mirror of https://github.com/CIRCL/lookyloo
335 lines
14 KiB
HTML
335 lines
14 KiB
HTML
{% extends "main.html" %}
|
|
{% from "macros.html" import known_content_details %}
|
|
{% from "macros.html" import ressource_legitimacy_details %}
|
|
{% from "macros.html" import indexed_hash %}
|
|
{% from "macros.html" import indexed_cookies %}
|
|
{% from "macros.html" import popup_icons_request %}
|
|
{% from "macros.html" import popup_icons_response %}
|
|
{% from "macros.html" import shorten_string %}
|
|
{% from "macros.html" import other_captures_table %}
|
|
{% from "macros.html" import get_ressource_button %}
|
|
{% from "macros.html" import context_form %}
|
|
|
|
{% block title %}Details for {{ hostnode.name }} {% endblock %}
|
|
|
|
{% block scripts %}
|
|
{{ super() }}
|
|
<script type="text/javascript">
|
|
$(document).ready(() => {
|
|
$('table.table').DataTable( {
|
|
"order": [[ 1, "desc" ]],
|
|
"paging": false,
|
|
"info": false,
|
|
"columns": [
|
|
{ "orderable": false},
|
|
{ "orderable": false},
|
|
{ "orderable": false}
|
|
],
|
|
"columnDefs": [{
|
|
"targets": 1,
|
|
"render": (data) => {
|
|
const date = new Date(data);
|
|
return date.getFullYear() + '-' + (date.getMonth() + 1).toString().padStart(2, "0") + '-' + date.getDate().toString().padStart(2, "0") + ' ' + date.toTimeString();
|
|
}
|
|
}]
|
|
} );
|
|
});
|
|
</script>
|
|
<script>
|
|
let whereAmI = (hostnode_uuid) => window.opener.LocateNode(hostnode_uuid);
|
|
let openTreeInNewTab = (capture_uuid, hostnode_uuid=Null) => {
|
|
let success = window.opener.openTreeInNewTab(capture_uuid, hostnode_uuid);
|
|
if (! success) {
|
|
alert("Your browser doesn't allow Lookyloo to open a new tab. There should be an icon on the right side of your URL bar *in the main window* to allow it.");
|
|
}
|
|
}
|
|
</script>
|
|
<script>
|
|
$(document).ready(() => {
|
|
// Grab any text in the attribute 'data-copy' and pass it to the copy function
|
|
$('.js-copy').tooltip();
|
|
$('.js-copy').click(function() {
|
|
const text = $(this).attr('data-copy');
|
|
const el = $(this);
|
|
copyToClipboard(text, el);
|
|
});
|
|
});
|
|
</script>
|
|
<script>
|
|
$(document).ready(() => {
|
|
$(function () {
|
|
$('[data-bs-toggle="tooltip"]').tooltip()
|
|
})
|
|
});
|
|
</script>
|
|
<script>
|
|
function submit_pandora(){
|
|
fetch("{{ url_for('pandora_submit', tree_uuid=tree_uuid)}}", {
|
|
method: "GET",
|
|
})
|
|
.then(response => response.json())
|
|
.then(data => {
|
|
if (navigator.clipboard && window.isSecureContext) {
|
|
navigator.clipboard.writeText(data.link);
|
|
}
|
|
openURLInNewTab(data.link);
|
|
})
|
|
.catch((error) => {
|
|
throw new Error(error);
|
|
});
|
|
};
|
|
|
|
let openURLInNewTab = (url) => {
|
|
let success = window.opener.openURLInNewTab(url);
|
|
if (! success) {
|
|
alert("Your browser doesn't allow Lookyloo to open a new tab. There should be an icon on the right side of your URL bar *in the main window* to allow it.");
|
|
}
|
|
}
|
|
</script>
|
|
|
|
{% endblock %}
|
|
|
|
{% block content %}
|
|
{# Headers #}
|
|
<center>
|
|
<h3>{{ hostnode.name }}</h3>
|
|
<button type="button" class="btn btn-primary" onclick="whereAmI('{{ hostnode_uuid }}')">Locate in tree</button>
|
|
{% if uwhois_available %}
|
|
<a href="{{ url_for('whois', query=hostnode.name) }}" class="btn btn-primary" role="button">
|
|
Download whois entry
|
|
</a>
|
|
{% endif %}
|
|
<a href="{{ url_for('urls_hostnode', tree_uuid=tree_uuid, node_uuid=hostnode_uuid) }}" class="btn btn-primary" role="button">
