whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

csrf(state) 관련 취약점 탐지 기능 추가

Browse source
This commit is contained in:
tv0924@icloud.com 2025-05-28 14:11:53 +09:00
commit e868cbec67
5 changed files with 400 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

34
packages/backend/src/index.ts
View file

@ -1,5 +1,6 @@
import type { SDK, DefineAPI } from "caido:plugin";
import type { Request } from "caido:utils";
<<<<<<< HEAD
import { ImplicitGrantController } from "./controller/implictGrant";
import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
import { PKCECheck } from "./controller/PKCECheck";
@ -27,19 +28,40 @@ const pkceCheck = new PKCECheck();
// const match = /"access_token"\s*:\s*"([^"]+)"/.exec(raw);
// return !!match;
// }
=======
// import { ImplicitGrantController } from "./controller/implictGrant";
// import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
import { CsrfCheck } from "./controller/csrfCheck";
export type API = DefineAPI<{}>;
const csrfCheck = new CsrfCheck();
>>>>>>> 8de17eb (csrf(state) )
export function init(sdk: SDK<API>) {
sdk.events.onInterceptRequest(async (sdk, req: Request) => {
const result =
authZCodeGrantController.testReq(req) ||
implicitGrantController.testReq(req);
// sdk.events.onInterceptRequest(async (sdk, req: Request) => {
// const result = csrfCheck.checker(req);
// if (result) {
// await sdk.findings.create({
// title: "Possible SSO Request Detected",
// description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
// request: req,
// reporter: "",
// });
// }
// });
sdk.events.onInterceptResponse(async (sdk, req: Request, resp) => {
const funcList = [csrfCheck.checker(sdk, req, resp)];
let result = await Promise.all(funcList);
if (result) {
await pkceCheck.test(sdk, req);
await sdk.findings.create({
title: "Possible SSO Request Detected",
description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
title: "Possible SSO Response Detected",
description: `SSO-related parameters detected in response:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
request: req,
reporter: "",
});