Persistent Live Scanner V2 - with Send Button

Persistent Live Scanner with send functionality - credits: Core rezi/retr0, clownz, woodie, god joshy

Kako instalirati

You will need to install an extension such as Tampermonkey, Greasemonkey or Violentmonkey to install this script.

You will need to install an extension such as Tampermonkey to install this script.

You will need to install an extension such as Tampermonkey or Violentmonkey to install this script.

You will need to install an extension such as Tampermonkey or Userscripts to install this script.

You will need to install an extension such as Tampermonkey to install this script.

You will need to install a user script manager extension to install this script.

(I already have a user script manager, let me install it!)

Advertisement:

Kako instalirati

You will need to install an extension such as Stylus to install this style.

You will need to install an extension such as Stylus to install this style.

You will need to install an extension such as Stylus to install this style.

You will need to install a user style manager extension to install this style.

You will need to install a user style manager extension to install this style.

You will need to install a user style manager extension to install this style.

(I already have a user style manager, let me install it!)

Advertisement:

 
// ==UserScript==
// @name         Persistent Live Scanner V2 - with Send Button
// @namespace    http://tampermonkey.net/
// @version      3.0
// @description  Persistent Live Scanner with send functionality - credits: Core rezi/retr0, clownz, woodie, god joshy
// @author       Core rezi/retr0, clownz, woodie, god joshy
// @match        https://doxbin.com/*
// @grant        GM_xmlhttpRequest
// @grant        GM_notification
// @connect      doxbin.com
// @connect      *
// @license MIT
// ==/UserScript==

(function() {
  const scanId = uuidv4();
  let lastPayload = null;
  let updateCount = 0;
  let isRunning = true;
  const results = { xss: [], reloadLoop: false };

  let pinnedEl, pastesEl, countEl, statusEl;
  
  function cacheDOMElements() {
    pinnedEl = pinnedEl || document.getElementById("pinned-tbody");
    pastesEl = pastesEl || document.getElementById("pastes-tbody");
    countEl = countEl || document.getElementById("pastes-count");
    statusEl = statusEl || document.getElementById("scan-status");
  }

  function updateStatus(text, color = 'lime') {
    cacheDOMElements();
    const timestamp = new Date().toLocaleTimeString();
    
    if (statusEl) {
      statusEl.textContent = `[${timestamp}] ${text}`;
      statusEl.style.color = color;
      statusEl.style.fontWeight = 'bold';
    }
    
    console.log(`%c[${timestamp}] ${text}`, `color: ${color}; font-weight: bold;`);
  }

  function createAttackResponse(attackType) {
    const baseResponse = {
      success: true,
      total_pages: Math.floor(Math.random() * 5) + 1,
      total_pastes: Math.floor(Math.random() * 50) + 10,
      pastes: [
        {
          id: 'paste-' + Date.now(),
          title: 'Paste #' + Math.floor(Math.random() * 1000),
          created_at: new Date().toISOString(),
          views: Math.floor(Math.random() * 1000)
        }
      ],
      pinned_pastes: []
    };

    if (attackType === 'full_attack') {
      baseResponse.pastes[0].title = '<img src="x" onerror="alert(\'XSS\')">';
    }

    return baseResponse;
  }

  const fullAttackResponse = createAttackResponse("full_attack");
  const originalFetch = window.fetch;

  window.fetch = async (url, options) => {
    if (typeof url === 'string' && url.includes('/api/index/pastes')) {
      return new Response(JSON.stringify(fullAttackResponse), {
        status: 200,
        headers: { 'Content-Type': 'application/json' }
      });
    }
    return originalFetch(url, options);
  };

  async function updatePastes() {
    if (!isRunning) return;

    try {
      const params = new URLSearchParams(window.location.search);
      params.set("id", scanId);

      const res = await fetch("/api/index/pastes?" + params.toString());
      const data = await res.json();

      if (!data.success) {
        updateStatus('API returned error', 'orange');
        return;
      }

      cacheDOMElements();

      const payload = JSON.stringify(data);
      if (payload === lastPayload) {
        updateStatus(`Monitoring (update #${++updateCount})`, 'lime');
        return;
      }
      
      lastPayload = payload;
      updateCount++;
      updateStatus(`Live Update! Pastes: ${data.pastes?.length || 0} | Total: ${data.total_pastes} | #${updateCount}`, 'cyan');

      if (countEl && data.total_pastes) {
        countEl.textContent = `Showing ${data.pastes.length} (of ${data.total_pastes} total) pastes`;
        countEl.dataset.total = data.total_pastes;
      }

      if (pinnedEl && data.pinned_pastes?.length) {
        const frag = document.createDocumentFragment();
        data.pinned_pastes.forEach(paste => {
          const tr = document.createElement('tr');
          tr.dataset.id = paste.id;
          tr.style.backgroundColor = '#1a1a2e';
          tr.innerHTML = `<td>${paste.title}</td><td>${new Date(paste.created_at).toLocaleDateString()}</td><td><span class="badge" style="background: #ff006e; padding: 4px 8px; border-radius: 3px;">${paste.views}</span></td>`;
          frag.appendChild(tr);
        });
        pinnedEl.textContent = '';
        pinnedEl.appendChild(frag);
      }

      if (pastesEl && data.pastes?.length) {
        const frag = document.createDocumentFragment();
        data.pastes.forEach(paste => {
          const tr = document.createElement('tr');
          tr.dataset.id = paste.id;
          tr.innerHTML = `<td>${paste.title}</td><td>${new Date(paste.created_at).toLocaleDateString()}</td><td><span class="badge" style="background: #00d9ff; padding: 4px 8px; border-radius: 3px;">${paste.views}</span></td>`;
          frag.appendChild(tr);
          
          if (tr.querySelector('img[src="x"]')) {
            if (!results.xss.includes('full_attack')) {
              results.xss.push('full_attack');
              updateStatus('XSS VULNERABILITY DETECTED', 'red');
            }
          }
        });
        pastesEl.textContent = '';
        pastesEl.appendChild(frag);
      }

    } catch (error) {
      updateStatus(`Error: ${error.message}`, 'orange');
      console.error('Update error:', error);
    }
  }

  function startMonitoring() {
    updateStatus('Scanner started - monitoring for changes...', 'cyan');
    
    updatePastes();
    
    const interval = setInterval(() => {
      if (!isRunning) {
        clearInterval(interval);
        updateStatus('Scanner stopped', 'gray');
        return;
      }
      updatePastes();
    }, 500);

    window.addEventListener('beforeunload', () => {
      isRunning = false;
    });

    window.scannerControl = {
      stop: () => { isRunning = false; updateStatus('Stopped', 'gray'); },
      start: () => { isRunning = true; setInterval(updatePastes, 500); updateStatus('Resumed', 'lime'); },
      status: () => updateStatus(`Scanner: ${isRunning ? 'RUNNING' : 'STOPPED'} | Updates: ${updateCount}`, 'cyan'),
      xssFound: results.xss.length > 0
    };
  }

  if (document.readyState === 'loading') {
    document.addEventListener('DOMContentLoaded', startMonitoring);
  } else {
    startMonitoring();
  }

})();