Blog on EndPoint-Finder Tool

Hey Everyone, I am writing this blog on my tool EndPoint-Finder and also here I will be describing My python script.

What this tool do exactly?

This tool finds all end-points of JavaScript file.

- What is End-Point exactly?

Go with the name itself End and point, means The point (the directories, files or parameter) which is the end of that JavaScript file.

Describing Python script

you can get full code here
So our first functions is end_points:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
end_point = []
extension=(".png",".jpg",".wav",".jpeg",
".json",".js",".php",".xml") #more can be added, as requirement
start = ("/","http://","https://","file://",
"php://","ftp://","./","../")
def end_points(content):
for i in content:
if re.match("^[a-zA-Z0-9_\/:&?%.\-=]*$", i):
if (i.startswith(start) or i.endswith(extension)):
end_point.append(i)


for i in content:
if re.match("^[a-zA-Z0-9_\/:&?%.\-=]*$", i):
if (not i.startswith(start)):
temp = i.split("/")
if "/"+temp[0] in end_point or "./"+temp[0] in end_point or "../"+temp[0] in end_point:
end_point.append(i)

So First for loop is checking if content(It is list) having characters matching with given regex, is there if yes then it will check that it should start with specified protocols start or it should end with specified extensions, and if it passes all if statement than it will append in end_point.
Second for loop is checking for expected directories (not sure if it present!). So first same they are matching with given regex and if it is there then it should not start with start(because I have taken this before in first loop) then I am splitting content with / and if 0th index of that keyword is present in end_point list, then append it too.
Say one example:
Ques: If /teams is in end_point list and JS also contains one name like teams/members(no any start or extension). So what we can say?
Ans: teams/members can be present there, because /teams exist in end_point.
That’s why teams/members will be appended in end_point list(because of Second for loop)

Second function is saving_in_file:

1
2
3
4
def saving_in_file(end_point):
f=open(args.output,'a')
f.write(end_point)
f.write("\n")

If they specify for output file then it will save result in file and it will be in readable fashion.

Third function is print_end_points:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
def print_end_points(end_point):
start1=("http://","https://",
"file://","php://","ftp://")
a="\n-----------------Remote files which are added-----------------------------------\n"
if(args.output): saving_in_file(a)
print a
for i in end_point:
if i.startswith(start1):
print i
if(args.output): saving_in_file(i)

b="\n-----------------These files are present in server------------------------------\n"
print b
if(args.output): saving_in_file(b)
for i in end_point:
if i.endswith(extension):
print i
if(args.output): saving_in_file(i)

c="\n-----------------These are files and directory, you can look into---------------\n"
print c
if(args.output): saving_in_file(c)
start1=("/","./","../")
for i in end_point:
if i.startswith(start1) and not (i.endswith(extension)):
print i
if(args.output): saving_in_file(i)


print "\n-----------------These directory can be present (not sure!!)--------------------\n"
for i in end_point:
if(not i.startswith(start) and not i.endswith(extension)):
print i
if(args.output): saving_in_file(i)

This function is for printing the contents in end_point list, but it will group it into parts, like first it will print all remote files which exists in JS file, then files having extensions and parameters, then files and directory starting with /, ./, ../ and last it will print expected directories.
It is sure that you won’t get repeated output.

Usage

you can get usage and screenshots here

I hope you found it nice article.