Refreshed Submission View

Dockerfile

@@ -2,6 +2,14 @@ FROM node:16-slim AS UI_BUILDER
 # We are using a multi-stage build as we require node for 
 # building react. 
 
+# Define UI build arguments.
+ARG REACT_APP_SEARCH_NAME
+ARG REACT_APP_SEARCH_URL
+
+# Set the build arguments as environment variables.
+ENV REACT_APP_SEARCH_NAME=$REACT_APP_SEARCH_NAME
+ENV REACT_APP_SEARCH_URL=$REACT_APP_SEARCH_URL
+
 # Copy package.json and package-lock.json into the builder.
 # Copying just these files first allows us to take advantage 
 # of cached Docker layers.

README.md

@@ -13,7 +13,7 @@
 The Strelka Web UI is a browser and API-based file submission frontend for the [Strelka Enterprise File Scanner](https://github.com/target/strelka). It allows users to submit files to a Strelka cluster and review historical response results easily. The Strelka Web UI supports LDAP authentication and API access, providing a secure and flexible way to interact with the Strelka scanner. This document provides details on how to set up and use the Strelka Web UI, as well as its features and related projects.
 
 <div align="center">
-  <img src="./misc/assets/strelkaui_results.png" alt="Strelka UI Results Page" />
+  <img src="./misc/assets/strelkaui_results.gif" alt="Strelka UI Results Page" />
   <h5>Strelka UI Results Page</h5>
 </div>
 
@@ -32,7 +32,6 @@ The file submission UI provides the following features:
 - Docker
 - Docker-compose
 - Python 3.9+
-- Entitlement: `CN=APP-DHB-DetectHubUser`
 
 ## Quick Start
 

app/blueprints/auth.py

@@ -105,7 +105,17 @@ def login():
 
     except Exception as err:
         # current_app.logger.error("Failed connection to database: %s", err)
-        return jsonify({"error": "Failed to connect to database"}), 400
+        try:
+            return (
+                jsonify(
+                    {
+                        "error": "Failed to connect to database. Make sure you are set up to connect to a Strelka UI Database."
+                    }
+                ),
+                400,
+            )
+        except Exception as e:
+            print(e)
 
     return (
         jsonify(

app/blueprints/strelka.py

@@ -173,7 +173,7 @@ def submit_file(user: User) -> Tuple[Response, int]:
                             )
                             total_scanned += 1
                         else:
-                            pass
+                            scanned_file["enrichment"] = {"virustotal": -3}
                 except Exception as e:
                     logging.warning(
                         f"Could not process VirusTotal search with error: {e} "
@@ -215,6 +215,7 @@ def submit_file(user: User) -> Tuple[Response, int]:
                 response,
                 get_mimetypes(response),
                 get_yara_hits(response),
+                len(response),
                 get_scanners_run(response),
                 get_hashes(submitted_file),
                 list(insights),
@@ -510,8 +511,8 @@ def view(user: User) -> Tuple[Dict[str, any], int]:
         "file_count": case(
             [
                 (
-                    FileSubmission.strelka_response != None,
-                    func.json_array_length(FileSubmission.strelka_response.cast(JSON)),
+                    FileSubmission.files_seen != None,
+                    FileSubmission.files_seen,
                 )
             ],
             else_=0,

app/example.env

@@ -28,4 +28,4 @@ export VIRUSTOTAL_API_KEY=
 export VIRUSTOTAL_API_LIMIT=
 
 # Default Submission Exclusions
-export DEFAULT_EXCLUDED_SUBMITTERS=["ExcludeUser"]
+export DEFAULT_EXCLUDED_SUBMITTERS=["ExcludeUser"]

