lookyloo/website/web/templates/hostname_popup.html

335 lines
14 KiB
HTML

{% extends "main.html" %}
{% from "macros.html" import known_content_details %}
{% from "macros.html" import ressource_legitimacy_details %}
{% from "macros.html" import indexed_hash %}
{% from "macros.html" import indexed_cookies %}
{% from "macros.html" import popup_icons_request %}
{% from "macros.html" import popup_icons_response %}
{% from "macros.html" import shorten_string %}
{% from "macros.html" import other_captures_table %}
{% from "macros.html" import get_ressource_button %}
{% from "macros.html" import context_form %}
{% block title %}Details for {{ hostnode.name }} {% endblock %}
{% block scripts %}
{{ super() }}
<script type="text/javascript">
$(document).ready(() => {
$('table.table').DataTable( {
"order": [[ 1, "desc" ]],
"paging": false,
"info": false,
"columns": [
{ "orderable": false},
{ "orderable": false},
{ "orderable": false}
],
"columnDefs": [{
"targets": 1,
"render": (data) => {
const date = new Date(data);
return date.getFullYear() + '-' + (date.getMonth() + 1).toString().padStart(2, "0") + '-' + date.getDate().toString().padStart(2, "0") + ' ' + date.toTimeString();
}
}]
} );
});
</script>
<script>
let whereAmI = (hostnode_uuid) => window.opener.LocateNode(hostnode_uuid);
let openTreeInNewTab = (capture_uuid, hostnode_uuid=Null) => {
let success = window.opener.openTreeInNewTab(capture_uuid, hostnode_uuid);
if (! success) {
alert("Your browser doesn't allow Lookyloo to open a new tab. There should be an icon on the right side of your URL bar *in the main window* to allow it.");
}
}
</script>
<script>
$(document).ready(() => {
// Grab any text in the attribute 'data-copy' and pass it to the copy function
$('.js-copy').tooltip();
$('.js-copy').click(function() {
const text = $(this).attr('data-copy');
const el = $(this);
copyToClipboard(text, el);
});
});
</script>
<script>
$(document).ready(() => {
$(function () {
$('[data-bs-toggle="tooltip"]').tooltip()
})
});
</script>
<script>
function submit_pandora(){
fetch("{{ url_for('pandora_submit', tree_uuid=tree_uuid)}}", {
method: "GET",
})
.then(response => response.json())
.then(data => {
if (navigator.clipboard && window.isSecureContext) {
navigator.clipboard.writeText(data.link);
}
openURLInNewTab(data.link);
})
.catch((error) => {
throw new Error(error);
});
};
let openURLInNewTab = (url) => {
let success = window.opener.openURLInNewTab(url);
if (! success) {
alert("Your browser doesn't allow Lookyloo to open a new tab. There should be an icon on the right side of your URL bar *in the main window* to allow it.");
}
}
</script>
{% endblock %}
{% block content %}
{# Headers #}
<center>
<h3>{{ hostnode.name }}</h3>
<button type="button" class="btn btn-primary" onclick="whereAmI('{{ hostnode_uuid }}')">Locate in tree</button>
{% if uwhois_available %}
<a href="{{ url_for('whois', query=hostnode.name) }}" class="btn btn-primary" role="button">
Download whois entry
</a>
{% endif %}
<a href="{{ url_for('urls_hostnode', tree_uuid=tree_uuid, node_uuid=hostnode_uuid) }}" class="btn btn-primary" role="button">
Download all URLs as text
</a>
<a href="{{ url_for('hashes_hostnode', tree_uuid=tree_uuid, node_uuid=hostnode_uuid) }}" class="btn btn-primary" role="button">
Download all Hashes as text
</a>
</center>
</br>
<div>
{% if hostnode.cname %}
<h5>CNAME(s) for this domain:</h5>
<ul>
{% for cname in hostnode.cname %}
<li>{{ cname }}{% if uwhois_available %} (<a href="{{ url_for('whois', query=cname)}}">whois</a>){% endif %}</li>
{% endfor %}
</ul>
{% endif %}
{% if hostnode.resolved_ips %}
<h5>Domain IPs from a standalone DNS lookup:</h5>
<ul>
{% for ip in hostnode.resolved_ips %}
<li>
{{ ip }}{% if uwhois_available %} (<a href="{{ url_for('whois', query=ip)}}">whois</a>){% endif %}
{% if 'ipasn' in hostnode.features and hostnode.ipasn.get(ip) %}- AS{{ hostnode.ipasn[ip]['asn'] }} {% if uwhois_available %} (<a href="{{ url_for('whois', query='AS'+hostnode.ipasn[ip]['asn'])}}">whois</a>){% endif %}{% endif %}
</li>
{% endfor %}
</ul>
{% endif %}
</div>
{# Start list of URLs #}
<ul class="list-group-flush">
{% for url in urls %}
