extra settings

LDO-CERT · Jul 31, 2024 · 3db9ca2 · 3db9ca2
1 parent 58ac078
commit 3db9ca2
Show file tree

Hide file tree

Showing 16 changed files with 174 additions and 58 deletions.
diff --git a/compose/local/nginx/conf/default.conf b/compose/local/nginx/conf/default.conf
@@ -42,6 +42,11 @@ server {
       client_max_body_size 1000M;
     }
 
+    location ^~ /media/ {
+      autoindex on;
+      alias /usr/share/nginx/html/media/;
+    }
+
     location /ws/notify/ {
       proxy_pass http://django_asgi;
       proxy_http_version 1.1;

diff --git a/config/settings/base.py b/config/settings/base.py
@@ -69,6 +69,7 @@
     "widget_tweaks",
     "django_admin_listfilter_dropdown",
     "django_admin_multiple_choice_list_filter",
+    "extra_settings",
 ]
 
 LOCAL_APPS = [
@@ -288,31 +289,64 @@
 # django-cors-headers - https://github.com/adamchainz/django-cors-headers#setup
 CORS_URLS_REGEX = r"^/api/.*$"
 CSRF_TRUSTED_ORIGINS = env.list("CSRF_TRUSTED_ORIGINS")
-# OROCHI CONFIGURATIONS
-# -------------------------------------------------------------------------------
 
-# elastic windows size to increase number of returned results
-MAX_ELASTIC_WINDOWS_SIZE = env("MAX_ELASTIC_WINDOWS_SIZE")
-# path of the default yara path
-DEFAULT_YARA_RULE_PATH = env("DEFAULT_YARA_RULE_PATH")
-# thread number for multiprocess operation
-THREAD_NO = env.int("THREAD_NO")
-# online url for awesome readme file
-AWESOME_PATH = env("AWESOME_PATH")
+
+# OROCHI EXTRA_SETTINGS
+# ------------------------------------------------------------------------------
+EXTRA_SETTINGS_ADMIN_APP = "extra_settings"
+EXTRA_SETTINGS_CACHE_NAME = "extra_settings"
+EXTRA_SETTINGS_IMAGE_UPLOAD_TO = "images"
+
+EXTRA_SETTINGS_DEFAULTS = [
+    {
+        "description": "Elastic windows size to increase number of returned results",
+        "name": "MAX_ELASTIC_WINDOWS_SIZE",
+        "type": "string",
+        "value": env("MAX_ELASTIC_WINDOWS_SIZE"),
+    },
+    {
+        "description": "path of the default yara path. When changed you must rebuild it.",
+        "name": "DEFAULT_YARA_RULE_PATH",
+        "type": "string",
+        "value": env("DEFAULT_YARA_RULE_PATH"),
+    },
+    {
+        "description": "Thread number for multiprocess operation",
+        "name": "THREAD_NO",
+        "type": "int",
+        "value": env.int("THREAD_NO"),
+    },
+    {
+        "description": "Online url for awesome readme file",
+        "name": "AWESOME_PATH",
+        "type": "string",
+        "value": env("AWESOME_PATH"),
+    },
+    {
+        "description": "Online path of volatility symbols",
+        "name": "VOLATILITY_SYMBOL_DOWNLOAD_PATH",
+        "type": "string",
+        "value": env("VOLATILITY_SYMBOL_DOWNLOAD_PATH"),
+    },
+    {
+        "description": "Path for custom login logo",
+        "name": "CUSTOM_LOGO",
+        "type": "image",
+        "value": "logo.png",
+    },
+]
+
 # local path for yara folder
 LOCAL_YARA_PATH = env("LOCAL_YARA_PATH")
-# extension valid to be considered as yara file
+# Valid yara file exts
 YARA_EXT = [".yar", ".yara", ".rule"]
 # indexes name for rules
 RULES_INDEX = "rules"
-RULES_ANALYSIS_INDEX = "rules_analysis"
 # local path of volatility folder
 VOLATILITY_SYMBOL_PATH = "/src/volatility3/volatility3/symbols"
 VOLATILITY_PLUGIN_PATH = "/src/volatility3/volatility3/plugins/custom"
 # local path of dwarg2json executable
 DWARF2JSON = "/dwarf2json/./dwarf2json"
-# online path of volatility symbols
-VOLATILITY_SYMBOL_DOWNLOAD_PATH = env("VOLATILITY_SYMBOL_DOWNLOAD_PATH")
 # path of a remote folder with already uploaded files
 LOCAL_UPLOAD_PATH = env("LOCAL_UPLOAD_PATH")
 # Regipy plugins

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -23,6 +23,7 @@ services:
       - django_wsgi
     volumes:
       - ./compose/local/nginx/conf:/etc/nginx/conf.d
+      - media_path:/usr/share/nginx/html/media/
     ports:
       - "80:80"
       - "443:443"

diff --git a/orochi/api/routers/customrules.py b/orochi/api/routers/customrules.py
@@ -1,9 +1,9 @@
 import os
 import shutil
 
-from django.conf import settings
 from django.db.models import Q
 from django.http import HttpResponse
+from extra_settings.models import Setting
 from ninja import Router
 from ninja.security import django_auth
 
@@ -53,7 +53,7 @@ def default_rule(request, id: int):
             rule.save()
             return 200, {"message": f"Rule {name} set as default."}
         # Make a copy
-        user_path = f"{settings.LOCAL_YARA_PATH}/{request.user.username}-Ruleset"
+        user_path = f"{Setting.get('LOCAL_YARA_PATH')}/{request.user.username}-Ruleset"
         os.makedirs(user_path, exist_ok=True)
         new_path = f"{user_path}/{rule.name}"
         filename, extension = os.path.splitext(new_path)

diff --git a/orochi/api/routers/rules.py b/orochi/api/routers/rules.py
@@ -2,9 +2,9 @@
 from pathlib import Path
 
 import yara_x
-from django.conf import settings
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404
+from extra_settings.models import Setting
 from ninja import Router
 from ninja.security import django_auth
 
@@ -47,7 +47,7 @@ def edit_rule(request, id: int, data: RuleEditInSchena):
                 f.write(data.text)
             return 200, {"message": f"Rule {name} updated."}
         ruleset = get_object_or_404(Ruleset, user=request.user)
-        user_path = f"{settings.LOCAL_YARA_PATH}/{request.user.username}-Ruleset"
+        user_path = f"{Setting.get('LOCAL_YARA_PATH')}/{request.user.username}-Ruleset"
         os.makedirs(user_path, exist_ok=True)
         rule.pk = None
         rule.ruleset = ruleset

diff --git a/orochi/templates/account/login.html b/orochi/templates/account/login.html
@@ -0,0 +1,65 @@
+{% extends "account/base_entrance.html" %}
+{% load i18n %}
+{% load static %}
+{% load allauth account %}
+{% block head_title %}
+    {% trans "Sign In" %}
+{% endblock head_title %}
+{% block content %}
+    {% element h1 %}
+        {% trans "Sign In" %}
+    {% endelement %}
+    {% element p %}
+        <img src="{{logo}}" width="600px" class="rounded mx-auto d-block">
+    {% endelement %}
+    {% if not SOCIALACCOUNT_ONLY %}
+        {% setvar link %}
+            <a href="{{ signup_url }}">
+            {% endsetvar %}
+            {% setvar end_link %}
+            </a>
+        {% endsetvar %}
+        {% element p %}
+            {% blocktranslate %}If you have not created an account yet, then please {{ link }}sign up{{ end_link }} first.{% endblocktranslate %}
+        {% endelement %}
+        {% url 'account_login' as login_url %}
+        {% element form form=form method="post" action=login_url tags="entrance,login" %}
+            {% slot body %}
+                {% csrf_token %}
+                {% element fields form=form unlabeled=True %}
+                {% endelement %}
+                {{ redirect_field }}
+            {% endslot %}
+            {% slot actions %}
+                {% element button type="submit" tags="prominent,login" %}
+                    {% trans "Sign In" %}
+                {% endelement %}
+            {% endslot %}
+        {% endelement %}
+    {% endif %}
+    {% if LOGIN_BY_CODE_ENABLED or PASSKEY_LOGIN_ENABLED %}
+        {% element hr %}
+        {% endelement %}
+        {% element button_group vertical=True %}
+            {% if PASSKEY_LOGIN_ENABLED %}
+                {% element button type="submit" form="mfa_login" id="passkey_login" tags="prominent,login,outline,primary" %}
+                    {% trans "Sign in with a passkey" %}
+                {% endelement %}
+            {% endif %}
+            {% if LOGIN_BY_CODE_ENABLED %}
+                {% element button href=request_login_code_url tags="prominent,login,outline,primary" %}
+                    {% trans "Mail me a sign-in code" %}
+                {% endelement %}
+            {% endif %}
+        {% endelement %}
+    {% endif %}
+    {% if SOCIALACCOUNT_ENABLED %}
+        {% include "socialaccount/snippets/login.html" with page_layout="entrance" %}
+    {% endif %}
+{% endblock content %}
+{% block extra_body %}
+    {{ block.super }}
+    {% if PASSKEY_LOGIN_ENABLED %}
+        {% include "mfa/webauthn/snippets/login_script.html" with button_id="passkey_login" %}
+    {% endif %}
+{% endblock %}
diff --git a/orochi/utils/download_symbols.py b/orochi/utils/download_symbols.py
@@ -9,7 +9,7 @@
 import requests
 import rpmfile
 from debian import debfile
-from django.conf import settings
+from extra_settings.models import Setting
 from pefile import PE
 from volatility3.framework.contexts import Context
 from volatility3.framework.symbols.windows.pdbconv import PdbReader, PdbRetreiver
@@ -19,7 +19,7 @@ class Downloader:
     def __init__(self, file_list: List[str] = None, url_list: List[str] = None) -> None:
         self.url_list = url_list if url_list is not None else []
         self.file_list = file_list if file_list is not None else []
-        self.down_path = f"{settings.VOLATILITY_SYMBOL_PATH}/added/"
+        self.down_path = f"{Setting.get('VOLATILITY_SYMBOL_PATH')}/added/"
 
