Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: update modal handling and improve CMS detection #210

Merged
merged 4 commits into from
Sep 30, 2024
Merged

refactor: update modal handling and improve CMS detection #210

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5307ee0
refactor: update modal handling and improve CMS detection
psyray Sep 30, 2024
79e671b
fix: remove duplicate data-bs-dismiss attribute from modal buttons
psyray Sep 30, 2024
875371a
fix: update method for setting modal title text
psyray Sep 30, 2024
a8fc5f9
fix(modal): update modal element selectors for dork details
psyray Sep 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion web/recon_note/templates/note/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ <h5 class="">Add to-do</h5>
<div class="modal-footer">
<button class="btn add-tsk">Add to-do</button>
<button class="btn edit-tsk">Save</button>
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
</div>
</div>
</div>
Expand Down
20 changes: 10 additions & 10 deletions web/scanEngine/static/scanEngine/js/custom_tools.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ function load_gf_template(pattern_name){
$.getJSON(`/api/getFileContents?gf_pattern&name=${pattern_name}&format=json`, function(response) {
swal.close();
if (response.status) {
$('#modal_title').empty();
$('#modal-content').empty();
$("#modal-footer").empty();
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$("#modal_dialog .modal-footer").empty();

$('#modal_title').html(`GF Pattern ` + htmlEncode(pattern_name));
$('#modal_dialog .modal-title').html(`GF Pattern ` + htmlEncode(pattern_name));

$('#modal-content').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog .modal-text').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog').modal('show');
}
else{
Expand All @@ -38,13 +38,13 @@ function load_nuclei_template(pattern_name){
$.getJSON(`/api/getFileContents?nuclei_template&name=${pattern_name}&format=json`, function(response) {
swal.close();
if (response.status) {
$('#modal_title').empty();
$('#modal-content').empty();
$("#modal-footer").empty();
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$("#modal_dialog .modal-footer").empty();

$('#modal_title').html(`Nuclei Template: ` + htmlEncode(pattern_name));
$('#modal_dialog .modal-title').html(`Nuclei Template: ` + htmlEncode(pattern_name));

$('#modal-content').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog .modal-text').append(`<pre>${htmlEncode(response['content'])}</pre>`);
$('#modal_dialog').modal('show');
}
else{
Expand Down
6 changes: 3 additions & 3 deletions web/scanEngine/templates/scanEngine/settings/llm_toolkit.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,9 +158,9 @@ <h4 class="mt-0">
}