{# URL Display #}
<li class="list-group-item">
<div class="h3" title="{{ url['url_object'].name }}">
{# HTTPs or not #}
{% if url['encrypted'] %}
<img src="/static/secure.svg" title="Encrypted request" width="21" height="21"/>
{% else %}
<img src="/static/insecure.svg" title="Unencrypted request" width="21" height="21"/>
{%endif%}
{# URL #}
... /{{ shorten_string(url['url_path'], 50)}}
{# Copy full URL to clipbard #}
<button type="button" class="btn btn-default btn-copy js-copy"
data-bs-toggle="tooltip" data-bs-placement="bottom" data-copy="{{ url['url_object'].name }}" data-original-title="Copy to clipboard">
<svg class="bi bi-clipboard" width="1em" height="1em" viewBox="0 0 16 16" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M4 1.5H3a2 2 0 0 0-2 2V14a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V3.5a2 2 0 0 0-2-2h-1v1h1a1 1 0 0 1 1 1V14a1 1 0 0 1-1 1H3a1 1 0 0 1-1-1V3.5a1 1 0 0 1 1-1h1v-1z"/>
<path fill-rule="evenodd" d="M9.5 1h-3a.5.5 0 0 0-.5.5v1a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5v-1a.5.5 0 0 0-.5-.5zm-3-1A1.5 1.5 0 0 0 5 1.5v1A1.5 1.5 0 0 0 6.5 4h3A1.5 1.5 0 0 0 11 2.5v-1A1.5 1.5 0 0 0 9.5 0h-3z"/>
</svg>
</button>
</div>
{% if url['url_object'].ip_address %}
<div>
IP from HAR: <b>{{ url['url_object'].ip_address }}</b>
{% if uwhois_available %}(<a href="{{ url_for('whois', query=url['url_object'].ip_address)}}">whois</a>){% endif %}
</div>
{% endif %}
{% if url['url_object'].security_details %}
<div>TLS certificate details:
<ul>
{% for k, v in url['url_object'].security_details.items() %}
<li><b>{{k}}</b>: {{v}}</li>
{% endfor%}
</ul>
</div>
{% endif %}
<div></div>
<ul class="list-group">
<li class="list-group-item">
<p class="h4">Request</p>
{{ popup_icons_request(url['url_object'], tree_uuid) }}
{% if url['url_object'].posted_data %}
<a href="{{ url_for('urlnode_post_request', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
Download posted data
</a></br>
Posted data size: {{ sizeof_fmt(url['url_object'].posted_data|length) }}
{% endif %}
{% if url['cookies_sent'] %}
<div>
<p class="h5">This request contains cookies.
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#request_cookies_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
<span class="if-collapsed">Show cookies sent.</span>
<span class="if-not-collapsed">Hide cookies sent.</span>
</button>
</p>
<div class="collapse" id="request_cookies_full_list_{{ url['url_object'].uuid }}">
<div class="card card-body">
{{ indexed_cookies("List of cookies sent in the request", "Node setting this cookie", url['cookies_sent']) }}
</div>
</div>
</div>
{% endif %}
</li>
<li class="list-group-item">
{# Details of the response #}
<p class="h4">Response
<small>(Status code:
<span title="{{ http_status_description(url['url_object'].response['status']) }}">
{{ url['url_object'].response['status'] }})
</span>
-
<span>Load time: {{ url['url_object'].time.total_seconds() }}s</span>
</small>
</p>
{{ popup_icons_response(url['url_object'], tree_uuid) }}
{% if url['url_object'].downloaded_filename %}
{% if has_pandora %}
<div> Downloaded file: <b>{{url['url_object'].downloaded_filename}}</b> ({{sizeof_fmt(url['url_object'].downloaded_file.getbuffer().nbytes)}})</div>
<button id="pandora_submit_button" type="button" class="btn btn-primary" onclick="submit_pandora()">Submit to Pandora</button>
<div>After clicking on the button above, a link to the report on Pandora will be copied in your clipboard.</div>
{% else %}
<a href="{{ url_for('data', tree_uuid=tree_uuid)}}">
Download {{url['url_object'].downloaded_filename}}
</a> ({{sizeof_fmt(url['url_object'].downloaded_file.getbuffer().nbytes)}})
{% endif%}
{% else %}
{% if url['url_object'].rendered_html %}
<a href="{{ url_for('urlnode_rendered_content', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
Download rendered HTML page
</a>({{ sizeof_fmt(url['url_object'].rendered_html.getbuffer().nbytes)}})
</br>
<a href="{{ url_for('urlnode_urls_in_rendered_content', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
Download URLs in rendered HTML page
</a>
{% endif %}
<div>
{% if url['url_object'].empty_response %}
Empty body.
