timestamp disclosure issues
391 views
Skip to first unread message
David Joo
Oct 23, 2023, 3:57:38 AM10/23/23
to ZAP User Group
Hi. im use owasp/zap2docker-stable docker img.
and i got
FAIL-NEW: Timestamp Disclosure - Unix [10096] x 1
-> assets/index.js
when i checked js file
function pM(e) {
for (var t = 0, r, n = 0, a = e.length; a >= 4; ++n,
a -= 4)
r = e.charCodeAt(n) & 255 | (e.charCodeAt(++n) & 255) << 8 | (e.charCodeAt(++n) & 255) << 16 | (e.charCodeAt(++n) & 255) << 24,
r = (r & 65535) * 1540483477 + ((r >>> 16) * 59797 << 16),
r ^= r >>> 24,
t = (r & 65535) * 1540483477 + ((r >>> 16) * 59797 << 16) ^ (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16);
switch (a) {
case 3:
t ^= (e.charCodeAt(n + 2) & 255) << 16;
case 2:
t ^= (e.charCodeAt(n + 1) & 255) << 8;
case 1:
t ^= e.charCodeAt(n) & 255,
t = (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16)
}
return t ^= t >>> 13,
t = (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16),
((t ^ t >>> 15) >>> 0).toString(36)
}
for (var t = 0, r, n = 0, a = e.length; a >= 4; ++n,
a -= 4)
r = e.charCodeAt(n) & 255 | (e.charCodeAt(++n) & 255) << 8 | (e.charCodeAt(++n) & 255) << 16 | (e.charCodeAt(++n) & 255) << 24,
r = (r & 65535) * 1540483477 + ((r >>> 16) * 59797 << 16),
r ^= r >>> 24,
t = (r & 65535) * 1540483477 + ((r >>> 16) * 59797 << 16) ^ (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16);
switch (a) {
case 3:
t ^= (e.charCodeAt(n + 2) & 255) << 16;
case 2:
t ^= (e.charCodeAt(n + 1) & 255) << 8;
case 1:
t ^= e.charCodeAt(n) & 255,
t = (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16)
}
return t ^= t >>> 13,
t = (t & 65535) * 1540483477 + ((t >>> 16) * 59797 << 16),
((t ^ t >>> 15) >>> 0).toString(36)
}
maybe this function will be issued but this is just bit calculator not timestamp. so how can i passed this issue ?
Simon Bennetts
Oct 23, 2023, 4:57:27 AM10/23/23
to ZAP User Group
If you are not interested in potential Timestamp Disclosure issues then just disable the rule :)
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages