From f391903cea3d715cc29848a9c8f8ead5659a7224 Mon Sep 17 00:00:00 2001 From: Name Date: Mon, 4 Mar 2024 10:34:19 +0100 Subject: [PATCH 1/2] Optimize rendering of big lists --- mobsf/templates/base/list.html | 7 +++ .../android_binary_analysis.html | 49 ++++------------- .../android_source_analysis.html | 52 +++---------------- .../static_analysis/ios_binary_analysis.html | 29 ++--------- .../static_analysis/ios_source_analysis.html | 12 +---- 5 files changed, 31 insertions(+), 118 deletions(-) create mode 100644 mobsf/templates/base/list.html diff --git a/mobsf/templates/base/list.html b/mobsf/templates/base/list.html new file mode 100644 index 0000000000..b18d2fdf79 --- /dev/null +++ b/mobsf/templates/base/list.html @@ -0,0 +1,7 @@ + +
+ Show all {{ list | length }} {{ type }} + {% for val in list %} + {{ val }}
+ {% endfor %} +
\ No newline at end of file diff --git a/mobsf/templates/static_analysis/android_binary_analysis.html b/mobsf/templates/static_analysis/android_binary_analysis.html index 7266ed5ed2..dbaa9cc273 100755 --- a/mobsf/templates/static_analysis/android_binary_analysis.html +++ b/mobsf/templates/static_analysis/android_binary_analysis.html @@ -2118,11 +2118,7 @@
{{ code_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

-

- {% for val in secrets %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=secrets type="secrets" %}
@@ -2145,28 +2141,13 @@
{{ code_analysis.summary.suppressed }}
{% if app_type not in 'so' %}

From APK Resource

-

- {% for key, val in strings.items %} - {% if key == 'strings_apk_res' %} - {% for v in val %} - {{ v }}
- {% endfor %} - {% endif %} - {% endfor %} -

-

From Code

-

- {% for key, val in strings.items %} - {% if key == 'strings_code' %} - {% for v in val %} - {{ v }}
- {% endfor %} - {% endif %} - {% endfor %} -

+ {% include 'base/list.html' with list=strings.strings_apk_res type="strings" %} +

From Code

+ {% include 'base/list.html' with list=strings.strings_code type="strings" %} {% endif %}

From Shared Objects

-

+ {% include 'base/list.html' with list=strings.strings_so type="strings" %} +

{% for key, val in strings.items %} {% if key == 'strings_so' %} {% for ls in val %} @@ -2201,11 +2182,7 @@

{{ code_analysis.summary.suppressed }}
SYMBOLS

-

- {% for val in file_analysis %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=file_analysis type="symbols" %}
@@ -2329,11 +2306,7 @@
{{ code_analysis.summary.suppressed }}
LIBRARIES

-

- {% for lib in libraries %} - {{ lib }}
- {% endfor %} -

+ {% include 'base/list.html' with list=libraries type="libraries" %}
@@ -2354,11 +2327,7 @@
{{ code_analysis.summary.suppressed }}
FILES

-

- {% for file in files %} - {{ file}}
- {% endfor %} -

+ {% include 'base/list.html' with list=files type="files" %}
diff --git a/mobsf/templates/static_analysis/android_source_analysis.html b/mobsf/templates/static_analysis/android_source_analysis.html index e13138e85b..3880b1c98a 100755 --- a/mobsf/templates/static_analysis/android_source_analysis.html +++ b/mobsf/templates/static_analysis/android_source_analysis.html @@ -1587,11 +1587,7 @@
{{ code_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

-

- {% for val in secrets %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=secrets type="secrets" %}
@@ -1613,15 +1609,7 @@
{{ code_analysis.summary.suppressed }}

From Code

-

- {% for key, val in strings.items %} - {% if key == 'strings_code' %} - {% for v in val %} - {{ v }}
- {% endfor %} - {% endif %} - {% endfor %} -

+ {% include 'base/list.html' with list=strings.strings_code type="strings" %}
@@ -1642,11 +1630,7 @@
{{ code_analysis.summary.suppressed }}
ACTIVITIES

-

- {% for act in activities %} - {{ act}}
- {% endfor %} -

+ {% include 'base/list.html' with list=activities type="activities" %}
@@ -1667,11 +1651,7 @@
{{ code_analysis.summary.suppressed }}
SERVICES

-

- {% for srv in services %} - {{ srv}}
- {% endfor %} -

+ {% include 'base/list.html' with list=services type="services" %}
@@ -1692,11 +1672,7 @@
{{ code_analysis.summary.suppressed }}
RECEIVERS

-

- {% for rcv in receivers %} - {{ rcv}}
- {% endfor %} -

+ {% include 'base/list.html' with list=receivers type="receivers" %}
@@ -1718,11 +1694,7 @@
{{ code_analysis.summary.suppressed }}
PROVIDERS

-

- {% for prv in providers %} - {{ prv }}
- {% endfor %} -

+ {% include 'base/list.html' with list=providers type="providers" %}
@@ -1743,11 +1715,7 @@
{{ code_analysis.summary.suppressed }}
LIBRARIES

-

- {% for lib in libraries %} - {{ lib }}
- {% endfor %} -

+ {% include 'base/list.html' with list=libraries type="libraries" %}
@@ -1768,11 +1736,7 @@
{{ code_analysis.summary.suppressed }}
FILES

-

- {% for file in files %} - {{ file}}
- {% endfor %} -

+ {% include 'base/list.html' with list=files type="files" %}
diff --git a/mobsf/templates/static_analysis/ios_binary_analysis.html b/mobsf/templates/static_analysis/ios_binary_analysis.html index 1ef5c4e33d..b55b37a079 100755 --- a/mobsf/templates/static_analysis/ios_binary_analysis.html +++ b/mobsf/templates/static_analysis/ios_binary_analysis.html @@ -1572,11 +1572,7 @@
{{ binary_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

-

- {% for val in secrets %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=secrets type="secrets" %}
@@ -1597,9 +1593,7 @@
{{ binary_analysis.summary.suppressed }}
STRINGS

- {% for string in strings %} - {{string}}
- {% endfor %} + {% include 'base/list.html' with list=strings type="strings" %}
@@ -1621,11 +1615,7 @@
{{ binary_analysis.summary.suppressed }}
SYMBOLS

-

- {% for val in file_analysis %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=file_analysis type="symbols" %}
@@ -1648,12 +1638,7 @@
{{ binary_analysis.summary.suppressed }}
LIBRARIES

-

- {% for lib in libraries %} - {{ lib }} -
- {% endfor %} -

+ {% include 'base/list.html' with list=libraries type="libraries" %}
@@ -1674,11 +1659,7 @@
{{ binary_analysis.summary.suppressed }}
FILES

-

- {% for file in files %} - {{ file}}
- {% endfor %} -

+ {% include 'base/list.html' with list=files type="files" %}
diff --git a/mobsf/templates/static_analysis/ios_source_analysis.html b/mobsf/templates/static_analysis/ios_source_analysis.html index 721745425d..2f6d757fed 100755 --- a/mobsf/templates/static_analysis/ios_source_analysis.html +++ b/mobsf/templates/static_analysis/ios_source_analysis.html @@ -1190,11 +1190,7 @@
{{ code_analysis.summary.suppressed }}
STRINGS

-

- {% for val in strings %} - {{ val }}
- {% endfor %} -

+ {% include 'base/list.html' with list=strings type="strings" %}
@@ -1215,11 +1211,7 @@
{{ code_analysis.summary.suppressed }}
FILES

-

- {% for file in files %} - {{ file}}
- {% endfor %} -

+ {% include 'base/list.html' with list=files type="files" %}
From 28b2aac8407a19bae7c4f54586c68b0e0a40fb60 Mon Sep 17 00:00:00 2001 From: "Ajin.Abraham" Date: Fri, 22 Mar 2024 16:24:25 -0700 Subject: [PATCH 2/2] Dynamic rendering in browser to improve ux --- mobsf/templates/base/list.html | 8 +-- .../android_binary_analysis.html | 50 ++++++++----------- .../android_source_analysis.html | 16 +++--- .../static_analysis/ios_binary_analysis.html | 36 ++++++++++--- .../static_analysis/ios_source_analysis.html | 4 +- 5 files changed, 64 insertions(+), 50 deletions(-) diff --git a/mobsf/templates/base/list.html b/mobsf/templates/base/list.html index b18d2fdf79..c1575cf0ca 100644 --- a/mobsf/templates/base/list.html +++ b/mobsf/templates/base/list.html @@ -1,7 +1,9 @@ -
- Show all {{ list | length }} {{ type }} +{% if list|length != 0 %} +
+ {% if list|length < limit %}Showing{% else %}Show{% endif %} all {{ list | length }} {{ type }} {% for val in list %} {{ val }}
{% endfor %} -
\ No newline at end of file +
+{% endif %} \ No newline at end of file diff --git a/mobsf/templates/static_analysis/android_binary_analysis.html b/mobsf/templates/static_analysis/android_binary_analysis.html index dbaa9cc273..3c95452318 100755 --- a/mobsf/templates/static_analysis/android_binary_analysis.html +++ b/mobsf/templates/static_analysis/android_binary_analysis.html @@ -2118,7 +2118,7 @@
{{ code_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

