<!DOCTYPE html> <html> <head> <title>AIL-Framework</title> <link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png')}}"> <!-- Core CSS --> <link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/daterangepicker.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/tags.css') }}" rel="stylesheet"> <!-- JS --> <script src="{{ url_for('static', filename='js/jquery.js')}}"></script> <script src="{{ url_for('static', filename='js/popper.min.js')}}"></script> <script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script> <script src="{{ url_for('static', filename='js/tags.js') }}"></script> </head> <body> {% include 'nav_bar.html' %} <div class="container-fluid"> <div class="row"> {% include 'hunter/menu_sidebar.html' %} <div class="col-12 col-lg-10" id="core_content"> <div class="card my-3"> <div class="card-header bg-dark text-white"> <h5 class="card-title">{%if dict_tracker%}Edit a{%else%}Create a new{%endif%} Tracker</h5> </div> <div class="card-body"> <form action="{%if dict_tracker%}{{ url_for('hunters.tracker_edit') }}{%else%}{{ url_for('hunters.add_tracked_menu') }}{%endif%}" method='post'> {%if dict_tracker%} <input id="tracker_uuid" name="tracker_uuid" class="form-control" type="text" value="{{dict_tracker['uuid']}}" hidden> {%endif%} <div class="row"> <div class="col-12 col-xl-9"> <div class="input-group mb-2 mr-sm-2"> <div class="input-group-prepend"> <div class="input-group-text bg-secondary text-white"><i class="fas fa-at"></i></div> </div> <input id="mails" name="mails" class="form-control" placeholder="E-Mails Notification (optional, space separated)" type="text" {%if dict_tracker%}{%if dict_tracker['mails']%}value="{%for mail in dict_tracker['mails'] %}{{mail}} {%endfor%}"{%endif%}{%endif%}> </div> <div class="input-group mb-2 mr-sm-2"> <div class="input-group-prepend"> <div class="input-group-text bg-info text-white"><i class="fas fa-anchor"></i></div> </div> <input id="webhook" name="webhook" class="form-control" placeholder="Webhook URL" type="text" {%if dict_tracker%}{%if dict_tracker['webhook']%}value="{{dict_tracker['webhook']}}"{%endif%}{%endif%}> </div> <div class="input-group mb-2 mr-sm-2"> <div class="input-group-prepend"> <div class="input-group-text bg-info text-white"><i class="fas fa-pencil-alt"></i></div> </div> <input id="description" name="description" class="form-control" placeholder="Tracker Description (optional)" type="text" {%if dict_tracker%}{%if dict_tracker['description']%}value="{{dict_tracker['description']}}"{%endif%}{%endif%}> </div> <div class="card my-4"> <div class="card-header bg-info text-white"> <b>Objects to Track:</b> </div> <div class="card-body"> {# <div class="custom-control custom-switch mt-1">#} {# <input class="custom-control-input" type="checkbox" name="cve_obj" id="cve_obj" checked="">#} {# <label class="custom-control-label" for="cve_obj"><i class="fas fa-bug"></i> CVE</label>#} {# </div>#} {# <div class="custom-control custom-switch mt-1">#} {# <input class="custom-control-input" type="checkbox" name="crypto_obj" id="crypto_obj" checked="">#} {# <label class="custom-control-label" for="crypto_obj"><i class="fas fa-coins"></i> Cryptocurrency</label>#} {# </div>#} <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="decoded_obj" id="decoded_obj" {% if not dict_tracker['filters'] or 'decoded' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="decoded_obj"><i class="fas fa-lock-open"></i> Decoded <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Content that has been decoded from an encoded format, such as base64"></i></label> </div> {# <div class="custom-control custom-switch mt-1">#} {# <input class="custom-control-input" type="checkbox" name="domain_obj" id="domain_obj" checked="">#} {# <label class="custom-control-label" for="domain_obj"><i class="fas fa-spider"></i> Domain</label>#} {# </div>#} <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="item_obj" id="item_obj" {% if not dict_tracker['filters'] or 'item' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="item_obj"><i class="fas fa-file"></i> Item <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Text that has been processed by AIL. It can include various types of extracted information"></i></label> </div> <div class="card border-dark mb-4" id="sources_item_div"> <div class="card-body"> <h5>Filter Item by sources</h5> <div class="input-group