Merge pull request juice-shop#1891 from StephanPillhofer/WindowsFileD…

…etection Improve Windows system.ini file detection
qauni · Sep 23, 2022 · 571a055 · 571a055
2 parents f66288f + ba86392
commit 571a055
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/lib/utils.ts b/lib/utils.ts
@@ -206,11 +206,11 @@ export const getErrorMessage = (error: unknown) => {
 }
 
 export const matchesSystemIniFile = (text: string) => {
-  const match = text.match(/(; for 16-bit app support|drivers|mci|driver32|386enh|keyboard|boot|display)/gi)
+  const match = text.match(/; for 16-bit app support/gi)
   return match !== null && match.length >= 1
 }
 
 export const matchesEtcPasswdFile = (text: string) => {
-  const match = text.match(/\w*:\w*:\d*:\d*:\w*:.*/gi)
+  const match = text.match(/(\w*:\w*:\d*:\d*:\w*:.*)|(Note that this file is consulted directly)/gi)
   return match !== null && match.length >= 1
 }
diff --git a/routes/fileUpload.ts b/routes/fileUpload.ts
@@ -79,7 +79,7 @@ function handleXmlUpload ({ file }: Request, res: Response, next: NextFunction)
         vm.createContext(sandbox)
         const xmlDoc = vm.runInContext('libxml.parseXml(data, { noblanks: true, noent: true, nocdata: true })', sandbox, { timeout: 2000 })
         const xmlString = xmlDoc.toString(false)
-        challengeUtils.solveIf(challenges.xxeFileDisclosureChallenge, () => { return (utils.matchesEtcPasswdFile(xmlString || utils.matchesSystemIniFile(xmlString))) })
+        challengeUtils.solveIf(challenges.xxeFileDisclosureChallenge, () => { return (utils.matchesEtcPasswdFile(xmlString) || utils.matchesSystemIniFile(xmlString)) })
         res.status(410)
         next(new Error('B2B customer complaints via file upload have been deprecated for security reasons: ' + utils.trunc(xmlString, 400) + ' (' + file.originalname + ')'))
       } catch (err: any) { // TODO: Remove any