Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

antibot - custom templates

Browse Source
This commit is contained in:
bunkerity
2021-05-19 16:37:28 +02:00
parent 8260746fe1
commit 16e5ede130
16 changed files with 206 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
lua/captcha.lua
View File

@@ -10,19 +10,21 @@ function M.get_challenge ()
end
function M.get_code (img, antibot_uri)
return string.format([[
<html>
<head>
</head>
<body>
<form method="POST" action="%s">
Img = <img src="data:image/jpeg;base64,%s" /><br />
Enter captcha : <input type="text" name="captcha" /><br />
<input type="submit" value="send" />
</form>
</body>
</html>
]], antibot_uri, base64.encode(img))
-- get template
local f = io.open("/antibot/captcha.html", "r")
local template = f:read("*all")
f:close()
-- get captcha code
f = io.open("/antibot/captcha.data", "r")
local captcha_data = f:read("*all")
f:close()
-- edit captcha code
captcha_data = string.format(captcha_data, antibot_uri, base64.encode(img))
-- return template + edited captcha code
return template:gsub("%%CAPTCHA%%", captcha_data)
end
function M.check (captcha_user, captcha_valid)

48
lua/javascript.lua
View File

@@ -7,42 +7,28 @@ function M.get_challenge ()
local random = ""
local rand = 0
for i = 1, 20 do
rand = math.random(1, #charset)
random = random .. charset:sub(rand, rand)
rand = math.random(1, #charset)
random = random .. charset:sub(rand, rand)
end
return random
end
function M.get_code (challenge, antibot_uri, original_uri)
return string.format([[
<html>
<head>
</head>
<body>
<script>
async function digestMessage(message) {
const msgUint8 = new TextEncoder().encode(message);
const hashBuffer = await crypto.subtle.digest('SHA-256', msgUint8);
const hashArray = Array.from(new Uint8Array(hashBuffer));
const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
return hashHex;
}
(async () => {
const digestHex = await digestMessage('%s');
xhr = new XMLHttpRequest();
xhr.open('POST', '%s');
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.onload = function() {
if (xhr.status === 200) {
window.location.replace('%s');
}
};
xhr.send(encodeURI('challenge=' + digestHex));
})();
</script>
</body>
</html>
]], challenge, antibot_uri, original_uri)
-- get template
local f = io.open("/antibot/javascript.html", "r")
local template = f:read("*all")
f:close()
-- get JS code
f = io.open("/antibot/javascript.data", "r")
local javascript = f:read("*all")
f:close()
-- edit JS code
javascript = string.format(javascript, challenge, antibot_uri, original_uri)
-- return template + edited JS code
return template:gsub("%%JAVASCRIPT%%", javascript)
end
function M.check (challenge, user)

39
lua/recaptcha.lua
View File

@@ -3,26 +3,25 @@ local http = require "resty.http"
local cjson = require "cjson"
function M.get_code (antibot_uri, recaptcha_sitekey)
return string.format([[
<html>
<head>
<script src="https://www.google.com/recaptcha/api.js?render=%s"></script>
</head>
<body>
<form method="POST" action="%s" id="form">
<input type="hidden" name="token" id="token">
</form>
<script>
grecaptcha.ready(function() {
grecaptcha.execute('%s', {action: 'recaptcha'}).then(function(token) {
document.getElementById("token").value = token;
document.getElementById("form").submit();
});;
});
</script>
</body>
</html>
]], recaptcha_sitekey, antibot_uri, recaptcha_sitekey)
-- get template
local f = io.open("/antibot/recaptcha.html", "r")
local template = f:read("*all")
f:close()
-- get recaptcha code
f = io.open("/antibot/recaptcha-head.data", "r")
local recaptcha_head = f:read("*all")
f:close()
f = io.open("/antibot/recaptcha-body.data", "r")
local recaptcha_body = f:read("*all")
f:close()
-- edit recaptcha code
recaptcha_head = string.format(recaptcha_head, recaptcha_sitekey)
recaptcha_body = string.format(recaptcha_body, antibot_uri, recaptcha_sitekey)
-- return template + edited recaptcha code
return template:gsub("%%RECAPTCHA_HEAD%%", recaptcha_head):gsub("%%RECAPTCHA_BODY%%", recaptcha_body)
end
function M.check (token, recaptcha_secret)