mb-2 mr-sm-2"> <div class="input-group-prepend"> <div class="input-group-text bg-dark text-white"><i class="fas fa-folder"></i></div> </div> <input id="sources_item" class="form-control" type="text" name="sources_item" placeholder="Item Sources to track (ALL IF EMPTY)" autocomplete="off"> </div> </div> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="pgp_obj" id="pgp_obj" {% if not dict_tracker['filters'] or 'pgp' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="pgp_obj"><i class="fas fa-key"></i> PGP <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="PGP key/block metadata"></i></label> </div> <div class="card border-dark mb-4" id="sources_pgp_div"> <div class="card-body"> <h6>Filter PGP by subtype:</h6> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="filter_pgp_name" id="filter_pgp_name" {% if not dict_tracker['filters'] %}checked=""{% endif %} {% if 'pgp' in dict_tracker['filters'] %}{% if not 'subtypes' in dict_tracker['filters']['pgp'] %}checked=""{% else %}{% if 'name' in dict_tracker['filters']['pgp']['subtypes'] %}checked=""{% endif %}{% endif %}{% endif %}> <label class="custom-control-label" for="filter_pgp_name"> <svg height="26" width="26"> <g class="nodes"> <circle cx="13" cy="13" r="13" fill="#44AA99"></circle> <text x="13" y="13" text-anchor="middle" dominant-baseline="central" class="graph_node_icon fas" font-size="16px"></text> </g> </svg> name </label> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="filter_pgp_mail" id="filter_pgp_mail" {% if not dict_tracker['filters'] %}checked=""{% endif %} {% if 'pgp' in dict_tracker['filters'] %}{% if not 'subtypes' in dict_tracker['filters']['pgp'] %}checked=""{% else %}{% if 'mail' in dict_tracker['filters']['pgp']['subtypes'] %}checked=""{% endif %}{% endif %}{% endif %}> <label class="custom-control-label" for="filter_pgp_mail"> <svg height="26" width="26"> <g class="nodes"> <circle cx="13" cy="13" r="13" fill="#44AA99"></circle> <text x="13" y="13" text-anchor="middle" dominant-baseline="central" class="fas" font-size="16px"></text> </g> </svg> mail </label> </div> </div> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="title_obj" id="title_obj" {% if not dict_tracker['filters'] or 'title' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="title_obj"><i class="fas fa-heading"></i> Title <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Title that has been extracted from a HTML page"></i></label> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="message_obj" id="message_obj" {% if not dict_tracker['filters'] or 'message' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="message_obj"><i class="fas fa-comment-dots"></i> Message <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Messages from Chats"></i></label> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="qrcode_obj" id="qrcode_obj" {% if not dict_tracker['filters'] or 'qrcode' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="qrcode_obj"><i class="fas fa-qrcode"></i> Qrcode <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Qcodes Extracted from Images ans Screenshots"></i></label> </div> <div class="custom-control custom-switch mt-1"> <input class="custom-control-input" type="checkbox" name="ocr_obj" id="ocr_obj" {% if not dict_tracker['filters'] or 'ocr' in dict_tracker['filters'] %}checked=""{% endif %}> <label class="custom-control-label" for="ocr_obj"><i class="fas fa-expand"></i> OCR <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Text extracted from Images"></i></label> </div> {# <div class="custom-control custom-switch mt-1">#} {# <input class="custom-control-input" type="checkbox" name="level" id="screenshot_obj" checked="">#} {# <label class="custom-control-label" for="screenshot_obj"><i class="fas fa-image"></i> Screenshot</label>#} {# </div>#} {# <div class="custom-control custom-switch mt-1">#} {# <input class="custom-control-input" type="checkbox" name="level" id="username_obj" checked="">#} {# <label class="custom-control-label" for="username_obj"><i class="fas fa-user"></i> Username</label>#} {# </div>#} {# <li class="list-group-item text-left">#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="CveCheck" name="CveCheck" checked="">#} {# <label class="form-check-label" for="CveCheck"><i class="fas fa-bug"></i> Cve</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="CryptocurrencyCheck" name="CryptocurrencyCheck" checked="">#} {# <label