function showAddNewModelModal(){
$('#modal_title').html('Add new LLM Model');
$('#modal-content').empty();
$('#modal-content').append(`
$('#modal_dialog .modal-title').html('Add new LLM Model');
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`
<p>You can find the list of supported models in <a href="https://ollama.com/library" target="_blank">Ollama Library</a></p>
<p>We recommend using llama2-uncensored model for better results.</p>
<div class="mb-3">
Expand Down
101 changes: 52 additions & 49 deletions web/startScan/static/startScan/js/detail_scan.js
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions web/startScan/templates/startScan/detail_scan.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2375,11 +2375,11 @@ <h4 class="header-title mb-0"><span id="endpoint_change_count"><span class="spin
<div class="btn-group mt-2">
<button type="button" data-toggle="tooltip" data-placement="top" title="Show Attack Surface" class="btn btn-primary me-1 bs-tooltip" onclick="show_attack_surface_modal('{% url 'api:gpt_get_possible_attacks' %}', ${row['id']})"><i class="fe-eye"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Further Scan Subdomain" class="btn btn-primary btn-scan-subdomain me-1" id="${row['id']}"><i class="fe-zap"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}')"><i class="fe-file-plus"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}', '{{current_project.slug}}')"><i class="fe-file-plus"></i></button>
<button class="btn btn-primary me-1 dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"><i class="mdi mdi-dots-horizontal"></i></button>
<div class="dropdown-menu dropdown-menu-end">
<a class="dropdown-item" href="#" onclick="mark_important_subdomain('{% url 'api:toggle_subdomain' %}', this, ${row['id']})" id="${row['id']}"><i class="mdi mdi-alert-rhombus-outline me-2 text-muted font-18 vertical-middle"></i>Mark Important Subdomain</a>
<a class="dropdown-item" href="#" onclick="detect_subdomain_cms('${cms_detector_http_url}', ${row['http_status']})"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="dropdown-item detect_subdomain_cms_link" href="#" data-http-status="${row['http_status']}" data-cms-url="${cms_detector_http_url}" data-url="{% url 'api:cms_detector' %}"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="text-danger dropdown-item btn-delete-subdomain" href="#" id="${row['id']}"><i class="text-danger mdi mdi-delete-forever-outline me-2 font-18 vertical-middle"></i>Delete Subdomain</a>
</div>
</div>
Expand Down
4 changes: 2 additions & 2 deletions web/startScan/templates/startScan/subdomains.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -286,11 +286,11 @@
<div class="btn-group mt-2">
<button type="button" data-toggle="tooltip" data-placement="top" title="Show Attack Surface" class="btn btn-primary me-1 bs-tooltip" onclick="show_attack_surface_modal('{% url 'api:gpt_get_possible_attacks' %}', ${row['id']})"><i class="fe-eye"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Further Scan Subdomain" class="btn btn-primary btn-scan-subdomain me-1 bs-tooltip" id="${row['id']}"><i class="fe-zap"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1 bs-tooltip" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}')"><i class="fe-file-plus"></i></button>
<button type="button" data-toggle="tooltip" data-placement="top" title="Add Recon To-do/Note" class="btn btn-primary me-1 bs-tooltip" id="${row['id']}" onclick="add_note_for_subdomain(${row['id']}, '${row['name']}', '{{current_project.slug}}')"><i class="fe-file-plus"></i></button>
<button class="btn btn-primary me-1 dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false"><i class="mdi mdi-dots-horizontal"></i></button>
<div class="dropdown-menu dropdown-menu-end">
<a class="dropdown-item" href="#" onclick="mark_important_subdomain('{% url 'api:toggle_subdomain' %}', this, ${row['id']})" id="${row['id']}"><i class="mdi mdi-alert-rhombus-outline me-2 text-muted font-18 vertical-middle"></i>Mark Important Subdomain</a>
<a class="dropdown-item" href="#" onclick="detect_subdomain_cms('${cms_detector_http_url}', ${row['http_status']})"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="dropdown-item detect_subdomain_cms_link" href="#" data-http-status="${row['http_status']}" data-cms-url="${cms_detector_http_url}" data-url="{% url 'api:cms_detector' %}"><i class="fe-grid me-2 text-muted font-18 vertical-middle"></i>Detect CMS</a>
<a class="text-danger dropdown-item btn-delete-subdomain" href="#" id="${row['id']}"><i class="text-danger mdi mdi-delete-forever-outline me-2 font-18 vertical-middle"></i>Delete Subdomain</a>
</div>
</div>
Expand Down
60 changes: 30 additions & 30 deletions web/static/custom/custom.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1431,9 +1431,9 @@ function get_and_render_subscan_history(endpoint, subdomain_id, subdomain_name)
return response.json();
}).then(function(data) {
if (data['status']) {
$('#modal_title').html('Subscan History for subdomain ' + subdomain_name);
$('#modal-content').empty();
$('#modal-content').append(`<div id="subscan_history_table"></div>`);
$('#modal_dialog .modal-title').html('Subscan History for subdomain ' + subdomain_name);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`<div id="subscan_history_table"></div>`);

$('#subscan_history_table').empty();

Expand Down Expand Up @@ -1604,8 +1604,8 @@ function get_domain_whois(whoisLookupUrl, domain_name, addTargetUrl, project_slu
function display_whois_on_modal(response, addTargetUrl, project_slug, show_add_target_btn=false) {
// this function will display whois data on modal, should be followed after get_domain_whois()
$('#whoisLookupResultModal').modal('show');
$('#whoisLookupResultModal #modal-content').empty();
$("#whoisLookupResultModal #modal-footer").empty();
$('#whoisLookupResultModal .modal-body').empty();
$("#whoisLookupResultModal .modal-footer").empty();

content = `
<div class="row mt-3">
Expand Down Expand Up @@ -1925,7 +1925,7 @@ function display_whois_on_modal(response, addTargetUrl, project_slug, show_add_t
</div>`
}

$('#whoisLookupResultModal #modal-content').append(content);
$('#whoisLookupResultModal .modal-body').append(content);
$('[data-toggle="tooltip"]').tooltip();

}
Expand Down Expand Up @@ -2211,12 +2211,12 @@ function get_ip_details(endpoint_port_url, endpoint_subdomain_url, ip_address, s
var subdomain_loader = `<span class="inner-div spinner-border text-primary align-self-center loader-sm" id="subdomain-modal-loader"></span>`;

