java source code danger function identify prog
JavaID identify some dangerous functions in java source code by way of regular matching.
For further details, check out the source code on the main site, github.com/Cryin/JavaID.
XXE:
"SAXReader",
"DocumentBuilder",
"XMLStreamReader",
"SAXBuilder",
"SAXParser",
"XMLReader",
"SAXSource",
"TransformerFactory",
"SAXTransformerFactory",
"SchemaFactory",
"Unmarshaller",
"XPathExpression"
JavaObjectDeserialization:
"readObject",
"readUnshared",
"Yaml.load",
"fromXML",
"ObjectMapper.readValue",
"JSON.parseObject"
SSRF:
"HttpClient",
"Socket",
"URL",
"ImageIO",
"HttpURLConnection",
"OkHttpClient"
"SimpleDriverDataSource.getConnection"
"DriverManager.getConnection"
FILE:
"MultipartFile",
"createNewFile",
"FileInputStream"
SPelInjection:
"SpelExpressionParser",
"getValue"
Autobinding:
"@SessionAttributes",
"@ModelAttribute"
URL-Redirect:
"sendRedirect",
"forward",
"setHeader"
EXEC:
"getRuntime.exec",
"ProcessBuilder.start",
"GroovyShell.evaluate"
and so on...
Also you can add function id with regexp.xml!
Usage: python javaid.py -d dir
contact me :)