Skip to content

Commit

Permalink
Fixes for split token UI
Browse files Browse the repository at this point in the history 
Signed-off-by: Jacob Torrey <jacob@thinkst.com>
  • Loading branch information
@ranok
ranok committed Jan 22, 2024
1 parent 8e27ef5 commit 4d802fe
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 19 deletions.
3 changes: 3 additions & 0 deletions frontend/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -554,7 +554,10 @@ async def azure_css_landing(
css = b64decode(unquote(state)).decode()
if css is not None and tenant_id is not None:
(success, info) = install_azure_css(tenant_id, css)
info += " We have uninstalled our application from you tenant, revoking all of our permissions."
# info = "Installation failed: your tenant already has custom CSS, or no default branding created, please manually add the CSS to your portal branding."
else:
info = "Installation failed due to lack of sufficient granted permissions."
return templates.TemplateResponse(
"azure_install.html",
{"request": request, "status": info},
Expand Down
4 changes: 1 addition & 3 deletions templates/azure_install.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,9 +122,7 @@ <h3 class="text-muted">
<div class="col-md-10">
<div class="result" style="display: block;">
<div class="artifacts">
<p>{{ status }}<br />
We have uninstalled our application from you tenant, revoking all of our permissions.
</p>
<p>{{ status }}</p>
<div class="form-control">
<button onclick="window.close();" tabindex=10 class="btn btn-lg btn-success btn-fullwidth">Close Window</button>
</div>
Expand Down
24 changes: 8 additions & 16 deletions templates/generate_new.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ <h3 class="text-muted">
{% if azureid_enabled %}
<li data-type="azure_id" class="token-item" data-memo-placeholder="Azure Service Principal Login details on Code Sign Server 3"><a href="#" class="icon icon-azureid"><span class="title">Azure Login Certificate</span><div class="explanation">Azure Service Principal certificate that alerts when used to login with.</div></a></li>
{%endif%}
<li data-type="entra_cloned_website" class="token-item" data-memo-placeholder="Entra ID token for the Thinkst Azure tenant ending in ID..."><a href="#" class="icon icon-entraclonedsite"><span class="title">Azure Entra ID login</span><div class="explanation">Trigger an alert when your Azure Entra ID login is being phished</div></a></li>
<li data-type="entra_cloned_website" class="token-item" data-memo-placeholder="Entra ID token for the Thinkst Azure tenant with ID: ..."><a href="#" class="icon icon-entraclonedsite"><span class="title">Azure Entra ID login</span><div class="explanation">Trigger an alert when your Azure Entra ID login is being phished</div></a></li>
<li data-type="cmd" class="token-item" data-memo-placeholder="Reg file for detection sensitive command execution"><a href="#" class="icon icon-msreg"><span class="title">Sensitive command token</span><div class="explanation">Alert when a suspicious Windows command is run</div></a></li>
<li data-type="ms_word" class="token-item" data-memo-placeholder="Word document placed at U:\Users\Sally\Reports\feb.doc"><a href="#" class="icon icon-word"><span class="title">Microsoft Word document</span><div class="explanation">Get alerted when a document is opened in Microsoft Word</div></a></li>
<li data-type="ms_excel" class="token-item" data-memo-placeholder="Excel document placed at U:\Users\Sally\Reports\feb.xlsx"><a href="#" class="icon icon-excel"><span class="title">Microsoft Excel document</span><div class="explanation">Get alerted when a document is opened in Microsoft Excel</div></a></li>
Expand Down Expand Up @@ -555,7 +555,7 @@ <h3>Your CSS Cloned Website token is active!</h3>
<p>When someone clones your site, they'll load the token, which will checks whether the referrer domain is expected. If not, it fires the token and you get an alert.</p>
<p><h5>Ideas for use:</h5>
<ul>
<li>Only the <code>url()</code> portion is required, you can change the selector, set the <code>display: hidden</code> if you want to token an element inline.</li>
<li>Only the <code>url()</code> portion is required, you can change the selector and add <code>display: hidden</code> if you want to style an invisible element.</li>
<li>Put this CSS style inline on an HTML element on a site you aren't allowed to add Javascript to (e.g., Wordpress).</li>
</ul>
</p>
Expand All @@ -566,8 +566,8 @@ <h3>Your Entra ID login token is active!</h3>
<div class="artifacts">
<p>Use this CSS to detect when someone has cloned your Azure tenant's Entra ID login page. Use the options below to import it as custom branding:</p>
<div class="form-control" style="overflow-x: auto;">
<code id="result_css_cloned_website" class="None" readonly="" style="text-align: left;"></code>
<button class="btn btn-success btn-clipboard tooltipstered" type="button" data-clipboard-target="#result_css_cloned_website">
<code id="result_entra_cloned_website" class="None" readonly="" style="text-align: left;"></code>
<button class="btn btn-success btn-clipboard tooltipstered" type="button" data-clipboard-target="#result_entra_cloned_website">
<img src="/resources/clippy.svg" alt="Copy to clipboard">
</button>
</div>
Expand Down Expand Up @@ -964,8 +964,6 @@ <h3>Your log4shell token is active!</h3>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.8.0/highlight.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.8.0/languages/javascript.min.js"></script>
<script>
// Global var to differentiate the CSS token type
var css_type = "css_cloned_website";
// Search through the tokens dropdown by token name
var input = document.getElementById('search-token');
input.onkeyup = function () {
Expand Down Expand Up @@ -1455,14 +1453,12 @@ <h3>Your log4shell token is active!</h3>
return new FormData(form[0]);
}
var _handleCSSClonedWebsiteRequest = function(form) {
css_type = 'css_cloned_website';
$('#css_expected_referer').attr('name', 'expected_referer')
$('#css_expected_referrer').attr('name', 'expected_referrer')
$('input[name=type]').val('cssclonedsite');
return new FormData(form[0]);
}
var _handleEntraClonedWebsiteRequest = function(form) {
css_type = 'entra_cloned_website';
$('#entra_expected_referer').attr('name', 'expected_referer')
$('#entra_expected_referrer').attr('name', 'expected_referrer')
$('input[name=type]').val('cssclonedsite');
return new FormData(form[0]);
}
Expand All @@ -1479,11 +1475,6 @@ <h3>Your log4shell token is active!</h3>
let unobfuscated_cloned_website_js = document.getElementById("result_cloned_website");
unobfuscated_cloned_website_js.innerHTML = unobfuscated_cloned_website_js.innerHTML.trim()
}
var _handleEntraCSSResponse = function(data) {
if (css_type == 'css_cloned_website')
return _handleCSSClonedWebsiteRespone(data);
return _handleEntraCSSResponse(data);
}
var _handleCSSClonedWebsiteResponse = function(data) {
$('#result_css_cloned_website').append(data['css']);
$('a.file-download').each(function (i, e){
Expand Down Expand Up @@ -1585,7 +1576,8 @@ <h3>Your log4shell token is active!</h3>
'adobe_pdf' : _handleFileDownloadResponse,
'windows_dir' : _handleFileDownloadResponse,
'cloned_website' : _handleClonedWebsiteResponse,
'css_cloned_website' : _handleEntraCSSResponse,
'css_cloned_website' : _handleCSSClonedWebsiteResponse,
'entra_cloned_website': _handleEntraClonedWebsiteResponse,
'qr_code': _handleQrCodeResponse,
'svn': _handleSVNResponse,
'smtp': _handleSMTPResponse,
Expand Down

0 comments on commit 4d802fe

Please sign in to comment.