Skip to content

Commit

Permalink
Merge pull request #210 from Security-Tools-Alliance/modal-fix
Browse files Browse the repository at this point in the history 
refactor: update modal handling and improve CMS detection
  • Loading branch information
@AnonymousWP
AnonymousWP authored Sep 30, 2024
2 parents 185ccbb + a8fc5f9 commit 9518579
Show file tree
Hide file tree
Showing 15 changed files with 151 additions and 150 deletions.
2 changes: 1 addition & 1 deletion web/recon_note/templates/note/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ <h5 class="">Add to-do</h5>
<div class="modal-footer">
<button class="btn add-tsk">Add to-do</button>
<button class="btn edit-tsk">Save</button>
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
</div>
</div>
</div>
Expand Down
20 changes: 10 additions & 10 deletions web/scanEngine/static/scanEngine/js/custom_tools.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ function load_gf_template(pattern_name){
$.getJSON(`/api/getFileContents?gf_pattern&name=${pattern_name}&format=json`, function(response) {
swal.close();
if (response.status) {
$('#modal_title').empty();
$('#modal-content').empty();
$("#modal-footer").empty();
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$("#modal_dialog .modal-footer").empty();

$('#modal_title').html(`GF Pattern ` + htmlEncode(pattern_name));
$('#modal_dialog .modal-title').html(`GF Pattern ` + htmlEncode(pattern_name));

$('#modal-content').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog .modal-text').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog').modal('show');
}
else{
Expand All @@ -38,13 +38,13 @@ function load_nuclei_template(pattern_name){
$.getJSON(`/api/getFileContents?nuclei_template&name=${pattern_name}&format=json`, function(response) {
swal.close();
if (response.status) {
$('#modal_title').empty();
$('#modal-content').empty();
$("#modal-footer").empty();
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$("#modal_dialog .modal-footer").empty();

$('#modal_title').html(`Nuclei Template: ` + htmlEncode(pattern_name));
$('#modal_dialog .modal-title').html(`Nuclei Template: ` + htmlEncode(pattern_name));

$('#modal-content').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog .modal-text').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog').modal('show');
}
else{
Expand Down
6 changes: 3 additions & 3 deletions web/scanEngine/templates/scanEngine/settings/llm_toolkit.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,9 +158,9 @@ <h4 class="mt-0">
}

function showAddNewModelModal(){
$('#modal_title').html('Add new LLM Model');
$('#modal-content').empty();
$('#modal-content').append(`
$('#modal_dialog .modal-title').html('Add new LLM Model');
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`
<p>You can find the list of supported models in <a href="https://ollama.com/library" target="_blank">Ollama Library</a></p>
<p>We recommend using llama2-uncensored model for better results.</p>
<div class="mb-3">
Expand Down
105 changes: 54 additions & 51 deletions web/startScan/static/startScan/js/detail_scan.js
View file

