freya/xssbook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

switch to auto reload console

Browse source
This commit is contained in:
Tyler Murphy 2023-01-22 16:34:07 -05:00
parent 23eb8b16b6
commit cf7e1653cb
3 changed files with 46 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
index.js
View file

@ -13,12 +13,15 @@ const con = require('./src/console.js')
const api = require('./src/api.js') const api = require('./src/api.js')
app.use((req, res, next) => { app.use((req, res, next) => {
var ip = req.headers['x-real-ip'] || req.connection.remoteAddress;
if (req.path !== '/console') {
const public = { ... req.body } const public = { ... req.body }
if (public.password !== undefined) { if (public.password !== undefined) {
public.password = '********' public.password = '********'
} }
console.log(req.ip, req.method, req.path, public) console.log(ip, req.method, req.path, public)
con.update(req.ip, req.method, req.path, public) con.requests.push({ip: ip, method: req.method, path: req.path, body: public})
}
next() next()
}) })

2
public/js/api.js
View file

@ -1,4 +1,4 @@
const endpoint = 'https://xssbook.com/api' const endpoint = 'http://localhost:8080/api'
const request = async (url, body, method) => { const request = async (url, body, method) => {
if (method === undefined) method = 'POST' if (method === undefined) method = 'POST'

67
src/console.js
View file

@ -1,30 +1,16 @@
const express = require('express') const express = require('express')
const router = express.Router() const router = express.Router()
const sleep = ms => new Promise(r => setTimeout(r, ms));
const connections = [] var requests = []
router.get('/', async (req, res) => { router.get('/', async (req, res) => {
res.write(` res.send(render())
<!DOCTYPE html> if(requests.length > 100) {
<html lang="en"> requests.splice(0, 50)
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/console.css">
<title>XSSBook - Console</title>
</head>
<body>
`)
res.write(new Array(2048).join(" "))
await sleep(500)
connections.push(res)
while (true) {
res.write(" ")
await sleep(100)
} }
}) })
function color(method) { function parseMethod(method) {
switch(method) { switch(method) {
case 'GET': case 'GET':
return '4ae04a' return '4ae04a'
@ -43,7 +29,7 @@ function color(method) {
} }
} }
function highlight(json) { function parseJson(json) {
if (typeof json != 'string') { if (typeof json != 'string') {
json = JSON.stringify(json, undefined, 2); json = JSON.stringify(json, undefined, 2);
} }
@ -65,17 +51,38 @@ function highlight(json) {
}); });
} }
async function update(ip, method, path, json) { function parseRequest(req) {
connections.forEach(con => { const html = `
con.write(`
<div> <div>
<span class="ip">${ip}</span> <span class="ip">${req.ip}</span>
<span class="method" style="color: #${color(method)}">${method}</span> <span class="method" style="color: #${parseMethod(req.method)}">${req.method}</span>
<span class="path">${path}</span> <span class="path">${req.path}</span>
<span class="json">${highlight(json)}</span> <span class="json">${parseJson(req.body)}</span>
</div> </div>
`) `
}) return html
} }
module.exports = { router, update }; function render() {
const html = `
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/console.css">
<title>XSSBook - Console</title>
<script>
new Promise(r => setTimeout(r, 5000)).then(() => {
location.reload()
})
</script>
</head>
<body>
${requests.map(r => parseRequest(r)).join('')}
</body>
</html>
`
return html
}
module.exports = { router, requests };