Hill yeah

hunters-org · Jun 29, 2024 · 16d5508 · 16d5508
1 parent cf29ba0
commit 16d5508
Show file tree

Hide file tree

Showing 16 changed files with 572 additions and 56 deletions.
diff --git a/src/main/api/project.ts b/src/main/api/project.ts
@@ -179,3 +179,14 @@ export function projectScan(projectName: string) {
     return 'error';
   }
 }
+
+export function projectAttackResult(projectName: string) {
+  try {
+    const db = connectJson(
+      `${PROJECT_DIR}/${projectName}/general_scanning.json`,
+    );
+    return db.read();
+  } catch (error) {
+    return 'error';
+  }
+}
diff --git a/src/main/api/serve.ts b/src/main/api/serve.ts
@@ -20,7 +20,7 @@ export function returnFile(where: string, type: string) {
     console.error('Error reading file:', error);
     return {
       statusCode: 500,
-      body: JSON.stringify({ error: 'Internal Server Error' }),
+      body: 'no results',
       headers: {
         'Content-Type': 'application/json',
       },

diff --git a/src/main/jsleak/jsleak.ts b/src/main/jsleak/jsleak.ts
@@ -11,7 +11,7 @@ export async function findSecret(outputDir: string = PROJECT_DIR): Promise<{
   success: boolean;
   error: any;
 }> {
-  const jsleak = toolPath('jsleak');
+  const jsleak = '$(go env GOPATH)/bin/jsleak';
   const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -s`;
   try {
     fs.writeFileSync(
@@ -40,7 +40,7 @@ export async function extraLinks(outputDir: string = PROJECT_DIR): Promise<{
   success: boolean;
   error: any;
 }> {
-  const jsleak = toolPath('jsleak');
+  const jsleak = '$(go env GOPATH)/bin/jsleak';
   const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -l | findstr ".js"`;
   try {
     fs.writeFileSync(

diff --git a/src/main/main.ts b/src/main/main.ts
@@ -13,6 +13,7 @@ import { app, BrowserWindow, shell, ipcMain } from 'electron';
 import { autoUpdater } from 'electron-updater';
 import log from 'electron-log';
 import os from 'node:os';
+import axios from 'axios';
 import MenuBuilder from './menu';
 import { initProjectDir, resolveHtmlPath } from './util';
 import { subFinder } from './recon/subfinder';
@@ -21,6 +22,7 @@ import {
   createJsonFile,
   createProjectDir,
   createRequestToUrlScanner,
+  projectAttackResult,
   projectDetails,
   projectScan,
   readDirectoryNames,
@@ -190,6 +192,47 @@ ipcMain.handle('create-project', async (event, args) => {
   }
 });
 
+ipcMain.handle('get-attack-result', async (event, args) => {
+  const projectName = args[0];
+  try {
+    const results = await projectAttackResult(projectName);
+    return { error: false, results };
+  } catch (err) {
+    return { error: true };
+  }
+});
+
+ipcMain.handle('fetch-data', async (event, args) => {
+  const url =
+    'https://api.cloudflare.com/client/v4/accounts/3cce5a88886b46f56d9ff989b715a588/ai/run/@cf/openchat/openchat-3.5-0106';
+  const token = 'YbXmqtPZXLgeQSOSjMHC3ka4Qret1QCpQSZXMWCR';
+
+  const requestData = {
+    stream: false,
+    messages: [
+      { role: 'system', content: 'You are a web security consaltunt' },
+      {
+        role: 'user',
+        content: `can you help me to have attack or prevent this ${args[0].userInput} `,
+      },
+    ],
+  };
+
+  try {
+    const response = await axios.post(url, requestData, {
+      headers: {
+        Authorization: `Bearer ${token}`,
+      },
+    });
+
+    console.log(response);
+    return response.data;
+  } catch (error) {
+    console.error('Failed to fetch data:', error);
+    throw error;
+  }
+});
+
 if (process.env.NODE_ENV === 'production') {
   const sourceMapSupport = require('source-map-support');
   sourceMapSupport.install();
@@ -198,9 +241,9 @@ if (process.env.NODE_ENV === 'production') {
 const isDebug =
   process.env.NODE_ENV === 'development' || process.env.DEBUG_PROD === 'true';
 
