akde/infosec

Information security is ultimately about managing risk

JavaScript

, , ,

Get infor­ma­tion from a (mini­fied) JS (e.g. from Angular):

import re

def extract_info(file_path):
    with open(file_path, 'r') as file:
        content = file.read()

    # Regular expressions to find URLs and potential sensitive info
    url_pattern = re.compile(r'https?://[^\s]+')
    route_pattern = re.compile(r'\/[a-zA-Z0-9\/_-]+')
    api_key_pattern = re.compile(r'apiKey\s*:\s*["\']([a-zA-Z0-9-_]+)["\']')
    token_pattern = re.compile(r'token\s*:\s*["\']([a-zA-Z0-9-_]+)["\']')

    urls = url_pattern.findall(content)
    routes = route_pattern.findall(content)
    api_keys = api_key_pattern.findall(content)
    tokens = token_pattern.findall(content)

    return {
        'urls': urls,
        'routes': routes,
        'api_keys': api_keys,
        'tokens': tokens,
    }

# Path to your minified JavaScript file
file_path = 'path_to_your_minified_file.js'

info = extract_info(file_path)
print('URLs:', info['urls'])
print('Routes:', info['routes'])
print('API Keys:', info['api_keys'])
print('Tokens:', info['tokens'])

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';