Home
NaN / jQueryCheck
Check jQuery version for vulnerabilities
Newer
Older
jQueryCheck / jQueryCheck.php
#!/usr/bin/php5
<?php error_reporting(0); 

if(!$argc)
	die('<h1>This script should be called in CLI environment</h1>');

$scriptName = array_shift($argv);

if(!isset($argv[0])){
	print "\nCheck jQuery for modifications, backdoors and vulnerabilities.\n";
	print "Run: $scriptName http://path/to/jquery.js \n\n";
	die();
}

$csv = array_map('str_getcsv', file('jQueryVersions.csv')); // 0 = family, 1 = version, 2 = js, 3 = sha256 
if(!is_array($csv))
	die("\033[31m[!] Could not load jQueryVersions.csv\n\033[0m");

echo "\033[36m[-] Fetching data from URL\n";
$output = get_url($argv[0]);

if($output == "")
	die("\033[31m[!] Could not retrieve data from URL\n\033[0m");

if(substr( $argv[0], 0, 7 ) === "http://")
	echo "\033[31m[!] URL not using SSL\n";

echo "\033[32m[+] Got data\n";
$dataHash = base64_encode(hash('sha256', $output, true));
echo "\033[36m[i] SHA256: $dataHash \n";

$match = 0;
$family = ""; $famversion = "";
foreach($csv as $no => $version){
	if($version[3] == $dataHash){
		$match = 1;
		$family = $version[0]; $famversion = $version[1];
		echo "\033[32m[+] Match found\n";
		echo "\033[36m[i] jQuery Family: ".$version[0]."\n";
		echo "\033[36m[i] jQuery Version: ".$version[1]."\n";
		break;
	}
}

if($match == 1){ // check for known vulns
	foreach($csv as $no => $version){
		if($version[0] == $family){
			if($version[1] == $famversion){
				echo "\033[32m[+] This is the latest version in this family\n";
			}else{
				echo "\033[31m[!] This version is out of date, upgrade to: ".$version[1]."\n";
			}
			break;
		}
	}
}else{ // not an official jquery version
	die("\033[31m[!] This file does not match any known jQuery hashes! INVESTIGATE IMMMEDIATLY!\n\033[0m");
}

echo "\033[36m[-] Checking for known vulns\n";
$vulns = get_url('https://snyk.io/test/npm/jquery/'.$famversion.'?severity=high&severity=medium&severity=low');

if(strpos($vulns, "Vulnerabilities") !== false){
	if(strpos($vulns, "No known vulnerabilities found") !== false){
		echo "\033[32m[+] No public vulns found\n";
	}else{
		echo "\033[31m[!] Vulns found, check: https://snyk.io/test/npm/jquery/".$famversion."\n";
	}
}else if(strpos($vulns, "Invalid npm package") !== false){
	echo "\033[32m[+] No public vulns found\n";
}

function get_url($url){
	$ch = curl_init();                  
	curl_setopt($ch, CURLOPT_URL,$url);
	curl_setopt($ch, CURLOPT_POST, false); 
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	$output = curl_exec ($ch);
	curl_close ($ch);
	return $output;
}
?>