     def download_list(self):
         """Download and process files from web urls [Linux]"""
@@ -69,7 +69,7 @@ def process_files(self, named_files: Dict[str, str]):
             if value is None:
                 print(f"FAILURE: None encountered for {i}")
                 return
-        args = [settings.DWARF2JSON, "linux"]
+        args = [Setting.get("DWARF2JSON"), "linux"]
         output_filename = "unknown-kernel.json"
         for named_file, value_ in named_files.items():
             basename, _ = os.path.splitext(named_file)

diff --git a/orochi/utils/plugin_install.py b/orochi/utils/plugin_install.py
@@ -5,10 +5,9 @@
 import zipfile
 from pathlib import Path
 
-from distributed import get_client
-from django.conf import settings
-
 import volatility3.plugins
+from distributed import get_client
+from extra_settings.models import Setting
 from volatility3 import framework
 from volatility3.framework import contexts
 
@@ -26,7 +25,7 @@ def install_process(bash_script, reqs_script, tmp_folder):
         bash_script = None
         reqs_script = False
         py_names = []
-        plugin_folder = Path(settings.VOLATILITY_PLUGIN_PATH)
+        plugin_folder = Path(Setting.get("VOLATILITY_PLUGIN_PATH"))
         tmp_folder = plugin_folder / str(uuid.uuid4())
         os.mkdir(tmp_folder)
         with zipfile.ZipFile(plugin_path, "r") as f:

diff --git a/orochi/utils/volatility_dask_elk.py b/orochi/utils/volatility_dask_elk.py
@@ -28,6 +28,7 @@
 from django.conf import settings
 from elasticsearch import Elasticsearch, helpers
 from elasticsearch_dsl import Search
+from extra_settings.models import Setting
 from regipy.exceptions import (
     NoRegistrySubkeysException,
     RegistryKeyNotFoundException,
@@ -534,7 +535,9 @@ def run_plugin(dump_obj, plugin_obj, params=None, user_pk=None, regipy_plugins=F
             es.indices.put_settings(
                 index=f"{dump_obj.index}_{plugin_obj.name.lower()}",
                 body={
-                    "index": {"max_result_window": settings.MAX_ELASTIC_WINDOWS_SIZE}
+                    "index": {
+                        "max_result_window": Setting.get("MAX_ELASTIC_WINDOWS_SIZE")
+                    }
                 },
             )
 

diff --git a/orochi/website/management/commands/symbols_sync.py b/orochi/website/management/commands/symbols_sync.py
@@ -6,9 +6,8 @@
 
 import requests
 import urllib3
-from django.conf import settings
 from django.core.management.base import BaseCommand
-
+from extra_settings.models import Setting
 from volatility3 import framework
 
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
@@ -19,8 +18,8 @@ class Command(BaseCommand):
 
     def __init__(self, *args, **kwargs):
         super(Command, self).__init__(*args, **kwargs)
-        self.local_path = Path(settings.VOLATILITY_SYMBOL_PATH)
-        self.online_path = settings.VOLATILITY_SYMBOL_DOWNLOAD_PATH
+        self.local_path = Path(Setting.get("VOLATILITY_SYMBOL_PATH"))
+        self.online_path = Setting.get("VOLATILITY_SYMBOL_DOWNLOAD_PATH")
         if os.environ.get("http_proxy", None) or os.environ.get("https_proxy", None):
             self.proxies = {
                 "http": os.environ.get("http_proxy", None),

diff --git a/orochi/website/middleware.py b/orochi/website/middleware.py
@@ -1,6 +1,7 @@
 from operator import itemgetter
 
 from django.urls import reverse
+from extra_settings.models import Setting
 from guardian.shortcuts import get_objects_for_user
 
 from orochi.website.defaults import (
@@ -49,4 +50,10 @@ def process_template_response(self, request, response):
             response.context_data["news"] = news
             bookmarks = Bookmark.objects.filter(user=request.user, star=True)
             response.context_data["bookmarks"] = bookmarks
+
+        # Default logo or pick new one from extra settings
+        if logo := Setting.get("CUSTOM_LOGO"):
+            response.context_data["logo"] = logo.url
+        else:
+            response.context_data["logo"] = "/static/images/logo.png"
         return response