lookyloo/website/web/templates/macros.html

329 lines
12 KiB
HTML

{% macro taxonomy_table(tree_uuid, categories_info, add_category) %}
<div class="table-responsive">
<table id="table" class="table">
<thead>
<tr>
<th>Name</th>
<th>Description</th>
<th>Machinetag</th>
{% if add_category %}
<th>Click to add category</th>
{% else %}
<th>Click to remove category</th>
{% endif %}
</tr>
</thead>
<tbody>
{% if categories_info is mapping %}
{% for mt, val in categories_info.items() %}
<tr>
<td><a href="https://www.misp-project.org/taxonomies.html#_{{ val[0].name }}">{{ val[0].name }}</a></td>
<td>
{% if val|length == 3 %}
{% if val[2].description %}
{{ val[2].description }}
{% elif val[2].expanded %}
{{ val[2].expanded }}
{%endif%}
{% elif val[1].description %}
{{ val[1].description }}
{% else %}
{{ val[1].predicate }}
{%endif%}
</td>
<td>{{ mt }}</td>
<td>
<button type="button" class="btn btn-primary {% if add_category %}categorize_capture{% else %}uncategorize_capture{% endif %}" value="{{ mt }}">
{% if add_category %}
Categorize capture.
{% else %}
Uncategorize capture.
{% endif %}
</button>
</td>
</tr>
{% endfor %}
{% else %}
{% for mt in categories_info %}
<tr>
<td></td>
<td>
</td>
<td>{{ mt }}</td>
<td>
<button type="button" class="btn btn-primary {% if add_category %}categorize_capture{% else %}uncategorize_capture{% endif %}" value="{{ mt }}">
{% if add_category %}
Categorize capture.
{% else %}
Uncategorize capture.
{% endif %}
</button>
</td>
</tr>
{% endfor %}
{% endif %}
</tbody>
</table>
</div>
<script nonce="{{ csp_nonce() }}">
$('.categorize_capture').on('click',function(e){
var button = $(this);
$.get("{{ url_for('categorize_capture', tree_uuid=tree_uuid) }}" + button.val())
$('#categoriesModal .modal-body').load("{{ url_for('categories_capture', tree_uuid=tree_uuid) }}")
});
$('.uncategorize_capture').on('click',function(e){
var button = $(this);
$.get("{{ url_for('uncategorize_capture', tree_uuid=tree_uuid) }}" + button.val())
$('#categoriesModal .modal-body').load("{{ url_for('categories_capture', tree_uuid=tree_uuid) }}")
});
</script>
{% endmacro %}
{% macro known_content_details(details) %}
{% if details %}
<div>
{% if details is string %}
This ressource is known as a generic file: <b>{{ details }}</b>
{% else %}
This file is known as part of <b>{{ details[0] }}</b>
version <b>{{ details[1] }}</b>: <b>{{ details[2] }}</b>.
{% if details[3] > 1%}
It is also present in <b>{{ details[3] -1 }}</b> other libraries.
