Optimize rendering of big lists

mobsf/templates/base/list.html

@@ -0,0 +1,9 @@
+<!-- "strings" on big binaries can easily result in millions of hits, avoid rendering them unless needed: -->
+{% if list|length != 0 %}
+<details {% if list|length < limit %}open{% endif %}>
+  <summary>{% if list|length < limit %}Showing{% else %}Show{% endif %} all <strong>{{ list | length }}</strong> {{ type }}</summary>
+  {% for val in list %}
+    {{ val }}<br/>
+  {% endfor %}
+</details>
+{% endif %}

mobsf/templates/static_analysis/android_binary_analysis.html

@@ -2118,11 +2118,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
               <strong><i class="fas fa-key"></i> POSSIBLE HARDCODED SECRETS</strong>
               </p>
                 <div class="list-group">
-                   <p>  
-                     {% for val in secrets %}
-                      {{ val }}<br/>
-                     {% endfor %}                  
-                   </p>
+                  {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
                </div>
              </div>
            </div>
@@ -2145,41 +2141,24 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
                <div class="list-group">
               {% if app_type not in 'so' %}
                   <p><strong>From APK Resource</strong></p>
-                  <p>  
-                    {% for key, val in strings.items %}
-                      {% if key == 'strings_apk_res' %}
-                        {% for v in val %}
-                          {{ v }}<br/>
-                        {% endfor %}
-                      {% endif %}
-                    {% endfor %}                  
-                  </p>
-                   <p><strong>From Code</strong></p>
-                  <p>  
-                    {% for key, val in strings.items %}
-                      {% if key == 'strings_code' %}
-                        {% for v in val %}
-                          {{ v }}<br/>
-                        {% endfor %}
-                      {% endif %}
-                    {% endfor %}                  
-                  </p>
+                  {% include 'base/list.html' with list=strings.strings_apk_res type="strings" limit=100 %}
+                  <p></p><p><strong>From Code</strong></p>
+                  {% include 'base/list.html' with list=strings.strings_code type="strings" limit=100 %}
               {% endif %}
+                    <p></p>
                     <p><strong>From Shared Objects</strong></p>
-                  <p>  
                     {% for key, val in strings.items %}
                       {% if key == 'strings_so' %}
                         {% for ls in val %}
                           {% for k,v in ls.items %}
-                          <p></br><b><i>{{ k }}</i></b></p>
-                            {% for i in v %}
-                              {{ i }}<br/>
-                            {% endfor %}
+                          <p></br><strong><i>{{ k }}</i></strong></p>
+                          <div class="list-group">
+                            {% include 'base/list.html' with list=v type="strings" limit=5 %}
+                          </div>
                           {% endfor %}
                         {% endfor %}
                       {% endif %}
                     {% endfor %}                  
-                  </p>
               </div>
             </div>
           </div>
@@ -2201,11 +2180,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-th"></i> SYMBOLS</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                     {% for val in file_analysis %}
-                       {{ val }}<br/>
-                     {% endfor %}
-                  </p>
+                {% include 'base/list.html' with list=file_analysis type="symbols" limit=50 %}
               </div>
             </div>
           </div>
@@ -2228,10 +2203,8 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-language"></i> ACTIVITIES</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                    {% for act in activities %}
-                      {{ act}} <br/>
-                    {% endfor %}               
+                  <p>
+                    {% include 'base/list.html' with list=activities type="activities" limit=50 %}            
                   </p>
               </div>
             </div>
@@ -2253,10 +2226,8 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-cogs"></i> SERVICES</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                     {% for srv in services %}
-                        {{ srv}} <br/>
-                    {% endfor %}                  
+                  <p>
+                    {% include 'base/list.html' with list=services type="services" limit=50 %}
                   </p>
               </div>
             </div>
@@ -2278,10 +2249,8 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-assistive-listening-systems"></i> RECEIVERS</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                      {% for rcv in receivers %}
-                    {{ rcv}} <br/>
-                  {% endfor %}               
+                  <p>
+                    {% include 'base/list.html' with list=receivers type="receivers" limit=50 %}
                   </p>
               </div>
             </div>
@@ -2304,10 +2273,8 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-database"></i> PROVIDERS</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                  {% for prv in providers %}
-                    {{ prv }} <br/>
-                  {% endfor %}                            
+                  <p>
+                    {% include 'base/list.html' with list=providers type="providers" limit=50 %}
                   </p>
               </div>
             </div>
@@ -2329,11 +2296,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
             <strong><i class="fab fa-buffer"></i> LIBRARIES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                {% for lib in libraries %}
-                  {{ lib }} <br/>
-                {% endfor %}                                       
-                </p>
+                {% include 'base/list.html' with list=libraries type="libraries" limit=100 %}
             </div>
           </div>
         </div>
@@ -2354,11 +2317,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
             <strong><i class="far fa-copy"></i> FILES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                {% for file in files %}
-                  {{ file}} <br/>
-                {% endfor %}                                      
-                </p>
+                {% include 'base/list.html' with list=files type="files" limit=200 %}
             </div>
           </div>
         </div>