// add tab modal title
$('#modal_title').html('Details for IP: <b>' + ip_address + '</b>');
$('#modal_dialog .modal-title').html('Details for IP: <b>' + ip_address + '</b>');

$('#modal-content').empty();
$('#modal_dialog .modal-text').empty();
$('#modal-tabs').empty();

$('#modal-content').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);
$('#modal_dialog .modal-text').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);

$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#modal_content_port" aria-expanded="true"><span id="modal-open-ports-count"></span>Open Ports &nbsp;${port_loader}</a></li>`);
$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#modal_content_subdomain" aria-expanded="false"><span id="modal-subdomain-count"></span>Subdomains &nbsp;${subdomain_loader}</a></li>`)
Expand Down Expand Up @@ -2297,13 +2297,13 @@ function get_port_details(endpoint_ip_url, endpoint_subdomain_url, port, scan_id
var ip_spinner = `<span class="spinner-border spinner-border-sm me-1" id="ip-modal-loader"></span>`;
var subdomain_spinner = `<span class="spinner-border spinner-border-sm me-1" id="subdomain-modal-loader"></span>`;

$('#modal_title').html('Details for Port: <b>' + port + '</b>');
$('#modal_dialog .modal-title').html('Details for Port: <b>' + port + '</b>');

$('#modal-content').empty();
$('#modal_dialog .modal-text').empty();
$('#modal-tabs').empty();


$('#modal-content').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);
$('#modal_dialog .modal-text').append(`<ul class='nav nav-tabs nav-bordered' id="modal_tab_nav"></ul><div id="modal_tab_content" class="tab-content"></div>`);

$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link active" data-bs-toggle="tab" href="#modal_content_ip" aria-expanded="true"><span id="modal-ip-count"></span>IP Address&nbsp;${ip_spinner}</a></li>`);
$('#modal_tab_nav').append(`<li class="nav-item"><a class="nav-link" data-bs-toggle="tab" href="#modal_content_subdomain" aria-expanded="false"><span id="modal-subdomain-count"></span>Subdomains&nbsp;${subdomain_spinner}</a></li>`)
Expand Down Expand Up @@ -2375,17 +2375,17 @@ function get_tech_details(endpoint_subdomain_url, tech, scan_id=null, domain_id=

var interesting_badge = `<span class="m-1 badge badge-soft-danger bs-tooltip" title="Interesting Subdomain">Interesting</span>`;
// render tab modal
$('.modal-title').html('Details for Technology: <b>' + tech + '</b>');
$('#modal_dialog .modal-title').html('Details for Technology: <b>' + tech + '</b>');
$('#modal_dialog').modal('show');

$('.modal-text').empty();
$('#modal-footer').empty();
$('.modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-primary align-self-center loader-sm"></span></div>`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-primary align-self-center loader-sm"></span></div>`);
// query subdomains
$.getJSON(url, function(data) {
$('#modal-loader').empty();
$('#modal-content').empty();
$('#modal-content').append(`${data['subdomains'].length} Subdomains are using ${tech}`);
$('#modal_dialog #modal-loader').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`${data['subdomains'].length} Subdomains are using ${tech}`);
const subdomainList = $('<ul></ul>');
for (subdomain in data['subdomains']){
subdomain_obj = data['subdomains'][subdomain];
Expand All @@ -2408,11 +2408,11 @@ function get_tech_details(endpoint_subdomain_url, tech, scan_id=null, domain_id=
}

}
$("#modal-content").append(subdomainList);
$("#modal-content").append(`<span class="float-end text-danger">*Subdomains highlighted are 40X HTTP Status</span>`);
$("#modal_dialog .modal-text").append(subdomainList);
$("#modal_dialog .modal-text").append(`<span class="float-end text-danger">*Subdomains highlighted are 40X HTTP Status</span>`);
$("#subdomain-modal-loader").remove();
}).fail(function(){
$('#modal-loader').empty();
$('#modal_dialog #modal-loader').empty();
});
}

Expand Down Expand Up @@ -3195,10 +3195,10 @@ async function fetch_gpt_vuln_details(endpoint_url, id, title) {


function render_gpt_vuln_modal(data, title){
$('#modal-title').empty();
$('#modal-content').empty();
$('#modal-footer').empty();
$('#modal_title').html(`Vulnerability detail for ${title}`);
$('#modal_dialog .modal-title').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-title').html(`Vulnerability detail for ${title}`);

var modal_content = `
<h4>Description</h4>
Expand All @@ -3217,7 +3217,7 @@ function render_gpt_vuln_modal(data, title){

modal_content += '</ul></p>';

