daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add js-detect headless tech template 

Co-authored-by: adamparsons <adamparsons@users.noreply.github.com>
Co-authored-by: cbadke <cbadke@users.noreply.github.com>
Co-authored-by: ChetGan <ChetGan@users.noreply.github.com>
Co-authored-by: jacalynli <jacalynli@users.noreply.github.com>
patch-1
ErikOwen 2023-10-25 16:10:30 -07:00
parent 7d1a291b4a
commit 71c0937a49
1 changed files with 334 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

334
headless/technologies/js-detect.yaml Normal file
View File

@ -0,0 +1,334 @@
id: js-detect
info:
name: Common JS Library Detection
author: adamparsons,cbadke,ChetGan,ErikOwen,jacalynli
description: Checks a target web app for inclusion of common JavaScript libraries
severity: info
tags: headless,tech,js
metadata:
max-request: 1
headless:
- steps:
- action: navigate
args:
url: "{{BaseURL}}"
- action: waitload
- action: script
name: fingerprintAxios
args:
code: |
() => {
//check for axios
if (!window.axios) {
return ""
}
try {
// check for version
// only works on some websites
return window.axios.VERSION
} catch (e) {}
return "Version not found"
}
- action: script
name: fingerprintBootstrap
args:
code: |
() => {
try {
// if not using jQuery
return bootstrap.Tooltip.VERSION || ""
} catch (e) {}
try {
// if using jQuery
return $.fn.tooltip.Constructor.VERSION || ""
} catch (e) {}
return ""
}
- action: script
name: fingerprintJQuery
args:
code: |
() => {
let version = "";
try {
if(window.jQuery) {
version = jQuery.fn.jquery;
}
if(window.$) {
version = $.fn.jquery;
}
version = version.replace(".min", "");
version = version.replace(".slim", "");
return version;
} catch (e) {}
return "";
}
- action: script
name: fingerprintLodash
args:
code: |
() => {
try {
return _.VERSION || "";
} catch (e) {}
return "";
}
- action: script
name: fingerprintMomentJs
args:
code: |
() => {
try {
return moment.version || "";
} catch (e) {}
return "";
}
- action: script
name: fingerprintReact
args:
code: |
() => {
try {
return window.React.version || "";
} catch (e) {}
return "";
}
- action: script
name: fingerprintReactDOM
args:
code: |
() => {
try {
if (window.ReactDOM) {
return window.React.version || "";
}
} catch (e) {}
return "";
}
- action: script
name: fingerprintAngular
args:
code: |
() => {
try {
// Angular Version 1
return angular.version.full
} catch (e) {}
try {
// Angular Version 2+
return getAllAngularRootElements()[0].attributes["ng-version"].value
} catch (e) {}
return ""
}
- action: script
name: fingerprintBackboneJs
args:
code: |
() => {
try {
return window.Backbone.VERSION || ""
} catch (e) {}
return ""
}
- action: script
name: fingerprintEmberJs
args:
code: |
() => {
try {
return Ember.VERSION || ""
} catch (e) {}
return "";
}
- action: script
name: fingerprintVue
args:
code: |
() => {
//method 1 (simple)
try {
return Vue.version
} catch (e) {}
//method 2 (checks if Nuxt exists)
try {
const nuxtDetected = Boolean(window.__NUXT__ || window.$nuxt)
if (nuxtDetected) {
let Vue
}
if (window.$nuxt) {
Vue = window.$nuxt.$root.constructor
}
return Vue.version
} catch (e) {}
//method 3 (go through all elements)
try {
const all = document.querySelectorAll('*')
let flag
for (let i = 0; i < all.length; i++) {
if (all[i].__vue__) {
flag = all[i]
break
}
}
if (flag) {
let Vue = Object.getPrototypeOf(flag.__vue__).constructor
while (Vue.super) {
Vue = Vue.super
}
return Vue.version
}
return ""
} catch (e) {}
return ""
}
- action: script
name: fingerprintDojoJs
args:
code: |
() => {
try {
return ([dojo.version.major, dojo.version.minor, dojo.version.patch].join("."))
} catch (e) {}
return ""
}
- action: script
name: fingerprintDomPurify
args:
code: |
() => {
try {
return DOMPurify.version || ""
} catch (e) {}
return ""
}
- action: script
name: fingerprintModernizr
args:
code: |
() => {
try {
return Modernizr._version || ""
} catch (e) {}
return ""
}
matchers-condition: or
matchers:
- type: dsl
dsl:
- len(fingerprintAxios) > 0
- len(fingerprintBootstrap) > 0
- len(fingerprintJQuery) > 0
- len(fingerprintLodash) > 0
- len(fingerprintMomentJs) > 0
- len(fingerprintReact) > 0
- len(fingerprintReactDOM) > 0
- len(fingerprintAngular) > 0
- len(fingerprintBackboneJs) > 0
- len(fingerprintEmberJs) > 0
- len(fingerprintVue) > 0
- len(fingerprintDojoJs) > 0
- len(fingerprintDomPurify) > 0
- len(fingerprintModernizr) > 0
extractors:
- name: axios
type: regex
part: fingerprintAxios
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: bootstrap
type: regex
part: fingerprintBootstrap
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: jquery
type: regex
part: fingerprintJQuery
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: lodash
type: regex
part: fingerprintLodash
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: moment
type: regex
part: fingerprintMomentJs
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: react
type: regex
part: fingerprintReact
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: reactdom
type: regex
part: fingerprintReactDOM
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: angular
type: regex
part: fingerprintAngular
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: backbone
type: regex
part: fingerprintBackboneJs
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: emberjs
type: regex
part: fingerprintEmberJs
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: vuejs
type: regex
part: fingerprintVue
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: dojo
type: regex
part: fingerprintDojoJs
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: dompurify
type: regex
part: fingerprintDomPurify
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$
- name: modernizr
type: regex
part: fingerprintModernizr
regex:
# https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- ^(0|[1-9]\d*)(?:\.(0|[1-9]\d*))?(?:\.(0|[1-9]\d*))?(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$