updating UI Search features and results

its-a-feature · Mar 25, 2024 · 08cdbdb · 08cdbdb
1 parent 6936e5a
commit 08cdbdb
Show file tree

Hide file tree

Showing 11 changed files with 494 additions and 201 deletions.
diff --git a/MythicReactUI/CHANGELOG.MD b/MythicReactUI/CHANGELOG.MD
@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.1.83] - 2024-03-25
+
+### Changed
+
+- Added an option to search files by UUID
+- Fixed a few searches that used callback id instead of display id resulting in confusing results
+- Added an option to search callbacks by payload type
+- Added an option to search callback by display id
+
 ## [0.1.82] - 2024-03-21
 
 ### Changed

diff --git a/MythicReactUI/src/components/pages/Search/FileMetaTable.js b/MythicReactUI/src/components/pages/Search/FileMetaTable.js
@@ -192,7 +192,7 @@ export function FileMetaDownloadTable(props){
             >
                 <ArchiveIcon/>Zip & Download Selected
             </Button>
-            <div style={{display: "flex", flexGrow: 1, height: "100%", overflowY: "auto"}}>
+            <div style={{height: "100%", overflowY: "auto"}}>
                 <Table stickyHeader size="small" style={{"tableLayout": "fixed", "maxWidth": "100%", "overflow": "scroll"}}>
                 <TableHead>
                     <TableRow>
@@ -602,7 +602,7 @@ export function FileMetaUploadTable(props){
             >
                 <ArchiveIcon/>Zip & Download Selected
             </Button>
-            <div style={{display: "flex", flexGrow: 1, height: "100%", overflowY: "auto"}}>
+            <div style={{height: "100%", overflowY: "auto"}}>
                 <Table stickyHeader size="small" style={{"tableLayout": "fixed", "maxWidth": "100%", "overflow": "scroll"}}>
                     <TableHead>
                         <TableRow>

diff --git a/MythicReactUI/src/components/pages/Search/SearchTabArtifacts.js b/MythicReactUI/src/components/pages/Search/SearchTabArtifacts.js
@@ -123,12 +123,12 @@ query taskQuery($operation_id: Int!, $task_id: Int!, $offset: Int!, $fetchLimit:
 const callbackSearch = gql`
 ${artifactFragment}
 query taskQuery($operation_id: Int!, $callback_id: Int!, $offset: Int!, $fetchLimit: Int!) {
-    taskartifact_aggregate(distinct_on: id, where: {task: {callback_id: {_eq: $callback_id}}, operation_id: {_eq: $operation_id}}){
+    taskartifact_aggregate(distinct_on: id, where: {task: {callback: { display_id: {_eq: $callback_id}}}, operation_id: {_eq: $operation_id}}){
       aggregate {
         count
       }
     }
-    taskartifact(limit: $fetchLimit, distinct_on: id, offset: $offset, order_by: {id: desc}, where: {task: {callback_id: {_eq: $callback_id}}, operation_id: {_eq: $operation_id}}) {
+    taskartifact(limit: $fetchLimit, distinct_on: id, offset: $offset, order_by: {id: desc}, where: {task: {callback: { display_id: {_eq: $callback_id}}}, operation_id: {_eq: $operation_id}}) {
       ...artifactData
     }
 }

diff --git a/MythicReactUI/src/components/pages/Search/SearchTabCallbacks.js b/MythicReactUI/src/components/pages/Search/SearchTabCallbacks.js
@@ -112,6 +112,32 @@ query groupQuery($group: String!, $offset: Int!, $fetchLimit: Int!) {
     }
 }
 `;
+const payloadtypeSearch = gql`
+${callbackFragment}
+query hostQuery($operation_id: Int!, $payloadtype: String!, $offset: Int!, $fetchLimit: Int!) {
+    callback_aggregate(distinct_on: id, order_by: {id: desc}, where: {payload: {payloadtype: {name: {_ilike: $payloadtype}}}, operation_id: {_eq: $operation_id}}) {
+      aggregate {
+        count
+      }
+    }
+    callback(limit: $fetchLimit, distinct_on: id, offset: $offset, order_by: {id: desc}, where: {payload: {payloadtype: {name: {_ilike: $payloadtype}}}, operation_id: {_eq: $operation_id}}) {
+      ...callbackSearchData
+    }
+}
+`;
+const callbackDisplayIDSearch = gql`
+${callbackFragment}
+query hostQuery($operation_id: Int!, $callbackDisplayID: Int!, $offset: Int!, $fetchLimit: Int!) {
+    callback_aggregate(distinct_on: id, order_by: {id: desc}, where: {display_id: {_eq: $callbackDisplayID}, operation_id: {_eq: $operation_id}}) {
+      aggregate {
+        count
+      }
+    }
+    callback(limit: $fetchLimit, distinct_on: id, offset: $offset, order_by: {id: desc}, where: {display_id: {_eq: $callbackDisplayID}, operation_id: {_eq: $operation_id}}) {
+      ...callbackSearchData
+    }
+}
+`;
 
