ws in views

LDO-CERT · Sep 10, 2020 · 0524cdb · 0524cdb
1 parent bf891b3
commit 0524cdb
Show file tree

Hide file tree

Showing 14 changed files with 204 additions and 108 deletions.
diff --git a/config/settings/base.py b/config/settings/base.py
@@ -47,7 +47,7 @@
     "django.contrib.sites",
     "django.contrib.messages",
     "django.contrib.staticfiles",
-    # "django.contrib.humanize", # Handy template tags
+    "django.contrib.humanize",
     "django.contrib.admin",
     "django.contrib.postgres",
     "django.forms",
@@ -118,6 +118,7 @@
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.common.BrokenLinkEmailsMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "orochi.website.middleware.UpdatesMiddleware",
 ]
 
 # STATIC

diff --git a/orochi/static/css/style.css b/orochi/static/css/style.css
@@ -273,15 +273,37 @@ tr.shown td.details-control {
 }
 
 .leftSidebar {
-  width: 10%;
+  width: 15%;
   position: fixed;
-  top: 100px;
+  top: 95px;
   right: 0;
   height: 100%;
-  background-color: red;
+  background-color: #f8f9fa;
+  padding-top: 10px;
 }
 
 .table-responsive,
 .alert-primary {
   width: 100%;
 }
+
+.show_note {
+  position: fixed;
+  width: 50px;
+  height: 50px;
+  bottom: 35px;
+  right: 35px;
+  background-color: #0c9;
+  color: #fff;
+  border-radius: 40px;
+  text-align: center;
+  box-shadow: 2px 2px 3px #999;
+  font-family: Verdana, Geneva, sans-serif;
+  font-size: 18px;
+  padding: 0;
+  margin: 0;
+}
+
+.collapsing {
+  transition: none !important;
+}
diff --git a/orochi/templates/base.html b/orochi/templates/base.html
@@ -53,8 +53,6 @@
               href="{% url 'admin:index' %}">{% trans "Admin" %}</a>{% endif %}
             <a class="dropdown-item"
               href="{% url 'users:detail' username=request.user.username %}">{% trans "Plugins" %}</a>
-            <a class="dropdown-item" href="#" id="toggle_note" data-toggle="collapse"
-              data-target="#left_note">{% trans "Notes" %}</a>
             <a class="dropdown-item" href="{% url 'account_logout' %}">{% trans "Sign Out" %}</a>
           </div>
 

diff --git a/orochi/templates/website/index.html b/orochi/templates/website/index.html
@@ -60,11 +60,22 @@ <h6 class="sidebar-heading d-flex justify-content-between align-items-center px-
     <div class="alert alert-primary" role="alert">
         Select index(es) and plugin!
     </div>
-    <div id="left_note" class="note collapse leftSidebar">
-        <textarea id="chat-log" cols="100" rows="20"></textarea>
-    </div>
 </div>
-
+<div id="left_note" class="note collapse leftSidebar">
+    <ul id="chat-log">
+        {% for new in news %}
+        <li>
+            <dl>
+                <dt>{{new.date|date:"SHORT_DATETIME_FORMAT"}}</dt>
+                <dd>{{new.text|safe}}</dd>
+            </dl>
+        </li>
+        {% endfor %}
+    </ul>
+</div>
+<a class="show_note" href="#" id="toggle_note" data-toggle="collapse" data-target="#left_note">
+    <i class="far fa-file-alt" style="margin-top:18px;"></i>
+</a>
 {% endblock content %}
 
 
@@ -75,21 +86,24 @@ <h6 class="sidebar-heading d-flex justify-content-between align-items-center px-
 
     $(document).ready(function () {
 
+        // HIDE/SHOW NOTE PANEL
         $(document).on("hidden.bs.collapse", "#left_note", function () {
             document.querySelector(".table-responsive").style.width = "100%";
         });
         $(document).on("shown.bs.collapse", "#left_note", function () {
-            document.querySelector(".table-responsive").style.width = "85%";
+            document.querySelector(".table-responsive").style.width = "80%";
         });
 
