=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_alias/mod_alias_postfixadmin.sh-17- select replace(address, concat('@', target_domain), concat('@', alias_domain)) as address, goto FROM alias JOIN alias_domain ON alias_domain.target_domain = SUBSTRING(alias.address, locate('@',alias.address) + 1, length(alias.address)) prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_alias/mod_alias_postfixadmin.sh:18:) a WHERE a.address != a.goto;" | $mysql | sort | uniq prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_alias/mod_alias_postfixadmin.sh-19- ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ccert/mod_auth_ccert.lua-20- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ccert/mod_auth_ccert.lua:21:function username_extractor.xmppaddr(cert, authz, session) prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ccert/mod_auth_ccert.lua-22- local extensions = cert:extensions(); ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-52-Set `http_cookie_auth_url` to the web application URL that is used to check the prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown:53:cookie. You may use the variables `$host` for the XMPP host and `$user` for the prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-54-XMPP username. prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-55- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown:56:If the `$user` variable is included in the URL, the client must provide the username prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-57-via the "authzid" in the SASL EXTERNAL authentication mechanism. prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-58- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown:59:If the `$user` variable is *not* included in the URL, Prosody expects the web application's response to be the username instead, as UTF-8 text/plain. prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_http_cookie/README.markdown-60- ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ldap/README.markdown-38- ldap\_password Password for rootdn `""` prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ldap/README.markdown:39: ldap\_filter Search filter, with `$user` and `$host` substituted for user- and hostname `"(uid=$user)"` prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_auth_ldap/README.markdown-40- ldap\_scope Search scope. other values: "base" and "onelevel" `"subtree"` ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-98- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown:99:There is an automatic zone named `$local`, which automatically includes prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-100-all of the current server's active hosts (including components). It can ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-589- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown:590:You can include expressions in log messages, using `$(...)` syntax. For example, to log the stanza that matched the rule, you can use $(stanza), prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-591-or to log just the top tag of the stanza, use $(stanza:top_tag()). ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-661- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown:662:Stanza expressions are of the form `$<...>`, where `...` is a stanza path. For syntax of stanza paths, see the documentation for the 'INSPECT' condition prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-663-above. ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-690- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown:691:Code expressions use `$(...)` syntax. Code expressions are powerful, and allow unconstrained access to Prosody's internal environment. Therefore prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_firewall/README.markdown-692-code expressions are typically for advanced use-cases only. You may want to refer to Prosody's [developer documentation](https://prosody.im/doc/developers) ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_http_rest/README.markdown-9- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_http_rest/README.markdown:10:This enables you to send stanzas by making HTTP requests to `http://${prosody-url}/rest`. prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_http_rest/README.markdown-11- ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-84- return string.format("proto=%s/%s src=%s:%d dst=%s:%d", prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua:85: self:addr_family_str(), self:transport_str(), self:src_addr(), self:src_port(), self:dst_addr(), self:dst_port()); prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-86-end ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-107- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua:108:function proxy_data_mt:src_addr() prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-109- return self._src_addr; ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-115- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua:116:function proxy_data_mt:dst_addr() prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-117- return self._dst_addr; ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-280- conn.proxyip, conn.proxyport = conn.ip, conn.port; prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua:281: if proxy_data:src_addr() ~= nil and proxy_data:src_port() ~= nil then prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-282- conn.ip = function() prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua:283: return proxy_data:src_addr(); prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_net_proxy/mod_net_proxy.lua-284- end ############################################## prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_storage_xmlarchive/README.markdown-69- prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_storage_xmlarchive/README.markdown:70:Where `$DIR` is `to` or `from`, `$STORE` is e.g. `archive` or `archive2` prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_storage_xmlarchive/README.markdown:71:for MAM and `muc_log` for MUC logs. Finally, `$JID` is the JID of the prosody-modules-0.0~hg20200915.ed0c7044b00f+dfsg/mod_storage_xmlarchive/README.markdown-72-user or MUC room to be migrated, which can be repeated.