-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
74 lines (57 loc) · 1.95 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/env node
import { Command } from 'commander';
import readline from 'node:readline';
import cdnjs from './services/cdnjs.service.js';
import check from './services/check.service.js';
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
terminal: false,
});
const program = new Command();
program.addHelpText(
'afterAll',
`
Examples:
ppfang cdnjs
ppfang cdnjs -c 50
cat urls.txt | ppfang pipe -c 10
echo "https://somesite.com/" | ppfang pipe
gau --blacklist png,jpg,gif,txt,json,js some-random-domain.com | ppfang pipe -c 50
ppfang --help || ppfang
Happy hunting!
`
);
program
.name('ppfang')
.usage('[command] [option]')
.description('A tool which helps identifying client-side prototype polluting libraries');
program
.command('cdnjs')
.description('Verifies the latest libraries from cdnjs.com')
.action(async (options) => {
const concurrency = Number.parseInt(options.concurrency);
concurrency ? await cdnjs.probeAll(concurrency) : await cdnjs.probeAll();
process.exit(0);
});
program
.command('pipe')
.description('Checks a list of urls provided through stdin for client-side prototype polluting functions')
.action(async (options) => {
const concurrency = Number.parseInt(options.concurrency);
let urls = [];
rl.on('line', (line) => urls.push(line));
rl.on('close', async () => {
try {
concurrency || urls.length ? await check.probeAll(urls, concurrency) : await check.probeAll(urls);
} catch (error) {
console.error('Error during processing:', error);
} finally {
process.on('exit', () => {
console.log('Done.');
});
}
});
});
program.commands.forEach((command) => command.option('-c, --concurrency <concurrency>', 'concurrency level', '10'));
program.parse();