chg: [correlation] description: get message content + don't show etag…

…, cookie_name and hhash by default
ail-project · Mar 11, 2024 · 8000985 · 8000985
1 parent 7acac4d
commit 8000985
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 7 deletions.
diff --git a/bin/lib/ail_core.py b/bin/lib/ail_core.py
@@ -22,6 +22,11 @@
 
 AIL_OBJECTS_WITH_SUBTYPES = {'chat', 'chat-subchannel', 'cryptocurrency', 'pgp', 'username', 'user-account'}
 
+# TODO by object TYPE ????
+AIL_OBJECTS_CORRELATIONS_DEFAULT = sorted({'chat', 'chat-subchannel', 'chat-thread', 'cve', 'cryptocurrency', 'decoded',
+                                           'domain', 'favicon', 'file-name',
+                                           'item', 'image', 'message', 'pgp', 'screenshot', 'title', 'user-account', 'username'})
+
 def get_ail_uuid():
     ail_uuid = r_serv_db.get('ail:uuid')
     if not ail_uuid:
@@ -69,6 +74,9 @@ def get_object_all_subtypes(obj_type):  # TODO Dynamic subtype
         return r_object.smembers(f'all_chat:subtypes')
     return []
 
+def get_default_correlation_objects():
+    return AIL_OBJECTS_CORRELATIONS_DEFAULT
+
 def get_obj_queued():
     return ['item', 'image']
 

diff --git a/bin/lib/objects/Images.py b/bin/lib/objects/Images.py
@@ -71,7 +71,10 @@ def get_file_content(self):
         return file_content
 
     def get_content(self, r_type='str'):
-        return self.get_file_content()
+        if r_type == 'str':
+            return None
+        else:
+            return self.get_file_content()
 
     def get_misp_object(self):
         obj_attrs = []

diff --git a/bin/lib/objects/ail_objects.py b/bin/lib/objects/ail_objects.py
@@ -12,7 +12,7 @@
 
 
 from lib.ConfigLoader import ConfigLoader
-from lib.ail_core import get_all_objects, get_object_all_subtypes, get_objects_with_subtypes
+from lib.ail_core import get_all_objects, get_object_all_subtypes, get_objects_with_subtypes, get_default_correlation_objects
 from lib import correlations_engine
 from lib import relationships_engine
 from lib import btc_ail
@@ -53,13 +53,16 @@ def is_object_subtype(obj_type):
 def is_valid_object_subtype(obj_type, subtype):
     return subtype in get_object_all_subtypes(obj_type)
 
-def sanitize_objs_types(objs):
+def sanitize_objs_types(objs, default=False):
     l_types = []
     for obj in objs:
         if is_valid_object_type(obj):
             l_types.append(obj)
     if not l_types:
-        l_types = get_all_objects()
+        if default:
+            l_types = get_default_correlation_objects()
+        else:
+            l_types = get_all_objects()
     return l_types
 
 #### OBJECT ####

diff --git a/var/www/blueprints/correlation.py b/var/www/blueprints/correlation.py
@@ -165,7 +165,7 @@ def show_correlation():
 
         related_btc = bool(request.args.get('related_btc', False))
 
-        filter_types = ail_objects.sanitize_objs_types(request.args.get('filter', '').split(','))
+        filter_types = ail_objects.sanitize_objs_types(request.args.get('filter', '').split(','), default=True)
 
         # check if obj_id exist
         if not ail_objects.exists_obj(obj_type, subtype, obj_id):
@@ -206,7 +206,10 @@ def get_description():
         return Response(json.dumps({"status": "error", "reason": "404 Not Found"}, indent=2, sort_keys=True), mimetype='application/json'), 404
     # object exist
     else:
-        res = ail_objects.get_object_meta(obj_type, subtype, obj_id, options={'icon', 'tags', 'tags_safe'},
+        options = {'icon', 'tags', 'tags_safe'}
+        if obj_type == 'message':
+            options.add('content')
+        res = ail_objects.get_object_meta(obj_type, subtype, obj_id, options=options,
                                           flask_context=True)
         if 'tags' in res:
             res['tags'] = list(res['tags'])

diff --git a/var/www/templates/correlation/show_correlation.html b/var/www/templates/correlation/show_correlation.html
@@ -714,7 +714,9 @@ <h4><i class="fas fa-tags"></i> Tags All Objects</h4>
 							}
 							desc = desc + "</div></dd>"
 						} else if (key!="tags" && key!="id" && key!="img" && key!="icon" && key!="link" && key!="type") {
-							desc = desc + "<dt class=\"col-sm-3 px-0\">" + sanitize_text(key) + "</dt><dd class=\"col-sm-9 px-0\">" + sanitize_text(data[key]) + "</dd>"
+                            if (data[key]) {
+							    desc = desc + "<dt class=\"col-sm-3 px-0\">" + sanitize_text(key) + "</dt><dd class=\"col-sm-9 px-0\">" + sanitize_text(data[key]) + "</dd>"
+                            }
 						}
 					});
 					desc = desc + "</dl>"