2021-03-10 08:33:40 +00:00
|
|
|
id: postmessage-tracker
|
|
|
|
|
|
|
|
|
|
info:
|
|
|
|
|
name: Postmessage Tracker
|
2021-04-06 06:46:11 +00:00
|
|
|
author: pdteam
|
2021-03-10 08:33:40 +00:00
|
|
|
severity: info
|
|
|
|
|
reference: https://github.com/vinothsparrow/iframe-broker/blob/main/static/script.js
|
|
|
|
|
tags: headless,postmessage
|
|
|
|
|
|
|
|
|
|
headless:
|
|
|
|
|
- steps:
|
|
|
|
|
- action: setheader
|
|
|
|
|
args:
|
|
|
|
|
part: response
|
|
|
|
|
key: Content-Security-Policy
|
|
|
|
|
value: "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;"
|
|
|
|
|
- action: script
|
|
|
|
|
args:
|
|
|
|
|
hook: true
|
|
|
|
|
code: |
|
|
|
|
|
(function() {window.alerts = [];
|
|
|
|
|
|
|
|
|
|
function logger(found) {
|
|
|
|
|
window.alerts.push(found);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function getStackTrace () {
|
|
|
|
|
var stack;
|
|
|
|
|
try {
|
|
|
|
|
throw new Error('');
|
|
|
|
|
}
|
|
|
|
|
catch (error) {
|
|
|
|
|
stack = error.stack || '';
|
|
|
|
|
}
|
|
|
|
|
stack = stack.split('\n').map(function (line) { return line.trim(); });
|
|
|
|
|
return stack.splice(stack[0] == 'Error' ? 2 : 1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var oldListener = Window.prototype.addEventListener;
|
|
|
|
|
|
|
|
|
|
Window.prototype.addEventListener = function(type, listener, useCapture) {
|
|
|
|
|
if(type === 'message') {
|
|
|
|
|
logger(getStackTrace());
|
|
|
|
|
}
|
|
|
|
|
return oldListener.apply(this, arguments);
|
|
|
|
|
};
|
|
|
|
|
})();
|
|
|
|
|
- args:
|
|
|
|
|
url: "{{BaseURL}}"
|
|
|
|
|
action: navigate
|
|
|
|
|
- action: waitload
|
|
|
|
|
- action: script
|
|
|
|
|
name: alerts
|
|
|
|
|
args:
|
|
|
|
|
code: "window.alerts"
|
|
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
part: alerts
|
|
|
|
|
words:
|
|
|
|
|
- "at Window.addEventListener"
|
|
|
|
|
extractors:
|
|
|
|
|
- type: kval
|
|
|
|
|
part: alerts
|
|
|
|
|
kval:
|
|
|
|
|
- alerts
|
