Merge pull request #455 from ricekot/passive-scripts-metadata

Implement `getMetadata` for remaining Passive scripts

Author: thc202

CHANGELOG.md

@@ -42,6 +42,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
   - passive/Report non static sites.js
   - passive/RPO.js
   - passive/s3.js
+  - passive/Server Header Disclosure.js
+  - passive/SQL injection detection.js
+  - passive/Telerik Using Poor Crypto.js
+  - passive/Upload form discovery.js
+  - passive/X-Powered-By_header_checker.js
 - httpsender/Alert on Unexpected Content Types.js now checks for common content-types (`json`, `xml`, and `yaml`) more consistently.
 - targeted/request_to_xml.js no longer uses deprecated method to show the message in the editor dialogue.
 

passive/CookieHTTPOnly.js

@@ -27,8 +27,17 @@ function scan(helper, msg, src) {
   var cookies = msg.getResponseHeader().getHeaders("Set-Cookie");
   if (cookies != null) {
     var re_noflag = /([Hh][Tt][Tt][Pp][Oo][Nn][Ll][Yy])/g;
-    if (!re_noflag.test(cookies)) {
-      helper.newAlert().setMessage(msg).setEvidence(cookies).raise();
+    if (!re_noflag.test(cookies.toString())) {
+      const otherInfo =
+        cookies.length > 1
+          ? `Other values: ${cookies.slice(1).toString()}`
+          : "";
+      helper
+        .newAlert()
+        .setMessage(msg)
+        .setEvidence(cookies[0])
+        .setOtherInfo(otherInfo)
+        .raise();
     }
   }
 }

passive/Find Credit Cards.js

@@ -65,10 +65,14 @@ function scan(helper, msg, src) {
           }
         }
         if (foundCard.length != 0) {
+          const otherInfo =
+            foundCard.length > 1
+              ? `Other instances: ${foundCard.slice(1).toString()}`
+              : "";
           helper
             .newAlert()
             .setEvidence(foundCard[0])
-            .setOtherInfo(`Other instances: ${foundCard.slice(1).toString()}`)
+            .setOtherInfo(otherInfo)
             .setMessage(msg)
             .raise();
         }

passive/Find Emails.js

@@ -63,10 +63,14 @@ function scan(helper, msg, src) {
         foundEmail.push(comm[0]);
       }
       // woohoo we found an email lets make an alert for it
+      const otherInfo =
+        foundEmail.length > 1
+          ? `Other instances: ${foundEmail.slice(1).toString()}`
+          : "";
       helper
         .newAlert()
         .setEvidence(foundEmail[0])
-        .setOtherInfo(`Other instances: ${foundEmail.slice(1).toString()}`)
+        .setOtherInfo(otherInfo)
         .setMessage(msg)
         .raise();
     }

passive/Find HTML Comments.js

@@ -86,10 +86,14 @@ function scan(helper, msg, src) {
         foundComments.push(comm[0]);
       }
       if (RESULT_PER_URL == true) {
+        const otherInfo =
+          foundComments.length > 1
+            ? `Other instances: ${foundComments.slice(1).toString()}`
+            : "";
         helper
           .newAlert()
           .setEvidence(foundComments[0])
-          .setOtherInfo(`Other instances: ${foundComments.slice(1).toString()}`)
+          .setOtherInfo(otherInfo)
           .setMessage(msg)
           .raise();
       }

passive/Find Hashes.js

@@ -69,12 +69,16 @@ function scan(helper, msg, src) {
     while ((comm = wordpress.exec(body))) {
       foundwordpress.push(comm[0]);
     }
+    const otherInfo =
+      foundwordpress.length > 1
+        ? `Other instances: ${foundwordpress.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[0])
       .setDescription(alertDesc[0])
       .setEvidence(foundwordpress[0])
-      .setOtherInfo(`Other instances: ${foundwordpress.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -85,12 +89,16 @@ function scan(helper, msg, src) {
     while ((comm = sha512.exec(body))) {
       foundsha512.push(comm[0]);
     }
+    const otherInfo =
+      foundsha512.length > 1
+        ? `Other instances: ${foundsha512.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[1])
       .setDescription(alertDesc[1])
       .setEvidence(foundsha512[0])
-      .setOtherInfo(`Other instances: ${foundsha512.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -100,12 +108,16 @@ function scan(helper, msg, src) {
     while ((comm = phpbb3.exec(body))) {
       foundphpbb3.push(comm[0]);
     }
+    const otherInfo =
+      foundphpbb3.length > 1
+        ? `Other instances: ${foundphpbb3.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[2])
       .setDescription(alertDesc[2])
       .setEvidence(foundphpbb3[0])
-      .setOtherInfo(`Other instances: ${foundphpbb3.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -116,12 +128,16 @@ function scan(helper, msg, src) {
     while ((comm = mysqlold.exec(body))) {
       foundmysqlold.push(comm[0]);
     }
+    const otherInfo =
+      foundmysqlold.length > 1
+        ? `Other instances: ${foundmysqlold.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[3])
       .setDescription(alertDesc[3])
       .setEvidence(foundmysqlold[0])
-      .setOtherInfo(`Other instances: ${foundmysqlold.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -132,12 +148,16 @@ function scan(helper, msg, src) {
     while ((comm = joomla.exec(body))) {
       foundjoomla.push(comm[0]);
     }
+    const otherInfo =
+      foundjoomla.length > 1
+        ? `Other instances: ${foundjoomla.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[4])
       .setDescription(alertDesc[4])
       .setEvidence(foundjoomla[0])
-      .setOtherInfo(`Other instances: ${foundjoomla.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -147,12 +167,16 @@ function scan(helper, msg, src) {
     while ((comm = drupal.exec(body))) {
       founddrupal.push(comm[0]);
     }
+    const otherInfo =
+      founddrupal.length > 1
+        ? `Other instances: ${founddrupal.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[5])
       .setDescription(alertDesc[5])
       .setEvidence(founddrupal[0])
-      .setOtherInfo(`Other instances: ${founddrupal.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -163,12 +187,16 @@ function scan(helper, msg, src) {
     while ((comm = blowfish.exec(body))) {
       foundblowfish.push(comm[0]);
     }
+    const otherInfo =
+      foundblowfish.length > 1
+        ? `Other instances: ${foundblowfish.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[6])
       .setDescription(alertDesc[6])
       .setEvidence(foundblowfish[0])
-      .setOtherInfo(`Other instances: ${foundblowfish.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -179,12 +207,16 @@ function scan(helper, msg, src) {
     while ((comm = vbull.exec(body))) {
       foundvbull.push(comm[0]);
     }
+    const otherInfo =
+      foundvbull.length > 1
+        ? `Other instances: ${foundvbull.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[7])
       .setDescription(alertDesc[7])
       .setEvidence(foundvbull[0])
-      .setOtherInfo(`Other instances: ${foundvbull.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }
@@ -195,13 +227,17 @@ function scan(helper, msg, src) {
     while ((comm = md45.exec(body))) {
       foundmd45.push(comm[0]);
     }
+    const otherInfo =
+      foundmd45.length > 1
+        ? `Other instances: ${foundmd45.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setName(alertTitle[8])
       .setDescription(alertDesc[8])
       .setConfidence(1)
       .setEvidence(foundmd45[0])
-      .setOtherInfo(`Other instances: ${foundmd45.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }

passive/Find IBANs.js

@@ -55,10 +55,14 @@ function scan(helper, msg, src) {
       foundIBAN.push(comm[0]);
     }
     // woohoo we found an IBAN lets make an alert for it
+    const otherInfo =
+      foundIBAN.length > 1
+        ? `Other instances: ${foundIBAN.slice(1).toString()}`
+        : "";
     helper
       .newAlert()
       .setEvidence(foundIBAN[0])
-      .setOtherInfo(`Other instances: ${foundIBAN.slice(1).toString()}`)
+      .setOtherInfo(otherInfo)
       .setMessage(msg)
       .raise();
   }

passive/Find Internal IPs.js

@@ -55,10 +55,14 @@ function scan(helper, msg, src) {
       while ((comm = re.exec(body))) {
         foundIP.push(comm[0]);
       }
+      const otherInfo =
+        foundIP.length > 1
+          ? `Other instances: ${foundIP.slice(1).toString()}`
+          : "";
       helper
         .newAlert()
         .setEvidence(foundIP[0])
-        .setOtherInfo(`Other instances: ${foundIP.slice(1).toString()}`)
+        .setOtherInfo(otherInfo)
         .setMessage(msg)
         .raise();
     }

passive/RPO.js

@@ -56,10 +56,14 @@ function scan(helper, msg, src) {
       while ((comm = re.exec(body))) {
         foundRPO.push(comm[0]);
       }
+      const otherInfo =
+        foundRPO.length > 1
+          ? `Other instances: ${foundRPO.slice(1).toString()}`
+          : "";
       helper
         .newAlert()
         .setEvidence(foundRPO[0])
-        .setOtherInfo(`Other instances: ${foundRPO.slice(1).toString()}`)
+        .setOtherInfo(otherInfo)
         .setMessage(msg)
         .raise();
     }