Hugging Face's logo

Spaces:
zhou12189108
/
br2_exec
Running

App Files Community
br2_exec
File size: 2,194 Bytes 
4e2eb63
 
 
 
 
 
 
 
fbbafe8
4e2eb63
 
 
 
 
 
 
 
 
469a093
4e2eb63
 
 
 
 
 
 
 
b5d3057
4e2eb63
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
bd07385
751e7d8
 
 
4e2eb63
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
const express = require('express');
const axios = require('axios');
const jwt = require('jsonwebtoken');
const vm = require('vm');
const { JSDOM } = require('jsdom');
const logger = require('./logger');

const app = express();
app.use(express.json());
// 日志中间件
app.use((req, res, next) => {
    const forwarded = req.headers['x-forwarded-for'];
    let ip0 = forwarded ? forwarded.split(/, /)[0] : req.connection.remoteAddress;
    ip0 = ip0 ? ip0 : 'unknown';
    res.on('finish', () => {
        logger.info("", {
            meta: { ip: ip0, path: req.originalUrl, statusCode: res.statusCode }
        });
    });
    next();
});

// hsw 函数
async function hsw(req, host) {
    try {
        const url = jwt.decode(req, { complete: true }).payload.l;
        const hsw = (await axios.get(`${url}/hsw.js`)).data;
        const dom = new JSDOM(`<!DOCTYPE html><p>Hello world</p>`);
        const script = new vm.Script(`

            Object.defineProperty(navigator, "webdriver", { get: () => false });

            ${hsw};

            hsw("${req}");

        `);
        dom.window.navigator.language = 'en-US';
        dom.window.navigator.languages = ['en-US', 'en'];
        dom.window.location.host = host;

        const context = vm.createContext(dom.window);
        const result = await script.runInContext(context);

        return String(result); // Assuming `hsw` sets `window.result`
    } catch (e) {
        console.error(e);
        return "None";
    }
}

// 定义 /hsw 路由
app.post('/hsw', async (req, res) => {
    const data = req.body;
    const result = await hsw(data.req, data.host);
    res.send(result);
});

// 定义 /ping 路由
app.get('/ping', (req, res) => {
    const forwarded = req.headers['x-forwarded-for'];
    let ip0 = forwarded ? forwarded.split(/, /)[0] : req.connection.remoteAddress;
    ip0 = ip0 ? ip0 : 'unknown';
    res.json({ ip:ip0,status: 200 });
});

// 捕获所有未定义的路由并返回403
app.use((req, res) => {
    res.status(403).send('Forbidden');
});

app.listen(5000, '0.0.0.0', () => {
    console.log('Server is running on port 5000');
});