arachni scan this js file and stop
Created by: willisfeng
C:\arachni\bin>arachni http://192.168.2.54/jjsloginstatic
/js/common/comm_workname.js
Arachni - Web Application Security Scanner Framework v1.5.1
Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
(With the support of the community and the Arachni Team.)
Website: http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki
[~] No checks were specified, loading all.
[~] No element audit options were specified, will audit links, forms, cookies,
UI inputs, UI forms, JSONs and XMLs.
[*] Initializing...
[*] Preparing plugins...
[*] ... done.
[*] BrowserCluster: Initializing 6 browsers...
[*] BrowserCluster: Spawned #1 with PID 7708 [lifeline at PID 7848].
[*] BrowserCluster: Spawned #2 with PID 6992 [lifeline at PID 6316].
[*] BrowserCluster: Spawned #3 with PID 5884 [lifeline at PID 7124].
[*] BrowserCluster: Spawned #4 with PID 480 [lifeline at PID 7568].
[*] BrowserCluster: Spawned #5 with PID 580 [lifeline at PID 6720].
[*] BrowserCluster: Spawned #6 with PID 7060 [lifeline at PID 7192].
[*] BrowserCluster: Initialization completed with 6 browsers in the pool.
[*] [HTTP: 200] http://192.168.2.54/jjsloginstatic/js/common/comm_workname.js
[~] Identified as: nginx
comm_workname.js code:
var select_styles = '<style type="text/css">.ui-autocomplete{background:#fff;border:1px solid #7f9db9;position:absolute;z-index:99999;top:21px;left:1px;max-height:150px;overflow-y:auto;overflow-x:hidden;display:none}.ui-autocomplete a{display:block;padding:0 5px;width:100%;height:22px;line-height:22px;overflow:hidden;text-indent:5px;color:#333}.ui-autocomplete div{color:#f00;height:22px;line-height:22px;text-align:center;}.ui-autocomplete a:hover{background:#f0f0f0}.ui-autocomplete a.getaway,.ui-autocomplete a.getaway:hover{color:#f00;}</style>';
jQuery('head').append(select_styles);
//jQuery.getScript("/js/common/jquery-autocom.min.js");
//2013-11-19 14:50:09 罗铭豪野修改的
jQuery.ajax({
url: "/js/common/jquery-autocom.min.js",
dataType: "script",
async:false
});
function getWorkName(options){
options = options || {};
var dateType = {
1:"/jjslogin/workersearch",
2:"/v/deptworker/ajaxgetworkershang",
3:"/v/deptworker/ajaxGetManager2",
4:"/v/deptworker/ajaxGetManager3"
};
var _thisId = jQuery('#'+options.thisId+''),
noData = {value: "没有数据"},
htmls='',wrap = jQuery('<div class="workname-select"></div>'),
valiBorwser = true,
href = window.location.host.indexOf('i.jjshome.com') > -1,
ifok = valiBorwser || !href || !options.login;
_thisId.keyup(function(e){
var key = e.keyCode;
if(key == 8){
options.deptId ? jQuery('#'+options.deptId+'').val("") : null;
options.deptName ? jQuery('#'+options.deptName+'').val("") : null;
options.deptNumber ? jQuery('#'+options.deptNumber + '').val(""):null;
jQuery('#'+options.workerId+'').val("")
jQuery(".ui-autocomplete").hide();
}
});
if(ifok){
_thisId.autocomplete({
source: function(request,response) {
jQuery.ajax({
type: "POST",
url: dateType[options.dateType],
dataType:'json',
data:options.searchKey!='undefined'? {workerStr: jQuery.trim(_thisId.val()),searchType:3,searchKey:options.searchKey,type:options.includeLz,companyId:options.companyId}:{workerStr:jQuery.trim(_thisId.val()),type:options.includeLz,companyId:options.companyId},
success: function(data) {
if(data.workerArr && data.workerArr.length>0){
response( jQuery.map(data.workerArr,function(item ){
if(!options.login){
return {
value: item.workerName,
label: item.workerName,
workerId : item.workerId,
deptName : item.deptName,
deptId : item.deptId,
id :item.id,
status:item.workerStatus,
deptNumber:item.deptNumber
}
}else{
return {
value: ''+item.deptName+'--'+item.workerName+'',
label: item.workerName,
workerId : item.workerId,
deptName : item.deptName,
deptId : item.deptId,
id :item.id,
deptNumber:item.deptNumber
}
}
}));
}else{
response( jQuery.map(noData,function(item ){
return {
value: item
}
}));
}
}
});
},
minLength:1,
select: function( event, ui ){