- {% include 'base/list.html' with list=secrets type="secrets" %} + {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
@@ -2141,26 +2141,24 @@
{{ code_analysis.summary.suppressed }}
{% if app_type not in 'so' %}

From APK Resource

- {% include 'base/list.html' with list=strings.strings_apk_res type="strings" %} -

From Code

- {% include 'base/list.html' with list=strings.strings_code type="strings" %} + {% include 'base/list.html' with list=strings.strings_apk_res type="strings" limit=100 %} +

From Code

+ {% include 'base/list.html' with list=strings.strings_code type="strings" limit=100 %} {% endif %} +

From Shared Objects

- {% include 'base/list.html' with list=strings.strings_so type="strings" %} -

{% for key, val in strings.items %} {% if key == 'strings_so' %} {% for ls in val %} {% for k,v in ls.items %} -


{{ k }}

- {% for i in v %} - {{ i }}
- {% endfor %} +


{{ k }}

+
+ {% include 'base/list.html' with list=v type="strings" limit=5 %} +
{% endfor %} {% endfor %} {% endif %} {% endfor %} -

@@ -2182,7 +2180,7 @@
{{ code_analysis.summary.suppressed }}
SYMBOLS

- {% include 'base/list.html' with list=file_analysis type="symbols" %} + {% include 'base/list.html' with list=file_analysis type="symbols" limit=50 %}
@@ -2205,10 +2203,8 @@
{{ code_analysis.summary.suppressed }}
ACTIVITIES

-

- {% for act in activities %} - {{ act}}
- {% endfor %} +

+ {% include 'base/list.html' with list=activities type="activities" limit=50 %}

@@ -2230,10 +2226,8 @@
{{ code_analysis.summary.suppressed }}
SERVICES

-

- {% for srv in services %} - {{ srv}}
- {% endfor %} +

+ {% include 'base/list.html' with list=services type="services" limit=50 %}

@@ -2255,10 +2249,8 @@
{{ code_analysis.summary.suppressed }}
RECEIVERS

-

- {% for rcv in receivers %} - {{ rcv}}
- {% endfor %} +

+ {% include 'base/list.html' with list=receivers type="receivers" limit=50 %}

@@ -2281,10 +2273,8 @@
{{ code_analysis.summary.suppressed }}
PROVIDERS

-

- {% for prv in providers %} - {{ prv }}
- {% endfor %} +

+ {% include 'base/list.html' with list=providers type="providers" limit=50 %}

@@ -2306,7 +2296,7 @@
{{ code_analysis.summary.suppressed }}
LIBRARIES

- {% include 'base/list.html' with list=libraries type="libraries" %} + {% include 'base/list.html' with list=libraries type="libraries" limit=100 %}
@@ -2327,7 +2317,7 @@
{{ code_analysis.summary.suppressed }}
FILES

- {% include 'base/list.html' with list=files type="files" %} + {% include 'base/list.html' with list=files type="files" limit=200 %}
diff --git a/mobsf/templates/static_analysis/android_source_analysis.html b/mobsf/templates/static_analysis/android_source_analysis.html index 3880b1c98a..ec093128f5 100755 --- a/mobsf/templates/static_analysis/android_source_analysis.html +++ b/mobsf/templates/static_analysis/android_source_analysis.html @@ -1587,7 +1587,7 @@
{{ code_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

- {% include 'base/list.html' with list=secrets type="secrets" %} + {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
@@ -1609,7 +1609,7 @@
{{ code_analysis.summary.suppressed }}

From Code

- {% include 'base/list.html' with list=strings.strings_code type="strings" %} + {% include 'base/list.html' with list=strings.strings_code type="strings" limit=100 %}
@@ -1630,7 +1630,7 @@
{{ code_analysis.summary.suppressed }}
ACTIVITIES