|
|
Download all URLs as text
|
|
</a>
|
|
<a href="{{ url_for('hashes_hostnode', tree_uuid=tree_uuid, node_uuid=hostnode_uuid) }}" class="btn btn-primary" role="button">
|
|
Download all Hashes as text
|
|
</a>
|
|
</center>
|
|
</br>
|
|
<div>
|
|
{% if hostnode.cname %}
|
|
<h5>CNAME(s) for this domain:</h5>
|
|
<ul>
|
|
{% for cname in hostnode.cname %}
|
|
<li>{{ cname }}{% if uwhois_available %} (<a href="{{ url_for('whois', query=cname)}}">whois</a>){% endif %}</li>
|
|
{% endfor %}
|
|
</ul>
|
|
{% endif %}
|
|
{% if hostnode.resolved_ips %}
|
|
<h5>Domain IPs from a standalone DNS lookup:</h5>
|
|
<ul>
|
|
{% for ip in hostnode.resolved_ips %}
|
|
<li>
|
|
{{ ip }}{% if uwhois_available %} (<a href="{{ url_for('whois', query=ip)}}">whois</a>){% endif %}
|
|
{% if 'ipasn' in hostnode.features and hostnode.ipasn.get(ip) %}- AS{{ hostnode.ipasn[ip]['asn'] }} {% if uwhois_available %} (<a href="{{ url_for('whois', query='AS'+hostnode.ipasn[ip]['asn'])}}">whois</a>){% endif %}{% endif %}
|
|
</li>
|
|
{% endfor %}
|
|
</ul>
|
|
{% endif %}
|
|
</div>
|
|
{# Start list of URLs #}
|
|
<ul class="list-group-flush">
|
|
{% for url in urls %}
|
|
{# URL Display #}
|
|
<li class="list-group-item">
|
|
<div class="h3" title="{{ url['url_object'].name }}">
|
|
{# HTTPs or not #}
|
|
{% if url['encrypted'] %}
|
|
<img src="/static/secure.svg" title="Encrypted request" width="21" height="21"/>
|
|
{% else %}
|
|
<img src="/static/insecure.svg" title="Unencrypted request" width="21" height="21"/>
|
|
{%endif%}
|
|
{# URL #}
|
|
... /{{ shorten_string(url['url_path'], 50)}}
|
|
{# Copy full URL to clipbard #}
|
|
<button type="button" class="btn btn-default btn-copy js-copy"
|
|
data-bs-toggle="tooltip" data-bs-placement="bottom" data-copy="{{ url['url_object'].name }}" data-original-title="Copy to clipboard">
|
|
<svg class="bi bi-clipboard" width="1em" height="1em" viewBox="0 0 16 16" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
|
|
<path fill-rule="evenodd" d="M4 1.5H3a2 2 0 0 0-2 2V14a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V3.5a2 2 0 0 0-2-2h-1v1h1a1 1 0 0 1 1 1V14a1 1 0 0 1-1 1H3a1 1 0 0 1-1-1V3.5a1 1 0 0 1 1-1h1v-1z"/>
|
|
<path fill-rule="evenodd" d="M9.5 1h-3a.5.5 0 0 0-.5.5v1a.5.5 0 0 0 .5.5h3a.5.5 0 0 0 .5-.5v-1a.5.5 0 0 0-.5-.5zm-3-1A1.5 1.5 0 0 0 5 1.5v1A1.5 1.5 0 0 0 6.5 4h3A1.5 1.5 0 0 0 11 2.5v-1A1.5 1.5 0 0 0 9.5 0h-3z"/>
|
|
</svg>
|
|
</button>
|
|
</div>
|
|
{% if url['url_object'].ip_address %}
|
|
<div>
|
|
IP from HAR: <b>{{ url['url_object'].ip_address }}</b>
|
|
{% if uwhois_available %}(<a href="{{ url_for('whois', query=url['url_object'].ip_address)}}">whois</a>){% endif %}
|
|
</div>
|
|
{% endif %}
|
|
{% if url['url_object'].security_details %}
|
|
<div>TLS certificate details:
|
|
<ul>
|
|
{% for k, v in url['url_object'].security_details.items() %}
|
|
<li><b>{{k}}</b>: {{v}}</li>
|
|
{% endfor%}
|
|
</ul>
|
|
</div>
|
|
{% endif %}
|
|
<div></div>
|
|
<ul class="list-group">
|
|
|
|
<li class="list-group-item">
|
|
<p class="h4">Request</p>
|
|
{{ popup_icons_request(url['url_object'], tree_uuid) }}
|
|
|
|
{% if url['url_object'].posted_data %}
|
|
<a href="{{ url_for('urlnode_post_request', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
|
|
Download posted data
|
|
</a></br>
|
|
Posted data size: {{ sizeof_fmt(url['url_object'].posted_data|length) }}
|
|
{% endif %}
|
|
|
|
{% if url['cookies_sent'] %}
|
|
<div>
|
|
<p class="h5">This request contains cookies.
