Commit aaf481f6 authored by Edvard Rejthar's avatar Edvard Rejthar

encoding problem FIX #8

firefox prefs.js update
parent fb6ebd63
...@@ -39,6 +39,7 @@ user_pref("browser.safebrowsing.provider.mozilla.lastupdatetime", "1486578502288 ...@@ -39,6 +39,7 @@ user_pref("browser.safebrowsing.provider.mozilla.lastupdatetime", "1486578502288
user_pref("browser.safebrowsing.provider.mozilla.nextupdatetime", "1486582102288"); user_pref("browser.safebrowsing.provider.mozilla.nextupdatetime", "1486582102288");
user_pref("browser.safebrowsing.enabled", false); user_pref("browser.safebrowsing.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false); user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.search.countryCode", "CZ"); user_pref("browser.search.countryCode", "CZ");
user_pref("browser.search.region", "CZ"); user_pref("browser.search.region", "CZ");
user_pref("browser.selfsupport.url", ""); // tato moznost normalne v about:config neni, ale omezuje to nejake zbytecnou telemetrii, viz Mozilla Heartbeat user_pref("browser.selfsupport.url", ""); // tato moznost normalne v about:config neni, ale omezuje to nejake zbytecnou telemetrii, viz Mozilla Heartbeat
...@@ -116,4 +117,4 @@ user_pref("toolkit.telemetry.reportingpolicy.firstRun", false); ...@@ -116,4 +117,4 @@ user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
// I think these will be unuseful as of Firefox v 50+ or so // I think these will be unuseful as of Firefox v 50+ or so
user_pref("xpinstall.signatures.required", false); user_pref("xpinstall.signatures.required", false);
user_pref("xpinstall.whitelist.required", false); user_pref("xpinstall.whitelist.required", false);
\ No newline at end of file
...@@ -58,5 +58,5 @@ chmod g+w -R $DESTINATION ...@@ -58,5 +58,5 @@ chmod g+w -R $DESTINATION
xhost +local:mdmaug xhost +local:mdmaug
# Writer from Firefox to the disk # Writer from Firefox to the disk
echo "{\"name\": \"firefox_mdmaug_writer\", \"description\": \"Firefox disk writer\", \"path\": \"$DESTINATION/mdmaug/bin/firefox_mdmaug_writer.py\", \"type\": \"stdio\", \"allowed_extensions\": [ \"mdmaug@csirt.cz\" ] }" > $DESTINATION/.mozilla/native-messaging-hosts/firefox_mdmaug_writer.json # Xsuperfluous, copied with .mozilla folder. echo "{\"name\": \"firefox_mdmaug_writer\", \"description\": \"Firefox disk writer\", \"path\": \"$DESTINATION/firefox_mdmaug_writer.py\", \"type\": \"stdio\", \"allowed_extensions\": [ \"mdmaug@csirt.cz\" ] }" > $DESTINATION/.mozilla/native-messaging-hosts/firefox_mdmaug_writer.json
...@@ -4,8 +4,6 @@ Scans a website for a sign of a parasite hosts or commands. ...@@ -4,8 +4,6 @@ Scans a website for a sign of a parasite hosts or commands.
## Installation ## Installation
### First-run
1. Download ```git clone git@gitlab.labs.nic.cz:csirt/mdmaug.git /tmp/mdmaug``` 1. Download ```git clone git@gitlab.labs.nic.cz:csirt/mdmaug.git /tmp/mdmaug```
2. Edit mdmaug/lib/config.py 2. Edit mdmaug/lib/config.py
3. You should generate a certificate to `mdmaug/cert-mdmaug.pem`, at least a self-signed one (non recommended): `openssl req -x509 -newkey rsa:4096 -nodes -out cert-mdmaug.pem -keyout key-mdmaug.pem` 3. You should generate a certificate to `mdmaug/cert-mdmaug.pem`, at least a self-signed one (non recommended): `openssl req -x509 -newkey rsa:4096 -nodes -out cert-mdmaug.pem -keyout key-mdmaug.pem`
......
...@@ -113,8 +113,8 @@ class ScanController: ...@@ -113,8 +113,8 @@ class ScanController:
except Exception as e: except Exception as e:
logger.debug(f"({self.profile}) PROFILE EXCEPTION") logger.debug(f"({self.profile}) PROFILE EXCEPTION")
logger.debug(traceback.format_exc()) logger.debug(traceback.format_exc())
# XX Pokud je potiz, ze JS zabiji FF, mozno experimentovat s ulimit -Sv 500000; # (if the problem is FF is killed by JS, you may experiment with ulimit -Sv 500000)
return f"PROFILE EXCEPTION ({self.profile}) {e} See logs, i.e. mdmaug/nohup.out. " return f"PROFILE EXCEPTION ({self.profile}) {e} See syslog."
crawl.save_to_file() # save search results crawl.save_to_file() # save search results
return crawl return crawl
...@@ -125,14 +125,13 @@ class ScanController: ...@@ -125,14 +125,13 @@ class ScanController:
return f"<div id='analysis-results'>{result}</div>" return f"<div id='analysis-results'>{result}</div>"
def analyze(self): def analyze(self):
# spustit firefox pod profilem """ Run Firefox under a profile. """
print(f"({self.profile}) browser launch") print(f"({self.profile}) browser launch")
log_dir, cache_dir = self.assure_dirs() # prepare log & cache directories log_dir, cache_dir = self.assure_dirs() # prepare log & cache directories
logfile = log_dir + "log{}.log".format(self.profile) logfile = log_dir + "log{}.log".format(self.profile)
# max_time = 3 # XXX
# ,nsSocketTransport:5,nsStreamPump:5,nsHostResolver:5 # ,nsSocketTransport:5,nsStreamPump:5,nsHostResolver:5
logger.debug("({}) FF -P {} -no-remote {}".format(self.profile, self.profile, self.url)) logger.debug("({}) FF -P {} -no-remote {}".format(self.profile, self.profile, self.url))
# http://localhost/redirect/ gets stripped by the extension # http://localhost/redirect/ gets stripped by the extension
......
...@@ -31,7 +31,7 @@ class TrafficLogParser: ...@@ -31,7 +31,7 @@ class TrafficLogParser:
# if file in ('screenshot_base64.txt', 'screenshot_debug.html'): continue # if file in ('screenshot_base64.txt', 'screenshot_debug.html'): continue
# logger.debug(file) # logger.debug(file)
path = crawl.cache_dir + file path = crawl.cache_dir + file
with open(path, 'r') as f: with open(path, 'r', encoding="utf-8") as f:
# logger.debug("traffic %s", path) # logger.debug("traffic %s", path)
mime = "" mime = ""
try: try:
...@@ -50,18 +50,21 @@ class TrafficLogParser: ...@@ -50,18 +50,21 @@ class TrafficLogParser:
# logger.debug(Domains.url2domain(url), Domains.url2path(url), path) # logger.debug(Domains.url2domain(url), Domains.url2path(url), path)
o = crawl[url2domain(url)].urls[url2path(url)] o = crawl[url2domain(url)].urls[url2path(url)]
if f.readline() != "": # some content has been fetched try:
o.sourcefiles.append(path) if f.readline() != "": # some content has been fetched
o.sourcefiles.append(path)
except:
import ipdb; ipdb.set_trace()
@staticmethod @staticmethod
def nicify_file(sourcefile): def nicify_file(sourcefile):
""" Returns nicified output of a .tmp file containing the source codes """ """ Returns nicified output of a .tmp file containing the source codes """
nice_file = sourcefile + ".htm" nice_file = sourcefile + ".htm"
if isfile(nice_file): if isfile(nice_file):
with open(nice_file, "r") as f: with open(nice_file, "r", encoding="utf-8") as f:
return f.read() return f.read()
else: else:
with open(sourcefile, 'r') as f: with open(sourcefile, 'r', encoding="utf-8") as f:
type_ = "" type_ = ""
# first row is URL a type of stream (since Webextensions no more mime type) # first row is URL a type of stream (since Webextensions no more mime type)
url = f.readline().rstrip().split(" ", 1) url = f.readline().rstrip().split(" ", 1)
...@@ -87,7 +90,7 @@ class TrafficLogParser: ...@@ -87,7 +90,7 @@ class TrafficLogParser:
data = buf.getvalue() data = buf.getvalue()
with open(nice_file, "w") as f2: # zapsat hezke formatovani do souboru with open(nice_file, "w", encoding="utf-8") as f2: # zapsat hezke formatovani do souboru
f2.write(data) f2.write(data)
buf.close() buf.close()
......
