@hclsoftware/secagent/src/Rules/HookRules/ExploitRule.js

IAST agent

//IASTIGNORE
/*
 * ****************************************************
 * Licensed Materials - Property of HCL.
 * (c) Copyright HCL Technologies Ltd. 2017, 2025.
 * Note to U.S. Government Users *Restricted Rights.
 * ****************************************************
 */

const HookRule = require('./HookRule')
const TaintTracker = require('../../TaintTracker')

class ExploitRule extends HookRule {
    doHook(hookValues) {
        const param = HookRule.getActualParam(this.data.from, hookValues)
        const vulnerability = this.data.vulnerability
        let weakCryptoBL = ['md2', 'md4', 'md5', 'sha1', 'rc2', 'rc4', 'bf', 'blowfish', 'des'];
        if ((vulnerability === TaintTracker.Vulnerability.WEAK_CRYPTO || vulnerability === TaintTracker.Vulnerability.WEAK_HASH)
            && hookValues.origMethod.name !== 'createCipher') {
            if (weakCryptoBL.some(blackListRegexElement => param.origToLowerCase().match(blackListRegexElement))) {
                TaintTracker.reportExploitVulnerability(vulnerability, param, hookValues.origMethod.name, hookValues.args, hookValues.ret, hookValues.additionalInfo);
            }
        } else {
            TaintTracker.reportExploitVulnerability(vulnerability, param, hookValues.origMethod.name, hookValues.args, hookValues.ret, hookValues.additionalInfo);
        }
    }
}

module.exports = ExploitRule