From b7d37e81d4bf94bcd96f57936ebaf3b2588e4678 Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 19 Aug 2020 11:37:51 +0200
Subject: [PATCH] chg: [tracker yara] show rule content

---
 bin/lib/Tracker.py                                | 14 ++++++++++++++
 var/www/modules/hunter/Flask_hunter.py            |  9 ++++++++-
 var/www/modules/hunter/templates/showTracker.html |  5 +++++
 3 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/bin/lib/Tracker.py b/bin/lib/Tracker.py
index 638a9822..b09a1d3e 100755
--- a/bin/lib/Tracker.py
+++ b/bin/lib/Tracker.py
@@ -123,6 +123,20 @@ def save_yara_rule(yara_rule_type, yara_rule, tracker_uuid=None):
     if yara_rule_type == 'yara_default':
         filename = os.path.join('ail-yara-rules', 'rules', yara_rule)
     return filename
+
+def get_yara_rule_content(yara_rule):
+    yara_dir = get_yara_rules_dir()
+    filename = os.path.join(yara_dir, yara_rule)
+    filename = os.path.realpath(filename)
+
+    # incorrect filename
+    if not os.path.commonprefix([filename, yara_dir]) == yara_dir:
+        return '' # # TODO: throw exception
+
+    with open(filename, 'r') as f:
+        rule_content = f.read()
+    return rule_content
+
 ##-- YARA --##
 
 
diff --git a/var/www/modules/hunter/Flask_hunter.py b/var/www/modules/hunter/Flask_hunter.py
index 1fac2866..48530574 100644
--- a/var/www/modules/hunter/Flask_hunter.py
+++ b/var/www/modules/hunter/Flask_hunter.py
@@ -153,6 +153,11 @@ def show_tracker():
 
     tracker_metadata = Term.get_term_metedata(term_uuid, user_id=True, level=True, description=True, tags=True, mails=True, sparkline=True)
 
+    if tracker_metadata['type'] == 'yara':
+        yara_rule_content = Tracker.get_yara_rule_content(tracker_metadata['term'])
+    else:
+        yara_rule_content = None
+
     if date_from:
         res = Term.parse_get_tracker_term_item({'uuid': term_uuid, 'date_from': date_from, 'date_to': date_to}, user_id)
         if res[1] !=200:
@@ -165,7 +170,9 @@ def show_tracker():
         tracker_metadata['date_from'] = ''
         tracker_metadata['date_to'] = ''
 
-    return render_template("showTracker.html", tracker_metadata=tracker_metadata, bootstrap_label=bootstrap_label)
+    return render_template("showTracker.html", tracker_metadata=tracker_metadata,
+                                    yara_rule_content=yara_rule_content,
+                                    bootstrap_label=bootstrap_label)
 
 @hunter.route("/tracker/update_tracker_description", methods=['POST'])
 @login_required
diff --git a/var/www/modules/hunter/templates/showTracker.html b/var/www/modules/hunter/templates/showTracker.html
index 29e8b103..d55c4c6b 100644
--- a/var/www/modules/hunter/templates/showTracker.html
+++ b/var/www/modules/hunter/templates/showTracker.html
@@ -175,6 +175,11 @@
 								<button class='btn btn-danger'><i class="fas fa-trash-alt"></i>
 								</button>
 							</a>
+
+							{%if yara_rule_content%}
+								<p class="my-0"></br></br><pre class="border bg-light">{{ yara_rule_content }}</pre></p>
+							{%endif%}
+
 						</div>
 					</div>