-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathFormChecker.js
More file actions
136 lines (126 loc) · 4.64 KB
/
FormChecker.js
File metadata and controls
136 lines (126 loc) · 4.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
// FormChecker for AutoBot
var system = require('system');
var URL = ""; // can test insecure form submission with URL http://www.stealmylogin.com/demo.html
var formID = "login_form"; // for facebook.com the value is login_form
var usernameField = "username"; // for facebook.com the value is email
var username = "";
var passwordField = "password"; // for facebook.com the value is pass
var password = "";
var debug = true; // prints state information along with details
var verbose = false; // prints all errors in loaded pages
if (system.args.length < 4) {
console.log('Pass the URL, username and password of the form as argument to this script!');
phantom.exit();
} else {
URL = system.args[1];
username = system.args[2];
password = system.args[3];
}
function fillForm(url, page, callback, formID, usernameField, passwordField, username,
password) {
//console.log('Testing URL ' + url + ' ...')
page.onError = function (msg, trace) {
if (debug && verbose) {
var msgStack = ['ERROR: ' + msg];
if (trace && trace.length) {
msgStack.push('TRACE:');
trace.forEach(function (t) {
msgStack.push(' -> ' + t.file + ': ' + t.line + (t.function ? ' (in function "' + t.function + '")' : ''));
});
}
console.error(msgStack.join('\n'));
}
};
page.onResourceReceived = function (response) {
if (response.stage === "start") {
if (response.url.lastIndexOf("http://") === 0) {
console.log("Insecure (unencrypted) content loaded at form submission with URL " + response.url);
}
}
};
page.onLoadFinished = function (status) {
if (status === 'success') {
if (!phantom.state) {
if (debug) {
console.log('State : ' + phantom.state);
}
doLogin();
phantom.state = "logged-in";
}
else if (phantom.state === "logged-in") {
if (debug) {
console.log('State : ' + phantom.state);
}
callback(1, page);
}
else {
if (debug) {
console.log('State : ' + phantom.state);
}
doLogin();
callback(2, null);
}
}
};
function doLogin() {
var fm = page.evaluate(function (formID, usernameField,
passwordField, username, password) {
if (formID !== '') {
var frm = document.getElementById(formID);
if (frm !== null) {
frm.elements[usernameField].value = username;
frm.elements[passwordField].value = password;
frm.submit();
}
}
else { // no id get form by tag name and assume it is the first form to fill
var frm = document.getElementsByTagName('form');
if (frm !== null) {
frm = frm[0];
frm.elements[usernameField].value = username;
frm.elements[passwordField].value = password;
frm.submit();
}
}
return frm;
}, formID, usernameField, passwordField, username, password);
if (phantom.state) {
if (fm === '' && phantom.state === "finished") {
console.log("Form " + formID + " submitted succesfully");
}
else {
console.log("Error form " + formID + " not submitted successfully");
}
}
else {
if (fm === '') {
console.log("Error form " + formID + " not found at the URL " + page.url);
phantom.exit();
}
}
}
page.open(url, function (status) {
if (status !== 'success') {
console.log('Unable to load page with URL ' + page.url);
phantom.exit();
}
});
}
function process(flag, page) {
if (flag === 0) {
console.log('Starting testing with URL ' + URL + ' ...');
fillForm(URL, page, process, formID, usernameField, passwordField,
username, password);
}
else if (flag === 1) {
phantom.state = "finished";
fillForm(URL, page, process, formID, usernameField, passwordField,
username, password);
}
else {
console.log("Testing " + URL + " completed successfully");
phantom.exit();
}
}
var page = require('webpage').create();
process(0, page);