...@@ -247,6 +247,7 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic. ...@@ -247,6 +247,7 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic.
// focus voting from suspicious (undecided for Safebrowsing) or n/a (undecided); // focus voting from suspicious (undecided for Safebrowsing) or n/a (undecided);
// (there is no reason in focusing 'allow', jeste nekomu ujede ruka) // (there is no reason in focusing 'allow', jeste nekomu ujede ruka)
$("[data-group=suspicious], [data-group='n/a']").find(".voting:eq(0) input:checked").focus(); $("[data-group=suspicious], [data-group='n/a']").find(".voting:eq(0) input:checked").focus();
$reanalyzeButton.show();
} else if (e.data.voted) {//ve vedlejsim tabu se hlasovalo, zmen hodnotu i zde } else if (e.data.voted) {//ve vedlejsim tabu se hlasovalo, zmen hodnotu i zde
changeVote($("[type=radio][value='" + e.data.voted + "']", $(".web .domain:contains('" + e.data.domain + "'):eq(0)").siblings(".voting")).prop("checked", true), false);//hlasovat changeVote($("[type=radio][value='" + e.data.voted + "']", $(".web .domain:contains('" + e.data.domain + "'):eq(0)").siblings(".voting")).prop("checked", true), false);//hlasovat
} }
...@@ -264,7 +265,6 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic. ...@@ -264,7 +265,6 @@ if (document.location.href.indexOf("/detail/") !== -1) { // ex: https://mdm.nic.
$("#analysis-result-panel > h1:eq(0)").append(" " + url); $("#analysis-result-panel > h1:eq(0)").append(" " + url);
$analysisTabHeader[0].firstChild.data = $analysisTabHeader.data("text") + "..."; // change text without affecting <u>number</u> shortcut-hint $analysisTabHeader[0].firstChild.data = $analysisTabHeader.data("text") + "..."; // change text without affecting <u>number</u> shortcut-hint
$("#content").before("<iframe width='10px' height='10px' src='" + APP_HOST + "/destination=" + LOCAL_DESTINATION.hostname + "/api/analyze" + (forceServer ? "" : "=cached") + "/" + url + "'></iframe>"); $("#content").before("<iframe width='10px' height='10px' src='" + APP_HOST + "/destination=" + LOCAL_DESTINATION.hostname + "/api/analyze" + (forceServer ? "" : "=cached") + "/" + url + "'></iframe>");
$reanalyzeButton.show();
}; };
return {analyze: analyze}; return {analyze: analyze};
......
...@@ -105,6 +105,7 @@ ...@@ -105,6 +105,7 @@
<script> <script>
var APP_HOST = "{{ APP_HOST }}"; // "http://localhost:5000" var APP_HOST = "{{ APP_HOST }}"; // "http://localhost:5000"
</script> </script>
<script src="static/homepage_script.js"></script>
<script src="static/mdmaug-analysis.js"></script> <script src="static/mdmaug-analysis.js"></script>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment