Need Help With Script
-
Hello
I tried to make config of some site but i failed because i could not send Script properly.
Site uses script which changes inputted password in password box once i click on login button and sends new changed password in POST Request.
In browser i used this login credentialsuser123:password123
But in post request it appears like this
user123:hFXYcJkJNlK9PKVsy13Feg==
I thought it was base64 encoding but when i checked it's not.
Then i checked source of the page and found this script in it, which i think is source of that magic<script type="text/javascript"> pswOnBlur = function () { var psw = document.getElementById('Password'); if (psw.value == '') { psw.value = 'Password...'; psw.type = 'text'; } } pswOnKeyPress = function () { var psw = document.getElementById('Password'); if (psw.value == 'Password...') { psw.value = ''; psw.type = 'password'; } } pswOnClick = function () { var psw = document.getElementById('Password'); psw.value = ''; psw.type = 'password'; } function getQRValue(key) { var result; $.ajax({ dataType: "json", url: "qrcode/getqrcode?key=" + key, context: document.body, async: false, contentType: "application/json", success: function (data) { result = data; }, error: function (xhr, ajaxOptions, thrownError) { console.log(xhr.status); console.log(thrownError); } }); return result; } </script>
I tried to run this script via BEGIN SCRIPT, but i could not make it work.
PS: I know selenium will do that automatically but because of the slowness of selenium i don't want to use it, want to make without selenium if its possible.
-
nope thats not the script which encrypts the password
its probably base64 with some sort of salt.
please check the javascripts which are loaded when you visit the site there should be the encryption method
-
@Itamai Yeah u were right just found right one i think,
$(document).ready(function () { //domainUi = "url" + "(" + "//" + document.getElementById("domainUI").value + "/img/nav-bg.jpg" + ")"; //document.getElementById("navSite").style.background = domainUi; $("#loginForm").submit(function () { var p = $("#Password").val(); $("#Password").val(Encrypt(p)); });
-
@Phantom search for the "Encrypt" method
-
@Itamai well i did but i could not make use of it in this case. can you take a look if i send you config or the site?
-
@Phantom i dont want the config send me the script where it encrypts the password
-
@Itamai Maybe this is that encrypts password
function Encrypt(value) { var key = CryptoJS.enc.Utf8.parse('8080808080808080'); var iv = CryptoJS.enc.Utf8.parse('8080808080808080'); var encryptedlogin = CryptoJS.AES.encrypt(CryptoJS.enc.Utf8.parse(value), key, { keySize: 128 / 8, iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 }); return encryptedlogin; }
-
@Itamai am i doing anything wrong?
-
@Phantom if i am not mistaken you cant do that with openbullet it says in the bottom that it uses 256 key size but you need 128
just send a post request to this site and get your encrypted key from there
https://www.devglan.com/online-tools/aes-encryption-decryption
-
@Itamai was checking that site too, thx ill try
-
@Itamai once again thx for help, using that site now everything works, would be better if OB's AESEncrypt function worked properly but ehhh... ruri has no time
Solved!
-
Thanks @Itamai nice job