items(): + for h, blob in blobs: + if h == h_request: + to_return = BytesIO() + with ZipFile(to_return, 'w', ZIP_DEFLATED) as zfile: + zfile.writestr('file.bin', blob.getvalue()) + to_return.seek(0) + return send_file(to_return, mimetype='application/zip', + as_attachment=True, attachment_filename='file.zip') + + @app.route('/tree//url/', methods=['GET']) def urlnode_details(tree_uuid: str, node_uuid: str): urlnode = lookyloo.get_urlnode_from_tree(tree_uuid, node_uuid) diff --git a/website/web/templates/hostname_popup.html b/website/web/templates/hostname_popup.html index 8ceb57f2..2e49f3a1 100644 --- a/website/web/templates/hostname_popup.html +++ b/website/web/templates/hostname_popup.html @@ -124,6 +124,7 @@ across all the captures on this lookyloo instance, in {{ url['body_hash_details']['hash_domains_freq'] }} unique domains.
+ {% if 'other_captures' in url['body_hash_details'] %} {% set total_captures = url['body_hash_details']['other_captures']['different_url']|length + url['body_hash_details']['other_captures']['same_url']|length %} {% if total_captures > 0 %} @@ -169,6 +170,7 @@

Show more information about this response body.

+ {% endif %}
{% endif %} @@ -196,8 +198,12 @@
This file ({{ details['type'] }}) can be found {{ details['hash_freq'] }} times across all the captures on this lookyloo instance, in {{ details['hash_domains_freq'] }} unique domains. +
+ +

+ {% if 'other_captures' in details %} {% set total_captures = details['other_captures']['different_url']|length + details['other_captures']['same_url']|length %} {% if total_captures > 0 %} @@ -243,6 +249,7 @@

Show more information about this embedded content.

+ {% endif %}
{% endfor %}