Voyager.js is a Node.js script designed for testing URLs for template injection vulnerabilities. It automates the process of appending known injection strings to URLs and monitors the responses for signs of successful injection.
- Injection Testing: Tests a list of known injection strings against provided URLs.
- User-Agent Rotation: Cycles through a list of user agents for each request.
- Command-Line Options: Customizable user agents, injection values, and logging.
- Logging: Option to log successful injections to a file for further analysis.
Before installing, ensure you have Node.js installed on your system. You can download Node.js from here.
Clone the repository & install required dependencies:
git clone https://github.com/anger/voyager-js.git
cd voyager-js
npm install
To run the script, use the following command in your terminal:
node voyager.js
--log, -l: Enable logging of successful injections to a file.
--user-agent, -u: Specify a custom user agent for requests.
--value, -v: Test a specific injection value.
Example of running with options:
node voyager.js --log
node voyager.js --user-agent "Custom User Agent"
node voyager.js --value "{{1337*1337}}"
Enter the base URL to test at the prompt. To stop the script, type 'exit' or use Ctrl+C.
Planned enhancements for Voyager.js include:
-
Interactive CLI: Implementing a more interactive command-line interface using libraries like
inquirer.js
for a better user experience. -
Advanced Error Handling: Enhancing error handling to manage different types of errors more effectively, providing more detailed feedback to the user.
-
Proxy Support: Adding the ability to route requests through proxies for testing from different network locations or for privacy concerns.
-
Parameterized Injection Points: Allowing users to specify where in the URL the injection values should be placed, such as in the query parameters, path, or even in HTTP headers.
-
Extended Timeout Control: Providing options to set custom timeout durations for different types of connections and responses.
-
Rate Limiting: Incorporating rate limiting features to prevent sending too many requests in a short time frame.
-
Automated Scripting: Enabling the tool to run automated scripts for batch processing of multiple URLs or injection patterns.
-
Integration with Security Tools: Integrating with popular security testing frameworks or vulnerability scanners for more comprehensive testing capabilities.
-
Customizable Output Formats: Allowing users to choose different formats for output logs, such as JSON, XML, or CSV, for easier integration with other tools and systems.
-
Dockerization: Packaging the application in a Docker container for ease of deployment and consistency across various environments.
-
Multithreading/Parallel Requests: Implementing multithreading or parallel processing to handle multiple requests simultaneously, thus improving the tool's efficiency.
-
Enhanced Logging Options: Expanding the logging functionality to include different levels of verbosity and the ability to log to different destinations (files, databases, etc.).
-
Time Based SSTI Payloads
These features aim to enhance the usability, functionality, and versatility of Voyager.js, making it a more comprehensive tool for SSTI testing.