Detection

This part will be executed right after Jaeles got response from the request and do a logic for determine the request is vulnerable or not.

Detections was written in Javascript so you can write whatever you want with some predefined function below as long as you return boolean value to determine it’s found something or not.

Examples Detection

# Response Status code equal 200 and the response body contain a string 'google.com' or 'example.com'
StatusCode() == 200 && (StringSearch("response", "google.com") || StringSearch("response", "example.com"))

# Content Length of the response have to greater than original request
ContentLength() - OriginContentLength() > 5000

# Response time of the request greater or smaller than original response time
Math.abs(ResponseTime() - OriginResponseTime()) > 3

# Get value of previous request
ContentLength() - parseInt(ValueOf("404html")) > 1000
OriginResponseTime() - parseFloat(ValueOf("resTime")) > 5

Normal Detection

API Detection Description Example
StringSearch Search string in component StringSearch("response", "something")
StringCount Return number of string in component StringCount("response", "something")
RegexSearch Search regex in component RegexSearch("response", ".*something$")
RegexCount Return number of string match the regex in component RegexCount("response", ".*something$")
StatusCode Status code of the response StatusCode() == 200, StatusCode() > 400
ResponseTime Response time of the response (second) ResponseTime() > 3
ContentLength Content Length of response ContentLength() > 5000, StatusCode() > 400
OriginStatusCode Status code of the Original response OriginStatusCode() != StatusCode()
OriginResponseTime Response time of the Original response (second) ResponseTime() > OriginResponseTime()
OriginContentLength Content Length of Original response ContentLength() - OriginContentLength() > 5000
ValueOf Value of variables ValueOf("foo") == "bar"
HasPopUp Check if is there any pop-up box while requesting to a URL (only available when using engine: chrome) StatusCode() == 200 && HasPopUp()
Exist Check if is file or folder exist Exist('/tmp/folder/newfile')
StringGrepCmd Search string in custom command output StringGrepCmd('bash command', 'string_to_grep')
RegexGrepCmd Search regex in custom command output RegexGrepCmd('bash command', 'regex_to_grep')
RegexGrepCmd Search regex in custom command output RegexGrepCmd('bash command', 'regex_to_grep')

Dns Detection

API Detection Description Example
DnsString Search string in DNS component DnsRegex('NS', '.amazonaws.com')
DnsRegex Search regex in DNS component DnsRegex('A', '(?m).*ec2.*compute\\.amazonaws\\.com.*A$')
API Detection Description Example
request raw request StringSearch("request", "something")
response raw response of the request StringSearch("oResponse", "something")
resHeaders raw headers of the response StringSearch("resHeaders", "something")
resBody raw body of the response StringSearch("resBody", "something")
oRequest raw original request StringSearch("oRequest", "something")
oResponse raw original request response of the request StringSearch("response", "something")
middleware output of the middleware StringSearch("middleware", "Success!")

Special Detection

API Detection Description Example
Collab Grepping collaborator response in Reuqest response or Do Real Polling with BurpCollab secret. Collab("{{.oob}}")