{%endif%}
{%endif%}
</div>
{%endif%}
{% endmacro %}
{% macro context_form(tree_uuid, urlnode_uuid, hash, callback_str) %}
<button class="btn btn-primary btn-sm collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#context_response_{{ urlnode_uuid }}" aria-expanded="false" aria-controls="collapseContextForm">
<span class="if-collapsed">Add context</span>
<span class="if-not-collapsed">Hide context form</span>
</button>
<div class="collapse" id="context_response_{{ urlnode_uuid }}">
<div class="card card-body">
<form role="form" action="{{ url_for('add_context', tree_uuid=tree_uuid, node_uuid=urlnode_uuid) }}" method=post enctype=multipart/form-data>
<div class="row mb-3">
<div class="col-sm-10">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="legitimate" id="legitimate">
<label for="legitimate" class="form-check-label">Legitimate</label>
</div>
</div>
</div>
<div class="row mb-3">
<div class="col-sm-10">
<label for="legitimate_domain" class="form-label">Domain serving the file when considered legitimate:</label>
<input type="text" class="form-control" name="legitimate_domain" id="legitimate_domain" placeholder="Domain name">
</div>
</div>
<div class="row mb-3">
<div class="col-sm-10">
<label for="legitimate_description" class="form-label">Other context for this content (library name, owner, ...):</label>
<input type="text" class="form-control" name="legitimate_description" id="legitimate_description" placeholder="Description">
</div>
</div>
<div class="row mb-3">
<div class="col-sm-10">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="malicious"></input>
<label for="malicious" class="form-check-label">Malicious</label>
</div>
</div>
</div>
<div class="row mb-3">
<div class="col-sm-10">
<label for="malicious_type" class="form-label">Type of malicious content (phishing, malware, ...):</label>
<input type="text" class="form-control" name="malicious_type" id="malicious_type" placeholder="Type of malicious content">
</div>
</div>
<div class="row mb-3">
<div class="col-sm-10">
<label for="malicious_target" class="form-label">Legitimate target of the malicious content (expecially for phishing):</label>
<input type="text" class="form-control" name="malicious_target" id="malicious_target" placeholder="Target">
</div>
</div>
<input type="hidden" id="hash_to_contextualize" name="hash_to_contextualize" value="{{ hash }}">
<input type="hidden" id="callback_str" name="callback_str" value="{{ callback_str }}">
<button type="submit" class="btn btn-primary" id="btn-looking">Submit context</button>
</form>
</div>
</div>
{% endmacro %}
{% macro ressource_legitimacy_details(details) %}
{% if details and details[0] == False %}
<img src="/static/bomb.svg" title="Known malicious content in the response." width="21" height="21"/>
{%endif%}
{% if details %}
{% if details[0] %}
- This file is known <b>legitimate</b> on the following domains: {{ ', '.join(details[1]) }}.
{% elif details[0] == False %}
<br>
<p>
The response sould be considered as
{% if details[1] is mapping and details[1].get('tag') %}
<b>{{ ', '.join(details[1]['tag']) }}</b>
{% else %}
<b>phishing</b>
{%endif%}
{% if details[1] is mapping and details[1].get('target') %}
and is targeting <b>the following domain(s)</b>: {{ ', '.join(details[1]['target']) }}
{% else %}
unless it is served by <b>the following domain(s)</b>: {{ ', '.join(details[1]) }}
{%endif%}
</p>
{%endif%}
{%endif%}
{% endmacro %}
{% macro indexed_cookies(header_text, button_text, cookies) %}
{% if cookies %}
<div>{{ header_text }}</div>
<ul>
{% for cookie, details in cookies.items() %}
{% set cookie_name_value = cookie.split('=', 1) %}
{% for detail in details %}
{% if detail|length == 1 %}
<li>
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0], from_popup=True) }}">
{{ cookie_name_value[0] }}</a>={{ shorten_string(cookie_name_value[1], 200) }}
</li>
{% else %}
<li>
{{ detail[0] }}: <a href="{{ url_for('cookies_name_detail', cookie_name=cookie_name_value[0], from_popup=True) }}">
{{ cookie_name_value[0] }}</a>={{ shorten_string(cookie_name_value[1], 200) }} -
<br>
{{ button_text }}
<button type="button" class="btn btn-primary locateInTree" data-hostnode="{{ detail[1] }}">Locate</button>
</li>
{% endif %}
{% endfor %}
{% endfor %}
</ul>
{% endif %}
{% endmacro %}
{% macro request_cookies_icon(urlnode, tree_uuid) %}
{% if urlnode.request_cookie %}
{% set icon_info = get_icon("request_cookie") %}
<a href="{{ url_for('urlnode_request_cookies', tree_uuid=tree_uuid, node_uuid=urlnode.uuid) }}">
<img src="{{ url_for('static', filename=icon_info['icon']) }}" alt="{{ icon_info['tooltip'] }}"
width="21" height="21"/
title="Download all the cookies in the request to the server">
</a>
{% endif %}
{% endmacro %}
{% macro pandora_submit(tree_uuid, node_uuid, ressource_hash) %}
<div class="col-sm-8">
<button type="button" class="btn btn-primary btn-sm submitPandoraButton"
title="open a new tab with the pandora report"
data-hostnode="{{ node_uuid }}"
data-hash="{{ ressource_hash }}"
data-pandorasubmit="{{ url_for('pandora_submit', tree_uuid=tree_uuid)}}">
Submit to Pandora
</button>
</div>
{% endmacro %}
{% macro hash_info(tree_uuid, urlnode_uuid, mimetype, hash, ressource_size,
nb_occurrences, has_pandora, legitimacy, known_content)%}
{{ hash_icon(tree_uuid, urlnode_uuid, mimetype, hash) }}
<b>Body size</b> (in the HTTP response): {{ sizeof_fmt(ressource_size) }}
{{ ressource_legitimacy_details(legitimacy) }}
{{ known_content_details(known_content) }}
{% if nb_occurrences > 0 %}
<div>
This file can be found <b>{{ nb_occurrences }}</b> times across all the captures on this lookyloo instance.
