From 9580fbc9a24ed2ee13aa821303e40818c73c1066 Mon Sep 17 00:00:00 2001
From: "W. Leighton Dawson" <leighton@thinkst.com>
Date: Tue, 30 May 2023 17:39:51 +0200
Subject: [PATCH] T5610 More small fixes (#218)

* Fix error log str fmt

* Fix windir data extraction

* Delete unused files

* Fix typo

* Improve test
---
 .github/workflows/test.yml               |  2 +-
 canarytokens/channel_output_webhook.py   |  6 ++--
 canarytokens/tokens.py                   |  6 ++--
 frontend/Dockerfile                      | 36 ------------------------
 switchboard/Dockerfile                   | 34 ----------------------
 templates/generate_new.html              |  2 +-
 tests/integration/test_windows_folder.py | 28 ++++++++++++------
 7 files changed, 27 insertions(+), 87 deletions(-)
 delete mode 100644 frontend/Dockerfile
 delete mode 100644 switchboard/Dockerfile

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index a7ebea311..ae03c4cd3 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -4,7 +4,7 @@ on:
   push:
     branches:
       - "T4627_py3_main"
-      - "T5610_log_ini"
+      - "T5610_more_fixes"
 
 jobs:
   tests:
diff --git a/canarytokens/channel_output_webhook.py b/canarytokens/channel_output_webhook.py
index 28c324d5a..6f494b906 100644
--- a/canarytokens/channel_output_webhook.py
+++ b/canarytokens/channel_output_webhook.py
@@ -48,13 +48,11 @@ def generic_webhook_send(
             response.raise_for_status()
         except requests.exceptions.HTTPError:
             log.error(
-                "Failed sending request to webhook {url}.",
-                url=alert_webhook_url,
+                f"Failed sending request to webhook {alert_webhook_url}.",
             )
         except requests.exceptions.ConnectionError:
             log.error(
-                "Failed connecting to webhook {url}.",
-                url=alert_webhook_url,
+                f"Failed connecting to webhook {alert_webhook_url}.",
             )
         else:
             log.info(f"Successfully sent to {alert_webhook_url}")
diff --git a/canarytokens/tokens.py b/canarytokens/tokens.py
index 66214c7a5..155c115f1 100644
--- a/canarytokens/tokens.py
+++ b/canarytokens/tokens.py
@@ -292,9 +292,9 @@ def _desktop_ini_browsing(matches: Match[AnyStr]) -> dict[str, dict[str, AnyStr]
         domain = matches.group(3)
         return {
             "src_data": {
-                "windows_desktopini_access_username": username,
-                "windows_desktopini_access_hostname": hostname,
-                "windows_desktopini_access_domain": domain,
+                "windows_desktopini_access_username": username.lower(),
+                "windows_desktopini_access_hostname": hostname.lower(),
+                "windows_desktopini_access_domain": domain.lower(),
             }
         }
 