 export function SearchTabCallbacksLabel(props){
     return (
@@ -123,7 +149,7 @@ const SearchTabCallbacksSearchPanel = (props) => {
     const theme = useTheme();
     const [search, setSearch] = React.useState("");
     const [searchField, setSearchField] = React.useState("Host");
-    const searchFieldOptions = ["User", "Domain", "Host", "Description", "IP", "Group"];
+    const searchFieldOptions = ["User", "Domain", "Host", "Description", "IP", "Group", "PayloadType", "CallbackDisplayID"];
     const handleSearchFieldChange = (event) => {
         setSearchField(event.target.value);
         props.onChangeSearchField(event.target.value);
@@ -156,6 +182,12 @@ const SearchTabCallbacksSearchPanel = (props) => {
             case "Group":
                 props.onGroupSearch({search:adjustedSearch, offset: 0});
                 break;
+            case "PayloadType":
+                props.onPayloadTypeSearch({search:adjustedSearch, offset:0});
+                break;
+            case "CallbackDisplayID":
+                props.onCallbackDisplayIDSearch({search:adjustedSearch, offset:0});
+                break;
             default:
                 break;
         }
@@ -240,6 +272,9 @@ export const SearchTabCallbacksPanel = (props) =>{
             case "Group":
                 onGroupSearch({search, offset: 0});
                 break;
+            case "PayloadType":
+                onPayloadTypeSearch({search, offset: 0});
+                break;
             default:
                 break;
         }
@@ -284,6 +319,16 @@ export const SearchTabCallbacksPanel = (props) =>{
         onCompleted: handleCallbackSearchResults,
         onError: handleCallbackSearchFailure
     })
+    const [getPayloadTypeSearch] = useLazyQuery(payloadtypeSearch, {
+        fetchPolicy: "no-cache",
+        onCompleted: handleCallbackSearchResults,
+        onError: handleCallbackSearchFailure
+    })
+    const [getCallbackDisplayIDSearch] = useLazyQuery(callbackDisplayIDSearch, {
+        fetchPolicy: "no-cache",
+        onCompleted: handleCallbackSearchResults,
+        onError: handleCallbackSearchFailure
+    })
     const onUserSearch = ({search, offset}) => {
         //snackActions.info("Searching...", {persist:true});
         setSearch(search);
@@ -367,6 +412,39 @@ export const SearchTabCallbacksPanel = (props) =>{
                 group: "%" + new_search + "%",
             }})
     }
+    const onPayloadTypeSearch = ({search, offset}) => {
+        //snackActions.info("Searching...", {persist:true});
+        setSearch(search);
+        let new_search = search;
+        if(new_search === ""){
+            new_search = "_";
+        }
+        getPayloadTypeSearch({variables:{
+                operation_id: me?.user?.current_operation_id || 0,
+                offset: offset,
+                fetchLimit: fetchLimit,
+                payloadtype: "%" + new_search + "%",
+            }})
+    }
+    const onCallbackDisplayIDSearch = ({search, offset}) => {
+        //snackActions.info("Searching...", {persist:true});
+        setSearch(search);
+        if(search === ""){
+            snackActions.warning("Must supply an ID to search for");
+            return;
+        }
+        try{
+            let new_search = parseInt(search);
+            getCallbackDisplayIDSearch({variables:{
+                    operation_id: me?.user?.current_operation_id || 0,
+                    offset: offset,
+                    fetchLimit: fetchLimit,
+                    callbackDisplayID: new_search,
+                }})
+        }catch(error){
+            snackActions.warning("ID must be an integer");
+        }
+    }
     const onChangePage = (event, value) => {
         switch(searchField){
             case "User":
@@ -387,6 +465,12 @@ export const SearchTabCallbacksPanel = (props) =>{
             case "Group":
                 onGroupSearch({search, offset: (value - 1) * fetchLimit});
                 break;
+            case "PayloadType":
+                onPayloadTypeSearch({search, offset: (value -1) * fetchLimit});
+                break;
+            case "CallbackDisplayID":
+                onCallbackDisplayIDSearch({search, offset: (value-1) * fetchLimit});
+                break;
             default:
                 break;
         }
@@ -396,8 +480,10 @@ export const SearchTabCallbacksPanel = (props) =>{
                 <SearchTabCallbacksSearchPanel onChangeSearchField={onChangeSearchField}
                                                onUserSearch={onUserSearch}
                                                onIPSearch={onIPSearch} value={props.value} index={props.index}
-                                                onDomainSearch={onDomainSearch}
+                                               onDomainSearch={onDomainSearch}
                                                onGroupSearch={onGroupSearch}
+                                               onPayloadTypeSearch={onPayloadTypeSearch}
+                                               onCallbackDisplayIDSearch={onCallbackDisplayIDSearch}
                                                onHostSearch={onHostSearch} onDescriptionSearch={onDescriptionSearch} changeSearchParam={props.changeSearchParam}/>
                 <div style={{overflowY: "auto", flexGrow: 1}}>
                     {callbackData.length > 0 ? (