if(options.callback){
options.callback(ui.item);
return false;
}
else if(ui.item.value == noData.value){
return false;
}else{
var workerId;
options.login ? workerId = ui.item.id : workerId = ui.item.workerId;
options.workerId ? jQuery("#"+options.workerId+"").val(workerId).triggerHandler('change'):null;
options.deptName ? jQuery("#"+options.deptName+"").val(ui.item.deptName):null;
options.deptId ? jQuery("#"+options.deptId+"").val(ui.item.deptId):null;
options.deptNumber ? jQuery("#"+options.deptNumber+"").val(ui.item.deptNumber):null;
if(jQuery("#password").length > 0){
jQuery("#password").focus();
} else {
jQuery("#"+options.thisId).blur();
}
}
}
}).data("ui-autocomplete")._renderItem = function(ul, item){
var e = jQuery("<li>"), deptName = item.deptName || '';
var status = item.status || 1;
if(options.login) {
return e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>"),e.appendTo(ul);
} else {
if(status !=1 ) {
return e.append("<a href='javascript:;' class='getaway' title="+deptName+"--"+item.value+">"+deptName+"--"+ item.value + "</a>"),e.appendTo(ul)
} else {
return e.append("<a href='javascript:;' title="+deptName+"--"+item.value+">"+deptName+"--"+ item.value + "</a>"),e.appendTo(ul)
}
}
//return options.login ? e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>") : e.append("<a href='javascript:;' title="+deptName+"--"+item.value+">"+deptName+"--"+ item.value + "</a>"),e.appendTo(ul);
};
}else{
_thisId.autocomplete({
source: function(request,response) {
jQuery.ajax({
type: "POST",
url: dateType[3],
dataType:'json',
data:{workerStr:jQuery.trim(_thisId.val())},
success: function(data) {
if(data.workerArr){
response( jQuery.map(data.workerArr,function(item ){
return {
value: ''+item.deptName+'--'+item.workerName+'',
label: item.workerName,
id :item.id
}
}));
}else{
response( jQuery.map(noData,function(item ){
return {
value: item
}
}));
}
}
});
},
minLength:1,
select: function( event, ui ){
if(ui.item.value == noData.value){
return false;
}else{
jQuery("#"+options.workerId+"").val(ui.item.id);
}
if(jQuery("#password").length > 0){
jQuery("#password").focus();
}
}
}).data("ui-autocomplete")._renderItem = function(ul, item){
var e = jQuery("<li>");
return e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>"),e.appendTo(ul);;
};
}
}
//检索部门
function getDeptName(options){
options = options || {};
var _thisId = jQuery('#'+options.thisId+''),
noData = {value: "没有数据"},
htmls='',wrap = jQuery('<div class="workname-select"></div>');
_thisId.keyup(function(e){
var key = e.keyCode;
if(key == 8){
options.deptId ? jQuery('#'+options.deptId+'').val("") : null;
options.deptName ? jQuery('#'+options.deptName+'').val("") : null;
jQuery('#'+options.workerId+'').val("")
jQuery(".ui-autocomplete").hide();
}
});
_thisId.autocomplete({
source: function(request,response) {
jQuery.ajax({
type: "POST",
url: "/v/deptworker/ajaxgetdept",
dataType:'json',
data:{deptStr:jQuery.trim(_thisId.val())},
success: function(data) {
if(data.deptArr){
response( jQuery.map(data.deptArr,function(item ){
return {
value: item.deptName,
label: item.deptName,
deptId : item.olddeptId
}
}));
}else{
response( jQuery.map(noData,function(item ){
return {
value: item
}
}));
}
}
});
},
minLength:1,
select: function( event, ui ){
if(ui.item.value == noData.value){
return false;
}else{
options.deptId ? jQuery("#"+options.deptId+"").val(ui.item.deptId):null;
if(jQuery("#password").length > 0){
jQuery("#password").focus();
}
}
}
}).data("ui-autocomplete")._renderItem = function(ul, item){
var e = jQuery("<li>"), deptName = item.deptName || '';
if(options.login) {
return e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>");
} else {
return e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>"), e.appendTo(ul);
}
// return options.login ? e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>") : e.append("<a href='javascript:;' title="+item.value+">"+ item.value + "</a>"),e.appendTo(ul);
};
}