def test_escape():
"""
Test `prewikka.utils.html.escape()`.
"""
assert text_type(escape(None)) == ''
assert text_type(escape('')) == ''
assert text_type(escape('foo')) == 'foo'
assert text_type(escape('foo bar')) == 'foo bar'
assert text_type(escape('<script>alert();</script>')
) == '<script>alert();</script>'
def getUrlLink(self, name, url=None):
if not name:
return None
if not url:
if name.find("http://") != -1:
url = name
elif re.compile("\.[^\s]+\.[^\s+]").search(name):
url = "http://" + name
else:
return name
return resource.HTMLSource(
'<a target="%s" href="%s">%s</a>' %
(env.external_link_target, html.escape(url), html.escape(name)))
def buildAlertIdent(self, alert, parent):
calist = {}
for alertident in parent["alertident"]:
# IDMEF draft 14 page 27
# If the "analyzerid" is not provided, the alert is assumed to have come
# from the same analyzer that is sending the Alert.
analyzerid = alertident["analyzerid"]
if not analyzerid:
for a in alert["analyzer"]:
if a["analyzerid"]:
analyzerid = a["analyzerid"]
break
if not analyzerid in calist:
calist[analyzerid] = []
calist[analyzerid].append(alertident["alertident"])
idx = 1
for analyzerid in calist.keys():
content = ""
missing = 0
for ident in calist[analyzerid]:
criteria = Criterion("alert.analyzer.analyzerid", "=",
analyzerid) & Criterion(
"alert.messageid", "=", ident)
results = env.dataprovider.get(criteria)
if len(results) == 0:
missing += 1
#content += "<li>" + _("Invalid 'analyzerid:messageid' pair, '%(analyzerid):%(messageid)'") % { "analyzerid": analyzerid, "messageid": ident } + "</li>"
else:
alert = results[0]["alert"]
link = url_for(".", analyzerid=analyzerid, messageid=ident)
content += '<li><a class="widget-link" title="%s" href="%s">%s</a></li>' % (
_("Alert details"), link,
html.escape(alert["classification.text"]))
if missing > 0:
content += "<li>" + (
_("%d linked alerts missing (probably deleted)") %
missing) + "</li>"
self.newTableCol(
idx,
resource.HTMLSource(
"<ul style='padding: 0px; margin: 0px 0px 0px 10px;'>%s</ul>"
% content))
self.buildAnalyzer(alert["analyzer(-1)"])
self.newTableRow()
idx += 1
def update(self):
data = self._get_plugin_infos()
env.request.web.send_stream(json.dumps(
{"total": data.maintenance_total}),
event="begin",
sync=True)
for mod, fromversion, uplist in itertools.chain.from_iterable(
data.maintenance.values()):
for upscript in uplist:
if isinstance(upscript, Exception):
continue
label = _("Applying %(module)s %(script)s...") % {
'module': mod.full_module_name,
'script': text_type(upscript)
}
env.request.web.send_stream(json.dumps({
"label":
html.escape(label),
'module':
html.escape(mod.full_module_name),
'script':
html.escape(text_type(upscript))
}),
sync=True)
try:
upscript.apply()
except Exception as e:
env.request.web.send_stream(json.dumps({
"logs":
"\n".join(html.escape(x) for x in upscript.query_logs),
"error":
html.escape(text_type(e))
}),
sync=True)
else:
env.request.web.send_stream(json.dumps({
"logs":
"\n".join(html.escape(x) for x in upscript.query_logs),
"success":
True
}),
sync=True)
env.request.web.send_stream(data=json.dumps(
{"label": _("All updates applied")}),
event="finish",
sync=True)
env.request.web.send_stream("close", event="close")
env.db.trigger_plugin_change()
def buildAdditionalData(self,
alert,
ignore=[],
ignored={},
ip_options=[],
tcp_options=[]):
self.beginSection(_("Additional data"))
self.beginTable()
self.newTableCol(0, _("Meaning"), header=True)
