basic antibot using javascript
This commit is contained in:
bunkerity
@@ -1,22 +1,29 @@
|
||||
|
||||
local M = {}
|
||||
local session = require "resty.session"
|
||||
|
||||
function M.is_set ()
|
||||
local s = session.open()
|
||||
if s and s.data.uri then
|
||||
return true
|
||||
end
|
||||
return false
|
||||
local s = session.open()
|
||||
if not s then
|
||||
s = session.start()
|
||||
end
|
||||
|
||||
function M.set ()
|
||||
local s = session.start()
|
||||
s.data.uri = ngx.var.request_uri
|
||||
function M.is_set (key)
|
||||
if s.data[key] then
|
||||
return true
|
||||
end
|
||||
return false
|
||||
end
|
||||
|
||||
function M.set (key, value)
|
||||
s.data[key] = value
|
||||
end
|
||||
|
||||
function M.get (key)
|
||||
return s.data[key]
|
||||
end
|
||||
|
||||
function M.save ()
|
||||
s:save()
|
||||
end
|
||||
|
||||
function M.get_uri ()
|
||||
return session.open().data.uri
|
||||
end
|
||||
|
||||
return M
|
||||
|
||||
57
lua/javascript.lua
Normal file
57
lua/javascript.lua
Normal file
@@ -0,0 +1,57 @@
|
||||
local M = {}
|
||||
local session = require "resty.session"
|
||||
|
||||
function M.get_challenge ()
|
||||
local charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIKLMNOPQRSTUVWXYZ0123456789"
|
||||
math.randomseed(os.clock()*os.time())
|
||||
local random = ""
|
||||
local rand = 0
|
||||
for i = 1, 20 do
|
||||
rand = math.random(1, #charset)
|
||||
random = random .. charset:sub(rand, rand)
|
||||
end
|
||||
return random
|
||||
end
|
||||
|
||||
function M.get_code (challenge, antibot_uri, original_uri)
|
||||
return string.format([[
|
||||
<html>
|
||||
<head>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
async function digestMessage(message) {
|
||||
const msgUint8 = new TextEncoder().encode(message);
|
||||
const hashBuffer = await crypto.subtle.digest('SHA-256', msgUint8);
|
||||
const hashArray = Array.from(new Uint8Array(hashBuffer));
|
||||
const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
|
||||
return hashHex;
|
||||
}
|
||||
(async () => {
|
||||
const digestHex = await digestMessage('%s');
|
||||
xhr = new XMLHttpRequest();
|
||||
xhr.open('POST', '%s');
|
||||
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
|
||||
xhr.onload = function() {
|
||||
if (xhr.status === 200) {
|
||||
window.location.replace('%s');
|
||||
}
|
||||
};
|
||||
xhr.send(encodeURI('challenge=' + digestHex));
|
||||
})();
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
]], challenge, antibot_uri, original_uri)
|
||||
end
|
||||
|
||||
function M.check (challenge, user)
|
||||
local resty_sha256 = require "resty.sha256"
|
||||
local str = require "resty.string"
|
||||
local sha256 = resty_sha256:new()
|
||||
sha256:update(challenge)
|
||||
local digest = sha256:final()
|
||||
return str.to_hex(digest) == user
|
||||
end
|
||||
|
||||
return M
|
||||
Reference in New Issue
Block a user