- {% include 'base/list.html' with list=activities type="activities" %} + {% include 'base/list.html' with list=activities type="activities" limit=50 %}
@@ -1651,7 +1651,7 @@
{{ code_analysis.summary.suppressed }}
SERVICES

- {% include 'base/list.html' with list=services type="services" %} + {% include 'base/list.html' with list=services type="services" limit=50 %}
@@ -1672,7 +1672,7 @@
{{ code_analysis.summary.suppressed }}
RECEIVERS

- {% include 'base/list.html' with list=receivers type="receivers" %} + {% include 'base/list.html' with list=receivers type="receivers" limit=50%}
@@ -1694,7 +1694,7 @@
{{ code_analysis.summary.suppressed }}
PROVIDERS

- {% include 'base/list.html' with list=providers type="providers" %} + {% include 'base/list.html' with list=providers type="providers" limit=50 %}
@@ -1715,7 +1715,7 @@
{{ code_analysis.summary.suppressed }}
LIBRARIES

- {% include 'base/list.html' with list=libraries type="libraries" %} + {% include 'base/list.html' with list=libraries type="libraries" limit=50 %}
@@ -1736,7 +1736,7 @@
{{ code_analysis.summary.suppressed }}
FILES

- {% include 'base/list.html' with list=files type="files" %} + {% include 'base/list.html' with list=files type="files" limit=200 %}
diff --git a/mobsf/templates/static_analysis/ios_binary_analysis.html b/mobsf/templates/static_analysis/ios_binary_analysis.html index b55b37a079..73d3f7d240 100755 --- a/mobsf/templates/static_analysis/ios_binary_analysis.html +++ b/mobsf/templates/static_analysis/ios_binary_analysis.html @@ -1185,14 +1185,36 @@
{{ binary_analysis.summary.suppressed }}
{{ item.issue }} - {% for file in item.files %} + {% if item.files|length < 4 %} + {% for file in item.files %} + {% if file.type %} {{ file.file_path }} {% else %} {{ file.file_path }} {% endif %} -
+ +
+ {% endfor %} + {% else %} + +
+ {% for file in item.files %} + + {% if file.type %} + {{ file.file_path }} + {% else %} + {{ file.file_path }} + {% endif %} + +
{% endfor %} +
+ {% endif %} + + @@ -1572,7 +1594,7 @@
{{ binary_analysis.summary.suppressed }}
POSSIBLE HARDCODED SECRETS

- {% include 'base/list.html' with list=secrets type="secrets" %} + {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
@@ -1593,7 +1615,7 @@
{{ binary_analysis.summary.suppressed }}
STRINGS

- {% include 'base/list.html' with list=strings type="strings" %} + {% include 'base/list.html' with list=strings type="strings" limit=100 %}
@@ -1615,7 +1637,7 @@
{{ binary_analysis.summary.suppressed }}
SYMBOLS

- {% include 'base/list.html' with list=file_analysis type="symbols" %} + {% include 'base/list.html' with list=file_analysis type="symbols" limit=100 %}
@@ -1638,7 +1660,7 @@
{{ binary_analysis.summary.suppressed }}
LIBRARIES

- {% include 'base/list.html' with list=libraries type="libraries" %} + {% include 'base/list.html' with list=libraries type="libraries" limit=100 %}
@@ -1659,7 +1681,7 @@
{{ binary_analysis.summary.suppressed }}
FILES

- {% include 'base/list.html' with list=files type="files" %} + {% include 'base/list.html' with list=files type="files" limit=200 %}
diff --git a/mobsf/templates/static_analysis/ios_source_analysis.html b/mobsf/templates/static_analysis/ios_source_analysis.html index 2f6d757fed..c831ef83a4 100755 --- a/mobsf/templates/static_analysis/ios_source_analysis.html +++ b/mobsf/templates/static_analysis/ios_source_analysis.html @@ -1190,7 +1190,7 @@
{{ code_analysis.summary.suppressed }}
STRINGS

- {% include 'base/list.html' with list=strings type="strings" %} + {% include 'base/list.html' with list=strings type="strings" limit=100 %}
@@ -1211,7 +1211,7 @@
{{ code_analysis.summary.suppressed }}
FILES

- {% include 'base/list.html' with list=files type="files" %} + {% include 'base/list.html' with list=files type="files" limit=200 %}