Analyzing JavaScript Files To Find Bugs

Muhammad Mater
3 min readMay 23, 2023

Hi Hackers,

JavaScript plays a crucial role in web, and JavaScript files are essential components of web applications. Here are some important reasons why JavaScript files are significant in web

Interactivity: JavaScript enables developers to add interactivity and responsiveness to web pages, making them more engaging and user-friendly.

Dynamic Content: JavaScript allows for the dynamic loading and updating of content on web pages without requiring a full page reload, enhancing the user experience.

Form Validation: JavaScript enables client-side form validation, ensuring user input meets specific criteria before submission, improving data accuracy and user experience.

JavaScript files can play a significant role in bug bounty programs, where security researchers identify and report vulnerabilities in web applications. JavaScript files can include the following:

aws access key

aws secret key

api key

passwords

admin credential

secret token

oauth_token

oauth token secret

if you discovered sensitive information it can be reported as information disclosure and you can also benefit from this information if it contains credentials, in this case, it can be reported as broken access control and so on.

Important Question: How Can I Analyze JavaScript Files ?

it’s easy just view page

Okay I’m kidding

I found valid login credentials in Java script files

Steps to do it

You’ll get a list of your domains We call it domains.txt And Any Tool for Crawling URLS

Katana or Waybackurl or gau

cat domains.txt | katana | grep js | httpx -mc 200 | tee js.txt

explaining the command :

  1. cat domains.txt | katana: This command uses the cat utility to display the contents of the file domains.txt. It assumes that domains.txt contains a list of domain names or URLs and paths by | to katana to crawl urls from domains
  2. grep js: The grep command is used for pattern matching in text files. In this case, it is searching for lines that contain the ".js" pattern, which indicates JavaScript files. This filters the output only to include lines that mention JavaScript files.
  3. httpx -mc 200: This command utilizes the httpx tool to send HTTP requests and retrieve responses from the filtered URLs. The -mc 200 option only shows URLs that return a successful HTTP status code of 200 (OK). This filters out URLs that do not exist or return errors.
  4. tee js.txt: The tee command is used to display the output of a command and save it to a file simultaneously. In this case, it saves the filtered URLs that match the previous criteria into a file called js.txt.

Now we have Java script links

Scanning by nuclie

nuclei -l js.txt -t ~/nuclei-templates/exposures/ -o js_bugs.txt

Another Way :

Download All links in js.txt

and do search about these

code :

file="js.txt"

# Loop through each line in the file
while IFS= read -r link
do
# Download the JavaScript file using wget
wget "$link"
done < "$file"
grep -r -E "aws_access_key|aws_secret_key|api key|passwd|pwd|heroku|slack|firebase|swagger|aws_secret_key|aws key|password|ftp password|jdbc|db|sql|secret jet|config|admin|pwd|json|gcp|htaccess|.env|ssh key|.git|access key|secret token|oauth_token|oauth_token_secret|smtp" *.js

And Boom

Good Bye

My LinkedIn: https://www.linkedin.com/in/micro0x00/

My Twitter: https://twitter.com/micro0x00

Support me :

https://www.buymeacoffee.com/Micro0x00

--

--

Muhammad Mater

Just a Boy Loves Infosec (REDTEAM, CTI, OSINT, Bug Bounty) And Security Analyst @Darkentry.net