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions web/startScan/templates/startScan/detail_scan.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2375,11 +2375,11 @@ <h4 class="header-title mb-0"><span id="endpoint_change_count"><span class="spin
<div class="btn-group mt-2">
<button type="button" data-toggle="tooltip" data-placement="top" title="Show Attack Surface" class="btn btn-primary me-1 bs-tooltip" onclick="show_attack_surface_modal('{% url 'api:gpt_get_possible_attacks' %}', ${row['id']})"><i class="fe-eye"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Further Scan Subdomain" class="btn btn-primary btn-scan-subdomain me-1" id="${row['id']}"><i class="fe-zap"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}')"><i class="fe-file-plus"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}', '{{current_project.slug}}')"><i class="fe-file-plus"></i></button>
<button class="btn btn-primary me-1 dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"><i class="mdi mdi-dots-horizontal"></i></button>
<div class="dropdown-menu dropdown-menu-end">
<a class="dropdown-item" href="#" onclick="mark_important_subdomain('{% url 'api:toggle_subdomain' %}', this, ${row['id']})" id="${row['id']}"><i class="mdi mdi-alert-rhombus-outline me-2 text-muted font-18 vertical-middle"></i>Mark Important Subdomain</a>
<a class="dropdown-item" href="#" onclick="detect_subdomain_cms('${cms_detector_http_url}', ${row['http_status']})"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="dropdown-item detect_subdomain_cms_link" href="#" data-http-status="${row['http_status']}" data-cms-url="${cms_detector_http_url}" data-url="{% url 'api:cms_detector' %}"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="text-danger dropdown-item btn-delete-subdomain" href="#" id="${row['id']}"><i class="text-danger mdi mdi-delete-forever-outline me-2 font-18 vertical-middle"></i>Delete Subdomain</a>
</div>
</div>
Expand Down
4 changes: 2 additions & 2 deletions web/startScan/templates/startScan/subdomains.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,11 +286,11 @@
<div class="btn-group mt-2">
<button type="button" data-toggle="tooltip" data-placement="top" title="Show Attack Surface" class="btn btn-primary me-1 bs-tooltip" onclick="show_attack_surface_modal('{% url 'api:gpt_get_possible_attacks' %}', ${row['id']})"><i class="fe-eye"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Further Scan Subdomain" class="btn btn-primary btn-scan-subdomain me-1 bs-tooltip" id="${row['id']}"><i class="fe-zap"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1 bs-tooltip" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}')"><i class="fe-file-plus"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1 bs-tooltip" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}', '{{current_project.slug}}')"><i class="fe-file-plus"></i></button>
<button class="btn btn-primary me-1 dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"><i class="mdi mdi-dots-horizontal"></i></button>
<div class="dropdown-menu dropdown-menu-end">
<a class="dropdown-item" href="#" onclick="mark_important_subdomain('{% url 'api:toggle_subdomain' %}', this, ${row['id']})" id="${row['id']}"><i class="mdi mdi-alert-rhombus-outline me-2 text-muted font-18 vertical-middle"></i>Mark Important Subdomain</a>
<a class="dropdown-item" href="#" onclick="detect_subdomain_cms('${cms_detector_http_url}', ${row['http_status']})"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="dropdown-item detect_subdomain_cms_link" href="#" data-http-status="${row['http_status']}" data-cms-url="${cms_detector_http_url}" data-url="{% url 'api:cms_detector' %}"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="text-danger dropdown-item btn-delete-subdomain" href="#" id="${row['id']}"><i class="text-danger mdi mdi-delete-forever-outline me-2 font-18 vertical-middle"></i>Delete Subdomain</a>
</div>
</div>
Expand Down
60 changes: 30 additions & 30 deletions web/static/custom/custom.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1431,9 +1431,9 @@ function get_and_render_subscan_history(endpoint, subdomain_id, subdomain_name)
return response.json();
}).then(function(data) {
if (data['status']) {
$('#modal_title').html('Subscan History for subdomain ' + subdomain_name);
$('#modal-content').empty();
$('#modal-content').append(`<div id="subscan_history_table"></div>`);
$('#modal_dialog .modal-title').html('Subscan History for subdomain ' + subdomain_name);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`<div id="subscan_history_table"></div>`);

$('#subscan_history_table').empty();

Expand Down Expand Up @@ -1604,8 +1604,8 @@ function get_domain_whois(whoisLookupUrl, domain_name, addTargetUrl, project_slu
function display_whois_on_modal(response, addTargetUrl, project_slug, show_add_target_btn=false) {
// this function will display whois data on modal, should be followed after get_domain_whois()
$('#whoisLookupResultModal').modal('show');
$('#whoisLookupResultModal #modal-content').empty();
$("#whoisLookupResultModal #modal-footer").empty();
$('#whoisLookupResultModal .modal-body').empty();
$("#whoisLookupResultModal .modal-footer").empty();

content = `
<div class="row mt-3">
Expand Down Expand Up @@ -1925,7 +1925,7 @@ function display_whois_on_modal(response, addTargetUrl, project_slug, show_add_t
</div>`
}

$('#whoisLookupResultModal #modal-content').append(content);
$('#whoisLookupResultModal .modal-body').append(content);
$('[data-toggle="tooltip"]').tooltip();

}
Expand Down Expand Up @@ -2211,12 +2211,12 @@ function get_ip_details(endpoint_port_url, endpoint_subdomain_url, ip_address, s
var subdomain_loader = `<span class="inner-div spinner-border text-primary align-self-center loader-sm" id="subdomain-modal-loader"></span>`;