self.newTableCol(0, _("Value"), header=True)
index = 1
for ad in alert["additional_data"]:
value = None
meaning = ad["meaning"]
if meaning == "ip_option_code":
ip_options.append((ad["data"], 0, None))
ignored[meaning] = ""
if meaning == "ip_option_data":
data = ad["data"]
ip_options[-1] = (ip_options[-1][0], len(data), data)
ignored[meaning] = ""
if meaning == "tcp_option_code":
tcp_options.append((ad["data"], 0, None))
ignored[meaning] = ""
if meaning == "tcp_option_data":
data = ad["data"]
tcp_options[-1] = (tcp_options[-1][0], len(data), data)
ignored[meaning] = ""
if ad["data"] != None:
value = ad["data"]
if ad["type"] == "byte-string" and meaning != "payload":
value = utils.hexdump(value)
for field in ignore:
if meaning != None and meaning == field[0]:
ignored[meaning] = value
break
links = []
for url, text in hookmanager.trigger(
"HOOK_ALERTSUMMARY_MEANING_LINK", alert, meaning, value):
if url:
links.append("<a target='%s' href='%s'>%s</a>" % \
(env.external_link_target, html.escape(url), html.escape(text)))
if links:
meaning = "<a class='popup_menu_toggle'>%s</a><span class='popup_menu'>%s</span>" % \
(html.escape(meaning), "".join(links))
if not meaning in ignored:
self.newTableCol(
index, resource.HTMLSource(meaning or "Data content"))
self.newTableCol(index, html.escape(value) if value else None)
index += 1
self.endTable()
self.endSection()
def render(self, analyzerid=None, messageid=None):
MessageSummary.render(self)
alert = env.dataprovider.get(
getUriCriteria("alert", analyzerid, messageid))[0]["alert"]
env.request.dataset["sections"] = []
self.beginSection(self.getSectionName(alert))
self.buildTime(alert)
self.beginTable()
self.newTableEntry(_("MessageID"), alert["messageid"])
self.endTable()
self.beginTable()
self.buildClassification(alert)
self.buildImpact(alert)
self.endTable()
self.beginSection(_("Actions"))
for action in alert["assessment.action"]:
self.buildAction(action)
self.endSection()
self.buildCorrelationAlert(alert)
self.buildToolAlert(alert)
self.buildReference(alert)
self.beginSection(_("Analyzer #%d") % (len(alert["analyzer"]) - 1))
self.buildAnalyzer(alert["analyzer(-1)"])
self.buildAnalyzerList(alert)
self.endSection()
self.endSection()
self.buildSourceTarget(alert)
ip = self.buildIpHeaderTable(alert)
tcp = self.buildTcpHeaderTable(alert)
udp = self.buildUdpHeaderTable(alert)
icmp = self.buildIcmpHeaderTable(alert)
data = self.buildPayloadTable(alert)
ignored_value = {}
ip_options = []
tcp_options = []
group = ip.field_list + tcp.field_list + udp.field_list + icmp.field_list + data.field_list
self.buildAdditionalData(alert,
ignore=group,
ignored=ignored_value,
ip_options=ip_options,
tcp_options=tcp_options)
if len(ignored_value.keys()) > 0:
def blah(b):
if b >= 32 and b < 127:
return chr(b)
else:
return "."
self.beginSection(_("Network centric information"))
self.beginTable(cl="table-borderless")
ip.render_table(self, "IP", ignored_value)
self.ipOptionRender(ip_options)
tcp.render_table(self, "TCP", ignored_value)
self.tcpOptionRender(tcp_options)
udp.render_table(self, "UDP", ignored_value)
icmp.render_table(self, "ICMP", ignored_value)
if "payload" in ignored_value:
val = {}
payload = html.escape(utils.hexdump(
ignored_value["payload"])).replace(
" ", resource.HTMLSource(" "))
val["payload"] = resource.HTMLSource(
"<span class='fixed'>%s</span>" % payload)
data.render_table(self, _("Payload"), val)
pset = set(string.printable)
payload = ''.join((i if i in pset else '.'