app/models.py

@@ -19,6 +19,7 @@ class FileSubmission(db.Model):
         strelka_response (dict): A dictionary containing the response from the Strelka scanner.
         mime_types (list): A list of MIME types associated with the file.
         yara_hits (list): A list of YARA rule IDs that matched the file.
+        files_seen (int): A count of files seen during analysis.
         scanners_run (list): A list of scanners that were run on the file.
         hashes (list): A list of hashes associated with the file.
         submitted_from_ip (str): The IP address of the client that submitted the file.
@@ -46,6 +47,7 @@ class FileSubmission(db.Model):
     strelka_response: dict = db.Column(db.JSON())
     mime_types: list = db.Column(db.ARRAY(db.String(), dimensions=1))
     yara_hits: list = db.Column(db.ARRAY(db.String(), dimensions=1))
+    files_seen: int = db.Column(db.Integer())
     scanners_run: list = db.Column(db.ARRAY(db.String(), dimensions=1))
     hashes: list = db.Column(db.ARRAY(db.String(), dimensions=2))
     insights: list = db.Column(db.ARRAY(db.String(), dimensions=1))
@@ -72,6 +74,7 @@ def __init__(
         strelka_response: dict,
         mime_types: list,
         yara_hits: list,
+        files_seen: int,
         scanners_run: list,
         hashes: list,
         insights: list,
@@ -89,6 +92,7 @@ def __init__(
         self.strelka_response = strelka_response
         self.mime_types = mime_types
         self.yara_hits = yara_hits
+        self.files_seen = files_seen
         self.scanners_run = scanners_run
         self.hashes = hashes
         self.insights = insights

ui/package.json

@@ -2,7 +2,7 @@
   "name": "ui",
   "version": "0.1.0",
   "private": true,
-  "homepage": ".",
+  "homepage": "/",
   "dependencies": {
     "@ant-design/pro-form": "^2.23.1",
     "@ant-design/pro-layout": "^7.17.16",

ui/public/config.js

@@ -1,3 +1,3 @@
 window.appConfig = {
-    baseUrl: '/strelkaui' // Change this to modify the base_url to be used as a prefix to routes.
+    baseUrl: '/' // Change this to modify the base_url to be used as a prefix to routes.
 };

ui/public/index.html

@@ -2,16 +2,16 @@
 <html lang="en">
   <head>
     <meta charset="utf-8" />
-    <link rel="icon" href="%PUBLIC_URL%/favicon.ico" />
+    <link rel="icon" href="/favicon.ico" />
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="theme-color" content="#000000" />
-    <link rel="apple-touch-icon" href="%PUBLIC_URL%/logo192.png" />
+    <link rel="apple-touch-icon" href="/logo192.png" />
     <!--
       manifest.json provides metadata used when your web app is installed on a
       user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/
     -->
-    <link rel="manifest" href="%PUBLIC_URL%/manifest.json" />
-    <script src="%PUBLIC_URL%/config.js"></script>
+    <link rel="manifest" href="/manifest.json" />
+    <script src="/config.js"></script>
     <!--
       Notice the use of %PUBLIC_URL% in the tags above.
       It will be replaced with the URL of the `public` folder during the build.
@@ -21,7 +21,7 @@
       work correctly both with client-side routing and a non-root public URL.
       Learn how to configure a non-root public URL by running `npm run build`.
     -->
-    <title>Strelka FileShot</title>
+    <title>Strelka UI</title>
   </head>
   <body>
     <noscript>You need to enable JavaScript to run this app.</noscript>

ui/src/App.css

@@ -49,6 +49,7 @@ body {
 /* Layout Styles */
 .main-content {
   max-width: 1600px;
+  min-width: 1600px;
   margin: 0 auto;
   padding: 0 20px 10px 20px;
 }
@@ -94,8 +95,15 @@ body {
   border-radius: 20px !important;
   background-color: #ffffff;
   border: 0;
+  padding-top: 5px;
+  padding-bottom: 5px;
 }
 
+.ant-collapse-header-text {
+  font-weight: 500
+}
+
+
 /* Table Styles */
 .ant-table table {
   font-size: 12px;