diff --git a/frontend/Dockerfile b/frontend/Dockerfile
deleted file mode 100644
index 2f2297710..000000000
--- a/frontend/Dockerfile
+++ /dev/null
@@ -1,36 +0,0 @@
-
-FROM python:3.10.6@sha256:745efdfb7e4aac9a8422bd8c62d8bc35a693e8979a240d29677cb03e6aa91052
-ARG COMMIT_SHA
-ARG CANARYTOKENS_WHEEL_VERSION=canarytokens-0.3.0-py3-none-any.whl
-
-RUN :\
-    && apt update \
-    && apt install -y osslsigncode \
-    &&:
-
-ENV PYTHONUNBUFFERED=1 \
-    PYTHONDONTWRITEBYTECODE=1 \
-    VENV_PATH=/venv \
-    PIP_NO_CACHE_DIR=off \
-    PIP_DISABLE_PIP_VERSION_CHECK=on \
-    PIP_DEFAULT_TIMEOUT=100
-
-
-RUN echo $COMMIT_SHA >> /COMMIT_SHA
-
-WORKDIR /
-
-COPY requirements.txt .
-COPY ${CANARYTOKENS_WHEEL_VERSION} /tmp
-
-RUN :\
-    && python -m venv /venv \
-    && . /venv/bin/activate \
-    && python -m pip install --no-deps -r requirements.txt --no-cache \
-    && python -m pip install /tmp/${CANARYTOKENS_WHEEL_VERSION}[web,twisted] \
-    &&:
-
-COPY app.py .
-COPY templates templates
-#TODO: Package `root-ca.conf` with canarytokens module.
-COPY root-ca.conf root-ca.conf
diff --git a/switchboard/Dockerfile b/switchboard/Dockerfile
deleted file mode 100644
index 0ee3a35d9..000000000
--- a/switchboard/Dockerfile
+++ /dev/null
@@ -1,34 +0,0 @@
-
-FROM python:3.10.6@sha256:745efdfb7e4aac9a8422bd8c62d8bc35a693e8979a240d29677cb03e6aa91052
-ARG COMMIT_SHA
-ARG CANARYTOKENS_WHEEL_VERSION=canarytokens-0.3.0-py3-none-any.whl
-
-RUN :\
-    && apt update \
-    && apt install -y osslsigncode \
-    &&:
-
-ENV PYTHONUNBUFFERED=1 \
-    PYTHONDONTWRITEBYTECODE=1 \
-    VENV_PATH=/venv \
-    PIP_NO_CACHE_DIR=off \
-    PIP_DISABLE_PIP_VERSION_CHECK=on \
-    PIP_DEFAULT_TIMEOUT=100
-
-
-RUN echo $COMMIT_SHA >> /COMMIT_SHA
-
-WORKDIR /
-
-COPY requirements.txt .
-COPY ${CANARYTOKENS_WHEEL_VERSION} /tmp
-
-RUN :\
-    && python -m venv /venv \
-    && . /venv/bin/activate \
-    && python -m pip install --no-deps -r requirements.txt --no-cache \
-    && python -m pip install /tmp/${CANARYTOKENS_WHEEL_VERSION}[web,twisted] \
-    &&:
-
-COPY switchboard.tac .
-COPY templates templates
diff --git a/templates/generate_new.html b/templates/generate_new.html
index 105012d9f..e86628a0c 100644
--- a/templates/generate_new.html
+++ b/templates/generate_new.html
@@ -132,7 +132,7 @@ <h3 class="text-muted">
                     <li data-type="windows_dir"    class="token-item" data-memo-placeholder="Directory token placed in U:\Users\Sarah\CreditCardReports\"><a href="#" class="icon icon-folder"><span class="title">Windows folder</span><div class="explanation">Be notified when a Windows Folder is browsed in Windows Explorer</div></a></li>
                     <li data-type="log4shell"      class="token-item" data-memo-placeholder="Placewhere log line is inserted"><a href="#" class="icon icon-log4shell"><span class="title">Log4Shell</span><div class="explanation">Alert when a log4j log line is vulnerable to CVE-2021-44228</div></a></li>
                     <li data-type="fast_redirect"  class="token-item" data-memo-placeholder="URL within Dropbox"><a href="#" class="icon icon-redirect"><span class="title">Fast redirect</span><div class="explanation">Alert when a URL is visited, User is redirected</div></a></li>
-                    <li data-type="slow_redirect"  class="token-item" data-memo-placeholder="URL within Dropbox"><a href="#" class="icon icon-redirect"><span class="title">Slow redirect</span><div class="explanation">Alert when a URL is visited, User is redirected (Moar info is grabbed!)</div></a></li>
+                    <li data-type="slow_redirect"  class="token-item" data-memo-placeholder="URL within Dropbox"><a href="#" class="icon icon-redirect"><span class="title">Slow redirect</span><div class="explanation">Alert when a URL is visited, User is redirected (More info is grabbed!)</div></a></li>
                 		<li data-type="web_image"      class="token-item" data-memo-placeholder="Image embedded in router X's admin interface"><a href="#" class="icon icon-web-image"><span class="title">Custom image web bug</span><div class="explanation">Alert when an image you uploaded is viewed</div></a></li>
                     <li data-type="adobe_pdf"      class="token-item" data-memo-placeholder="PDF document placed at U:\Users\Sipho\Reports\feb.pdf"><a href="#" class="icon icon-pdf"><span class="title">Acrobat Reader PDF document</span><div class="explanation">Get alerted when a PDF document is opened in Acrobat Reader</div></a></li>
                     <li data-type="signed_exe"     class="token-item" data-memo-placeholder="Tokened whoami.exe on web server WEB01"><a href="#" class="icon icon-exe"><span class="title">Custom exe / binary</span><div class="explanation">Fire an alert when an EXE or DLL is executed</div></a></li>
diff --git a/tests/integration/test_windows_folder.py b/tests/integration/test_windows_folder.py
index 317220199..d5548dd47 100644
--- a/tests/integration/test_windows_folder.py
+++ b/tests/integration/test_windows_folder.py
@@ -29,6 +29,12 @@
 MODE_DIRECTORY = 0x10
 
 
+@pytest.mark.parametrize(
+    "test_user,test_computer,test_domain",
+    [
+        ("uSeRnaME1", "cOMp-1", "teSTdoMAin"),
+    ],
+)
 @pytest.mark.parametrize(
     "version",
     [
@@ -36,7 +42,16 @@
         v3,
     ],
 )
-def test_windows_directory(tmpdir, version, webhook_receiver, runv2, runv3):
+def test_windows_directory(
+    test_user: str,
+    test_computer: str,
+    test_domain: str,
+    tmpdir,
+    version,
+    webhook_receiver,
+    runv2,
+    runv3,
+):
     run_or_skip(version, runv2=runv2, runv3=runv3)
     # initialize request
     memo = "windows directory memo!"
@@ -83,9 +98,6 @@ def test_windows_directory(tmpdir, version, webhook_receiver, runv2, runv3):
 
     # extract token url from file
     extracted_url = ""
-    test_user = "username1"
-    test_computer = "comp-1"
-    test_domain = "testdomain"
     with ZipFile(input_buf, "r") as zipfile:
         for zipinfo in zipfile.filelist:
             if zipinfo.external_attr & MODE_DIRECTORY:
@@ -127,10 +139,10 @@ def test_windows_directory(tmpdir, version, webhook_receiver, runv2, runv3):
     resp = get_token_history(token_info=token_info, version=version)
     token_history = WindowsDirectoryTokenHistory(**resp)
     assert len(token_history.hits) >= 1
-    token_hit = token_history.hits[0]
+    token_hit = token_history.hits[-1]
     assert token_hit.input_channel == "DNS"
     assert token_hit.src_data == {
-        "windows_desktopini_access_domain": test_domain,
-        "windows_desktopini_access_hostname": test_computer,
-        "windows_desktopini_access_username": test_user,
+        "windows_desktopini_access_domain": test_domain.lower(),
+        "windows_desktopini_access_hostname": test_computer.lower(),
+        "windows_desktopini_access_username": test_user.lower(),
     }