gingeleski/apify_pagefunction_akamai_hack.js Secret

## apify_pagefunction_akamai_hack.js
async function pageFunction(context) {
    const { page, request, response, log } = context;
    const title = await page.title();
    let vulnerableToInitialCheck = true;
    let vulnerableToPayloadCheck = false;
    // Initial check : response code 400
    if (response.status != 400) {
        vulnerableToInitialCheck = false;
    }
    // Initial check : response protocol HTTP/1.0
    // Initial check : response header "Server: AkamaiGHost"
    else if (!("server" in response.headers && response.headers["server"] == "AkamaiGHost")) {
        vulnerableToInitialCheck = false;
    }
    // Initial check : response header "Content-Type: text/html"
    else if (!("content-type" in response.headers && response.headers["content-type"] == "text/html")) {
        vulnerableToInitialCheck = false;
    }
    // Initial check : response body contains "Invalid URL"
    else if (!document.querySelector("body").innerText.includes("Invalid URL")) {
        vulnerableToInitialCheck = false;
    }
    // Payload check : what did initial check reveal?
    if (false == vulnerableToInitialCheck) {
        vulnerableToPayloadCheck = false;
    }
    else {
        // Payload check : Request to subdomain.target.com/<PAYLOAD>
        // Payload check : response code 200
        // Payload check : response protocol HTTP/1.0
        // Payload check : response header "Server: Apache-Coyote/1.1"
        // Payload check : response body contains "reallylongstringtomakethepayloadforxssmoveoutofview"
        vulnerableToPayloadCheck = true;
    }
    return {
        url: request.url,
        title,
        vulnerableToInitialCheck,
        vulnerableToPayloadCheck
    };
}
	async function pageFunction(context) {
	const { page, request, response, log } = context;
	const title = await page.title();
	let vulnerableToInitialCheck = true;
	let vulnerableToPayloadCheck = false;
	// Initial check : response code 400
	if (response.status != 400) {
	vulnerableToInitialCheck = false;
	}
	// Initial check : response protocol HTTP/1.0
	// Initial check : response header "Server: AkamaiGHost"
	else if (!("server" in response.headers && response.headers["server"] == "AkamaiGHost")) {
	vulnerableToInitialCheck = false;
	}
	// Initial check : response header "Content-Type: text/html"
	else if (!("content-type" in response.headers && response.headers["content-type"] == "text/html")) {
	vulnerableToInitialCheck = false;
	}
	// Initial check : response body contains "Invalid URL"
	else if (!document.querySelector("body").innerText.includes("Invalid URL")) {
	vulnerableToInitialCheck = false;
	}
	// Payload check : what did initial check reveal?
	if (false == vulnerableToInitialCheck) {
	vulnerableToPayloadCheck = false;
	}
	else {
	// Payload check : Request to subdomain.target.com/<PAYLOAD>
	// Payload check : response code 200
	// Payload check : response protocol HTTP/1.0
	// Payload check : response header "Server: Apache-Coyote/1.1"
	// Payload check : response body contains "reallylongstringtomakethepayloadforxssmoveoutofview"
	vulnerableToPayloadCheck = true;
	}
	return {
	url: request.url,
	title,
	vulnerableToInitialCheck,
	vulnerableToPayloadCheck
	};
	}