Skip to content

Commit e34656f

Browse files
Mzack9999Mzack9999
committed
js inject from #2066 
1 parent b1e39db commit e34656f

File tree

3 files changed

+37
-4
lines changed

3 files changed

+37
-4
lines changed

runner/headless.go

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ func NewBrowser(proxy string, useLocal bool, optionalArgs map[string]string) (*B
110110
return engine, nil
111111
}
112112

113-
func (b *Browser) ScreenshotWithBody(url string, timeout time.Duration, idle time.Duration, headers []string, fullPage bool) ([]byte, string, []NetworkRequest, error) {
113+
func (b *Browser) ScreenshotWithBody(url string, timeout time.Duration, idle time.Duration, headers []string, fullPage bool, jsCodes []string) ([]byte, string, []NetworkRequest, error) {
114114
page, err := b.engine.Page(proto.TargetCreateTarget{})
115115
if err != nil {
116116
return nil, "", []NetworkRequest{}, err
@@ -192,6 +192,13 @@ func (b *Browser) ScreenshotWithBody(url string, timeout time.Duration, idle tim
192192
return nil, "", networkRequests.Slice, err
193193
}
194194

195+
if len(jsCodes) > 0 {
196+
_, err := b.ExecuteJavascriptCodesWithPage(page, jsCodes)
197+
if err != nil {
198+
return nil, "", networkRequests.Slice, err
199+
}
200+
}
201+
195202
page.Timeout(5 * time.Second).WaitNavigation(proto.PageLifecycleEventNameFirstMeaningfulPaint)()
196203

197204
if err := page.WaitLoad(); err != nil {
@@ -268,3 +275,18 @@ func getSimpleErrorType(errorText, errorType, blockedReason string) string {
268275
}
269276
return "UNKNOWN"
270277
}
278+
279+
func (b *Browser) ExecuteJavascriptCodesWithPage(page *rod.Page, jsc []string) ([]*proto.RuntimeRemoteObject, error) {
280+
outputs := make([]*proto.RuntimeRemoteObject, 0, len(jsc))
281+
for _, js := range jsc {
282+
if js == "" {
283+
continue
284+
}
285+
output, err := page.Eval(js)
286+
if err != nil {
287+
return nil, err
288+
}
289+
outputs = append(outputs, output)
290+
}
291+
return outputs, nil
292+
}

runner/options.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -334,6 +334,9 @@ type Options struct {
334334
Protocol string
335335
OutputFilterErrorPagePath string
336336
DisableStdout bool
337+
338+
JavascriptCodes goflags.StringSlice
339+
337340
// AssetUpload
338341
AssetUpload bool
339342
// AssetName
@@ -404,6 +407,7 @@ func ParseOptions() *Options {
404407
flagSet.BoolVar(&options.NoScreenshotFullPage, "no-screenshot-full-page", false, "disable saving full page screenshot"),
405408
flagSet.DurationVarP(&options.ScreenshotTimeout, "screenshot-timeout", "st", 10*time.Second, "set timeout for screenshot in seconds"),
406409
flagSet.DurationVarP(&options.ScreenshotIdle, "screenshot-idle", "sid", 1*time.Second, "set idle time before taking screenshot in seconds"),
410+
flagSet.StringSliceVarP(&options.JavascriptCodes, "javascript-code", "jsc", nil, "execute JavaScript code after navigation", goflags.StringSliceOptions),
407411
)
408412

409413
flagSet.CreateGroup("matchers", "Matchers",

runner/runner.go

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,6 @@ import (
3939
"github.com/projectdiscovery/httpx/static"
4040
"github.com/projectdiscovery/mapcidr/asn"
4141
"github.com/projectdiscovery/networkpolicy"
42-
errorutil "github.com/projectdiscovery/utils/errors" //nolint
4342
osutil "github.com/projectdiscovery/utils/os"
4443
"github.com/projectdiscovery/utils/structs"
4544

@@ -69,6 +68,7 @@ import (
6968
"github.com/projectdiscovery/mapcidr"
7069
"github.com/projectdiscovery/rawhttp"
7170
converstionutil "github.com/projectdiscovery/utils/conversion"
71+
errkit "github.com/projectdiscovery/utils/errkit"
7272
fileutil "github.com/projectdiscovery/utils/file"
7373
pdhttputil "github.com/projectdiscovery/utils/http"
7474
iputil "github.com/projectdiscovery/utils/ip"
@@ -2243,7 +2243,14 @@ retry:
22432243
var pHash uint64
22442244
if scanopts.Screenshot {
22452245
var err error
2246-
screenshotBytes, headlessBody, linkRequest, err = r.browser.ScreenshotWithBody(fullURL, scanopts.ScreenshotTimeout, scanopts.ScreenshotIdle, r.options.CustomHeaders, scanopts.IsScreenshotFullPage())
2246+
screenshotBytes, headlessBody, linkRequest, err = r.browser.ScreenshotWithBody(
2247+
fullURL,
2248+
scanopts.ScreenshotTimeout,
2249+
scanopts.ScreenshotIdle,
2250+
r.options.CustomHeaders,
2251+
scanopts.IsScreenshotFullPage(),
2252+
r.options.CustomHeaders,
2253+
)
22472254
if err != nil {
22482255
gologger.Warning().Msgf("Could not take screenshot '%s': %s", fullURL, err)
22492256
} else {
@@ -2507,7 +2514,7 @@ func (r *Runner) HandleFaviconHash(hp *httpx.HTTPX, req *retryablehttp.Request,
25072514
func (r *Runner) calculateFaviconHashWithRaw(data []byte) (string, string, error) {
25082515
hashNum, md5Hash, err := stringz.FaviconHash(data)
25092516
if err != nil {
2510-
return "", "", errorutil.NewWithTag("favicon", "could not calculate favicon hash").Wrap(err) //nolint
2517+
return "", "", errkit.Wrapf(err, "could not calculate favicon hash")
25112518
}
25122519
return fmt.Sprintf("%d", hashNum), md5Hash, nil
25132520
}

0 commit comments

Comments
 (0)