-        // WS
+        // WS, UPDATE NOTE
         const chatSocket = new WebSocket(
             `ws://${window.location.host}/ws/notify/{{ user.pk }}/`
         );
 
         chatSocket.onmessage = function (e) {
             const data = JSON.parse(e.data);
-            document.querySelector('#chat-log').value += (data.message + '\n');
+            const text = data.message.split("||")[1];
+            const date = data.message.split("||")[0];
+            $("#chat-log").prepend(`<li><dl><dt>${date}</dt><dd>${text}</dd></dl></li>`);
         };
 
         chatSocket.onclose = function (e) {

diff --git a/orochi/templates/website/notify.html b/orochi/templates/website/notify.html
diff --git a/orochi/templates/website/partial_analysis.html b/orochi/templates/website/partial_analysis.html
@@ -31,7 +31,7 @@ <h1 class="h2">Selected items:
         </ul>
     </div>
     <hr>
-    {% if tree%}
+    {% if tree and not empty %}
     <div id="data" class="demo" style='width:100%'></div>
 
     <script>
@@ -49,6 +49,12 @@ <h1 class="h2">Selected items:
         });
     </script>
 
+    {% elif tree and empty %}
+    <div id="data" class="demo" style='width:100%'>
+        <div class="alert alert-primary" role="alert">
+            No data to display!
+        </div>
+    </div>
 
     {% else %}
     {% for item in data %}

diff --git a/orochi/utils/volatility_dask_elk.py b/orochi/utils/volatility_dask_elk.py
@@ -6,6 +6,7 @@
 import hashlib
 import json
 import pathlib
+import datetime
 
 import pyclamd
 import virustotal3.core
@@ -19,7 +20,14 @@
 import volatility.plugins
 import volatility.symbols
 from volatility import framework
-from volatility.cli.text_renderer import JsonRenderer
+from volatility.cli.text_renderer import (
+    JsonRenderer,
+    format_hints,
+    quoted_optional,
+    hex_bytes_as_text,
+    optional,
+    display_disassembly,
+)
 from volatility.framework.configuration import requirements
 
 from volatility.framework import (
@@ -45,8 +53,11 @@
 from dask import delayed
 from distributed import get_client, secede, rejoin
 
-from django.contrib.auth import get_user_model
 from django.core.exceptions import ObjectDoesNotExist
+from django.contrib.auth import get_user_model
+from django.contrib.humanize.templatetags.humanize import naturaltime
+
+from guardian.shortcuts import get_users_with_perms
 
 from asgiref.sync import async_to_sync
 from channels.layers import get_channel_layer
@@ -81,6 +92,16 @@ class ReturnJsonRenderer(JsonRenderer):
         Custom json renderer that doesn't write json on disk but returns it with errors if present
     """
 
+    _type_renderers = {
+        format_hints.HexBytes: quoted_optional(hex_bytes_as_text),
+        format_hints.Hex: optional(lambda x: "0x{:x}".format(x)),
+        interfaces.renderers.Disassembly: quoted_optional(display_disassembly),
+        datetime.datetime: lambda x: x.isoformat()
+        if not isinstance(x, interfaces.renderers.BaseAbsentValue)
+        else None,
+        "default": lambda x: x,
+    }
+
     def render(self, grid: interfaces.renderers.TreeGrid):
         final_output = ({}, [])
 
@@ -218,7 +239,37 @@ def run_regipy(result_pk, filepath):
     ed.save()
 