// add tab modal title
$('#modal_title').html('Details for IP: <b>' + ip_address + '</b>');
$('#modal_dialog .modal-title').html('Details for IP: <b>' + ip_address + '</b>');

$('#modal-content').empty();
$('#modal_dialog .modal-text').empty();
$('#modal-tabs').empty();

$('#modal-content').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);
$('#modal_dialog .modal-text').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);

$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#modal_content_port" aria-expanded="true"><span id="modal-open-ports-count"></span>Open Ports &nbsp;${port_loader}</a></li>`);
$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#modal_content_subdomain" aria-expanded="false"><span id="modal-subdomain-count"></span>Subdomains &nbsp;${subdomain_loader}</a></li>`)
Expand Down Expand Up @@ -2297,13 +2297,13 @@ function get_port_details(endpoint_ip_url, endpoint_subdomain_url, port, scan_id
var ip_spinner = `<span class="spinner-border spinner-border-sm me-1" id="ip-modal-loader"></span>`;
var subdomain_spinner = `<span class="spinner-border spinner-border-sm me-1" id="subdomain-modal-loader"></span>`;

$('#modal_title').html('Details for Port: <b>' + port + '</b>');
$('#modal_dialog .modal-title').html('Details for Port: <b>' + port + '</b>');

$('#modal-content').empty();
$('#modal_dialog .modal-text').empty();
$('#modal-tabs').empty();


$('#modal-content').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);
$('#modal_dialog .modal-text').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);

$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#modal_content_ip" aria-expanded="true"><span id="modal-ip-count"></span>IP Address&nbsp;${ip_spinner}</a></li>`);
$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#modal_content_subdomain" aria-expanded="false"><span id="modal-subdomain-count"></span>Subdomains&nbsp;${subdomain_spinner}</a></li>`)
Expand Down Expand Up @@ -2375,17 +2375,17 @@ function get_tech_details(endpoint_subdomain_url, tech, scan_id=null, domain_id=

var interesting_badge = `<span class="m-1 badge badge-soft-danger bs-tooltip" title="Interesting Subdomain">Interesting</span>`;
// render tab modal
$('.modal-title').html('Details for Technology: <b>' + tech + '</b>');
$('#modal_dialog .modal-title').html('Details for Technology: <b>' + tech + '</b>');
$('#modal_dialog').modal('show');

$('.modal-text').empty();
$('#modal-footer').empty();
$('.modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-primary align-self-center loader-sm"></span></div>`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-primary align-self-center loader-sm"></span></div>`);
// query subdomains
$.getJSON(url, function(data) {
$('#modal-loader').empty();
$('#modal-content').empty();
$('#modal-content').append(`${data['subdomains'].length} Subdomains are using ${tech}`);
$('#modal_dialog #modal-loader').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`${data['subdomains'].length} Subdomains are using ${tech}`);
const subdomainList = $('<ul></ul>');
for (subdomain in data['subdomains']){
subdomain_obj = data['subdomains'][subdomain];
Expand All @@ -2408,11 +2408,11 @@ function get_tech_details(endpoint_subdomain_url, tech, scan_id=null, domain_id=
}

}
$("#modal-content").append(subdomainList);
$("#modal-content").append(`<span class="float-end text-danger">*Subdomains highlighted are 40X HTTP Status</span>`);
$("#modal_dialog .modal-text").append(subdomainList);
$("#modal_dialog .modal-text").append(`<span class="float-end text-danger">*Subdomains highlighted are 40X HTTP Status</span>`);
$("#subdomain-modal-loader").remove();
}).fail(function(){
$('#modal-loader').empty();
$('#modal_dialog #modal-loader').empty();
});
}

Expand Down Expand Up @@ -3195,10 +3195,10 @@ async function fetch_gpt_vuln_details(endpoint_url, id, title) {


function render_gpt_vuln_modal(data, title){
$('#modal-title').empty();
$('#modal-content').empty();
$('#modal-footer').empty();
$('#modal_title').html(`Vulnerability detail for ${title}`);
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-title').html(`Vulnerability detail for ${title}`);

var modal_content = `
<h4>Description</h4>
Expand All @@ -3217,7 +3217,7 @@ function render_gpt_vuln_modal(data, title){

modal_content += '</ul></p>';

