gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d43855b3d1
secubox-openwrt/package/secubox/luci-app-secubox-p2p/htdocs/luci-static/resources/view/secubox-p2p/services.js
CyberMind-FR e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-12 05:02:57 +01:00

75 lines
2.3 KiB
JavaScript
Raw Blame History

'use strict';
'require view';
'require ui';
'require secubox-p2p/api as P2PAPI';
'require secubox/kiss-theme';
return view.extend({
services: [],
sharedServices: [],
load: function() {
var self = this;
return Promise.all([
P2PAPI.getServices(),
P2PAPI.getSharedServices()
]).then(function(results) {
// RPC expect unwraps the response - results[0] IS the services array
self.services = Array.isArray(results[0]) ? results[0] : (results[0].services || []);
self.sharedServices = Array.isArray(results[1]) ? results[1] : (results[1].shared_services || []);
return {};
}).catch(function() { return {}; });
},
render: function() {
var self = this;
var content = E('div', { 'class': 'cbi-map' }, [
E('h2', {}, 'P2P Services'),
E('div', { 'class': 'cbi-section' }, [
E('h3', {}, 'Local Services'),
E('table', { 'class': 'table' }, [
E('tr', { 'class': 'tr table-titles' }, [
E('th', { 'class': 'th' }, 'Service'),
E('th', { 'class': 'th' }, 'Port'),
E('th', { 'class': 'th' }, 'Protocol'),
E('th', { 'class': 'th' }, 'Status')
])
].concat(this.services.map(function(svc) {
return E('tr', { 'class': 'tr' }, [
E('td', { 'class': 'td' }, svc.name),
E('td', { 'class': 'td' }, svc.port || '-'),
E('td', { 'class': 'td' }, svc.protocol || 'tcp'),
E('td', { 'class': 'td' }, E('span', { 'style': 'color: ' + (svc.status === 'running' ? 'green' : 'red') }, svc.status))
]);
})))
]),
E('div', { 'class': 'cbi-section' }, [
E('h3', {}, 'Shared Services from Peers'),
this.sharedServices.length > 0 ?
E('table', { 'class': 'table' }, [
E('tr', { 'class': 'tr table-titles' }, [
E('th', { 'class': 'th' }, 'Service'),
E('th', { 'class': 'th' }, 'Peer'),
E('th', { 'class': 'th' }, 'Address')
])
].concat(this.sharedServices.map(function(svc) {
return E('tr', { 'class': 'tr' }, [
E('td', { 'class': 'td' }, svc.name),
E('td', { 'class': 'td' }, svc.peer || 'Unknown'),
E('td', { 'class': 'td' }, svc.address || '-')
]);
}))) :
E('p', {}, 'No shared services from peers.')
])
]);
return KissTheme.wrap(content, 'admin/secubox/p2p/services');
},
handleSaveApply: null,
handleSave: null,
handleReset: null
});
Reference in New Issue View Git Blame Copy Permalink