Temp
This commit is contained in:
imnyang
parent
143b308e77
commit
1e79dcabaa
4 changed files with 33 additions and 1 deletions
|
|
@ -135,6 +135,6 @@ export class PKCECheck {
|
||||||
request: req,
|
request: req,
|
||||||
reporter: "PKCE Checker",
|
reporter: "PKCE Checker",
|
||||||
});
|
});
|
||||||
sendReport(sdk, fullTitle, `${message} (${url})`, req, "PKCE Checker");
|
await sendReport(sdk, fullTitle, `${message} (${url})`, req, "PKCE Checker");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
import type { Request, Response } from "caido:utils";
|
import type { Request, Response } from "caido:utils";
|
||||||
import type { SDK, DefineAPI } from "caido:plugin";
|
import type { SDK, DefineAPI } from "caido:plugin";
|
||||||
|
import { sendReport } from "../utils/controlTower";
|
||||||
|
|
||||||
// 토큰 누출 검사 결과를 담는 구조
|
// 토큰 누출 검사 결과를 담는 구조
|
||||||
export interface TokenLeakResult {
|
export interface TokenLeakResult {
|
||||||
|
|
@ -21,6 +22,13 @@ export class AccessTokenLeakController {
|
||||||
request,
|
request,
|
||||||
reporter: "AccessTokenLeak",
|
reporter: "AccessTokenLeak",
|
||||||
});
|
});
|
||||||
|
await sendReport(
|
||||||
|
sdk,
|
||||||
|
result.title,
|
||||||
|
result.description,
|
||||||
|
request,
|
||||||
|
"AccessTokenLeak"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -33,6 +41,13 @@ export class AccessTokenLeakController {
|
||||||
request,
|
request,
|
||||||
reporter: "AccessTokenLeak",
|
reporter: "AccessTokenLeak",
|
||||||
});
|
});
|
||||||
|
await sendReport(
|
||||||
|
sdk,
|
||||||
|
result.title,
|
||||||
|
result.description,
|
||||||
|
request,
|
||||||
|
"AccessTokenLeak"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
import type { Request, Response } from "caido:utils";
|
import type { Request, Response } from "caido:utils";
|
||||||
import type { SDK, DefineAPI } from "caido:plugin";
|
import type { SDK, DefineAPI } from "caido:plugin";
|
||||||
import { HttpUtils } from "../utils/http";
|
import { HttpUtils } from "../utils/http";
|
||||||
|
import { sendReport } from "../utils/controlTower";
|
||||||
|
|
||||||
const httpUtils = new HttpUtils();
|
const httpUtils = new HttpUtils();
|
||||||
|
|
||||||
|
|
@ -269,6 +270,14 @@ export class CsrfCheck {
|
||||||
request,
|
request,
|
||||||
reporter: "csrf reporter",
|
reporter: "csrf reporter",
|
||||||
});
|
});
|
||||||
|
await sendReport(
|
||||||
|
sdk,
|
||||||
|
"CSRF Vulnerability Detected",
|
||||||
|
`A CSRF vulnerability was detected in the request.\n\nRequest: ${request.getMethod()} ${request.getUrl()}\n\nDetails: ${result}`,
|
||||||
|
request,
|
||||||
|
"csrf reporter"
|
||||||
|
);
|
||||||
|
|
||||||
}
|
}
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
sdk.console.error(`Error creating finding: ${error}`);
|
sdk.console.error(`Error creating finding: ${error}`);
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
import type { Request, Response } from "caido:utils";
|
import type { Request, Response } from "caido:utils";
|
||||||
import type { SDK } from "caido:plugin";
|
import type { SDK } from "caido:plugin";
|
||||||
|
import { sendReport } from "../utils/controlTower";
|
||||||
|
|
||||||
export class RedirectBypassController {
|
export class RedirectBypassController {
|
||||||
// redirect_uri를 확인하는 함수
|
// redirect_uri를 확인하는 함수
|
||||||
|
|
@ -54,6 +55,13 @@ export class RedirectBypassController {
|
||||||
request: req,
|
request: req,
|
||||||
reporter: "gyu",
|
reporter: "gyu",
|
||||||
});
|
});
|
||||||
|
await sendReport(
|
||||||
|
sdk,
|
||||||
|
"Redirect URI Bypass Detected",
|
||||||
|
`A redirect URI bypass was detected.\nRedirect URI: ${result.redirectUri}`,
|
||||||
|
req,
|
||||||
|
"gyu"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue