Closed ghost closed 3 years ago
I'm pretty sure that wapplyzer perform lowercases matchs. Note these web links:
"<link [^>]?href=\"?[a-z]?:?//cdn\.statically\.io/" "SquirrelMail version ([.\d]+)[^<]*<br \;version:\1" "<input type=\"hidden\" name=\"shopid\""
HTML specify tags are case insensitive.
Another example for detecting PHP:
"X-Powered-By": "^php/?([\d.]+)?\;version:\1"
In facts, php retruns this header:
x-powered-by: PHP/7.3.27
So the regex match only in case insensitive.
Note this line in the wappalyzer sources: https://github.com/AliasIO/wappalyzer/blob/557bed87113c8f7073a733d85bb9c7cdb67132c3/src/drivers/webextension/js/driver.js#L49
It seems this bloc of code compiles regex, it uses the flag 'i'. (if someone understand javascript, it could be validate this ?)
I'm pretty sure that wapplyzer perform lowercases matchs. Note these web links:
"<link [^>]?href=\"?[a-z]?:?//cdn\.statically\.io/" "SquirrelMail version ([.\d]+)[^<]*<br \;version:\1" "<input type=\"hidden\" name=\"shopid\""
HTML specify tags are case insensitive.
Another example for detecting PHP:
"X-Powered-By": "^php/?([\d.]+)?\;version:\1"
In facts, php retruns this header:
So the regex match only in case insensitive.
Note this line in the wappalyzer sources: https://github.com/AliasIO/wappalyzer/blob/557bed87113c8f7073a733d85bb9c7cdb67132c3/src/drivers/webextension/js/driver.js#L49
It seems this bloc of code compiles regex, it uses the flag 'i'. (if someone understand javascript, it could be validate this ?)