for i in ignored_value["payload"]))
val["payload"] = resource.HTMLSource(
"<div style='overflow: auto;'>%s</div>" %
html.escape(payload).replace("\n",
resource.HTMLSource("<br/>")))
data.render_table(self, _("ASCII Payload"), val)
self.endTable()
self.endSection()
def buildAlertIdent(self, alert, parent):
calist = {}
for alertident in parent["alertident"]:
# IDMEF draft 14 page 27
# If the "analyzerid" is not provided, the alert is assumed to have come
# from the same analyzer that is sending the Alert.
analyzerid = alertident["analyzerid"]
if not analyzerid:
for a in alert["analyzer"]:
if a["analyzerid"]:
analyzerid = a["analyzerid"]
break
calist.setdefault(analyzerid, []).append(alertident["alertident"])
for idx, (analyzerid, idents) in enumerate(calist.items()):
content = ""
results = []
total = 0
step = 50
limit = min(len(idents), 500)
for i in range(0, limit, step):
# FIXME #3250, #3251
# We execute several queries to avoid recursion errors
criteria = Criterion()
for ident in idents[i:i+step]:
criteria |= self._get_alert_ident_criterion(analyzerid, ident)
results.append(env.dataprovider.query(["alert.messageid", "alert.classification.text"], criteria))
for ident, classif in itertools.chain(*results):
link = url_for(".render", analyzerid=analyzerid, messageid=ident)
content += '<li><a title="%s" href="%s">%s</a></li>' % (_("Alert details"), link, html.escape(classif))
total += 1
missing = limit - total
if missing > 0:
content += "<li>" + (_("%d linked alerts missing (probably deleted)") % missing) + "</li>"
omitted = len(idents) - limit
if omitted > 0:
content += "<li>" + (_("%d linked alerts omitted") % omitted) + "</li>"
self.newTableCol(idx + 1, resource.HTMLSource("<ul style='padding: 0px; margin: 0px 0px 0px 10px;'>%s</ul>" % content))
linked_alerts = env.dataprovider.get(self._get_alert_ident_criterion(analyzerid, idents[0]))
if linked_alerts:
self.buildAnalyzer(linked_alerts[0]["alert.analyzer(-1)"])
else:
self.newTableCol(1, None)
self.newTableRow()
def buildAdditionalData(self, msg, ptype, ignore=[], ignored={}, ip_options=[], tcp_options=[]):
self.beginSection(_("Additional data"))
self.beginTable()
self.newTableCol(0, _("Meaning"), header=True)
self.newTableCol(0, _("Value"), header=True)
index = 1
for ad in msg["additional_data"]:
value = None
meaning = ad["meaning"]
if meaning == "ip_option_code":
ip_options.append((ad["data"], 0, None))
ignored[meaning] = ""
if meaning == "ip_option_data":
data = ad["data"]
ip_options[-1] = (ip_options[-1][0], len(data), data)
ignored[meaning] = ""
if meaning == "tcp_option_code":
tcp_options.append((ad["data"], 0, None))
ignored[meaning] = ""
if meaning == "tcp_option_data":
data = ad["data"]
tcp_options[-1] = (tcp_options[-1][0], len(data), data)
ignored[meaning] = ""
if ad["data"] is not None:
value = ad["data"]
if ad["type"] == "byte-string" and meaning != "payload":
value = html.escape(utils.hexdump(value)).replace(" ", resource.HTMLSource(" "))
value = resource.HTMLSource("<span class='fixed'>%s</span>" % value)
for field in ignore:
if meaning is not None and meaning == field[0]:
ignored[meaning] = value
break
links = resource.HTMLSource()
for obj in filter(None, hookmanager.trigger("HOOK_%sSUMMARY_MEANING_LINK" % ptype.upper(), msg, meaning, value)):
links += obj
if links:
meaning = resource.HTMLNode("a", meaning, **{
"data-toggle": "popover",
"data-placement": "bottom",
"data-html": "true",
"data-content": '<span class="popup-menu">%s</span>' % links,
"data-template": POPOVER_HTML,
})
if meaning not in ignored:
self.newTableCol(index, resource.HTMLSource(meaning or "Data content"))
self.newTableCol(index, html.escape(value) if value is not None else None)
index += 1
self.endTable()
self.endSection()