-if (isDebug) {
-  require('electron-debug')();
-}
+// if (isDebug) {
+//   require('electron-debug')();
+// }
 
 const installExtensions = async () => {
   const installer = require('electron-devtools-installer');

diff --git a/src/main/preload.ts b/src/main/preload.ts
@@ -25,8 +25,10 @@ export type Channels =
   | 'exposures'
   | 'vulns-cves'
   | 'lfi'
+  | 'fetch-data'
   | 'potential-xss'
   | 'multi-scans'
+  | 'get-attack-result'
   | 'finished-scan';
 
 const electronHandler = {

diff --git a/src/main/scanning/dalfox.ts b/src/main/scanning/dalfox.ts
@@ -14,12 +14,11 @@ export async function scanningForXSS(outputDir: string = PROJECT_DIR): Promise<{
   success: boolean;
   error: any;
 }> {
-  const dalfox = toolPath('dalfox');
-  const command = `${dalfox} file ${path.join(outputDir, 'waybackurls_archive.txt')} --skip-bav
+  const dalfox = 'dalfox';
+  const command = `${dalfox} file ${path.join(outputDir, 'httpx_live_domains.txt')} --skip-bav
    >> ${path.join(outputDir, 'XSS.txt')}`;
   try {
     await execAsync(command);
-    console.log(command);
     const numberOfUrls = await countLines(path.join(outputDir, 'XSS.txt'));
     const db = connectJson(path.join(`${outputDir}/details.json`));
     await db.update({
@@ -41,8 +40,8 @@ export async function multiScans(outputDir: string = PROJECT_DIR): Promise<{
   success: boolean;
   error: any;
 }> {
-  const dalfox = toolPath('dalfox');
-  const command = `${dalfox} file ${path.join(outputDir, 'waybackurls_archive.txt')}
+  const dalfox = 'dalfox';
+  const command = `${dalfox} file ${path.join(outputDir, 'httpx_live_domains.txt')}
    >> ${path.join(outputDir, 'multi_scans.txt')}`;
   try {
     await execAsync(command);

diff --git a/src/renderer/App.tsx b/src/renderer/App.tsx
@@ -11,6 +11,7 @@ import Recon from './views/project/recon';
 import { ReconResults } from './views/project/results/recon-results';
 import JsLeaks from './views/project/JsLeaks';
 import Attacks from './views/project/attacks';
+import AttacksResults from './views/project/attackResults';
 
 function Home() {
   return (
@@ -33,6 +34,7 @@ export default function App() {
             <Route path="result" element={<Results />} />
             <Route path="result-recon" element={<ReconResults />} />
             <Route path="attacks" element={<Attacks />} />
+            <Route path="attack-result" element={<AttacksResults />} />
             <Route path="jsleaks" element={<JsLeaks />} />
           </Route>
         </Routes>

diff --git a/src/renderer/components/ai/aiChat.tsx b/src/renderer/components/ai/aiChat.tsx
@@ -0,0 +1,95 @@
+/* eslint-disable no-undef */
+/* eslint-disable import/prefer-default-export */
+/* eslint-disable react/no-array-index-key */
+/* eslint-disable react/button-has-type */
+/* eslint-disable react/function-component-definition */
+import React, { useState, useEffect } from 'react';
+
+import { Loader2 } from 'lucide-react';
+import {
+  Dialog,
+  DialogContent,
+  DialogHeader,
+  DialogTitle,
+  DialogTrigger,
+} from '../ui/dialog';
+
+import { Button } from '../ui/button';
+
+const UIofAI: React.FC = ({
+  closeModal,
+  input,
+}: {
+  closeModal: Boolean;
+  input: string;
+}) => {
+  const [messages, setMessages] = useState<string>('');
+  const [loading, setLoading] = useState<Boolean>(true);
+  const [error, setError] = useState<string | null>(null);
+
+  useEffect(() => {
+    const fetchDataFromApi = async () => {
+      const userInput = input; // Example of serializable data
+      try {
+        const response = await window.electron.ipcRenderer.invoke(
+          'fetch-data',
+          { userInput },
+        );
+        console.log('Received data:', response);
+        setLoading(false);
+        setMessages(response.result.response);
+      } catch (error) {
+        console.error('Failed to fetch data:', error);
+        // Handle errors from the main process
+      }
+    };
+
+    fetchDataFromApi();
+  }, []); // Empty dependency array ensures useEffect runs only once
+
+  return (
+    <div>
+      {loading && (
+        <div className="flex justify-center my-10">
+          <Loader2 className=" animate-spin" size={36} />
+        </div>
+      )}
+      <div className="max-h-[30rem] overflow-scroll py-2">
+        <p key={messages.length}>{messages}</p>
+      </div>
+      {error && <p>Error: {error}</p>}
+      <Button onClick={closeModal}>Close</Button>
+    </div>
+  );
+};
+
+export const AskAi = ({
+  input,
+  severity,
+}: {
+  input: string;
+  severity: string;
+}) => {
+  const [isModalOpen, setIsModalOpen] = useState(false);
+
+  const openModal = () => setIsModalOpen(true);
+  const closeModal = () => setIsModalOpen(false);
+
+  return (
+    <div className="p-4">
+      <Dialog open={isModalOpen} onOpenChange={setIsModalOpen}>
+        <DialogTrigger asChild>
+          <Button variant="outline" onClick={openModal}>
+            {severity}
+          </Button>
+        </DialogTrigger>
+        <DialogContent className="sm:max-w-[425px]">
+          <DialogHeader>
+            <DialogTitle>Getting info about this vulnerability</DialogTitle>
+          </DialogHeader>
+          <UIofAI input={input} closeModal={closeModal} />
+        </DialogContent>
+      </Dialog>
+    </div>
+  );
+};
diff --git a/src/renderer/components/projectCard.tsx b/src/renderer/components/projectCard.tsx
@@ -33,17 +33,14 @@ export function ProjectCard({ name }: { name: string }) {
   return (
     project && (
       <Link key={`${project.name}-kit`} to={`/${name}/dashboard`}>
-        <Card className="hover:bg-slate-900 cursor-pointer duration-300">
+        <Card className="hover:bg-gray-500 bg-gray-500/20 cursor-pointer duration-300">
           <CardHeader>
             <CardTitle>{project.name}</CardTitle>
             <CardDescription>{project.domain}</CardDescription>
           </CardHeader>
           <CardContent>
             <p>{formatDistanceToNow(project.updatedAt ?? Date.now())}</p>
           </CardContent>
-          <CardFooter>
-            <p>Card Footer</p>
-          </CardFooter>
         </Card>
       </Link>
     )

diff --git a/src/renderer/components/sidebar.tsx b/src/renderer/components/sidebar.tsx
@@ -34,16 +34,10 @@ const dashboardMenu: DashboardMenu[] = [
     title: 'Attacks',
     icon: <PocketKnife className="mr-2 h-4 w-4" />,
   },
-  {
-    href: 'interceptor',
-    title: 'Interceptor',
-    Disabled: true,
-    icon: <LayoutDashboardIcon className="mr-2 h-4 w-4" />,
-  },
 
   {
     href: 'jsleaks',
-    title: 'JsLeaks',
+    title: 'JavaScript Leaks',
     icon: <LayoutDashboardIcon className="mr-2 h-4 w-4" />,
   },
 ];
@@ -57,15 +51,8 @@ const resultArch: DashboardMenu[] = [
   {
     href: 'attack-result',
     title: 'Attack',
-    Disabled: true,
     icon: <PocketKnife className="mr-2 h-4 w-4" />,
   },
-  {
-    href: 'interceptor-result',
-    title: 'Interceptor',
-    Disabled: true,
-    icon: <LayoutDashboardIcon className="mr-2 h-4 w-4" />,
-  },
 ];
 
 export default function SideBar({ project }: SideBarProps) {

diff --git a/src/renderer/index.tsx b/src/renderer/index.tsx
@@ -6,10 +6,3 @@ import App from './App';
 const container = document.getElementById('root') as HTMLElement;
 const root = createRoot(container);
 root.render(<App />);
-
-// calling IPC exposed from preload script
-window.electron.ipcRenderer.once('ipc-example', (arg) => {
-  // eslint-disable-next-line no-console
-  console.log(arg);
-});
-window.electron.ipcRenderer.sendMessage('ipc-example', ['ping']);