|
|
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#request_cookies_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
|
|
<span class="if-collapsed">Show cookies sent.</span>
|
|
<span class="if-not-collapsed">Hide cookies sent.</span>
|
|
</button>
|
|
</p>
|
|
<div class="collapse" id="request_cookies_full_list_{{ url['url_object'].uuid }}">
|
|
<div class="card card-body">
|
|
{{ indexed_cookies("List of cookies sent in the request", "Node setting this cookie", url['cookies_sent']) }}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
{% endif %}
|
|
</li>
|
|
|
|
<li class="list-group-item">
|
|
{# Details of the response #}
|
|
<p class="h4">Response
|
|
<small>(Status code:
|
|
<span title="{{ http_status_description(url['url_object'].response['status']) }}">
|
|
{{ url['url_object'].response['status'] }})
|
|
</span>
|
|
-
|
|
<span>Load time: {{ url['url_object'].time.total_seconds() }}s</span>
|
|
</small>
|
|
</p>
|
|
{{ popup_icons_response(url['url_object'], tree_uuid) }}
|
|
|
|
{% if url['url_object'].downloaded_filename %}
|
|
{% if has_pandora %}
|
|
<div> Downloaded file: <b>{{url['url_object'].downloaded_filename}}</b> ({{sizeof_fmt(url['url_object'].downloaded_file.getbuffer().nbytes)}})</div>
|
|
<button id="pandora_submit_button" type="button" class="btn btn-primary" onclick="submit_pandora()">Submit to Pandora</button>
|
|
<div>After clicking on the button above, a link to the report on Pandora will be copied in your clipboard.</div>
|
|
{% else %}
|
|
<a href="{{ url_for('data', tree_uuid=tree_uuid)}}">
|
|
Download {{url['url_object'].downloaded_filename}}
|
|
</a> ({{sizeof_fmt(url['url_object'].downloaded_file.getbuffer().nbytes)}})
|
|
{% endif%}
|
|
|
|
{% else %}
|
|
{% if url['url_object'].rendered_html %}
|
|
<a href="{{ url_for('urlnode_rendered_content', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
|
|
Download rendered HTML page
|
|
</a>({{ sizeof_fmt(url['url_object'].rendered_html.getbuffer().nbytes)}})
|
|
</br>
|
|
<a href="{{ url_for('urlnode_urls_in_rendered_content', tree_uuid=tree_uuid, node_uuid=url['url_object'].uuid) }}">
|
|
Download URLs in rendered HTML page
|
|
</a>
|
|
{% endif %}
|
|
<div>
|
|
{% if url['url_object'].empty_response %}
|
|
Empty body.
|
|
{% else %}
|
|
{{ ressource_legitimacy_details(url['legitimacy'], url['url_object'].body.getbuffer().nbytes) }}
|
|
{% endif %}
|
|
</div>
|
|
{%endif%}
|
|
|
|
|
|
{% if url['known_content'] %}
|
|
{{ known_content_details(url['known_content']) }}
|
|
{% endif %}
|
|
|
|
{# Everything we know about the response content #}
|
|
{% if url['body_hash_details'] and url['body_hash_details']['hash_freq'] %}
|
|
<div>
|
|
This file can be found <b>{{ url['body_hash_details']['hash_freq'] }}</b> times
|
|
across all the captures on this lookyloo instance, in <b>{{ url['body_hash_details']['hash_domains_freq'] }}</b> unique domains.
|
|
|
|
{# other captures related with the same content #}
|
|
{% if 'other_captures' in url['body_hash_details'] %}
|
|
</br>
|
|
{{ indexed_hash(url['body_hash_details']['other_captures'], url['url_object'].uuid) }}
|
|
{% endif %}
|
|
{# Link to list of captures with the same hash #}
|
|
<p>
|
|
<a href="{{ url_for('body_hash_details', body_hash=url['url_object'].body_hash, from_popup=True) }}">
|
|
Show more information about this response body.
|
|
</a>
|
|
</p>
|
|
</div>
|
|
{% endif %}
|
|
{% if enable_context_by_users %}
|
|
</br>
|
|
{{ context_form(tree_uuid, url['url_object'].uuid, hostnode_uuid, url['url_object'].body_hash, 'hostnode_popup') }}
|
|
{% endif %}
|
|
|
|
{% if url['embedded_ressources'] %}
|
|
{# Details on embedded resources #}
|
|
<div><b>This response contains embedded ressources</b>
|
|
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#embedded_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
|
|
<span class="if-collapsed">Show embedded resources.</span>
|
|
<span class="if-not-collapsed">Hide embedded resources.</span>
|
|
</button>
|
|
</div>
|
|
<div class="collapse" id="embedded_full_list_{{ url['url_object'].uuid }}">
|
|
<div class="card card-body">
|
|
{% for hash, details in url['embedded_ressources'].items() %}
|
|
<div>
|
|
{% if details['known_content'] %}
|
|
{{ known_content_details(details['known_content']) }}
|
|
{% endif %}
|
|
{{ ressource_legitimacy_details(details['legitimacy'], details['body_size']) }}
|
|
</div>
|
|
<div>
|
|
This file {% if details['type'] %}(<b>{{ details['type'] }}</b>){% endif %} can be found <b>{{ details['hash_freq'] }}</b> times
|
|
across all the captures on this lookyloo instance, in <b>{{ details['hash_domains_freq'] }}</b> unique domains.
|
|
{{ get_ressource_button(tree_uuid, url['url_object'].uuid, hash,
|
|
'Download the embedded ressource',
|
|
details['type'] and details['type'].startswith('image')) }}
|
|
</br>
|
|
{% if enable_context_by_users %}
|
|
{{ context_form(tree_uuid, url['url_object'].uuid, hostnode_uuid, hash, 'hostnode_popup') }}
|
|
{% endif %}
|
|
|
|
{% if 'other_captures' in details %}
|
|
{{ indexed_hash(details['other_captures'], hash) }}
|
|
{% endif %}
|
|
<p><a href="{{ url_for('body_hash_details', body_hash=url['url_object'].body_hash, from_popup=True) }}">
|
|
Show more information about this embedded content.
|
|
</a></p>
|
|
</div>
|
|
{% endfor %}
|
|
</div>
|
|
</div>
|
|
{% endif %}
|
|
|
|
{% if url['cookies_received'] %}
|
|
<div>
|
|
<p class="h5">This response contains cookies.
|
|
<button class="btn btn-primary collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#response_cookies_full_list_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseExample">
|
|
<span class="if-collapsed">Show cookies received.</span>
|
|
<span class="if-not-collapsed">Hide cookies received.</span>
|
|
</button>
|
|
</p>
|
|
<div class="collapse" id="response_cookies_full_list_{{ url['url_object'].uuid }}">
|
|
<div class="card card-body">
|
|
{{ indexed_cookies("This response contains 3rd party cookies:", "Node sending this cookie", url['cookies_received']['3rd_party']) }}
|
|
{{ indexed_cookies("Cookies, sent somewhere in the capture", "Node sending this cookie", url['cookies_received']['sent']) }}
|
|
{{ indexed_cookies("Cookies, never sent", "", url['cookies_received']['not_sent']) }}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
{% endif %}
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
{% endfor %}
|
|
</ul>
|
|
{% endblock %}
|