Migrations
/
wappalyzer
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync with AliasIO (#1)

Browse Source 
* Refactoring, allow multiple expressions per js field, remove env detection

* Add js field to NPM driver

* Port env to js
main
Camille Barneaud 8 years ago committed by GitHub
parent 28d2afaa61
commit a1079095dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 12285 additions and 11574 deletions
Show Stats Download Patch File Download Diff File

2
bin/validate
Unescape View File

@ -6,7 +6,7 @@ set -eu
echo "Validating apps.json..." echo "Validating apps.json..."
jsonlint-cli -s schema.json src/apps.json jsonlint-cli -tps schema.json src/apps.json > /tmp/apps.json && mv /tmp/apps.json src/apps.json
echo "Validating regular expressions..." echo "Validating regular expressions..."

6
schema.json
Unescape View File

@ -35,9 +35,9 @@
}, },
"required": true "required": true
}, },
"env": { "js": {
"type": [ "string", "array" ], "type": "object",
"items": { "additionalProperties": {
"type": "string" "type": "string"
} }
}, },

1509
src/apps.json
View File

File diff suppressed because it is too large Load Diff

67
src/drivers/npm/driver.js
Unescape View File

@ -37,6 +37,8 @@ class Driver {
this.wappalyzer.apps = json.apps; this.wappalyzer.apps = json.apps;
this.wappalyzer.categories = json.categories; this.wappalyzer.categories = json.categories;
this.wappalyzer.parseJsPatterns();
this.wappalyzer.driver.log = (message, source, type) => this.log(message, source, type); this.wappalyzer.driver.log = (message, source, type) => this.log(message, source, type);
this.wappalyzer.driver.displayApps = detected => this.displayApps(detected); this.wappalyzer.driver.displayApps = detected => this.displayApps(detected);
} }
@ -120,6 +122,28 @@ class Driver {
.finally(() => { .finally(() => {
this.timer('browser.wait end'); this.timer('browser.wait end');
const headers = this.getHeaders(browser);
const html = this.getHtml(browser);
const scripts = this.getScripts(browser);
const js = this.getJs(browser);
this.wappalyzer.analyze(pageUrl.hostname, pageUrl.href, {
headers,
html,
js,
scripts
});
const links = browser.body.getElementsByTagName('a');
resolve(links);
});
});
});
});
}
getHeaders(browser) {
const headers = {}; const headers = {};
browser.resources['0'].response.headers._headers.forEach(header => { browser.resources['0'].response.headers._headers.forEach(header => {
@ -130,6 +154,10 @@ class Driver {
headers[header[0]].push(header[1]); headers[header[0]].push(header[1]);
}); });
return headers;
}
getHtml(browser) {
let html = ''; let html = '';
try { try {
@ -138,26 +166,45 @@ class Driver {
this.wappalyzer.log(error.message, 'browser', 'error'); this.wappalyzer.log(error.message, 'browser', 'error');
} }
const vars = Object.getOwnPropertyNames(browser.window); return html;
}
getScripts(browser) {
const scripts = Array.prototype.slice const scripts = Array.prototype.slice
.apply(browser.document.scripts) .apply(browser.document.scripts)
.filter(s => s.src) .filter(s => s.src)
.map(s => s.src); .map(s => s.src);
this.wappalyzer.analyze(pageUrl.hostname, pageUrl.href, { return scripts;
headers, }
html,
env: vars,
scripts
});
const links = browser.body.getElementsByTagName('a'); getJs(browser) {
const patterns = this.wappalyzer.jsPatterns;
const js = {};
resolve(links); Object.keys(patterns).forEach(appName => {
}); js[appName] = {};
Object.keys(patterns[appName]).forEach(chain => {
js[appName][chain] = {};
patterns[appName][chain].forEach((pattern, index) => {
const properties = chain.split('.');
let value = properties.reduce((parent, property) => {
return parent && parent.hasOwnProperty(property) ? parent[property] : null;
}, browser.window);
value = typeof value === 'string' ? value : !!value;
if ( value ) {
js[appName][chain][index] = value;
}
}); });
}); });
}); });
return js;
} }
crawl(pageUrl, index = 1, depth = 1) { crawl(pageUrl, index = 1, depth = 1) {

