mirror of https://github.com/CIRCL/lookyloo
chg: Improve hash lookup rendering
Raphaël Vinot
parent
34a5dff055
commit
bfa39223c8
|
|
@ -143,13 +143,15 @@ class Indexing():
|
|||
|
||||
pipeline.execute()
|
||||
|
||||
def get_body_hash_captures(self, body_hash: str, filter_url: Optional[str]=None) -> List[Tuple[str, str, str]]:
|
||||
to_return = []
|
||||
def get_body_hash_captures(self, body_hash: str, filter_url: Optional[str]=None) -> List[Tuple[str, str, str, bool]]:
|
||||
to_return: List[Tuple[str, str, str, bool]] = []
|
||||
for capture_uuid in self.redis.smembers(f'bh|{body_hash}|captures'):
|
||||
for entry in self.redis.zrevrange(f'bh|{body_hash}|captures|{capture_uuid}', 0, -1):
|
||||
url_uuid, hostnode_uuid, url = entry.split('|', 2)
|
||||
if filter_url is None or url != filter_url:
|
||||
to_return.append((capture_uuid, hostnode_uuid, urlsplit(url).hostname))
|
||||
if filter_url:
|
||||
to_return.append((capture_uuid, hostnode_uuid, urlsplit(url).hostname, url == filter_url))
|
||||
else:
|
||||
to_return.append((capture_uuid, hostnode_uuid, urlsplit(url).hostname, False))
|
||||
return to_return
|
||||
|
||||
def get_body_hash_domains(self, body_hash: str) -> List[Tuple[str, float]]:
|
||||
|
|
@ -695,7 +697,7 @@ class Lookyloo():
|
|||
|
||||
def get_body_hash_investigator(self, body_hash: str) -> Tuple[List[Tuple[str, str]], List[Tuple[str, float]]]:
|
||||
captures = []
|
||||
for capture_uuid, url_uuid, url_hostname in self.indexing.get_body_hash_captures(body_hash):
|
||||
for capture_uuid, url_uuid, url_hostname, _ in self.indexing.get_body_hash_captures(body_hash):
|
||||
cache = self.capture_cache(capture_uuid)
|
||||
if cache:
|
||||
captures.append((capture_uuid, cache['title']))
|
||||
|
|
@ -753,11 +755,14 @@ class Lookyloo():
|
|||
if freq['hash_freq'] > 1:
|
||||
to_append['body_hash_details'] = freq
|
||||
|
||||
captures_list: List[Tuple[str, str, str, str]] = []
|
||||
for capture_uuid, url_uuid, url_hostname in self.indexing.get_body_hash_captures(url.body_hash, url.name):
|
||||
captures_list: Dict[str, List[Tuple[str, str, str, str]]] = {'same_url': [], 'different_url': []}
|
||||
for capture_uuid, url_uuid, url_hostname, same_url in self.indexing.get_body_hash_captures(url.body_hash, url.name):
|
||||
cache = self.capture_cache(capture_uuid)
|
||||
if cache:
|
||||
captures_list.append((capture_uuid, url_uuid, cache['title'], url_hostname))
|
||||
if same_url:
|
||||
captures_list['same_url'].append((capture_uuid, url_uuid, cache['title'], url_hostname))
|
||||
else:
|
||||
captures_list['different_url'].append((capture_uuid, url_uuid, cache['title'], url_hostname))
|
||||
|
||||
to_append['body_hash_details']['other_captures'] = captures_list
|
||||
|
||||
|
|
|
|||
|
|
@ -124,18 +124,39 @@
|
|||
</br>
|
||||
{% if url['body_hash_details']['other_captures'] %}
|
||||
<p>
|
||||
The same file was seen in <b>{{ url['body_hash_details']['other_captures']|length }}</b> other captures <b>on a different URL</b>.
|
||||
The same file was seen in <b>{{ url['body_hash_details']['other_captures']|length }}</b> other captures.
|
||||
<button class="btn btn-primary" type="button" data-toggle="collapse" data-target="#captureslist_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
|
||||
Toggle list.
|
||||
</button>
|
||||
</p>
|
||||
<div class="collapse" id="captureslist_{{ url['url_object'].uuid }}">
|
||||
<div class="card card-body">
|
||||
<ul>
|
||||
{% for capture_uuid, urlnode_uuid, title, hostname in url['body_hash_details']['other_captures'] %}
|
||||
<li><a href="{{ url_for('tree', tree_uuid=capture_uuid, urlnode_uuid=urlnode_uuid) }}">{{ title }}</a> - {{ hostname }} </li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{% if url['body_hash_details']['other_captures']['different_url']|length > 0 %}
|
||||
<div>
|
||||
<p>The following captures get the same file from a <b>different URL</b></p>
|
||||
<ul>
|
||||
{% for capture_uuid, urlnode_uuid, title, hostname in url['body_hash_details']['other_captures']['different_url'] %}
|
||||
<li>
|
||||
<a href="{{ url_for('tree', tree_uuid=capture_uuid, urlnode_uuid=urlnode_uuid) }}">{{ title }}</a> - {{ hostname }}
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
{% if url['body_hash_details']['other_captures']['same_url']|length > 0 %}
|
||||
</br>
|
||||
<div>
|
||||
<p>The following captures get the same file from the <b>same URL</b></p>
|
||||
<ul>
|
||||
{% for capture_uuid, urlnode_uuid, title, hostname in url['body_hash_details']['other_captures']['same_url'] %}
|
||||
<li>
|
||||
<a href="{{ url_for('tree', tree_uuid=capture_uuid, urlnode_uuid=urlnode_uuid) }}">{{ title }}</a> - {{ hostname }}
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
{% else %}
|
||||
|
|
@ -171,12 +192,12 @@
|
|||
{% for detail in details %}
|
||||
{% if detail|length == 1 %}
|
||||
<li>
|
||||
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name_value[0]) }}">
|
||||
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0]) }}">
|
||||
{{ cookie_name_value[0] }}</a>={{ cookie_name_value[1] }}
|
||||
</li>
|
||||
{% else %}
|
||||
<li>
|
||||
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name_value[0]) }}">
|
||||
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0]) }}">
|
||||
{{ cookie_name_value[0] }}</a>={{ cookie_name_value[1] }} -
|
||||
<button type="button" class="btn btn-info" onclick="whereAmI('{{ detail[1] }}')">Show node sending this cookie</button>
|
||||
</li>
|
||||
|
|
|
|||
Loading…
Reference in New Issue