ZED PROXY Java leaks passive scan script

JavaLeaks.js

// Java leak finder

function scan(ps, msg, src) {
    var alertRisk = 3
    var alertConfidence = 3
    var alertTitle = 'Java leak - investigation required (script)'
    var alertDesc = 'Java leaks were found'
    var alertSolution = 'Investigate Java leaks found in the response, remove or mask as required'
    var cweId = 200
    var wascId = 0

    var re = /springframework|\.java/ig

    var url = msg.getRequestHeader().getURI().toString()

    var contentType = msg.getResponseHeader().getHeader("Content-Type")
    var unwantedFileTypes = ['image/png', 'image/jpeg','image/gif','application/x-shockwave-flash','application/pdf']

    if (unwantedFileTypes.indexOf(""+contentType) >= 0) {
        // if we find one of the unwanted headers quit this scan, this saves time and reduces false positives
        return
    }
    // now lets run our regex against the body response
    var body = msg.getResponseBody().toString()
    if (re.test(body)) {
        re.lastIndex = 0 // After testing reset index
//        var foundLeak = []
//        var comm
//        while (comm = re.exec(body)) {
//            foundLeak.push(comm[0])
//        }
//        ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', foundLeak.toString(), alertSolution, foundLeak.toString(), cweId, wascId, msg)
        ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', body, alertSolution, body, cweId, wascId, msg)

        console.log("Java leak detected");
    }
	
}