<p>
<a href="{{ url_for('body_hash_details', body_hash=hash, from_popup=True) }}">
Show more information about this ressource.
</a>
</p>
</div>
{% endif %}
{% if has_pandora %}
{{ pandora_submit(tree_uuid, urlnode_uuid, hash) }}
<br>
{% endif %}
{% endmacro %}
{% macro hash_icon(tree_uuid, urlnode_uuid, mimetype, hash) %}
{% if mimetype %}
{% set gt = generic_type(mimetype) %}
{% if gt in ["js", "exe", "css", "font", "html", "json", "image", "video",
"unknown_mimetype", "text", "unset_mimetype", "octet-stream",
"livestream"] %}
{% set icon_info = get_icon(gt) %}
<a href="{{ url_for('get_ressource', tree_uuid=tree_uuid, node_uuid=urlnode_uuid) }}">
<img src="{{ url_for('static', filename=icon_info['icon']) }}" alt="{{ icon_info['tooltip'] }}"
width="21" height="21"
{% if gt == "image" %}
data-bs-toggle="tooltip" data-bs-placement="bottom" data-bs-html="true"
title='<img class="ressource_preview" src="{{ url_for('get_ressource_preview', tree_uuid=tree_uuid, node_uuid=urlnode_uuid, h_ressource=hash) }}"/> <br>Click to download.'
{% else %}
data-bs-toggle="tooltip" data-bs-placement="bottom" data-bs-html="true"
title="{{icon_info['tooltip']}} <br/>Click to download."
{% endif %}
/>
</a>
<small>Mimetype: <b>{{mimetype}}</b></small>
<br>
{%endif%}
{%endif%}
{% endmacro %}
{% macro response_cookies_icon(urlnode, tree_uuid) %}
{% if urlnode.response_cookie %}
{% set icon_info = get_icon("response_cookie") %}
<a href="{{ url_for('urlnode_response_cookies', tree_uuid=tree_uuid, node_uuid=urlnode.uuid) }}"
title="Download all the cookies in the response from the server">
<img src="{{ url_for('static', filename=icon_info['icon']) }}" alt="{{ icon_info['tooltip'] }}"
width="21" height="21"/>
</a>
{% endif %}
{% endmacro %}
{% macro redirect_response(urlnode, tree_uuid) %}
{% if urlnode["redirect"] %}
{% set icon_info = get_icon('redirect') %}
{% for child in urlnode.children if child.name == urlnode.redirect_url %}
<div title='{{ urlnode.redirect_url }}'>
<b>Redirect to</b>: {{ shorten_string(urlnode.redirect_url, 50) }}
<button type="button" class="btn btn-link locateInTree" data-hostnode="{{ child.hostnode_uuid }}" title="See the node the URL redirects to.">
<img src="{{ url_for('static', filename=icon_info['icon']) }}" alt="{{ icon_info['tooltip'] }}" width="21" height="21"/>
</button>
</div>
{% else %}
<img src="{{ url_for('static', filename=icon_info['icon']) }}"
alt="{{ icon_info['tooltip'] }}" title="{{ icon_info['tooltip'] }}"
width="21" height="21"/>
{% endfor %}
{%endif%}
{% endmacro %}
{% macro shorten_string(string, cut_length, with_title=False) %}
{% if with_title %}
<div title="{{string}}">
{%endif%}
{% if string|length > cut_length %}
{{ string[:cut_length] }} [...]
{% else %}
{{ string }}
{%endif%}
{% if with_title %}
</div>
{%endif%}
{% endmacro %}