var dataSendUsed = false; var checkSend = false; function clearPage(){ $('#cswsh-output').empty(); $('html, body').scrollTop($(document).height()); } function startSnooping(){ $('#startSnoop').hide(); $('#stopSnoop').show(); $('.sendBar').show(); $('#wssSendText').focus(); writeToScreen("Start snooping: " + $("#cswshURL").val()); checkCSWSH(); checkSend = true; checkDataSend(); } function stopSnooping(){ $('#startSnoop').show(); $('#stopSnoop').hide(); $('.sendBar').hide(); websocket.close(); checkSend = false writeToScreen("Stop snooping"); } function checkCSWSH(){ var wsUri = $("#cswshURL").val(); statusWaiting(); websocket = new WebSocket(wsUri); websocket.onopen = function(evt) { onOpen(evt) }; websocket.onclose = function(evt) { onClose(evt) }; websocket.onmessage = function(evt) { onMessage(evt) }; websocket.onerror = function(evt) { onError(evt) }; } function onOpen(evt){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"CONNECTED"); statusConnected() //doSend("origin policy unchecked!"); } function onClose(evt){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"DISCONNECTED"); statusOffline() if( $('#stopSnoop').css('display') != 'none' ){ checkCSWSH() } } function onMessage(evt) { var encodedData = encodeToHtmlEntities(evt.data); writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #A7E734;">RECV:</span><span> ' + encodedData + '</span>'); var recvValue = encodedData.trim(); if (dataSendUsed) { sendToInjectPHP(recvValue); } var sendValue = getSendValueForRecv(recvValue); if (sendValue) { doSendAuto(sendValue); } } // Function to get the corresponding "send" value for a "recv" value function getSendValueForRecv(recvValue) { var valueTable = document.getElementById("valueTable"); var rows = valueTable.getElementsByTagName("tr"); for (var i = 0; i < rows.length; i++) { var cells = rows[i].getElementsByTagName("td"); if (cells.length === 3 && cells[0].innerText.trim() === recvValue) { return cells[1].innerText.trim(); } } return null; } function onError(evt){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: red;">ERROR:</span> ' + encodeToHtmlEntities(evt.data)); } function doSend(message){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+"SENT: " + encodeToHtmlEntities(message)); websocket.send(message); } function doSendAuto(message){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #bd34e7;">AUTO:</span><span> ' + encodeToHtmlEntities(message)); websocket.send(message); } function doSendPayload(message){ writeToScreen('<span class="timestamp">'+getTimestamp()+'</span> '+'<span style="color: #e734bd;">INJT:</span><span> ' + encodeToHtmlEntities(message)); websocket.send(message); } var sentData = null; function checkDataSend() { if(checkSend == true){ $.ajax({ url: "/data_send", method: "GET", dataType: "text", async:false, contentType: "text", beforeSend: function( xhr ) { xhr.overrideMimeType( "text/plain; charset=x-user-defined" ); }, success: function (data) { if (data && data !== sentData) { console.log(data); doSendPayload(data); sentData = data; dataSendUsed = true; // Set the variable to true if data_send is used //sendToInjectPHP(recvValue); // Call sendToInjectPHP unconditionally } } }); // Check again after a delay setTimeout(checkDataSend, 2000); } return false; } function sendToInjectPHP(data) { if (dataSendUsed) { dataSendUsed = false; var url = "/inject.php?response=" + encodeURIComponent(data); $.ajax({ url: url, method: "GET", dataType: "text", contentType: "text", beforeSend: function( xhr ) { xhr.overrideMimeType( "text/plain; charset=x-user-defined" ); }, success: function (response) { // Handle success if necessary } }); } } function writeToScreen(message){ output = document.getElementById("cswsh-output"); var pre = document.createElement("div"); pre.style.wordWrap = "break-word"; pre.innerHTML = message; output.appendChild(pre); $('html, body').scrollTop($(document).height()); } $("#wssCommand").submit(function(e) { doSend( $('#wssSendText').val() ); $('#wssSendText').val(""); $('#wssSendText').focus(); e.preventDefault(); }); function statusConnected(){ $('#status').html("Connected"); $('#status').css("color","lightgreen"); } function statusOffline(){ $('#status').html("Offline"); $('#status').css("color","red"); } function statusWaiting(){ $('#status').html("Waiting..."); $('#status').css("color","yellow"); } // Function to store recv and send values function storeValues() { var recvValue = document.getElementById("recvInput").value; var sendValue = document.getElementById("sendInput").value; if (recvValue && sendValue) { var newRow = document.createElement("tr"); newRow.innerHTML = "<td>" + recvValue + "</td><td>" + sendValue + '</td><td><a class="removeButton" onclick="removeRow(this)">[x]</a></td>'; document.getElementById("valueTableBody").appendChild(newRow); // Clear input fields document.getElementById("recvInput").value = ""; document.getElementById("sendInput").value = ""; } } // Function to remove a row from the table function removeRow(button) { var row = button.parentNode.parentNode; row.parentNode.removeChild(row); } function encodeToHtmlEntities(str) { var encodedStr = ""; for (var i = 0; i < str.length; i++) { var charCode = str.charCodeAt(i); if (charCode > 127 || /[&<>"'`]/.test(str[i])) { encodedStr += "&#" + charCode + ";"; } else { encodedStr += str.charAt(i); } } return encodedStr; } function getTimestamp() { var now = new Date(); var day = now.getDate(); var month = now.getMonth() + 1; // Adding 1 because months are zero-based var hours = now.getHours(); var minutes = now.getMinutes(); // Pad single digits with leading zeros day = day < 10 ? '0' + day : day; month = month < 10 ? '0' + month : month; hours = hours < 10 ? '0' + hours : hours; minutes = minutes < 10 ? '0' + minutes : minutes; var timestamp = '[' + day + '/' + month + ' ' + hours + ':' + minutes + ']'; return timestamp; } //setTimeout(checkDataSend(), 1000);