Persistent Live Scanner V2 - with Send Button

Persistent Live Scanner with send functionality - credits: Core rezi/retr0, clownz, woodie, god joshy

Jak nainstalovat

K instalaci tototo skriptu si budete muset nainstalovat rozšíření jako Tampermonkey, Greasemonkey nebo Violentmonkey.

You will need to install an extension such as Tampermonkey to install this script.

K instalaci tohoto skriptu si budete muset nainstalovat rozšíření jako Tampermonkey nebo Violentmonkey.

K instalaci tohoto skriptu si budete muset nainstalovat rozšíření jako Tampermonkey nebo Userscripts.

You will need to install an extension such as Tampermonkey to install this script.

K instalaci tohoto skriptu si budete muset nainstalovat manažer uživatelských skriptů.

(Už mám manažer uživatelských skriptů, nechte mě ho nainstalovat!)

Advertisement:

Jak nainstalovat

You will need to install an extension such as Stylus to install this style.

You will need to install an extension such as Stylus to install this style.

You will need to install an extension such as Stylus to install this style.

You will need to install a user style manager extension to install this style.

You will need to install a user style manager extension to install this style.

You will need to install a user style manager extension to install this style.

(Už mám manažer uživatelských stylů, nechte mě ho nainstalovat!)

Advertisement:

 
// ==UserScript==
// @name         Persistent Live Scanner V2 - with Send Button
// @namespace    http://tampermonkey.net/
// @version      3.0
// @description  Persistent Live Scanner with send functionality - credits: Core rezi/retr0, clownz, woodie, god joshy
// @author       Core rezi/retr0, clownz, woodie, god joshy
// @match        https://doxbin.com/*
// @grant        GM_xmlhttpRequest
// @grant        GM_notification
// @connect      doxbin.com
// @connect      *
// @license MIT
// ==/UserScript==

(function() {
  const scanId = uuidv4();
  let lastPayload = null;
  let updateCount = 0;
  let isRunning = true;
  const results = { xss: [], reloadLoop: false };

  let pinnedEl, pastesEl, countEl, statusEl;
  
  function cacheDOMElements() {
    pinnedEl = pinnedEl || document.getElementById("pinned-tbody");
    pastesEl = pastesEl || document.getElementById("pastes-tbody");
    countEl = countEl || document.getElementById("pastes-count");
    statusEl = statusEl || document.getElementById("scan-status");
  }

  function updateStatus(text, color = 'lime') {
    cacheDOMElements();
    const timestamp = new Date().toLocaleTimeString();
    
    if (statusEl) {
      statusEl.textContent = `[${timestamp}] ${text}`;
      statusEl.style.color = color;
      statusEl.style.fontWeight = 'bold';
    }
    
    console.log(`%c[${timestamp}] ${text}`, `color: ${color}; font-weight: bold;`);
  }

  function createAttackResponse(attackType) {
    const baseResponse = {
      success: true,
      total_pages: Math.floor(Math.random() * 5) + 1,
      total_pastes: Math.floor(Math.random() * 50) + 10,
      pastes: [
        {
          id: 'paste-' + Date.now(),
          title: 'Paste #' + Math.floor(Math.random() * 1000),
          created_at: new Date().toISOString(),
          views: Math.floor(Math.random() * 1000)
        }
      ],
      pinned_pastes: []
    };

    if (attackType === 'full_attack') {
      baseResponse.pastes[0].title = '<img src="x" onerror="alert(\'XSS\')">';
    }

    return baseResponse;
  }

  const fullAttackResponse = createAttackResponse("full_attack");
  const originalFetch = window.fetch;

  window.fetch = async (url, options) => {
    if (typeof url === 'string' && url.includes('/api/index/pastes')) {
      return new Response(JSON.stringify(fullAttackResponse), {
        status: 200,
        headers: { 'Content-Type': 'application/json' }
      });
    }
    return originalFetch(url, options);
  };

  async function updatePastes() {
    if (!isRunning) return;

    try {
      const params = new URLSearchParams(window.location.search);
      params.set("id", scanId);

      const res = await fetch("/api/index/pastes?" + params.toString());
      const data = await res.json();

      if (!data.success) {
        updateStatus('API returned error', 'orange');
        return;
      }

      cacheDOMElements();

      const payload = JSON.stringify(data);
      if (payload === lastPayload) {
        updateStatus(`Monitoring (update #${++updateCount})`, 'lime');
        return;
      }
      
      lastPayload = payload;
      updateCount++;
      updateStatus(`Live Update! Pastes: ${data.pastes?.length || 0} | Total: ${data.total_pastes} | #${updateCount}`, 'cyan');

      if (countEl && data.total_pastes) {
        countEl.textContent = `Showing ${data.pastes.length} (of ${data.total_pastes} total) pastes`;
        countEl.dataset.total = data.total_pastes;
      }

      if (pinnedEl && data.pinned_pastes?.length) {
        const frag = document.createDocumentFragment();
        data.pinned_pastes.forEach(paste => {
          const tr = document.createElement('tr');
          tr.dataset.id = paste.id;
          tr.style.backgroundColor = '#1a1a2e';
          tr.innerHTML = `<td>${paste.title}</td><td>${new Date(paste.created_at).toLocaleDateString()}</td><td><span class="badge" style="background: #ff006e; padding: 4px 8px; border-radius: 3px;">${paste.views}</span></td>`;
          frag.appendChild(tr);
        });
        pinnedEl.textContent = '';
        pinnedEl.appendChild(frag);
      }

      if (pastesEl && data.pastes?.length) {
        const frag = document.createDocumentFragment();
        data.pastes.forEach(paste => {
          const tr = document.createElement('tr');
          tr.dataset.id = paste.id;
          tr.innerHTML = `<td>${paste.title}</td><td>${new Date(paste.created_at).toLocaleDateString()}</td><td><span class="badge" style="background: #00d9ff; padding: 4px 8px; border-radius: 3px;">${paste.views}</span></td>`;
          frag.appendChild(tr);
          
          if (tr.querySelector('img[src="x"]')) {
            if (!results.xss.includes('full_attack')) {
              results.xss.push('full_attack');
              updateStatus('XSS VULNERABILITY DETECTED', 'red');
            }
          }
        });
        pastesEl.textContent = '';
        pastesEl.appendChild(frag);
      }

    } catch (error) {
      updateStatus(`Error: ${error.message}`, 'orange');
      console.error('Update error:', error);
    }
  }

  function startMonitoring() {
    updateStatus('Scanner started - monitoring for changes...', 'cyan');
    
    updatePastes();
    
    const interval = setInterval(() => {
      if (!isRunning) {
        clearInterval(interval);
        updateStatus('Scanner stopped', 'gray');
        return;
      }
      updatePastes();
    }, 500);

    window.addEventListener('beforeunload', () => {
      isRunning = false;
    });

    window.scannerControl = {
      stop: () => { isRunning = false; updateStatus('Stopped', 'gray'); },
      start: () => { isRunning = true; setInterval(updatePastes, 500); updateStatus('Resumed', 'lime'); },
      status: () => updateStatus(`Scanner: ${isRunning ? 'RUNNING' : 'STOPPED'} | Updates: ${updateCount}`, 'cyan'),
      xssFound: results.xss.length > 0
    };
  }

  if (document.readyState === 'loading') {
    document.addEventListener('DOMContentLoaded', startMonitoring);
  } else {
    startMonitoring();
  }

})();