$('#modal-content').append(modal_content);
$('#modal_dialog .modal-text').append(modal_content);
$('#modal_dialog').modal('show');
}

Expand Down Expand Up @@ -3279,9 +3279,9 @@ async function show_attack_surface_modal(endpoint_url, id){
const data = await send_gpt__attack_surface_api_request(endpoint_url,id);
Swal.close();
if (data.status) {
$('#modal_title').html(`Attack Surface Suggestion for ${data.subdomain_name} (BETA)`);
$('#modal-content').empty();
$('#modal-content').append(data.description.replace(new RegExp('\r?\n','g'), '<br />'));
$('#modal_dialog .modal-title').html(`Attack Surface Suggestion for ${data.subdomain_name} (BETA)`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(data.description.replace(new RegExp('\r?\n','g'), '<br />'));
$('#modal_dialog').modal('show');
}
else{
Expand Down
20 changes: 10 additions & 10 deletions web/static/custom/todo.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,14 +91,14 @@ function change_todo_priority(todo_id, imp_type){
function list_subdomain_todos(subdomain_id, subdomain_name){
$('.modal-title').html(`Todos for subdomain ${subdomain_name}`);
$('#modal_dialog').modal('show');
$('#modal-content').empty();
$('#modal-footer').empty();
$('#modal-content').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-footer').empty();
$('#modal_dialog .modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
// query subdomains
$.getJSON(`/api/listTodoNotes/?subdomain_id=${subdomain_id}&format=json`, function(data) {
$('#modal-loader').empty();
$('#modal-content').empty();
$('#modal-content').append(`<ul id="todo-modal-content-ul"></ul>`);
$('#modal_dialog #modal-loader').empty();
$('#modal_dialog .modal-text').empty();
$('#modal_dialog .modal-text').append(`<ul id="todo-modal-content-ul"></ul>`);
for (todo in data['notes']){
todo_obj = data['notes'][todo];
important_badge = '';
Expand All @@ -121,23 +121,23 @@ function list_subdomain_todos(subdomain_id, subdomain_name){
}
$('.bs-tooltip').tooltip();
}).fail(function(){
$('#modal-loader').empty();
$('#modal_dialog #modal-loader').empty();
});
}

function get_task_details(todo_id){
$('#modal_dialog').modal('show');
$('.modal-text').empty(); $('#modal-footer').empty();
$('.modal-text').empty(); $('#modal_dialog .modal-footer').empty();
$('.modal-text').append(`<div class='outer-div' id="modal-loader"><span class="inner-div spinner-border text-info align-self-center loader-sm"></span></div>`);
$.getJSON(`/api/listTodoNotes/?todo_id=${todo_id}&format=json`, function(data) {
$('.modal-text').empty(); $('#modal-footer').empty();
$('.modal-text').empty(); $('#modal_dialog .modal-footer').empty();
note = data['notes'][0];
subdomain_name = '';
if (note['subdomain_name']) {
subdomain_name = '<small class="text-success"> Subdomain: ' + note['subdomain_name'] + '</small></br>';
}
$('.modal-title').html(`<b>${htmlEncode(note['title'])}</b>`);
$('#modal-content').append(`<p>${subdomain_name} ${htmlEncode(note['description'])}</p>`);
$('#modal_dialog .modal-text').append(`<p>${subdomain_name} ${htmlEncode(note['description'])}</p>`);
});
}

Expand Down
6 changes: 3 additions & 3 deletions web/static/custom/toolbox.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,8 @@
}).then(response => response.json()).then(function(response) {
if (response.status) {
swal.close();
$('#modal_title').html('CMS Details for ' + url);
$('#modal-content').empty();
$('#cmsDetectorResultModal .modal-title').html('CMS Details for ' + url);
Fixed Show fixed Hide fixed
$('#cmsDetectorResultModal .modal-body').empty();

content = `
<div class="d-flex align-items-start mb-3">
Expand Down Expand Up @@ -190,7 +190,7 @@

content += '</div>'

$('#cmsDetectorResultModal #modal-content').append(content);
$('#cmsDetectorResultModal .modal-body').append(content);
$('#cmsDetectorResultModal').modal('show');
} else {
Swal.fire({
Expand Down
Loading
Loading