From cc52c85fd5eb2399e177d91a5f91b90789328098 Mon Sep 17 00:00:00 2001
From: "tv0924@icloud.com" <j93es@naver.com>
Date: Mon, 19 May 2025 11:12:18 +0900
Subject: [PATCH] =?UTF-8?q?[File]=20caido=EC=97=90=EC=84=9C=20=EB=B0=94?=
 =?UTF-8?q?=EB=A1=9C=20=EC=82=AC=EC=9A=A9=ED=95=A0=20=EC=88=98=20=EC=9E=88?=
 =?UTF-8?q?=EB=8A=94=20zip=20=ED=8C=8C=EC=9D=BC=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitignore                     |   4 ++
 dist/plugin_package.zip        | Bin 0 -> 2892 bytes
 packages/backend/dist/index.js |  81 +++++++++++++++++++++++++++++++++
 3 files changed, 85 insertions(+)
 create mode 100644 dist/plugin_package.zip
 create mode 100644 packages/backend/dist/index.js

diff --git a/.gitignore b/.gitignore
index 1657979..7118b70 100644
--- a/.gitignore
+++ b/.gitignore
@@ -215,4 +215,8 @@ $RECYCLE.BIN/
 # Windows shortcuts
 *.lnk
 
+!dist/
+dist/*
+!dist/*.zip
+
 # End of https://www.toptal.com/developers/gitignore/api/node,macos,windows,linux
\ No newline at end of file
diff --git a/dist/plugin_package.zip b/dist/plugin_package.zip
new file mode 100644
index 0000000000000000000000000000000000000000..31ab81ad9d2c3ea5abed9c5c5d2b92488e7cd63a
GIT binary patch
literal 2892
zcmWIWW@h1H0D&cZo1;K940A9rFeD`=XQ$?+=tES2M9@_UAgRjCOG&NJ%PQ8_S13qK
z&Q45EE!KybP+XL(pPZjpQk0*QlUk&onOl&PnOx#tl$ckdS5nMXmRO|V2^PzQ2s*>n
zD%dI{=Oh*vD^znSC}b9+s0vCg)F?_V)C9{ZC?x0S6_+R!mZla}D%dI%r55U?r<MeQ
zxEh+)TnY*b3YlpN8en<7%)I2B(v;L<4W;Cq%+$P+_{<brB~1l2HHdyB`J&X~g8aPV
z)cBIhf>hg*{Or^`B~6%>3JOK3C8b4q3MECQsSrDA!8SpK(-L!v!Qvp%%;MnGyp#}-
z2_gB;U~4g*UyxXmfpC35Vo3(f@#J|gF*!N4xHul{ZX7-=E=ep&1<BRaD1fX-^1K?l
z_L>?6eH1ZO{Y<@*)Z!9IxRMtzApK}@35uzbjLc#^98r!D0ZNz(m5?I@$w2I}fXze<
zl_*AH#&NAR7Z(x9Ke4nVBg#2HB^4zDIHHK+$N}I)P*j>+l3%0&aWN!ifi<IrAy_RW
zJtI;SmGeV#eo87u*#Q&`^vew(=Ymo?mVAyc7r?ZEQa_kY`&5q-p^%scm0-{`r<7R?
zQ-G2r(NZ}^;9@ffl*o}4q8JFZ52YN_*H_3ab_ACz;KB@=?5q@mphYFb7JYq%S}uG!
z0#ac>i+@O!fUWq?OD)G$Ie>~rP~Cx=p-{38NH;jBKwbprH-t1uds=B;a!F=>o<e3`
zW{E~|N;bst#VOf(sb#5oCB=IAd7gPCsYS`D1tmeLg{7dfF0r^WFIfSk+DHdf(P%2z
z+M!fJMXAN5IVB3V3b<SbE;FG4r>Rg=qkzNzDC!{P87Ph+=0ltcN*0ObiJ2t|#VOfF
zdTE(?DVcfc#d^s_sfi`28lZX;q(niXB(o$Z)k;ArAiuacGbtxkAvoAy0qP|Mm(-Hf
z<dW1BB^_}61=5j{TAW;zSpW(hD}{vMV1M1B)SSeU)D(q+#G=I9)RNSqVuci_K84IY
zP)LA+$BK(fr5alO`lgm-<fmw8)+)e-LW^=hd@HaBD41#!5Ox+pLf8sq7P4qTeo;wk
zk(Gjy64ZIM&?+5N{DIiDT&WcxMc`-v#U&`|1$eV_%sH^UxtoK50fcckWOx}E7;+Qy
zGSgCvOZ2je^YcK#rj(hYWTl{#oS2!CubU5wN^s~X<t65(f+U<l5(@sH<OPu^OD!tS
z%+CYK8R!}489+pl!Vx4BkW-qTnWvDJUxcg`WO{y)k`>tf3JP#L!aaf&f)mqH6+(*@
zLQ)fRLH@4=g^W^8W?ptNNCSjh05%pR5Dg9@kOx4q2=xTCB?fj8SU5W~59~V(37GFN
zBvSKAiYg28GxJJ7-hfK$LvnFeF~a1c(!7#PNC;&mmL)<G5y;&N3ZU4E<*Eh6i)Lt0
zZ!9AN0|*CrGct)V;BJUQ8l|AdCWr;I8Kw)?Fh!1Om|Bo}1_m`O%~W*V$nF8928d1&
b`JMwUZ3K9;vVkO+8JHQ?GcYi;gIx{)5>{S@

