ProjectDiscovery
raw http how to use javascript output as a param?? #4453
Answered
by
ehsandeep
anquanscan
asked this question in
Q&A
-
id: need_to_change
info:
name: need_to_change
author: need_to_change
severity: high
javascript:
- code:
function TJsEncrypt(str) {
var o = new Date().getMilliseconds();
var a = Math.round(Math.random() * 14) + 1;
var s = o + '#|,|#' + str;
var len = s.length;
var buf = '';
for (var i = 0; i < len; i++) {
var x = (s.charCodeAt(i) ^ a).toString(16);
if (x.length == 1)
x = '000' + x;
else if (x.length == 2)
x = '00' + x;
else if (x.length == 3)
x = '0' + x;
buf += x;
}
return a.toString(16) + buf;
}
console.log(TJsEncrypt("admin"))
http:
- raw:
- |
POST /login HTTP/1.1
Host: {{Hostname}}
Accept: */*
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Connection: close
password={{code_1_response}}
matchers:
- type: dsl
dsl:
- status_code==200 && contains_all(body,"sucess")do not work |
Beta Was this translation helpful? Give feedback.
Answered by
ehsandeep
Dec 26, 2023
Replies: 2 comments 1 reply
-
|
Are you looking to have {{code_1_response}} get it's value from the Javascript code? |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
@anquanscan this should work, variables are named after protocol name, so in this case it's should be id: need_to_change
info:
name: need_to_change
author: need_to_change
severity: high
javascript:
- code:
function TJsEncrypt(str) {
var o = new Date().getMilliseconds();
var a = Math.round(Math.random() * 14) + 1;
var s = o + '#|,|#' + str;
var len = s.length;
var buf = '';
for (var i = 0; i < len; i++) {
var x = (s.charCodeAt(i) ^ a).toString(16);
if (x.length == 1)
x = '000' + x;
else if (x.length == 2)
x = '00' + x;
else if (x.length == 3)
x = '0' + x;
buf += x;
}
return a.toString(16) + buf;
}
TJsEncrypt("admin")
http:
- raw:
- |
POST /login HTTP/1.1
Host: {{Hostname}}
Accept: */*
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Connection: close
password={{javascript_response}}
matchers:
- type: dsl
dsl:
- status_code==200 && contains_all(body,"sucess") |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
thanks |
Beta Was this translation helpful? Give feedback.
Answer selected by
ehsandeep
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@anquanscan this should work, variables are named after protocol name, so in this case it's should be
javascript_response, numbered variables can be used in case of multiple requests.