ChieftainY2k/JavaLeaks.js

## JavaLeaks.js
// Java leak finder

function scan(ps, msg, src) {
    var alertRisk = 3
    var alertConfidence = 3
    var alertTitle = 'Java leak - investigation required (script)'
    var alertDesc = 'Java leaks were found'
    var alertSolution = 'Investigate Java leaks found in the response, remove or mask as required'
    var cweId = 200
    var wascId = 0

    var re = /springframework|\.java/ig

    var url = msg.getRequestHeader().getURI().toString()

    var contentType = msg.getResponseHeader().getHeader("Content-Type")
    var unwantedFileTypes = ['image/png', 'image/jpeg','image/gif','application/x-shockwave-flash','application/pdf']

    if (unwantedFileTypes.indexOf(""+contentType) >= 0) {
        // if we find one of the unwanted headers quit this scan, this saves time and reduces false positives
        return
    }
    // now lets run our regex against the body response
    var body = msg.getResponseBody().toString()
    if (re.test(body)) {
        re.lastIndex = 0 // After testing reset index
//        var foundLeak = []
//        var comm
//        while (comm = re.exec(body)) {
//            foundLeak.push(comm[0])
//        }
//        ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', foundLeak.toString(), alertSolution, foundLeak.toString(), cweId, wascId, msg)
        ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', body, alertSolution, body, cweId, wascId, msg)

        console.log("Java leak detected");
    }

}
	// Java leak finder

	function scan(ps, msg, src) {
	var alertRisk = 3
	var alertConfidence = 3
	var alertTitle = 'Java leak - investigation required (script)'
	var alertDesc = 'Java leaks were found'
	var alertSolution = 'Investigate Java leaks found in the response, remove or mask as required'
	var cweId = 200
	var wascId = 0

	var re = /springframework\|\.java/ig

	var url = msg.getRequestHeader().getURI().toString()

	var contentType = msg.getResponseHeader().getHeader("Content-Type")
	var unwantedFileTypes = ['image/png', 'image/jpeg','image/gif','application/x-shockwave-flash','application/pdf']

	if (unwantedFileTypes.indexOf(""+contentType) >= 0) {
	// if we find one of the unwanted headers quit this scan, this saves time and reduces false positives
	return
	}
	// now lets run our regex against the body response
	var body = msg.getResponseBody().toString()
	if (re.test(body)) {
	re.lastIndex = 0 // After testing reset index
	// var foundLeak = []
	// var comm
	// while (comm = re.exec(body)) {
	// foundLeak.push(comm[0])
	// }
	// ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', foundLeak.toString(), alertSolution, foundLeak.toString(), cweId, wascId, msg)
	ps.raiseAlert(alertRisk, alertConfidence, alertTitle, alertDesc, url, '', '', body, alertSolution, body, cweId, wascId, msg)

	console.log("Java leak detected");
	}

	}