-
Notifications
You must be signed in to change notification settings - Fork 9
/
checkdap.sh
executable file
·50 lines (42 loc) · 1.2 KB
/
checkdap.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#!/bin/sh
#
# This script will check whether the DAP queries are accurate
# using phantomjs to pull down the full page.
#
if command -v phantomjs >/dev/null ; then
echo "good, phantomjs is installed"
else
echo "error: phantomjs needs to be installed for this to work"
exit 1
fi
if [ -f "$1" ] ; then
DAPJSON="$1"
else
DAPJSON="/tmp/dap-$$.json"
curl https://site-scanning.app.cloud.gov/api/v1/scans/dap/ > "$DAPJSON" 2>/dev/null
fi
cat <<EOF > "/tmp/save_page-$$.js"
var system = require('system');
var page = require('webpage').create();
page.open(system.args[1], function()
{
console.log(page.content);
phantom.exit();
});
EOF
jq -rj '.[] | .domain, " ", .data.dap_detected, "\n"' "$DAPJSON" | while read line ; do
set $line
echo " # doing $1 which is $2"
phantomjs "/tmp/save_page-$$.js" https://"$1" > /tmp/page.$$.html
if grep -E "UA-33523145-1|dap.digitalgov.gov/Universal-Federated-Analytics-Min.js|_fed_an_ua_tag" /tmp/page.$$.html >/dev/null ; then
if [ "$2" != "true" ] ; then
echo "$1 is a false negative (should be true)"
fi
else
if [ "$2" != "false" ] ; then
echo "$1 is a false positive (should be false)"
fi
fi
done
rm -f "/tmp/dap-$$.json"
rm -f "/tmp/save_page-$$.js"