mobsf/templates/static_analysis/android_source_analysis.html

@@ -1587,11 +1587,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
                <strong><i class="fas fa-key"></i> POSSIBLE HARDCODED SECRETS</strong>
                </p>
                  <div class="list-group">
-                    <p>  
-                      {% for val in secrets %}
-                       {{ val }}<br/>
-                      {% endfor %}                  
-                    </p>
+                  {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
                 </div>
               </div>
             </div>
@@ -1613,15 +1609,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
                </p>
                  <div class="list-group">
                    <p><strong>From Code</strong></p>
-                  <p>  
-                    {% for key, val in strings.items %}
-                      {% if key == 'strings_code' %}
-                        {% for v in val %}
-                          {{ v }}<br/>
-                        {% endfor %}
-                      {% endif %}
-                    {% endfor %}                  
-                  </p>
+                   {% include 'base/list.html' with list=strings.strings_code type="strings" limit=100 %}
                 </div>
               </div>
             </div>
@@ -1642,11 +1630,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-language"></i> ACTIVITIES</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                    {% for act in activities %}
-                      {{ act}} <br/>
-                    {% endfor %}               
-                  </p>
+                  {% include 'base/list.html' with list=activities type="activities" limit=50 %}
               </div>
             </div>
           </div>
@@ -1667,11 +1651,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-cogs"></i> SERVICES</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                     {% for srv in services %}
-                        {{ srv}} <br/>
-                    {% endfor %}                  
-                  </p>
+                {% include 'base/list.html' with list=services type="services" limit=50 %}
               </div>
             </div>
           </div>
@@ -1692,11 +1672,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-assistive-listening-systems"></i> RECEIVERS</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                      {% for rcv in receivers %}
-                    {{ rcv}} <br/>
-                  {% endfor %}               
-                  </p>
+                 {% include 'base/list.html' with list=receivers type="receivers" limit=50%}
               </div>
             </div>
           </div>
@@ -1718,11 +1694,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
              <strong><i class="fa fa-database"></i> PROVIDERS</strong>
              </p>
                <div class="list-group">
-                  <p>  
-                  {% for prv in providers %}
-                    {{ prv }} <br/>
-                  {% endfor %}                            
-                  </p>
+                 {% include 'base/list.html' with list=providers type="providers" limit=50 %}
               </div>
             </div>
           </div>
@@ -1743,11 +1715,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
             <strong><i class="fab fa-buffer"></i> LIBRARIES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                {% for lib in libraries %}
-                  {{ lib }} <br/>
-                {% endfor %}                                       
-                </p>
+                {% include 'base/list.html' with list=libraries type="libraries" limit=50 %}
             </div>
           </div>
         </div>
@@ -1768,11 +1736,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
             <strong><i class="far fa-copy"></i> FILES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                {% for file in files %}
-                  {{ file}} <br/>
-                {% endfor %}                                      
-                </p>
+                {% include 'base/list.html' with list=files type="files" limit=200 %}
             </div>
           </div>
         </div>

