Adding StringCount and RegexCount in Detection API

Signed-off-by: j3ssie <[email protected]>
jaeles-project · Nov 18, 2019 · 395abda · 395abda
1 parent 24a82d3
commit 395abda
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -35,7 +35,6 @@ jaeles scan --retry 3 --verbose -s "signatures/cves/jira-*" -U /tmp/list_of_urls
 jaeles --verbose server -s sqli
 ```
 
-
 ## Showcases
 More showcase [here](https://jaeles-project.github.io/showcases/)
 

diff --git a/core/detecter.go b/core/detecter.go
@@ -17,6 +17,7 @@ import (
 /*
 @TODO: Add OOB check from Burp Collab and dnsbin.zhack.ca
 */
+
 // RunDetector is main function for detections
 func RunDetector(record libs.Record, detectionString string) (string, bool) {
 	var extra string
@@ -30,6 +31,15 @@ func RunDetector(record libs.Record, detectionString string) (string, bool) {
 		return result
 	})
 
+	vm.Set("StringCount", func(call otto.FunctionCall) otto.Value {
+		componentName := call.Argument(0).String()
+		analyzeString := call.Argument(1).String()
+		component := GetComponent(record, componentName)
+		validate := StringCount(component, analyzeString)
+		result, _ := vm.ToValue(validate)
+		return result
+	})
+
 	vm.Set("RegexSearch", func(call otto.FunctionCall) otto.Value {
 		componentName := call.Argument(0).String()
 		analyzeString := call.Argument(1).String()
@@ -39,6 +49,15 @@ func RunDetector(record libs.Record, detectionString string) (string, bool) {
 		return result
 	})
 
+	vm.Set("RegexCount", func(call otto.FunctionCall) otto.Value {
+		componentName := call.Argument(0).String()
+		analyzeString := call.Argument(1).String()
+		component := GetComponent(record, componentName)
+		validate := RegexCount(component, analyzeString)
+		result, _ := vm.ToValue(validate)
+		return result
+	})
+
 	vm.Set("StatusCode", func(call otto.FunctionCall) otto.Value {
 		statusCode := record.Response.StatusCode
 		result, _ := vm.ToValue(statusCode)
@@ -111,6 +130,11 @@ func StringSearch(component string, analyzeString string) bool {
 	return false
 }
 
+// StringCount count string literal in component
+func StringCount(component string, analyzeString string) int {
+	return strings.Count(component, analyzeString)
+}
+
 // RegexSearch search regex string in component
 func RegexSearch(component string, analyzeString string) bool {
 	r, err := regexp.Compile(analyzeString)
@@ -120,6 +144,16 @@ func RegexSearch(component string, analyzeString string) bool {
 	return r.MatchString(component)
 }
 
+// RegexCount count regex string in component
+func RegexCount(component string, analyzeString string) int {
+	r, err := regexp.Compile(analyzeString)
+	if err != nil {
+		return 0
+	}
+	matches := r.FindAllStringIndex("A B C B A", -1)
+	return len(matches)
+}
+
 // PollCollab polling burp collab with secret from DB
 func PollCollab(record libs.Record, analyzeString string) (string, bool) {
 	// only checking response return in external OOB
-Original file line number
+Diff line change
@@ Expand Up @@
     jaeles --verbose server -s sqli
     ```
     ## Showcases
     More showcase [here](https://jaeles-project.github.io/showcases/)
@@ Expand Down @@