• Search by APIs
• Search by Words
• Project Search

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• njsscan-master
  • .github
    • FUNDING.yml
    • workflows
      • python_test.yml
      • docker-latest.yml
      • publish.yml
      • docker-release.yml
  • LICENSE
  • njsscan
    • exceptions.py
    • logger.py
    • __main__.py
    • formatters
      • cli.py
      • sonarqube.py
      • __init__.py
      • sarif.py
      • json.py
    • rules
      • pattern_matcher
        • template_rules.yaml
      • missing_controls.yaml
      • semantic_grep
        • xml
          • xxe_xml2json.yaml
          • xml_entity_expansion_dos.yaml
          • xxe_node.yaml
          • xxe_sax.yaml
          • xxe_expat.yaml
          • xpathi_node.yaml
        • dos
          • layer7_object_dos.yaml
          • express_bodyparser_dos.yaml
          • regex_injection.yaml
          • regex_dos.yaml
        • database
          • sql_injection_knex.yaml
          • nosql_find_injection.yaml
          • nosql_injection.yaml
          • sequelize_tls.yaml
          • sequelize_tls_validation.yaml
          • sequelize_weak_tls.yaml
          • sql_injection.yaml
        • crypto
          • timing_attack_node.yaml
          • crypto_node.yaml
          • tls_node.yaml
        • jwt
          • jwt_exposed_credentials.yaml
          • jwt_exposed_data.yaml
          • jwt_hardcoded.yaml
          • jwt_not_revoked.yaml
          • jwt_express_hardcoded.yaml
          • jwt_none_algorithm.yaml
        • electronjs
          • security_electron.yaml
        • headers
          • header_cookie.yaml
          • header_xss_protection.yaml
          • header_cors_star.yaml
          • header_injection.yaml
          • host_header_injection.yaml
          • header_helmet_disabled.yaml
        • xss
          • xss_templates.yaml
          • xss_mustache_escape.yaml
          • xss_node.yaml
          • xss_serialize_js.yaml
        • redirect
          • open_redirect.yaml
        • eval
          • eval_grpc_deserialize.yaml
          • eval_require.yaml
          • eval_sandbox.yaml
          • eval_vm_injection.yaml
          • eval_deserialize.yaml
          • eval_yaml_deserialize.yaml
          • eval_node.yaml
          • server_side_template_injection.yaml
          • eval_vm2_injection.yaml
        • generic
          • hardcoded_secrets.yaml
          • logic_bypass.yaml
          • error_disclosure.yaml
          • hardcoded_passport.yaml
        • traversal
          • resolve_path_traversal.yaml
          • archive_path_overwrite.yaml
          • express_hbs_lfr.yaml
          • path_traversal.yaml
        • ssrf
          • ssrf_node.yaml
          • ssrf_playwright.yaml
          • ssrf_puppeteer.yaml
          • ssrf_wkhtmltoimage.yaml
          • ssrf_phantomjs.yaml
          • ssrf_wkhtmltopdf.yaml
        • good
          • good_ratelimiting.yaml
          • good_helmet_checks.yaml
          • good_anti_csrf.yaml
        • exec
          • exec_os_command.yaml
          • exec_shelljs.yaml
        • memory
          • buffer_noassert.yaml
    • __init__.py
    • utils.py
    • settings.py
    • njsscan.py
  • SECURITY.md
  • setup.py
  • README.md
  • tests
    • unit
      • test_dotfile.py
      • test_nodejs.py
      • __init__.py
      • test_templates.py
      • setup_test.py
    • assets
      • dot_njsscan
        • .njsscan
        • lorem_scan.js
        • skip_dir
          • skip_me.js
        • ignore_template.hbs
        • ignore_ext.hbs
        • skip.js
        • scan.new
        • no_ext_scan
      • templates
        • true_positives
          • electron.html
          • underscore.html
          • ect.tmpl
          • squirrelly.js.html
          • handlebars.hbs
          • jade_template.jade
          • pug.pug
          • ejs_template.ejs
          • dust.tl
          • mustache.mustache
          • vue.vue
        • true_negatives
          • ect_template.tmpl
          • squirrelly.js.html
          • jade_template.jade
          • vue_template.vue
          • pug_template.pug
          • dust_template.tl
          • underscore_template.html
          • ejs_template.ejs
          • mustache_template.mustache
          • handlebars_template.hbs
          • electron_template.html
      • node_source
        • true_positives
          • semantic_grep
            • xml
              • xml_entity_expansion_dos.js
              • xxe_expat.js
              • xpathi_node.js
              • xxe_xml2json.js
              • xxe_sax.js
              • xxe_node.js
            • dos
              • regex_injection.js
              • express_bodyparser_dos.js
              • layer7_object_dos.js
              • regex_dos.js
            • database
              • nosql_find_injection.js
              • sql_injection.js
              • sequelize_weak_tls.js
              • sequelize_tls_validation.js
              • sequelize_tls.js
              • nosql_injection.js
              • sql_injection_knex.js
            • crypto
              • tls_node.js
              • timing_attack_node.js
              • crypto_node.js
            • jwt
              • jwt_express_hardcoded.js
              • jwt_hardcoded.js
              • jwt_exposed_credentials.js
              • jwt_not_revoked.js
              • jwt_none_algorithm.js
              • jwt_exposed_data.js
            • electronjs
              • security_electron.js
            • headers
              • host_header_injection.js
              • header_helmet_disabled.js
              • header_injection.js
              • header_cookie.js
              • header_xss_protection.js
              • header_cors_star.js
            • xss
              • xss_node.js
              • xss_serialize_js.js
              • xss_templates.js
              • xss_mustache_escape.js
            • redirect
              • open_redirect.js
            • eval
              • server_side_template_injection.js
              • eval_grpc_deserialize.js
              • eval_yaml_deserialize.js
              • eval_vm2_injection.js
              • eval_require.js
              • eval_sandbox.js
              • eval_deserialize.js
              • eval_vm_injection.js
              • eval_node.js
            • generic
              • hardcoded_secrets.js
              • logic_bypass.js
              • hardcoded_passport.js
              • error_disclosure.js
            • traversal
              • express_hbs_lfr.js
              • path_traversal.js
              • archive_path_overwrite.js
              • resolve_path_traversal.js
            • ssrf
              • ssrf_wkhtmltoimage.js
              • ssrf_puppeteer.js
              • ssrf_phantomjs.js
              • ssrf_wkhtmltopdf.js
              • ssrf_node.js
              • ssrf_playwright.js
            • exec
              • exec_shelljs.js
              • exec_os_command.js
            • memory
              • buffer_noassert.js
        • true_negatives
          • safe_sax.js
          • safe_error_handling.js
          • safe_require.js
          • safe_wkhtmltopdf.js
          • express_bodyparser.js
          • hardcoded_os_command.js
          • safe_phantomjs.js
          • safe_regex_check.js
          • hardcoded_evals.js
          • safe_sequelize_strong_tls.js
          • safe_grpc.js
          • safe_yaml_load.js
          • safe_xml_expansion.js
          • safe_creds_node.js
          • safe_playwright.js
          • safe_traversal.js
          • header_helmet_enabled.js
          • http_client_node.js
          • safe_seralize_js.js
          • safe_jwt_revoked.js
          • safe_passport.js
          • safe_expat.js
          • safe_sequelize_tls.js
          • safe_sql_knex.js
          • safe_mustache_escape.js
          • safe_templates.js
          • safe_jwt_token.js
          • safe_regex.js
          • safe_redirect.js
          • safe_vm2.js
          • safe_nosql.js
          • safe_template_rendering.js
          • safe_xpath.js
          • express_hbs_safe.js
          • safe_vm.js
          • safe_nosql_find.js
          • safe_headers.js
          • header_xss_protection.js
          • safe_wkhtmltoimage.js
          • safe_host_header.js
          • safe_header_cookie.js
          • safe_jwt_credentials.js
          • safe_jwt_express.js
          • safe_tls_node.js
          • safe_sequelize_tls_validation.js
          • safe_buffer.js
          • safe_shelljs.js
          • safe_comparison.js
          • safe_jwt_data.js
          • safe_cors_header.js
          • safe_jwt_algorithm.js
          • safe_puppeteer.js
          • safe_sandbox.js
          • safe_xml_parsing.js
          • safe_html_node.js
          • good_controls.js
          • safe_serialize.js
          • safe_electron.js
          • safe_xml2json.js
          • safe_crypto.js
          • safe_path_join_resolve.js
          • safe_archive_extract.js
          • safe_sql.js
          • safe_loop.js
      • .semgrepignore
  • Dockerfile
  • .gitignore
  • .dockerignore
  • MANIFEST.in
  • tox.ini