class="form-check-label" for="CryptocurrencyCheck"><i class="fas fa-coins"></i> Cryptocurrency</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="DecodedCheck" name="DecodedCheck" checked="">#} {# <label class="form-check-label" for="DecodedCheck"><i class="fas fa-lock-open"></i> Decoded</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="ScreenshotCheck" name="ScreenshotCheck" checked="">#} {# <label class="form-check-label" for="ScreenshotCheck"><i class="fas fa-image"></i> Screenshot</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="PgpCheck" name="PgpCheck" checked="">#} {# <label class="form-check-label" for="PgpCheck"><i class="fas fa-key"></i> PGP</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="UsernameCheck" name="UsernameCheck" checked="">#} {# <label class="form-check-label" for="UsernameCheck"><i class="fas fa-user"></i> Username</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="DomainCheck" name="DomainCheck" checked="">#} {# <label class="form-check-label" for="DomainCheck"><i class="fas fa-spider"></i> Domain</label>#} {# </div>#} {# <div class="form-check">#} {# <input class="form-check-input" type="checkbox" value="True" id="ItemCheck" name="ItemCheck" checked="">#} {# <label class="form-check-label" for="ItemCheck"><i class="fas fa-user"></i> Item</label>#} {# </div>#} {##} {# </li>#} </div> </div> <div class="card my-4"> <div class="card-header bg-secondary text-white"> <b>Tags</b> </div> <div class="card-body"> <div class="input-group mb-2 mr-sm-2"> <div class="input-group-prepend"> <div class="input-group-text bg-danger text-white"><i class="fas fa-tag"></i></div> </div> <input id="tags" name="tags" class="form-control" placeholder="Custom Tags (optional, space separated)" type="text" {%if dict_tracker%}{%if dict_tracker['tags']%}value="{%for tag in dict_tracker['tags']%}{{tag}} {%endfor%}"{%endif%}{%endif%}> </div> {% include 'tags/block_tags_selector.html' %} </div> </div> </div> <div class="col-12 col-xl-3"> <label class="mt-3" for="level_selector">View Level</label> <select class="custom-select" id="level_selector" name="level"> {% if dict_tracker %} <option value="1" {% if dict_tracker['level'] == 1 %}selected{% endif %}><i class="fas fa-users"></i> Global</option> <option value="2" {% if dict_tracker['level'] == 2 %}selected{% endif %}><i class="fas fa-landmark"></i> My Organisation</option> <option value="0" {% if dict_tracker['level'] == 0 %}selected{% endif %}><i class="fas fa-user"></i> My User</option> {% else %} <option value="1" selected><i class="fas fa-users"></i> Global</option> <option value="2"><i class="fas fa-landmark"></i> My Organisation</option> <option value="0"><i class="fas fa-user"></i> My User</option> {% endif %} </select> </div> </div> <hr> <h4>Tracker Type:</h4> <select id="tracker_type" name="tracker_type" class="custom-select w-25 mb-3"> <option disabled selected value> -- Select a tracker type -- </option> <option value="word">Word</option> <option value="set">Set</option> <option value="regex">Regex</option> <option value="yara">YARA rule</option> <option value="typosquatting">Typo-squatting</option> </select> <p id="tracker_desc">Terms to track (space separated)</p> <div class="row" id="simple_input"> <div class="col-12 col-lg-10"> <input id="tracker" name="tracker" class="form-control" placeholder="Terms to track (space separated)" type="text" {%if dict_tracker%}{%if dict_tracker['type'] != 'yara' and dict_tracker['type'] != 'typosquatting'%}value="{{dict_tracker['tracked']}}"{%endif%}{%endif%}> </div> <div class="col-12 col-lg-2"> <input type="number" id="nb_word" name="nb_word" name="quantity" min="1" placeholder="Nb of keywords" {%if dict_tracker%}{%if dict_tracker['nb_words']%}value="{{dict_tracker['nb_words']}}"{%endif%}{%endif%}> </div> </div> <div class="mb-2" id="yara_rule"> <div class="" id="yara_default_rules"> <h6>Default YARA rules:</h6> <select class="custom-select w-100 mb-3" id="yara_default_rule" name="yara_default_rule" onchange="get_default_rule_content(this);"> <option selected>Select a default rule</option> {% for yara_types in all_yara_files %} {% for yara_file_name in all_yara_files[yara_types] %} <option value="{{yara_types}}/{{yara_file_name}}">{{yara_types}} - {{yara_file_name}}</option> {% endfor %} {% endfor %} </select> <pre