76
src/drivers/webextension/js/content.js
Unescape View File

@ -1,76 +1,58 @@
/** global: browser */ /** global: browser */
if ( typeof browser !== 'undefined' && typeof document.body !== 'undefined' ) { if ( typeof browser !== 'undefined' && typeof document.body !== 'undefined' ) {
try {
var html = document.documentElement.outerHTML; var html = document.documentElement.outerHTML;
if ( html.length > 50000 ) { if ( html.length > 50000 ) {
html = html.substring(0, 25000) + html.substring(html.length - 25000, html.length); html = html.substring(0, 25000) + html.substring(html.length - 25000, html.length);
} }
var scripts = Array.prototype.slice const scripts = Array.prototype.slice
.apply(document.scripts) .apply(document.scripts)
.filter(s => s.src) .filter(script => script.src)
.map(s => s.src); .map(script => script.src);
try {
browser.runtime.sendMessage({
id: 'analyze',
subject: { html },
source: 'content.js'
});
browser.runtime.sendMessage({ browser.runtime.sendMessage({
id: 'analyze', id: 'analyze',
subject: { scripts }, subject: { html, scripts },
source: 'content.js' source: 'content.js'
}); });
var container = document.createElement('wappalyzerData'); const script = document.createElement('script');
container.setAttribute('id', 'wappalyzerData'); script.onload = () => {
container.setAttribute('style', 'display: none'); addEventListener('message', event => {
if ( event.data.id !== 'js' ) {
var script = document.createElement('script');
script.setAttribute('id', 'wappalyzerEnvDetection');
script.setAttribute('src', browser.extension.getURL('js/inject.js'));
container.addEventListener('wappalyzerEnvEvent', (event => {
browser.runtime.sendMessage({
id: 'JS_ready',
subject: { },
source: 'content.js'
}, response => {
window.postMessage({patterns: response.patterns}, "*");
});
window.addEventListener('message', (event => {
if (event.data.js === undefined)
return; return;
var js = event.data.js ; }
browser.runtime.sendMessage({ browser.runtime.sendMessage({
id: 'analyze', id: 'analyze',
subject: { js }, subject: {
js: event.data.js
},
source: 'content.js' source: 'content.js'
}); });
}), true); }, true);
var env = event.target.childNodes[0].nodeValue;
document.documentElement.removeChild(container);
document.documentElement.removeChild(script);
env = env.split(' ').slice(0, 500); ( chrome || browser ).runtime.sendMessage({
id: 'init_js',
browser.runtime.sendMessage({ subject: {},
id: 'analyze',
subject: { env },
source: 'content.js' source: 'content.js'
}, response => {
postMessage({
id: 'patterns',
patterns: response.patterns
}, '*');
}); });
}), true); };
script.setAttribute('id', 'wappalyzer');
script.setAttribute('src', browser.extension.getURL('js/inject.js'));
document.documentElement.appendChild(container); document.body.appendChild(script);
document.documentElement.appendChild(script); } catch (e) {
} catch(e) {
log(e); log(e);
} }
} }

7
src/drivers/webextension/js/driver.js
Unescape View File

@ -74,7 +74,8 @@ fetch('../apps.json')
.then(json => { .then(json => {
wappalyzer.apps = json.apps; wappalyzer.apps = json.apps;
wappalyzer.categories = json.categories; wappalyzer.categories = json.categories;
wappalyzer.parseJS();
wappalyzer.parseJsPatterns();
categoryOrder = Object.keys(wappalyzer.categories).sort((a, b) => wappalyzer.categories[a].priority - wappalyzer.categories[b].priority); categoryOrder = Object.keys(wappalyzer.categories).sort((a, b) => wappalyzer.categories[a].priority - wappalyzer.categories[b].priority);
}) })
@ -193,9 +194,9 @@ browser.webRequest.onCompleted.addListener(request => {
}; };
break; break;
case 'JS_ready': case 'init_js':
response = { response = {
patterns: wappalyzer.parsedJS patterns: wappalyzer.jsPatterns
}; };
break; break;

