js-scanner.sh

javascript source code scanner

#!/bin/bash

# Prettify Javascript Code を適用して、このスクリプトを使用

file="$1"

function main(){
        
    printf "\n\e[00;31m#########################################################\e[00m" 
    printf "\n\e[00;31m        JAVASCRIPT SCANNER                               \e[00m" 
    printf "\n\e[00;31m#########################################################\e[00m\n" 
    printf "\n"
    printf "\e[00;32m[*] Scanning File \"$file\" \e[00m\n" 

    # Get API link
    readapi=`grep -iEo '"[^\"]api.+"' $file --color -n`
    if [ "$readapi" ]; then
        printf "\e[00;33m[+] Possible API -------------------------------- \e[00m\n"
        grep -iEo '"[^\"]api.+"' $file --color -n 
        printf "\n"
    fi

    # Get REST link
    readapi=`grep -iEo '"[^\"]rest.+"' $file --color -n`
    if [ "$readapi" ]; then
        printf "\e[00;33m[+] Possible REST -------------------------------- \e[00m\n"
        grep -iEo '"[^\"]rest.+"' $file --color -n 
        printf "\n"
    fi
 
    # Get Url link
    readurl=`grep -i 'url' $file --color -n`
    if [ "$readurl" ]; then
        printf "\e[00;33m[+] Possible URL -------------------------------- \e[00m\n"
        grep -i 'url' $file --color -n
        printf "\n"
    fi

    # Get URI link
    readurl=`grep -i 'uri' $file --color -n`
    if [ "$readurl" ]; then
        printf "\e[00;33m[+] Possible URL -------------------------------- \e[00m\n"
        grep -i 'uri' $file --color -n
        printf "\n"
    fi

    # Get redirect link
    readredirect=`grep -i 'redirect' $file --color -n`
    if [ "$readredirect" ]; then
        printf "\e[00;33m[+] Possible Redirect link -------------------------------- \e[00m\n"
        grep -i 'redirect' $file --color -n 
        printf "\n"
    fi

    # Get function
    readfunction=`grep -i '\w[a-zA-Z]\{0,\}() {' $file --color -n`
    if [ "$readfunction" ]; then
        printf "\e[00;33m[+] Functions Found! -------------------------------- \e[00m\n"
        grep -i '\w[a-zA-Z]\{0,\}() {' $file --color -n 
        printf "\n"
    fi

    # Get admin 
    readapi=`grep -i 'admin' $file --color -n`
    if [ "$readapi" ]; then
        printf "\e[00;33m[+] Admin related? -------------------------------- \e[00m\n"
        grep -i 'admin' $file --color -n 
        printf "\n"
    fi

    # Get Path
    readapi=`grep -i 'path' $file --color -n`
    if [ "$readapi" ]; then
        printf "\e[00;33m[+] Path found -------------------------------- \e[00m\n"
        grep -i 'path' $file --color -n 
        printf "\n"
    fi

    # Get upload
    readapi=`grep -i 'upload' $file --color -n`
    if [ "$readapi" ]; then
        printf "\e[00;33m[+] Upload found -------------------------------- \e[00m\n"
        grep -i 'upload' $file --color -n 
        printf "\n"
    fi

    # Get Security related content
    readurl=`grep -i 'security' $file --color -n`
    if [ "$readurl" ]; then
        printf "\e[00;33m[+] Security Related Content -------------------------------- \e[00m\n"
        grep -i 'security' $file --color -n
        printf "\n"
    fi

    # Get GET and POST specific
    readurl=`grep -E 'this.http.(get|post).*?[^\"]\w{1,}"' $file --color -n`
    if [ "$readurl" ]; then
        printf "\e[00;33m[+] GET:POST PATH -------------------------------- \e[00m\n"
        grep -E 'this.http.(get|post).*?[^\"]\w{1,}"' $file --color -n
        printf "\n"
    fi

}

if [ -n "$1" ]; then
    file="$1"
    if test -f "$file"; then
        main
        exit
    else
        printf "\n\e[00;31m[!]file \"$1\" was not found\e[00m" 
        exit
    fi
else
  echo "[.]Usage: ./js-scan.sh main.js"    
  exit
fi