From 73712467f2cd1687e6c915f339a8568c3c0ac67e Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Tue, 30 Jan 2024 23:04:56 +0000 Subject: [PATCH] Update js-libraries-detect.yaml add more libraries --- .../technologies/js-libraries-detect.yaml | 96 ++++++++++++++++++- 1 file changed, 93 insertions(+), 3 deletions(-) diff --git a/headless/technologies/js-libraries-detect.yaml b/headless/technologies/js-libraries-detect.yaml index 9c86d72dd0..4e111a1c0e 100644 --- a/headless/technologies/js-libraries-detect.yaml +++ b/headless/technologies/js-libraries-detect.yaml @@ -2,7 +2,7 @@ id: js-libraries-detect info: name: Common JS Libraries - Detection - author: adamparsons,cbadke,ChetGan,ErikOwen,jacalynli + author: adamparsons,cbadke,ChetGan,ErikOwen,jacalynli,geeknik severity: info description: Checks a target web app for inclusion of common JavaScript libraries metadata: @@ -241,6 +241,63 @@ headless: return "" } + - action: script + name: fingerprintD3 + args: + code: | + () => { + try { + return d3.version || ""; + } catch (e) {} + return ""; + } + + - action: script + name: fingerprintThreeJs + args: + code: | + () => { + try { + return THREE.REVISION || ""; + } catch (e) {} + return ""; + } + + - action: script + name: fingerprintChartJs + args: + code: | + () => { + try { + return Chart.version || ""; + } catch (e) {} + return ""; + } + + - action: script + name: fingerprintSlick + args: + code: | + () => { + try { + // Assuming Slick Carousel is used as a jQuery plugin + return $.fn.slick.version || ""; + } catch (e) {} + return ""; + } + + - action: script + name: fingerprintSelect2 + args: + code: | + () => { + try { + // Assuming Select2 is used as a jQuery plugin + return $.fn.select2.version || ""; + } catch (e) {} + return ""; + } + matchers-condition: or matchers: - type: dsl @@ -259,7 +316,11 @@ headless: - len(fingerprintDojoJs) > 0 - len(fingerprintDomPurify) > 0 - len(fingerprintModernizr) > 0 - + - len(fingerprintD3) > 0 + - len(fingerprintThreeJs) > 0 + - len(fingerprintChartJs) > 0 + - len(fingerprintSlick) > 0 + - len(fingerprintSelect2) > 0 extractors: - name: axios type: regex @@ -344,4 +405,33 @@ headless: part: fingerprintModernizr regex: - ^(0|[1-9]\d*)(?:\.(0|[1-9]\d*))?(?:\.(0|[1-9]\d*))?(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$ -# digest: 490a0046304402204106a779627713aa63ece4bc679f6b08764d94f26d55ca7482a8135cb4a99f89022074e3eff829289082075eb2b6443484212d58cec4ff2a607952e6cd04d73651bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + + - name: d3 + type: regex + part: fingerprintD3 + regex: + - "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$" + + - name: threejs + type: regex + part: fingerprintThreeJs + regex: + - "^(0|[1-9]\\d*)$" + + - name: chartjs + type: regex + part: fingerprintChartJs + regex: + - "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$" + + - name: slick + type: regex + part: fingerprintSlick + regex: + - "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$" + + - name: select2 + type: regex + part: fingerprintSelect2 + regex: + - "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$"