This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files
=more paths,parameters
->more vulns
)
jq -c ".log.entries[].response.content" $1 | grep "application/json" | grep search_by_raw_query| jq .text | sed "s/\\\n/|/g" | while read p; do printf %b "$p\n" >> bots_0_json; done; | |
LC_ALL=C sed 's/^"//g' bots_0_json | LC_ALL=C sed 's/"$//g' > bots_0_json_noquote | |
sed "s/\\\\\\\\\\\\//g" bots_0_json_noquote | LC_ALL=C jq -c ".data.search_by_raw_query.search_timeline.timeline.instructions[].entries[]" |grep -v promoted-tweet | jq .content.itemContent.tweet_results.result.core.user_results.result > bots_0_users | |
jq .legacy bots_0_users | jq -c "[.name,.screen_name,.created_at,.location,.followers_count,.friends_count,.statuses_count,.media_count]" | sort | uniq > uniq_users |