From 9639a51abdd9b9fefafd3df15878d49abbbe955e Mon Sep 17 00:00:00 2001 From: Terrtia Date: Mon, 20 May 2019 11:57:49 +0200 Subject: [PATCH] chg: [PgpDump] fix graph + add new tags: pgp-signature pgp-public-key-block + avoid keys injection in pgp user_id --- bin/Keys.py | 22 +++++++--- bin/PgpDump.py | 3 ++ .../modules/hashDecoded/Flask_hashDecoded.py | 43 +++++++++++-------- .../hashDecoded/templates/PgpDecoded.html | 15 ++++--- var/www/templates/decoded/menu_sidebar.html | 2 +- 5 files changed, 54 insertions(+), 31 deletions(-) diff --git a/bin/Keys.py b/bin/Keys.py index 6d6e6166..eb06601a 100755 --- a/bin/Keys.py +++ b/bin/Keys.py @@ -25,13 +25,26 @@ from Helper import Process def search_key(paste): content = paste.get_p_content() find = False + get_pgp_content = False if '-----BEGIN PGP MESSAGE-----' in content: publisher.warning('{} has a PGP enc message'.format(paste.p_name)) msg = 'infoleak:automatic-detection="pgp-message";{}'.format(message) p.populate_set_out(msg, 'Tags') + get_pgp_content = True find = True + if '-----BEGIN PGP PUBLIC KEY BLOCK-----' in content: + msg = 'infoleak:automatic-detection="pgp-public-key-block";{}'.format(message) + p.populate_set_out(msg, 'Tags') + get_pgp_content = True + + if '-----BEGIN PGP SIGNATURE-----' in content: + msg = 'infoleak:automatic-detection="pgp-signature";{}'.format(message) + p.populate_set_out(msg, 'Tags') + get_pgp_content = True + + if '-----BEGIN CERTIFICATE-----' in content: publisher.warning('{} has a certificate message'.format(paste.p_name)) @@ -108,13 +121,8 @@ def search_key(paste): p.populate_set_out(msg, 'Tags') find = True - if '-----BEGIN PGP PUBLIC KEY BLOCK-----' in content: - p.populate_set_out(message, 'PgpDump') - - if '-----BEGIN PGP SIGNATURE-----' in content: - p.populate_set_out(message, 'PgpDump') - - if '-----BEGIN PGP MESSAGE-----' in content: + # pgp content + if get_pgp_content: p.populate_set_out(message, 'PgpDump') if find : diff --git a/bin/PgpDump.py b/bin/PgpDump.py index 6cf754d0..20009235 100755 --- a/bin/PgpDump.py +++ b/bin/PgpDump.py @@ -68,6 +68,9 @@ def get_pgp_packet(save_path): def extract_id_from_output(pgp_dump_outpout): all_user_id = set(re.findall(regex_user_id, pgp_dump_outpout)) for user_id in all_user_id: + # avoid key injection in user_id: + pgp_dump_outpout.replace(user_id, '', 1) + user_id = user_id.replace(user_id_str, '', 1) mail = None if ' <' in user_id: diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py index f775d058..c5e34d0f 100644 --- a/var/www/modules/hashDecoded/Flask_hashDecoded.py +++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py @@ -1014,35 +1014,44 @@ def pgp_range_type_json(): return jsonify(range_type) -@hashDecoded.route('/decoded/pgp_by_type_json') #################################### +@hashDecoded.route('/decoded/pgp_by_type_json') ## TODO: REFRACTOR def pgp_by_type_json(): type_id = request.args.get('type_id') + date_from = request.args.get('date_from') + + if date_from is None: + date_from = datetime.date.today().strftime("%Y%m%d") #retrieve + char type_id = type_id.replace(' ', '+') + default = False + + if type_id is None: + default = True + all_type = ['key', 'name', 'mail'] + else: + all_type = [ type_id ] num_day_type = 30 date_range = get_date_range(num_day_type) #verify input - if verify_pgp_type_id(type_id): - - r_serv_metadata.smembers('hash_all_type'): - type_value = [] - all_decoder = r_serv_metadata.smembers('all_decoder') - - range_decoder = [] - for date in date_range: - day_decoder = {} - day_decoder['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8] - for decoder in all_decoder: - num_day_decoder = r_serv_metadata.zscore(decoder+'_type:'+type, date) - if num_day_decoder is None: - num_day_decoder = 0 - day_decoder[decoder]= num_day_decoder - range_decoder.append(day_decoder) + if verify_pgp_type_id(type_id) or default: + type_value = [] + range_decoder = [] + for date in date_range: + day_type_id = {} + day_type_id['date']= date[0:4] + '-' + date[4:6] + '-' + date[6:8] + for type_pgp in all_type: + all_vals_key = r_serv_metadata.hvals('pgp:{}:date'.format(type_id, date)) + num_day_type_id = 0 + if all_vals_key is not None: + for val_key in all_vals_key: + num_day_type_id += int(val_key) + day_type_id[type_pgp]= num_day_type_id + range_decoder.append(day_type_id) return jsonify(range_decoder) else: diff --git a/var/www/modules/hashDecoded/templates/PgpDecoded.html b/var/www/modules/hashDecoded/templates/PgpDecoded.html index da568936..e7e21feb 100644 --- a/var/www/modules/hashDecoded/templates/PgpDecoded.html +++ b/var/www/modules/hashDecoded/templates/PgpDecoded.html @@ -187,7 +187,7 @@ { $('#date-range-from-input').val(s1); $('#date-range-to-input').val(s2); - } + }, }); $('#date-range-to').dateRangePicker({ separator : ' to ', @@ -202,18 +202,22 @@ { $('#date-range-from-input').val(s1); $('#date-range-to-input').val(s2); - } + }, }); + $('#date-range-from').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}'); + $('#date-range-to').data('dateRangePicker').setDateRange('{{date_from}}','{{date_to}}'); + $('#tableb64').DataTable({ "aLengthMenu": [[5, 10, 15, -1], [5, 10, 15, "All"]], "iDisplayLength": 10, "order": [[ 3, "desc" ]] }); - {% if type %} - //chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?type_id={{type}}", 'id'); - {% elif daily_type_chart %} + {% if type_id %} + //chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_by_type_json') }}?date_from={{daily_date}}&type_id={{type_id}}", 'id'); + chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}&type_id={{type_id}}", 'id'); + {% elif type_id or daily_type_chart %} chart.stackBarChart =barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{daily_date}}&date_to={{daily_date}}", 'id'); {% else %} chart.stackBarChart = barchart_type_stack("{{ url_for('hashDecoded.pgp_range_type_json') }}?date_from={{date_from}}&date_to={{date_to}}", 'id'); @@ -243,7 +247,6 @@ function toggle_sidebar(){ }