$('#modal-content').append(modal_content);
$('#modal_dialog .modal-text').append(modal_content);
$('#modal_dialog').modal('show');
}

Expand Down Expand Up @@ -3279,9 +3279,9 @@ async function show_attack_surface_modal(endpoint_url, id){
const data = await send_gpt__attack_surface_api_request(endpoint_url,id);
Swal.close();
if (data.status) {
$('#modal_title').html(`Attack Surface Suggestion for ${data.subdomain_name} (BETA)`);
$('#modal-content').empty();
$('#modal-content').append(data.description.replace(new RegExp('\r?\n','g'), '<br />'));
$('#modal_dialog .modal-title').html(`Attack Surface Suggestion for ${data.subdomain_name} (BETA)`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(data.description.replace(new RegExp('\r?\n','g'), '<br />'));
$('#modal_dialog').modal('show');
}
else{
Expand Down
20 changes: 10 additions & 10 deletions web/static/custom/todo.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,14 +91,14 @@ function change_todo_priority(todo_id, imp_type){
function list_subdomain_todos(subdomain_id, subdomain_name){
$('.modal-title').html(`Todos for subdomain ${subdomain_name}`);
$('#modal_dialog').modal('show');
$('#modal-content').empty();
$('#modal-footer').empty();
$('#modal-content').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
// query subdomains
$.getJSON(`/api/listTodoNotes/?subdomain_id=${subdomain_id}&format=json`, function(data) {
$('#modal-loader').empty();
$('#modal-content').empty();
$('#modal-content').append(`<ul id="todo-modal-content-ul"></ul>`);
$('#modal_dialog #modal-loader').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`<ul id="todo-modal-content-ul"></ul>`);
for (todo in data['notes']){
todo_obj = data['notes'][todo];
important_badge = '';
Expand All @@ -121,23 +121,23 @@ function list_subdomain_todos(subdomain_id, subdomain_name){
}
$('.bs-tooltip').tooltip();
}).fail(function(){
$('#modal-loader').empty();
$('#modal_dialog #modal-loader').empty();
});
}

function get_task_details(todo_id){
$('#modal_dialog').modal('show');
$('.modal-text').empty(); $('#modal-footer').empty();
$('.modal-text').empty(); $('#modal_dialog .modal-footer').empty();
$('.modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
$.getJSON(`/api/listTodoNotes/?todo_id=${todo_id}&format=json`, function(data) {
$('.modal-text').empty(); $('#modal-footer').empty();
$('.modal-text').empty(); $('#modal_dialog .modal-footer').empty();
note = data['notes'][0];
subdomain_name = '';
if (note['subdomain_name']) {
subdomain_name = '<small class="text-success"> Subdomain: ' + note['subdomain_name'] + '</small></br>';
}
$('.modal-title').html(`<b>${htmlEncode(note['title'])}</b>`);
$('#modal-content').append(`<p>${subdomain_name} ${htmlEncode(note['description'])}</p>`);
$('#modal_dialog .modal-text').append(`<p>${subdomain_name} ${htmlEncode(note['description'])}</p>`);
});
}

Expand Down
6 changes: 3 additions & 3 deletions web/static/custom/toolbox.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,8 @@ function cms_detector_api_call(cmsDetectorUrl, url){
}).then(response => response.json()).then(function(response) {
if (response.status) {
swal.close();
$('#modal_title').html('CMS Details for ' + url);
$('#modal-content').empty();
$('#cmsDetectorResultModal .modal-title').text('CMS Details for ' + url);
$('#cmsDetectorResultModal .modal-body').empty();

content = `
<div class="d-flex align-items-start mb-3">
Expand Down Expand Up @@ -190,7 +190,7 @@ function cms_detector_api_call(cmsDetectorUrl, url){

content += '</div>'

$('#cmsDetectorResultModal #modal-content').append(content);
$('#cmsDetectorResultModal .modal-body').append(content);
$('#cmsDetectorResultModal').modal('show');
} else {
Swal.fire({
Expand Down
Loading

0 comments on commit 9518579

Please sign in to comment.