Commit 3a705ea9 authored by Edvard Rejthar's avatar Edvard Rejthar

Merge branch 'master' of gitlab.labs.nic.cz:csirt/mdmaug

parents db4c1e13 aaf481f6
......@@ -39,6 +39,7 @@ user_pref("browser.safebrowsing.provider.mozilla.lastupdatetime", "1486578502288
user_pref("browser.safebrowsing.provider.mozilla.nextupdatetime", "1486582102288");
user_pref("browser.safebrowsing.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.search.countryCode", "CZ");
user_pref("browser.search.region", "CZ");
user_pref("browser.selfsupport.url", ""); // tato moznost normalne v about:config neni, ale omezuje to nejake zbytecnou telemetrii, viz Mozilla Heartbeat
......
......@@ -58,5 +58,5 @@ chmod g+w -R $DESTINATION
xhost +local:mdmaug
# Writer from Firefox to the disk
echo "{\"name\": \"firefox_mdmaug_writer\", \"description\": \"Firefox disk writer\", \"path\": \"$DESTINATION/mdmaug/bin/firefox_mdmaug_writer.py\", \"type\": \"stdio\", \"allowed_extensions\": [ \"mdmaug@csirt.cz\" ] }" > $DESTINATION/.mozilla/native-messaging-hosts/firefox_mdmaug_writer.json
# Xsuperfluous, copied with .mozilla folder. echo "{\"name\": \"firefox_mdmaug_writer\", \"description\": \"Firefox disk writer\", \"path\": \"$DESTINATION/firefox_mdmaug_writer.py\", \"type\": \"stdio\", \"allowed_extensions\": [ \"mdmaug@csirt.cz\" ] }" > $DESTINATION/.mozilla/native-messaging-hosts/firefox_mdmaug_writer.json
......@@ -113,8 +113,8 @@ class ScanController:
except Exception as e:
logger.debug(f"({self.profile}) PROFILE EXCEPTION")
logger.debug(traceback.format_exc())
# XX Pokud je potiz, ze JS zabiji FF, mozno experimentovat s ulimit -Sv 500000;
return f"PROFILE EXCEPTION ({self.profile}) {e} See logs, i.e. mdmaug/nohup.out. "
# (if the problem is FF is killed by JS, you may experiment with ulimit -Sv 500000)
return f"PROFILE EXCEPTION ({self.profile}) {e} See syslog."
crawl.save_to_file() # save search results
return crawl
......@@ -125,14 +125,13 @@ class ScanController:
return f"<div id='analysis-results'>{result}</div>"
def analyze(self):
# spustit firefox pod profilem
""" Run Firefox under a profile. """
print(f"({self.profile}) browser launch")
log_dir, cache_dir = self.assure_dirs() # prepare log & cache directories
logfile = log_dir + "log{}.log".format(self.profile)
# max_time = 3 # XXX
# ,nsSocketTransport:5,nsStreamPump:5,nsHostResolver:5
logger.debug("({}) FF -P {} -no-remote {}".format(self.profile, self.profile, self.url))
# http://localhost/redirect/ gets stripped by the extension
......
......@@ -31,7 +31,7 @@ class TrafficLogParser:
# if file in ('screenshot_base64.txt', 'screenshot_debug.html'): continue
# logger.debug(file)
path = crawl.cache_dir + file
with open(path, 'r') as f:
with open(path, 'r', encoding="utf-8") as f:
# logger.debug("traffic %s", path)
mime = ""
try:
......@@ -50,18 +50,21 @@ class TrafficLogParser:
# logger.debug(Domains.url2domain(url), Domains.url2path(url), path)
o = crawl[url2domain(url)].urls[url2path(url)]
try:
if f.readline() != "": # some content has been fetched
o.sourcefiles.append(path)
except:
import ipdb; ipdb.set_trace()
@staticmethod
def nicify_file(sourcefile):
""" Returns nicified output of a .tmp file containing the source codes """
nice_file = sourcefile + ".htm"
if isfile(nice_file):
with open(nice_file, "r") as f:
with open(nice_file, "r", encoding="utf-8") as f:
return f.read()
else:
with open(sourcefile, 'r') as f:
with open(sourcefile, 'r', encoding="utf-8") as f:
type_ = ""
# first row is URL a type of stream (since Webextensions no more mime type)
url = f.readline().rstrip().split(" ", 1)
......@@ -87,7 +90,7 @@ class TrafficLogParser:
data = buf.getvalue()
with open(nice_file, "w") as f2: # zapsat hezke formatovani do souboru
with open(nice_file, "w", encoding="utf-8") as f2: # zapsat hezke formatovani do souboru
f2.write(data)
buf.close()
......
......@@ -247,6 +247,7 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic.
// focus voting from suspicious (undecided for Safebrowsing) or n/a (undecided);
// (there is no reason in focusing 'allow', jeste nekomu ujede ruka)
$("[data-group=suspicious], [data-group='n/a']").find(".voting:eq(0) input:checked").focus();
$reanalyzeButton.show();
} else if (e.data.voted) {//ve vedlejsim tabu se hlasovalo, zmen hodnotu i zde
changeVote($("[type=radio][value='" + e.data.voted + "']", $(".web .domain:contains('" + e.data.domain + "'):eq(0)").siblings(".voting")).prop("checked", true), false);//hlasovat
}
......@@ -264,7 +265,6 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic.
$("#analysis-result-panel > h1:eq(0)").append(" " + url);
$analysisTabHeader[0].firstChild.data = $analysisTabHeader.data("text") + "..."; // change text without affecting <u>number</u> shortcut-hint
$("#content").before("<iframe width='10px' height='10px' src='" + APP_HOST + "/destination=" + LOCAL_DESTINATION.hostname + "/api/analyze" + (forceServer ? "" : "=cached") + "/" + url + "'></iframe>");
$reanalyzeButton.show();
};
return {analyze: analyze};
......
......@@ -105,6 +105,7 @@
<script>
var APP_HOST = "{{ APP_HOST }}"; // "http://localhost:5000"
</script>
<script src="static/homepage_script.js"></script>
<script src="static/mdmaug-analysis.js"></script>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment