Phillip Tarrant
1eb2a52f17
Core changes
- Centralize detection in the Rules Engine; browser.py now focuses on fetch/extract/persist.
- Add class-based adapters:
- FactAdapter: converts snippets → structured facts.
- FunctionRuleAdapter: wraps dict-based rule functions for engine input (str or dict).
- Register function rules (code-based) alongside YAML rules:
- form_action_missing
- form_http_on_https_page
- form_submits_to_different_host
- script_src_uses_data_or_blob
- script_src_has_dangerous_extension
- script_third_party_host
Rules & YAML
- Expand/normalize YAML rules with severities + tags; tighten patterns.
- Add new regex rules: new_function_usage, unescape_usage, string_timer_usage, long_hex_constants.
- Move iframe rule to `text` category.
- Keep existing script/form/text rules; all compile under IGNORECASE.
Browser / analysis refactor
- browser.py:
- Remove inline heuristics; rely on engine for PASS/FAIL, reason, severity, tags.
- Build page-level overview (`rule_checks`) across categories.
- Analyze forms: add `base_url` + `base_hostname` to snippet so function rules can evaluate; include per-form rule_checks.
- Analyze scripts: **per-script evaluation**:
- Inline -> run regex script rules on inline text.
- External -> run function script rules with a facts dict (src/src_hostname/base_url/base_hostname).
- Only include scripts that matched ≥1 rule; attach severity/tags to matches.
- Persist single source of truth: `/data/<uuid>/results.json`.
- Backward-compat: `fetch_page_artifacts(..., engine=...)` kwarg accepted/ignored.
UI/UX
- Suspicious Scripts table now shows only matched scripts.
- Add severity badges and tag chips; tooltips show rule description.
- Prevent table blowouts:
- Fixed layout + ellipsis + wrapping helpers (`.scripts-table`, `.breakable`, `details pre.code`).
- Shortened inline snippet preview (configurable).
- Minor template niceties (e.g., rel="noopener" on external links where applicable).
Config
- Add `ui.snippet_preview_len` to settings.yaml; default 160.
- Load into `app.config["SNIPPET_PREVIEW_LEN"]` and use in `analyze_scripts`.
Init / wiring
- Import and register function rules as `Rule(...)` objects (not dicts).
- Hook Rules Engine to Flask logger for verbose/diagnostic output.
- Log totals on startup; keep YAML path override via `SNEAKYSCOPE_RULES_FILE`.
Bug fixes
- Fix boot crash: pass `Rule` instances to `engine.add_rule()` instead of dicts.
- Fix “N/A” in scripts table by actually computing per-script matches.
- Ensure form rules fire by including `base_url`/`base_hostname` in form snippets.
Roadmap
- Update roadmap to reflect completed items:
- “Show each check and whether it triggered (pass/fail list per rule)”
- Severity levels + tags in Suspicious Scripts
- Results.json as route source of truth
- Scripts table UX (badges, tooltips, layout fix)
149 lines
4.5 KiB
Python
149 lines
4.5 KiB
Python
#
|
|
# Note the settings file is hardcoded in this class at the top after imports.
|
|
#
|
|
# To make a new settings section, just add the setting dict to your yaml
|
|
# and then define the data class below in the config data classes area.
|
|
#
|
|
# Example use from anywhere - this will always return the same singleton
|
|
# from settings import get_settings
|
|
# def main():
|
|
# settings = get_settings()
|
|
# print(settings.database.host) # Autocomplete works
|
|
# print(settings.logging.level)
|
|
|
|
# if __name__ == "__main__":
|
|
# main()
|
|
|
|
import functools
|
|
from pathlib import Path
|
|
from typing import Any, Callable, TypeVar
|
|
from dataclasses import dataclass, fields, is_dataclass, field, MISSING
|
|
|
|
import logging
|
|
import sys
|
|
logger = logging.getLogger(__file__)
|
|
|
|
try:
|
|
import yaml
|
|
except ModuleNotFoundError:
|
|
msg = (
|
|
"Required modules are not installed. "
|
|
"Can not continue with module / application loading.\n"
|
|
"Install it with: pip install -r requirements"
|
|
)
|
|
print(msg, file=sys.stderr)
|
|
logger.error(msg)
|
|
exit()
|
|
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
DEFAULT_SETTINGS_FILE = BASE_DIR / "config" / "settings.yaml"
|
|
|
|
# ---------- CONFIG DATA CLASSES ----------
|
|
@dataclass
|
|
class UIConfig:
|
|
snippet_preview_len: int = 160
|
|
|
|
@dataclass
|
|
class Cache_Config:
|
|
whois_cache_days: int = 7
|
|
geoip_cache_days: int = 7
|
|
recent_runs_count: int = 10
|
|
|
|
|
|
@dataclass
|
|
class AppConfig:
|
|
name: str = "MyApp"
|
|
version_major: int = 1
|
|
version_minor: int = 0
|
|
|
|
|
|
@dataclass
|
|
class Settings:
|
|
cache: Cache_Config = field(default_factory=Cache_Config)
|
|
ui: UIConfig = field(default_factory=UIConfig)
|
|
app: AppConfig = field(default_factory=AppConfig)
|
|
|
|
@classmethod
|
|
def from_yaml(cls, path: str | Path) -> "Settings":
|
|
try:
|
|
"""Load settings from YAML file into a Settings object."""
|
|
with open(path, "r", encoding="utf-8") as f:
|
|
raw: dict[str, Any] = yaml.safe_load(f) or {}
|
|
except FileNotFoundError:
|
|
logger.warning(f"Settings file {path} not found! Using default settings.")
|
|
raw = {}
|
|
|
|
init_kwargs = {}
|
|
for f_def in fields(cls):
|
|
yaml_value = raw.get(f_def.name, None)
|
|
|
|
# Determine default value from default_factory or default
|
|
if f_def.default_factory is not MISSING:
|
|
default_value = f_def.default_factory()
|
|
elif f_def.default is not MISSING:
|
|
default_value = f_def.default
|
|
else:
|
|
default_value = None
|
|
|
|
# Handle nested dataclasses
|
|
if is_dataclass(f_def.type):
|
|
if isinstance(yaml_value, dict):
|
|
# Merge YAML values with defaults
|
|
merged_data = {fld.name: getattr(default_value, fld.name) for fld in fields(f_def.type)}
|
|
merged_data.update(yaml_value)
|
|
init_kwargs[f_def.name] = f_def.type(**merged_data)
|
|
else:
|
|
init_kwargs[f_def.name] = default_value
|
|
else:
|
|
init_kwargs[f_def.name] = yaml_value if yaml_value is not None else default_value
|
|
|
|
return cls(**init_kwargs)
|
|
|
|
|
|
# ---------- SINGLETON DECORATOR ----------
|
|
T = TypeVar("T")
|
|
|
|
def singleton_loader(func: Callable[..., T]) -> Callable[..., T]:
|
|
"""Ensure the function only runs once, returning the cached value."""
|
|
cache: dict[str, T] = {}
|
|
|
|
@functools.wraps(func)
|
|
def wrapper(*args, **kwargs) -> T:
|
|
if func.__name__ not in cache:
|
|
cache[func.__name__] = func(*args, **kwargs)
|
|
return cache[func.__name__]
|
|
|
|
return wrapper
|
|
|
|
|
|
# ---------- SINGLETON DECORATOR ----------
|
|
T = TypeVar("T")
|
|
|
|
def singleton_loader(func: Callable[..., T]) -> Callable[..., T]:
|
|
"""Decorator to ensure the settings are loaded only once."""
|
|
cache: dict[str, T] = {}
|
|
|
|
@functools.wraps(func)
|
|
def wrapper(*args, **kwargs) -> T:
|
|
if func.__name__ not in cache:
|
|
cache[func.__name__] = func(*args, **kwargs)
|
|
return cache[func.__name__]
|
|
|
|
return wrapper
|
|
|
|
|
|
@singleton_loader
|
|
def get_settings(config_path: str | Path | None = None) -> Settings:
|
|
"""
|
|
Returns the singleton Settings instance.
|
|
|
|
Args:
|
|
config_path: Optional path to the YAML config file. If not provided,
|
|
defaults to 'config/settings.yaml' in the current working directory.
|
|
"""
|
|
if config_path is None:
|
|
config_path = DEFAULT_SETTINGS_FILE
|
|
else:
|
|
config_path = Path(config_path)
|
|
|
|
return Settings.from_yaml(config_path) |