diff --git a/bin/lib/Correlate_object.py b/bin/lib/Correlate_object.py index 32cb382a..d08b3ddd 100755 --- a/bin/lib/Correlate_object.py +++ b/bin/lib/Correlate_object.py @@ -55,7 +55,7 @@ def exist_object(object_type, correlation_id, type_id=None): return Pgp.pgp._exist_corelation_field(type_id, correlation_id) elif object_type == 'cryptocurrency': return Cryptocurrency.cryptocurrency._exist_corelation_field(type_id, correlation_id) - elif object_type == 'screenshot': + elif object_type == 'screenshot' or object_type == 'image': return Screenshot.exist_screenshot(correlation_id) else: return False @@ -63,7 +63,7 @@ def exist_object(object_type, correlation_id, type_id=None): def get_object_metadata(object_type, correlation_id, type_id=None): if object_type == 'domain': return Domain.Domain(correlation_id).get_domain_metadata(tags=True) - elif object_type == 'paste': + elif object_type == 'paste' or object_type == 'item': return Item.get_item({"id": correlation_id, "date": True, "date_separator": True, "tags": True})[0] elif object_type == 'decoded': return Decoded.get_decoded_metadata(correlation_id, nb_seen=True, size=True, file_type=True) @@ -71,7 +71,7 @@ def get_object_metadata(object_type, correlation_id, type_id=None): return Pgp.pgp.get_metadata(type_id, correlation_id) elif object_type == 'cryptocurrency': return Cryptocurrency.cryptocurrency.get_metadata(type_id, correlation_id) - elif object_type == 'screenshot': + elif object_type == 'screenshot' or object_type == 'image': return Screenshot.get_metadata(correlation_id) def get_object_correlation(object_type, value, correlation_names, correlation_objects, requested_correl_type=None): @@ -85,7 +85,7 @@ def get_object_correlation(object_type, value, correlation_names, correlation_ob return Pgp.pgp.get_correlation_all_object(requested_correl_type, value, correlation_objects=correlation_objects) elif object_type == 'cryptocurrency': return Cryptocurrency.cryptocurrency.get_correlation_all_object(requested_correl_type, value, correlation_objects=correlation_objects) - elif object_type == 'screenshot': + elif object_type == 'screenshot' or object_type == 'image': return Screenshot.get_screenshot_correlated_object(value, correlation_objects) return {} @@ -145,7 +145,7 @@ def get_correlation_node_icon(correlation_name, correlation_type=None, value=Non else: icon_text = '\uf249' - elif correlation_name == 'screenshot': + elif correlation_name == 'screenshot' or correlation_name == 'image': node_color = '#E1F5DF' icon_text = '\uf03e' @@ -181,7 +181,9 @@ def get_item_url(correlation_name, value, correlation_type=None): elif correlation_name == 'decoded': endpoint = 'correlation.show_correlation' url = url_for(endpoint, object_type="decoded", correlation_id=value) - elif correlation_name == 'screenshot': + elif correlation_name == 'screenshot': ### # TODO: remove me + endpoint = 'correlation.show_correlation' + elif correlation_name == 'image': endpoint = 'correlation.show_correlation' url = url_for(endpoint, object_type="screenshot", correlation_id=value) elif correlation_name == 'domain': diff --git a/bin/lib/Screenshot.py b/bin/lib/Screenshot.py index d646d839..8a4c8312 100755 --- a/bin/lib/Screenshot.py +++ b/bin/lib/Screenshot.py @@ -9,6 +9,7 @@ import redis sys.path.append(os.path.join(os.environ['AIL_BIN'], 'packages')) import Item import Date +import Tag import ConfigLoader @@ -33,8 +34,13 @@ def exist_screenshot(sha256_string): def get_metadata(sha256_string): metadata_dict = {} metadata_dict['img'] = get_screenshot_rel_path(sha256_string) + metadata_dict['tags'] = get_screenshot_tags(sha256_string) + metadata_dict['is_tags_safe'] = Tag.is_tags_safe(metadata_dict['tags']) return metadata_dict +def get_screenshot_tags(sha256_string): + return Tag.get_obj_tag(sha256_string) + def get_screenshot_items_list(sha256_string): res = r_serv_onion.smembers('screenshot:{}'.format(sha256_string)) diff --git a/bin/packages/Tag.py b/bin/packages/Tag.py index 4e86c2aa..f011bb41 100755 --- a/bin/packages/Tag.py +++ b/bin/packages/Tag.py @@ -355,7 +355,7 @@ def api_add_obj_tags(tags=[], galaxy_tags=[], object_id=None, object_type="item" return ({'status': 'error', 'reason': 'object_id id not found'}, 404) if not tags and not galaxy_tags: return ({'status': 'error', 'reason': 'Tags or Galaxy not specified'}, 400) - if object_type not in ('item', 'domain'): # # TODO: put me in another file + if object_type not in ('item', 'domain', 'image'): # # TODO: put me in another file return ({'status': 'error', 'reason': 'Incorrect object_type'}, 400) # remove empty tags diff --git a/var/www/blueprints/correlation.py b/var/www/blueprints/correlation.py index a6c4ade4..76c2254a 100644 --- a/var/www/blueprints/correlation.py +++ b/var/www/blueprints/correlation.py @@ -23,12 +23,14 @@ from Role_Manager import login_admin, login_analyst, login_read_only sys.path.append(os.path.join(os.environ['AIL_BIN'], 'lib')) import Correlate_object import Domain +import Screenshot import btc_ail sys.path.append(os.path.join(os.environ['AIL_BIN'], 'packages')) import Cryptocurrency import Pgp import Decoded +import Tag bootstrap_label = Flask_config.bootstrap_label vt_enabled = Flask_config.vt_enabled @@ -114,6 +116,8 @@ def get_card_metadata(object_type, correlation_id, type_id=None, expand_card=Fal elif object_type == 'domain': card_dict["icon"] = Correlate_object.get_correlation_node_icon(object_type, value=correlation_id) card_dict["tags"] = Domain.get_domain_tags(correlation_id) + elif object_type == 'screenshot': + card_dict["add_tags_modal"] = Tag.get_modal_add_tags(correlation_id, object_type='image') elif object_type == 'paste': card_dict["icon"] = Correlate_object.get_correlation_node_icon(object_type, value=correlation_id) return card_dict @@ -179,6 +183,10 @@ def show_correlation(): correlation_names = sanitise_correlation_names(request.args.get('correlation_names')) correlation_objects = sanitise_correlation_objects(request.args.get('correlation_objects')) + # # TODO: remove me, rename screenshot to image + if object_type == 'image': + object_type == 'screenshot' + # check if correlation_id exist if not Correlate_object.exist_object(object_type, correlation_id, type_id=type_id): abort(404) # return 404 diff --git a/var/www/templates/correlation/show_correlation.html b/var/www/templates/correlation/show_correlation.html index e0c5d6b3..67c0be09 100644 --- a/var/www/templates/correlation/show_correlation.html +++ b/var/www/templates/correlation/show_correlation.html @@ -53,7 +53,7 @@ pointer-events: auto; } - div.tooltip { + div.tooltip_graph { position: absolute; text-align: center; padding: 2px; @@ -99,6 +99,8 @@ {% include 'correlation/metadata_card_decoded.html' %} {% elif dict_object["object_type"] == "domain" %} {% include 'correlation/metadata_card_domain.html' %} + {% elif dict_object["object_type"] == "screenshot" %} + {% include 'correlation/metadata_card_screenshot.html' %} {% elif dict_object["object_type"] == "paste" %} {% include 'correlation/metadata_card_paste.html' %} {% endif %} @@ -127,18 +129,6 @@ - -
@@ -310,7 +300,7 @@ var zoom = d3.zoom() var color = d3.scaleOrdinal(d3.schemeCategory10); var div = d3.select("body").append("div") - .attr("class", "tooltip") + .attr("class", "tooltip_graph") .style("opacity", 0); var simulation = d3.forceSimulation() diff --git a/var/www/templates/tags/search_obj_by_tags.html b/var/www/templates/tags/search_obj_by_tags.html index 4f0261a1..b898a5cf 100644 --- a/var/www/templates/tags/search_obj_by_tags.html +++ b/var/www/templates/tags/search_obj_by_tags.html @@ -46,6 +46,8 @@ last check Domain status + {%elif dict_tagged["object_type"]=="image"%} + Image {%endif%} @@ -63,7 +65,7 @@
{% for tag in dict_obj['tags'] %} - + {{ tag }} {% endfor %} @@ -85,8 +87,24 @@ {% endfor %} + {%elif dict_tagged["object_type"]=="image"%} + {% for dict_obj in dict_tagged["tagged_obj"] %} + + + +
{{ dict_obj['id'] }}
+
+
+ {% for tag in dict_obj['tags'] %} + + {{ tag }} + + {% endfor %} +
+ + + {% endfor %} {% endif %} -