mobsf/templates/static_analysis/ios_binary_analysis.html

@@ -1185,14 +1185,36 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
                         {{ item.issue }}
                       </td>
                       <td>
-                        {% for file in item.files %}
+                    {% if item.files|length < 4 %}
+                       {% for file in item.files %}
+                        <small>
                           {% if file.type %}
                           <a href="{% url 'view_file_ios' %}?file={{file.file_path}}&amp;type={{file.type}}&amp;md5={{file.hash}}">{{ file.file_path }}</a>
                           {% else %}
                           {{ file.file_path }}
                           {% endif %}
-                          <br/>
+                        </small>
+                      </br>
+                      {% endfor %}
+                    {% else %}
+                      <a class="btn btn-primary btn-xs" data-toggle="collapse" href="#collapsefiles{{forloop.counter}}" role="button" aria-expanded="false" aria-controls="collapsefiles{{forloop.counter}}">
+                        Show Files
+                      </a>
+                      <div class="collapse" id="collapsefiles{{forloop.counter}}">
+                        {% for file in item.files %}
+                          <small>
+                            {% if file.type %}
+                            <a href="{% url 'view_file_ios' %}?file={{file.file_path}}&amp;type={{file.type}}&amp;md5={{file.hash}}">{{ file.file_path }}</a>
+                            {% else %}
+                            {{ file.file_path }}
+                            {% endif %}
+                          </small>
+                        </br>
                         {% endfor %}
+                      </div>
+                    {% endif %}
+
+
                       </td>
 
                     </tr>
@@ -1572,11 +1594,7 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
               <strong><i class="fas fa-key"></i> POSSIBLE HARDCODED SECRETS</strong>
               </p>
                 <div class="list-group">
-                   <p>  
-                      {% for val in secrets %}
-                        {{ val }}<br/>
-                      {% endfor %}
-                   </p>
+                  {% include 'base/list.html' with list=secrets type="secrets" limit=100 %}
                </div>
              </div>
            </div>
@@ -1597,9 +1615,7 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
              <strong><i class="fas fa-font"></i> STRINGS</strong>
              </p>
                <div class="list-group">
-                {% for string in strings %}
-                  {{string}} <br>
-                {% endfor %}
+                 {% include 'base/list.html' with list=strings type="strings"  limit=100 %}
               </div>
             </div>
           </div>
@@ -1621,11 +1637,7 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
               <strong><i class="fa fa-th"></i> SYMBOLS</strong>
               </p>
                 <div class="list-group">
-                   <p>  
-                      {% for val in file_analysis %}
-                        {{ val }}<br/>
-                      {% endfor %}
-                   </p>
+                  {% include 'base/list.html' with list=file_analysis type="symbols"  limit=100 %}
                </div>
              </div>
            </div>
@@ -1648,12 +1660,7 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
             <strong><i class="fab fa-buffer"></i> LIBRARIES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                    {% for lib in libraries %}
-                      {{ lib }}
-                    <br/>
-                    {% endfor %}                             
-                </p>
+                {% include 'base/list.html' with list=libraries type="libraries"  limit=100 %}
             </div>
           </div>
         </div>
@@ -1674,11 +1681,7 @@ <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
             <strong><i class="far fa-copy"></i> FILES</strong>
             </p>
               <div class="list-group">
-                <p>  
-                {% for file in files %}
-                  {{ file}} <br/>
-                {% endfor %}                               
-                </p>
+                {% include 'base/list.html' with list=files type="files" limit=200 %}
             </div>
           </div>
         </div>