 
+def send_to_ws(dump, result, plugin_name):
+    """
+        Notifies plugin result to websocket
+    """
+
+    colors = {1: "green", 2: "green", 3: "orange", 4: "red"}
+
+    users = get_users_with_perms(dump, only_with_perms_in=["can_see"])
+
+    channel_layer = get_channel_layer()
+    for user in users:
+        async_to_sync(channel_layer.group_send)(
+            "chat_{}".format(user.pk),
+            {
+                "type": "chat_message",
+                "message": "{}||Plugin <b>{}</b> on dump <b>{}</b> ended<br>Status: <b style='color:{}'>{}</b>".format(
+                    datetime.datetime.now().strftime("%m/%d/%Y %H:%M"),
+                    plugin_name,
+                    dump.name,
+                    colors[result.result],
+                    result.get_result_display(),
+                ),
+            },
+        )
+
+
 def run_plugin(dump_obj, plugin_obj, es_url, params=None):
+    """
+        Execute a single plugin on a dump with optional params.
+        If success data are sent to elastic.
+    """
     try:
         ctx = contexts.Context()
         constants.PARALLELISM = constants.Parallelism.Off
@@ -289,6 +340,7 @@ def run_plugin(dump_obj, plugin_obj, es_url, params=None):
                 ]
             )
             result.save()
+            send_to_ws(dump_obj, result, plugin_obj.name)
             return 0
         try:
             runned_plugin = constructed.run()
@@ -301,6 +353,7 @@ def run_plugin(dump_obj, plugin_obj, es_url, params=None):
             result.result = 4
             result.description = "\n".join(fulltrace)
             result.save()
+            send_to_ws(dump_obj, result, plugin_obj.name)
             return 0
 
         # RENDER OUTPUT IN JSON AND PUT IT IN ELASTIC
@@ -396,11 +449,7 @@ def run_plugin(dump_obj, plugin_obj, es_url, params=None):
             result.result = 1
             result.description = error
             result.save()
-
-        channel_layer = get_channel_layer()
-        async_to_sync(channel_layer.group_send)(
-            "chat_1", {"type": "chat_message", "message": "Hello!",}
-        )
+        send_to_ws(dump_obj, result, plugin_obj.name)
         return 0
 
     except Exception as excp:
@@ -410,10 +459,7 @@ def run_plugin(dump_obj, plugin_obj, es_url, params=None):
         result.result = 4
         result.description = "\n".join(fulltrace)
         result.save()
-        channel_layer = get_channel_layer()
-        async_to_sync(channel_layer.group_send)(
-            "chat_1", {"type": "chat_message", "message": "Hello error!",}
-        )
+        send_to_ws(dump_obj, result, plugin_obj.name)
         return 0
 
 
@@ -460,8 +506,3 @@ def unzip_then_run(dump_pk, user_pk, es_url):
     rejoin()
     dump.status = 2
     dump.save()
-    channel_layer = get_channel_layer()
-    async_to_sync(channel_layer.group_send)(
-        "chat_1", {"type": "chat_message", "message": "WOW!",}
-    )
-
diff --git a/orochi/website/admin.py b/orochi/website/admin.py
@@ -3,24 +3,33 @@
 from django.db import models
 from guardian.admin import GuardedModelAdmin
 from allauth.socialaccount.models import SocialAccount, SocialToken, SocialApp
-from orochi.website.models import Dump, Plugin, ExtractedDump, UserPlugin, Service
+from orochi.website.models import (
+    Dump,
+    Plugin,
+    ExtractedDump,
+    UserPlugin,
+    Service,
+    Result,
+)
 from django_file_form.models import UploadedFile
 from django_json_widget.widgets import JSONEditorWidget
 
 
-class PluginInline(admin.TabularInline):
-    model = Dump.plugins.through
-    extra = 0
+@admin.register(Result)
+class ResultAdmin(admin.ModelAdmin):
+    list_display = ("dump", "plugin", "result")
+    search_fields = ("dump", "plugin")
+    list_filter = ("dump", "plugin", "result", "updated_at")
 
 
 @admin.register(Dump)
 class DumpAdmin(GuardedModelAdmin):
     list_display = ("name", "author", "index", "status")
     search_fields = ["author", "name", "index"]
     list_filter = ("author", "status", "created_at")
-    inlines = [
-        PluginInline,
-    ]
+
+    def get_queryset(self, request):
+        return super(DumpAdmin, self).get_queryset(request).prefetch_related("plugins")
 
 
 @admin.register(UserPlugin)
@@ -83,7 +92,14 @@ class ServiceAdmin(admin.ModelAdmin):
 @admin.register(Plugin)
 class PluginAdmin(admin.ModelAdmin):
     list_display = ("name", "operating_system", "disabled")
-    list_filter = ("disabled", "operating_system")
+    list_filter = (
+        "disabled",
+        "operating_system",
+        "local_dump",
+        "vt_check",
+        "clamav_check",
+        "regipy_check",
+    )
     search_fields = ("name",)