switch to auto reload console

2023-01-22 16:34:07 -05:00 · 2023-01-22 16:34:07 -05:00 · cf7e1653cb
commit cf7e1653cb
parent 23eb8b16b6
3 changed files with 46 additions and 36 deletions
--- a/index.js
+++ b/index.js
@ -13,12 +13,15 @@ const con = require('./src/console.js')
 const api = require('./src/api.js')

 app.use((req, res, next) => {
-  const public = { ... req.body } 
-  if (public.password !== undefined) {
-    public.password = '********'
+  var ip = req.headers['x-real-ip'] || req.connection.remoteAddress;
+  if (req.path !== '/console') {
+    const public = { ... req.body }
+    if (public.password !== undefined) {
+      public.password = '********'
+    }
+    console.log(ip, req.method, req.path, public)
+    con.requests.push({ip: ip, method: req.method, path: req.path, body: public})
  }
-  console.log(req.ip, req.method, req.path, public)
-  con.update(req.ip, req.method, req.path, public)
  next()
 })

--- a/public/js/api.js
+++ b/public/js/api.js
@ -1,4 +1,4 @@
-const endpoint = 'https://xssbook.com/api'
+const endpoint = 'http://localhost:8080/api'

 const request = async (url, body, method) => {
    if (method === undefined) method = 'POST'
--- a/src/console.js
+++ b/src/console.js
@ -1,30 +1,16 @@
 const express = require('express')
 const router = express.Router()
-const sleep = ms => new Promise(r => setTimeout(r, ms));

-const connections = []
+var requests = []

 router.get('/', async (req, res) => {
-    res.write(`
-    <!DOCTYPE html>
-    <html lang="en">
-    <head>
-        <meta charset="UTF-8">
-        <link rel="stylesheet" href="css/console.css">
-        <title>XSSBook - Console</title>
-    </head>
-    <body>
-    `)
-    res.write(new Array(2048).join(" "))
-    await sleep(500)
-    connections.push(res)
-    while (true) {
-        res.write(" ")
-        await sleep(100)
+    res.send(render())
+    if(requests.length > 100) {
+      requests.splice(0, 50)
    }
 })

-function color(method) {
+function parseMethod(method) {
  switch(method) {
    case 'GET':
      return '4ae04a'
@ -43,7 +29,7 @@ function color(method) {
  }
 }

-function highlight(json) {
+function parseJson(json) {
  if (typeof json != 'string') {
       json = JSON.stringify(json, undefined, 2);
  }
@ -65,17 +51,38 @@ function highlight(json) {
  });
 }

-async function update(ip, method, path, json) {
-  connections.forEach(con => {
-    con.write(`
+function parseRequest(req) {
+  const html =  `
    <div>
-      <span class="ip">${ip}</span>
-      <span class="method" style="color: #${color(method)}">${method}</span>
-      <span class="path">${path}</span>
-      <span class="json">${highlight(json)}</span>
+      <span class="ip">${req.ip}</span>
+      <span class="method" style="color: #${parseMethod(req.method)}">${req.method}</span>
+      <span class="path">${req.path}</span>
+      <span class="json">${parseJson(req.body)}</span>
    </div>
-    `)
-  })
+  `
+  return html
 }

-module.exports = { router, update };
+function render() {
+  const html = `
+  <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <link rel="stylesheet" href="css/console.css">
+        <title>XSSBook - Console</title>
+        <script>
+          new Promise(r => setTimeout(r, 5000)).then(() => {
+            location.reload()
+          })
+        </script>
+    </head>
+    <body>
+      ${requests.map(r => parseRequest(r)).join('')}
+    </body>
+    </html>
+  `
+  return html
+}
+
+module.exports = { router, requests };