class="border bg-light" id="default_yara_rule_content"></pre> </div> <hr> <h6>Custom YARA rules:</h6> <div class="row" id="textarea"> <textarea class="form-control mx-3" id="text_input" name="yara_custom_rule" placeholder="Enter your own YARA rule" rows="5">{%if dict_tracker%}{%if dict_tracker['type']=='yara' and dict_tracker['content']%}{{dict_tracker['content']}}{%endif%}{%endif%}</textarea> </div> </div> <br> <button class="btn btn-success mt-2"> <i class="fas fa-plus"></i> {%if dict_tracker%}Edit{%else%}Create{%endif%} Tracker </button> </form> </div> </div> </div> </div> </div> </body> <script> var ltags; var chart = {}; $(document).ready(function(){ $("#page-Tracker").addClass("active"); $("#nav_manual_crawler").addClass("active"); $("#tracker_desc").hide(); $("#tracker").hide(); $("#nb_word").hide(); $("#yara_rule").hide(); sources_item = $('#sources_item').tagSuggest({ data: {{all_sources|safe}}, {%if dict_tracker%}{%if dict_tracker['filters']%}{%if dict_tracker['filters']['item']%}{%if dict_tracker['filters']['item']['sources']%}value: {{dict_tracker['filters']['item']['sources']|safe}},{%endif%}{%endif%}{%endif%}{%endif%} sortOrder: 'name', maxDropHeight: 200, name: 'sources_item', emptyText: 'Item Sources to track (ALL IF EMPTY)', }); item_source_input_controller(); pgp_source_input_controller(); $('#tracker_type').on('change', function() { var tracker_type = this.value; if (tracker_type=="word") { $("#tracker_desc").text("Token to track. You need to use a regex if you want to use one of the following special characters [<>~!?@#$%^&*|()_-+={}\":;,.\'\n\r\t]/\\ "); $("#tracker_desc").show(); $("#tracker").show(); $("#nb_word").hide(); $("#yara_rule").hide(); } else if (tracker_type=="set") { $("#tracker_desc").text("Set of Terms to track (space separated). This tracker is used to check if an item contain one or more terms specified in a set. If an item contain NB unique terms (by default NB of unique keywords = 1), this tracker is triggered. You need to use a regex if you want to use one of the following special characters [<>~!?@#$%^&*|()_-+={}\":;,.\'\n\r\t]/\\ "); $("#tracker_desc").show(); $("#tracker").show(); $("#nb_word").show(); $("#yara_rule").hide(); } else if (tracker_type=="regex") { $("#tracker_desc").text("Enter a valid Python regex"); $("#tracker_desc").show(); $("#tracker").show(); $("#nb_word").hide(); $("#yara_rule").hide(); } else if (tracker_type=="yara") { $("#tracker_desc").text("Select a default yara rule or create your own rule:"); $("#tracker_desc").show(); $("#tracker").hide(); $("#nb_word").hide(); $("#yara_rule").show(); } else if (tracker_type=="typosquatting") { $("#tracker_desc").text("Generation of variation for domain name. Only one domain name at a time."); $("#tracker_desc").show(); $("#tracker").show(); $("#nb_word").hide(); $("#yara_rule").hide(); } }); {%if dict_tracker%} $('#tracker_type').val('{{dict_tracker['type']}}').change(); {%if dict_tracker['type']=='yara'%} {% if dict_tracker['tracked'][0:21] == 'ail-yara-rules/rules/' %} $('#yara_default_rule').val('{{dict_tracker['tracked'][21:]}}').change(); {%endif%} {%endif%} {%endif%} $('#item_obj').on("change", function () { item_source_input_controller(); }); $('#pgp_obj').on("change", function () { pgp_source_input_controller(); }); }); $(function () { $('[data-toggle="tooltip"]').tooltip() }) function toggle_sidebar(){ if($('#nav_menu').is(':visible')){ $('#nav_menu').hide(); $('#side_menu').removeClass('border-right') $('#side_menu').removeClass('col-lg-2') $('#core_content').removeClass('col-lg-10') }else{ $('#nav_menu').show(); $('#side_menu').addClass('border-right') $('#side_menu').addClass('col-lg-2') $('#core_content').addClass('col-lg-10') } } function item_source_input_controller() { if($('#item_obj').is(':checked')){ $("#sources_item_div").show(); }else{ $("#sources_item_div").hide(); } } function pgp_source_input_controller() { if($('#pgp_obj').is(':checked')){ $("#sources_pgp_div").show(); }else{ $("#sources_pgp_div").hide(); } } function get_default_rule_content(selector){ var yara_name = selector.value if (yara_name === "Select a default rule") { jQuery("#default_yara_rule_content").text("") } else { $.getJSON("{{ url_for('hunters.get_default_yara_rule_content') }}?rule=" + yara_name, function(data) { jQuery("#default_yara_rule_content").text(data['content']) }); } } </script>