Merge pull request #211 from KnugiHK/main

Create a bcheck for detecting malicious Polyfill CDN
PortSwigger · Jun 27, 2024 · 29fb2a7 · 29fb2a7
2 parents d5e6908 + d349a70
commit 29fb2a7
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/other/Javascript/malicious_polyfill_cdn.bcheck b/other/Javascript/malicious_polyfill_cdn.bcheck
@@ -0,0 +1,15 @@
+metadata:
+    language: v2-beta
+    name: "Malicious Polyfill CDN In Use"
+    description: "Look in responses to see if there are malicious Polyfill CDNs is in use"
+    author: "KnugiHK"
+    tags: "passive","javascript"
+
+given response then
+    if {latest.response} matches "<script.*?src=\"(https?:)?//(cdn.)?polyfill.io/v[0-9]/polyfill\.min\.js.*?\".*?>" then
+        report issue:
+            severity: high
+            confidence: firm
+            detail: "The malicious Polyfill CDN polyfill.io is used on the website."
+            remediation: "Self-host a Polyfill service or use a more reliable CDN."
+    end if