48
src/drivers/webextension/js/inject.js
Unescape View File

@ -1,41 +1,41 @@
(function() { (function() {
try { try {
var i, environmentVars = '', eEnv = document.createEvent('Events'), container = document.getElementById('wappalyzerData'); addEventListener('message', (event => {
if ( event.data.id !== 'patterns' ) {
return;
}
eEnv.initEvent('wappalyzerEnvEvent', true, false); const patterns = event.data.patterns || {};
for ( i in window ) { const js = {};
environmentVars += i + ' ';
}
container.appendChild(document.createComment(environmentVars));
container.dispatchEvent(eEnv);
window.addEventListener('message', (event => { Object.keys(patterns).forEach(appName => {
if (event.data.patterns === undefined) js[appName] = {};
return;
var properties = event.data.patterns; Object.keys(patterns[appName]).forEach(chain => {
var js = {}; js[appName][chain] = {};
Object.keys(properties).forEach(appname => {
Object.keys(properties[appname]).forEach(property => { patterns[appName][chain].forEach((pattern, index) => {
var content = false; const value = detectJs(chain);
if( content = JSdetection(property) ){
if ( js[appname] === undefined ) if ( value ) {
js[appname] = {}; js[appName][chain][index] = value;
js[appname][property] = properties[appname][property];
js[appname][property]["content"] = content;
} }
}); });
}); });
window.postMessage({js: js}, "*"); });
postMessage({ id: 'js', js }, '*');
}), false); }), false);
} catch(e) { } catch(e) {
// Fail quietly // Fail quietly
} }
}()); }());
function JSdetection(p){ function detectJs(chain) {
const objects = p.split('.'); const properties = chain.split('.');
const value = objects.reduce((parent, property) => {
const value = properties.reduce((parent, property) => {
return parent && parent.hasOwnProperty(property) ? parent[property] : null; return parent && parent.hasOwnProperty(property) ? parent[property] : null;
}, window); }, window);

36
src/wappalyzer.js
Unescape View File

@ -18,7 +18,7 @@ class Wappalyzer {
this.apps = {}; this.apps = {};
this.categories = {}; this.categories = {};
this.driver = {}; this.driver = {};
this.parsedJS = undefined; this.jsPatterns = {};
this.detected = {}; this.detected = {};
this.hostnameCache = {}; this.hostnameCache = {};
@ -85,7 +85,7 @@ class Wappalyzer {
if ( data.js ) { if ( data.js ) {
Object.keys(data.js).forEach(appName => { Object.keys(data.js).forEach(appName => {
this.analyzeJS(apps[appName], data.js[appName]); this.analyzeJs(apps[appName], data.js[appName]);
}); });
} }
@ -252,16 +252,14 @@ class Wappalyzer {
} }
/** /**
* Parse JS patterns * Parse JavaScript patterns
*/ */
parseJS() { parseJsPatterns() {
if ( this.parsedJS === undefined){
this.parsedJS = {};
Object.keys(this.apps).forEach(appName => { Object.keys(this.apps).forEach(appName => {
if (this.apps[appName].js) if ( this.apps[appName].js ) {
this.parsedJS[appName] = this.parsePatterns(this.apps[appName].js); this.jsPatterns[appName] = this.parsePatterns(this.apps[appName].js);
});
} }
});
} }
resolveExcludes(apps) { resolveExcludes(apps) {
@ -508,15 +506,19 @@ class Wappalyzer {
} }
/** /**
* Analyze JS variables * Analyze JavaScript variables
*/ */
analyzeJS(app, js) { analyzeJs(app, results) {
Object.keys(js).forEach(property => {
var content = js[property]["content"]; console.log(app, results);
delete js[property]["content"];
js[property].forEach(pattern => { Object.keys(results).forEach(string => {
if ( pattern.regex.test(content) ) { Object.keys(results[string]).forEach(index => {
this.addDetected(app, pattern, 'js', content, property); const pattern = this.jsPatterns[app.name][string][index];
const value = results[string][index];
if ( pattern.regex.test(value) ) {
this.addDetected(app, pattern, 'js', value);
} }
}); });
}); });