if (name == 'test') {
    acces = 1;
}

// ruleid:node_timing_attack
if (password == 'mypass') {
    correct = 1;
}

// ruleid:node_timing_attack
if ('test' == password) {
    correct = 2;
}

// ruleid:node_timing_attack
if ('test' === password) {
    correct = 2;
}

// ruleid:node_timing_attack
if (password == test)
    x = 1;



// https://stackoverflow.com/a/47518578/2927282
import { pbkdf2Sync, randomBytes } from 'crypto';

export class Auth {
    iters = 1e1; // TODO: increase later
    keylen = 64;
    digest = 'sha512';

    create(password) {
        const salt = randomBytes(128).toString('base64'); // <- salt 
        // salt was not base64 before being used by pbkdf2

        const hash = pbkdf2Sync(password, salt, this.iters, this.keylen, this.digest).toString('base64');

        return [salt, hash, this.iters].join('::');
    }

    verify(stored, password) {
        const [salt, hash, iters] = stored.split('::');
        const verify = pbkdf2Sync(password, salt, parseInt(iters, 10), this.keylen, this.digest);

        // ruleid:node_timing_attack
        return hash === verify.toString('base64');
    }
}

function isAuthenticated(user, token) {
    var correctToken = FetchUserTokenFromDB(user);
    // ruleid:node_timing_attack
    return token === correctToken;
}