{% else %}
{{ ressource_legitimacy_details(url['legitimacy'], url['url_object'].body.getbuffer().nbytes) }}
{% endif %}
</div>
{%endif%}
{% if url['known_content'] %}
{{ known_content_details(url['known_content']) }}
{% endif %}
{# Everything we know about the response content #}
{% if url['body_hash_details'] and url['body_hash_details']['hash_freq'] %}
<div>
This file can be found <b>{{ url['body_hash_details']['hash_freq'] }}</b> times
across all the captures on this lookyloo instance, in <b>{{ url['body_hash_details']['hash_domains_freq'] }}</b> unique domains.
{# other captures related with the same content #}
{% if 'other_captures' in url['body_hash_details'] %}
</br>
{{ indexed_hash(url['body_hash_details']['other_captures'], url['url_object'].uuid) }}
{% endif %}
{# Link to list of captures with the same hash #}
<p>
<a href="{{ url_for('body_hash_details', body_hash=url['url_object'].body_hash, from_popup=True) }}">
Show more information about this response body.
</a>
</p>
</div>
{% endif %}
{% if enable_context_by_users %}
</br>
{{ context_form(tree_uuid, url['url_object'].uuid, hostnode_uuid, url['url_object'].body_hash, 'hostnode_popup') }}
{% endif %}
{% if url['embedded_ressources'] %}
{# Details on embedded resources #}
<div><b>This response contains embedded ressources</b>
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#embedded_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
<span class="if-collapsed">Show embedded resources.</span>
<span class="if-not-collapsed">Hide embedded resources.</span>
</button>
</div>
<div class="collapse" id="embedded_full_list_{{ url['url_object'].uuid }}">
<div class="card card-body">
{% for hash, details in url['embedded_ressources'].items() %}
<div>
{% if details['known_content'] %}
{{ known_content_details(details['known_content']) }}
{% endif %}
{{ ressource_legitimacy_details(details['legitimacy'], details['body_size']) }}
</div>
<div>
This file {% if details['type'] %}(<b>{{ details['type'] }}</b>){% endif %} can be found <b>{{ details['hash_freq'] }}</b> times
across all the captures on this lookyloo instance, in <b>{{ details['hash_domains_freq'] }}</b> unique domains.
{{ get_ressource_button(tree_uuid, url['url_object'].uuid, hash,
'Download the embedded ressource',
details['type'] and details['type'].startswith('image')) }}
</br>
{% if enable_context_by_users %}
{{ context_form(tree_uuid, url['url_object'].uuid, hostnode_uuid, hash, 'hostnode_popup') }}
{% endif %}
{% if 'other_captures' in details %}
{{ indexed_hash(details['other_captures'], hash) }}
{% endif %}
<p><a href="{{ url_for('body_hash_details', body_hash=url['url_object'].body_hash, from_popup=True) }}">
Show more information about this embedded content.
</a></p>
</div>
{% endfor %}
</div>
</div>
{% endif %}
{% if url['cookies_received'] %}
<div>
<p class="h5">This response contains cookies.
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#response_cookies_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
<span class="if-collapsed">Show cookies received.</span>
<span class="if-not-collapsed">Hide cookies received.</span>
</button>
</p>
<div class="collapse" id="response_cookies_full_list_{{ url['url_object'].uuid }}">
<div class="card card-body">
{{ indexed_cookies("This response contains 3rd party cookies:", "Node sending this cookie", url['cookies_received']['3rd_party']) }}
{{ indexed_cookies("Cookies, sent somewhere in the capture", "Node sending this cookie", url['cookies_received']['sent']) }}
{{ indexed_cookies("Cookies, never sent", "", url['cookies_received']['not_sent']) }}
</div>
</div>
</div>
{% endif %}
</li>
</ul>
</li>
{% endfor %}
</ul>
{% endblock %}