var dataSendUsed = false;
var checkSend = false;
function clearPage(){
$('#cswsh-output').empty();
$('html, body').scrollTop($(document).height());
}
function startSnooping(){
$('#startSnoop').hide();
$('#stopSnoop').show();
$('.sendBar').show();
$('#wssSendText').focus();
writeToScreen("Start snooping: " + $("#cswshURL").val());
checkCSWSH();
checkSend = true;
checkDataSend();
}
function stopSnooping(){
$('#startSnoop').show();
$('#stopSnoop').hide();
$('.sendBar').hide();
websocket.close();
checkSend = false
writeToScreen("Stop snooping");
}
function checkCSWSH(){
var wsUri = $("#cswshURL").val();
statusWaiting();
websocket = new WebSocket(wsUri);
websocket.onopen = function(evt) { onOpen(evt) };
websocket.onclose = function(evt) { onClose(evt) };
websocket.onmessage = function(evt) { onMessage(evt) };
websocket.onerror = function(evt) { onError(evt) };
}
function onOpen(evt){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"CONNECTED");
statusConnected()
//doSend("origin policy unchecked!");
}
function onClose(evt){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"DISCONNECTED");
statusOffline()
if( $('#stopSnoop').css('display') != 'none' ){
checkCSWSH()
}
}
function onMessage(evt) {
var encodedData = encodeToHtmlEntities(evt.data);
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #A7E734;">RECV:</span><span> ' + encodedData + '</span>');
var recvValue = encodedData.trim();
if (dataSendUsed) {
sendToInjectPHP(recvValue);
}
var sendValue = getSendValueForRecv(recvValue);
if (sendValue) {
doSendAuto(sendValue);
}
}
// Function to get the corresponding "send" value for a "recv" value
function getSendValueForRecv(recvValue) {
var valueTable = document.getElementById("valueTable");
var rows = valueTable.getElementsByTagName("tr");
for (var i = 0; i < rows.length; i++) {
var cells = rows[i].getElementsByTagName("td");
if (cells.length === 3 && cells[0].innerText.trim() === recvValue) {
return cells[1].innerText.trim();
}
}
return null;
}
function onError(evt){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: red;">ERROR:</span> ' + encodeToHtmlEntities(evt.data));
}
function doSend(message){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"SENT: " + encodeToHtmlEntities(message));
websocket.send(message);
}
function doSendAuto(message){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #bd34e7;">AUTO:</span><span> ' + encodeToHtmlEntities(message));
websocket.send(message);
}
function doSendPayload(message){
writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #e734bd;">INJT:</span><span> ' + encodeToHtmlEntities(message));
websocket.send(message);
}
var sentData = null;
function checkDataSend() {
if(checkSend == true){
$.ajax({
url: "/data_send",
method: "GET",
dataType: "text",
async:false,
contentType: "text",
beforeSend: function( xhr ) {
xhr.overrideMimeType( "text/plain; charset=x-user-defined" );
},
success: function (data) {
if (data && data !== sentData) {
console.log(data);
doSendPayload(data);
sentData = data;
dataSendUsed = true; // Set the variable to true if data_send is used
//sendToInjectPHP(recvValue); // Call sendToInjectPHP unconditionally
}
}
});
// Check again after a delay
setTimeout(checkDataSend, 2000);
}
return false;
}
function sendToInjectPHP(data) {
if (dataSendUsed) {
dataSendUsed = false;
var url = "/inject.php?response=" + encodeURIComponent(data);
$.ajax({
url: url,
method: "GET",
dataType: "text",
contentType: "text",
beforeSend: function( xhr ) {
xhr.overrideMimeType( "text/plain; charset=x-user-defined" );
},
success: function (response) {
// Handle success if necessary
}
});
}
}
function writeToScreen(message){
output = document.getElementById("cswsh-output");
var pre = document.createElement("div");
pre.style.wordWrap = "break-word";
pre.innerHTML = message;
output.appendChild(pre);
$('html, body').scrollTop($(document).height());
}
$("#wssCommand").submit(function(e) {
doSend( $('#wssSendText').val() );
$('#wssSendText').val("");
$('#wssSendText').focus();
e.preventDefault();
});
function statusConnected(){
$('#status').html("Connected");
$('#status').css("color","lightgreen");
}
function statusOffline(){
$('#status').html("Offline");
$('#status').css("color","red");
}
function statusWaiting(){
$('#status').html("Waiting...");
$('#status').css("color","yellow");
}
// Function to store recv and send values
function storeValues() {
var recvValue = document.getElementById("recvInput").value;
var sendValue = document.getElementById("sendInput").value;
if (recvValue && sendValue) {
var newRow = document.createElement("tr");
newRow.innerHTML =
"<td>" +
recvValue +
"</td><td>" +
sendValue +
'</td><td><a class="removeButton" onclick="removeRow(this)">[x]</a></td>';
document.getElementById("valueTableBody").appendChild(newRow);
// Clear input fields
document.getElementById("recvInput").value = "";
document.getElementById("sendInput").value = "";
}
}
// Function to remove a row from the table
function removeRow(button) {
var row = button.parentNode.parentNode;
row.parentNode.removeChild(row);
}
function encodeToHtmlEntities(str) {
var encodedStr = "";
for (var i = 0; i < str.length; i++) {
var charCode = str.charCodeAt(i);
if (charCode > 127 || /[&<>"'`]/.test(str[i])) {
encodedStr += "&#" + charCode + ";";
} else {
encodedStr += str.charAt(i);
}
}
return encodedStr;
}
function getTimestamp() {
var now = new Date();
var day = now.getDate();
var month = now.getMonth() + 1; // Adding 1 because months are zero-based
var hours = now.getHours();
var minutes = now.getMinutes();
// Pad single digits with leading zeros
day = day < 10 ? '0' + day : day;
month = month < 10 ? '0' + month : month;
hours = hours < 10 ? '0' + hours : hours;
minutes = minutes < 10 ? '0' + minutes : minutes;
var timestamp = '[' + day + '/' + month + ' ' + hours + ':' + minutes + ']';
return timestamp;
}
//setTimeout(checkDataSend(), 1000);
0xRoM