literal 0
HcmV?d00001

diff --git a/packages/backend/dist/index.js b/packages/backend/dist/index.js
new file mode 100644
index 0000000..4a8c39f
--- /dev/null
+++ b/packages/backend/dist/index.js
@@ -0,0 +1,81 @@
+// packages/backend/src/controller/implictGrant.ts
+var ImplicitGrantController = class {
+  isImplicitGrantReq(req) {
+    const query = req.getQuery();
+    if (query.includes("client_id=") && query.includes("response_type=token")) {
+      return true;
+    }
+    return false;
+  }
+  isSendTokenToClient(req) {
+    const path = req.getPath();
+    const query = req.getQuery();
+    if (query.includes("access_token=") && query.includes("state=") || path.includes("&access_token=") || /access_token=%/i.test(query)) {
+      return true;
+    }
+    return false;
+  }
+  testReq(req) {
+    if (this.isImplicitGrantReq(req)) {
+      return "isImplicitGrantReq";
+    }
+    if (this.isSendTokenToClient(req)) {
+      return "isSendTokenToClient";
+    }
+    return false;
+  }
+};
+
+// packages/backend/src/controller/authZCodeGrant.ts
+var AuthZCodeGrantController = class {
+  constructor() {
+  }
+  isAuthZReq(req) {
+    const query = req.getQuery();
+    if (query.includes("client_id=") && query.includes("response_type=code")) {
+      return true;
+    }
+    return false;
+  }
+  isSendCodeToClient(req) {
+    const path = req.getPath();
+    const query = req.getQuery();
+    if (query.includes("code=") && query.includes("state=") || path.includes("&code=") || /code=%/i.test(query)) {
+      return true;
+    }
+    return false;
+  }
+  testReq(req) {
+    if (this.isAuthZReq(req)) {
+      return "isAuthZReq";
+    }
+    if (this.isSendCodeToClient(req)) {
+      return "isSendCodeToClient";
+    }
+    return false;
+  }
+  // isAccessTokenReq(req: Response) {
+  // }
+};
+
+// packages/backend/src/index.ts
+var implicitGrantController = new ImplicitGrantController();
+var authZCodeGrantController = new AuthZCodeGrantController();
+function init(sdk) {
+  sdk.events.onInterceptRequest(async (sdk2, req) => {
+    const result = authZCodeGrantController.testReq(req) || implicitGrantController.testReq(req);
+    if (result) {
+      await sdk2.findings.create({
+        title: "Possible SSO Request Detected",
+        description: `SSO-related parameters detected in request:
+
+${req.getMethod()} ${req.getUrl()} : ${result}`,
+        request: req,
+        reporter: ""
+      });
+    }
+  });
+}
+export {
+  init
+};