├── README.md └── ptest.js /README.md: -------------------------------------------------------------------------------- 1 | # dev-console-ptest-script 2 | -------------------------------------------------------------------------------- /ptest.js: -------------------------------------------------------------------------------- 1 | // to load this script into a dev console paste the line under this without comments 2 | // fetch("https://raw.githubusercontent.com/DrakeAxelrod/dev-console-ptest-script/main/ptest.js").then(res => res.text()).then(res => eval(res)) 3 | 4 | ((window) => { 5 | window.ptest = {} 6 | 7 | window.ptest.save = (data, filename) => { 8 | if (!data) { 9 | console.error("Console.save: No data") 10 | return 11 | } 12 | 13 | if (!filename) filename = `${window.location.href}.json` 14 | 15 | if (typeof data === "object") { 16 | data = JSON.stringify(data, undefined, 4) 17 | } 18 | 19 | let blob = new Blob([data], { type: "text/json" }), 20 | e = document.createEvent("MouseEvents"), 21 | a = document.createElement("a") 22 | 23 | a.download = filename 24 | a.href = window.URL.createObjectURL(blob) 25 | a.dataset.downloadurl = ["text/json", a.download, a.href].join(":") 26 | e.initMouseEvent("click", true, false, window, 0, 0, 0, 0, 0, false, false, false, false, 0, null) 27 | a.dispatchEvent(e) 28 | } 29 | 30 | window.ptest.vars = () => { 31 | const results = {} 32 | const standardGlobals = new Set([ 33 | "window", 34 | "self", 35 | "document", 36 | "name", 37 | "location", 38 | "customElements", 39 | "history", 40 | "locationbar", 41 | "menubar", 42 | "personalbar", 43 | "scrollbars", 44 | "statusbar", 45 | "toolbar", 46 | "status", 47 | "closed", 48 | "frames", 49 | "length", 50 | "top", 51 | "opener", 52 | "parent", 53 | "frameElement", 54 | "navigator", 55 | "origin", 56 | "external", 57 | "screen", 58 | "innerWidth", 59 | "innerHeight", 60 | "scrollX", 61 | "pageXOffset", 62 | "scrollY", 63 | "pageYOffset", 64 | "visualViewport", 65 | "screenX", 66 | "screenY", 67 | "outerWidth", 68 | "outerHeight", 69 | "devicePixelRatio", 70 | "clientInformation", 71 | "screenLeft", 72 | "screenTop", 73 | "defaultStatus", 74 | "defaultstatus", 75 | "styleMedia", 76 | "onsearch", 77 | "isSecureContext", 78 | "performance", 79 | "onappinstalled", 80 | "onbeforeinstallprompt", 81 | "crypto", 82 | "indexedDB", 83 | "webkitStorageInfo", 84 | "sessionStorage", 85 | "localStorage", 86 | "onabort", 87 | "onblur", 88 | "oncancel", 89 | "oncanplay", 90 | "oncanplaythrough", 91 | "onchange", 92 | "onclick", 93 | "onclose", 94 | "oncontextmenu", 95 | "oncuechange", 96 | "ondblclick", 97 | "ondrag", 98 | "ondragend", 99 | "ondragenter", 100 | "ondragleave", 101 | "ondragover", 102 | "ondragstart", 103 | "ondrop", 104 | "ondurationchange", 105 | "onemptied", 106 | "onended", 107 | "onerror", 108 | "onfocus", 109 | "onformdata", 110 | "oninput", 111 | "oninvalid", 112 | "onkeydown", 113 | "onkeypress", 114 | "onkeyup", 115 | "onload", 116 | "onloadeddata", 117 | "onloadedmetadata", 118 | "onloadstart", 119 | "onmousedown", 120 | "onmouseenter", 121 | "onmouseleave", 122 | "onmousemove", 123 | "onmouseout", 124 | "onmouseover", 125 | "onmouseup", 126 | "onmousewheel", 127 | "onpause", 128 | "onplay", 129 | "onplaying", 130 | "onprogress", 131 | "onratechange", 132 | "onreset", 133 | "onresize", 134 | "onscroll", 135 | "onseeked", 136 | "onseeking", 137 | "onselect", 138 | "onstalled", 139 | "onsubmit", 140 | "onsuspend", 141 | "ontimeupdate", 142 | "ontoggle", 143 | "onvolumechange", 144 | "onwaiting", 145 | "onwebkitanimationend", 146 | "onwebkitanimationiteration", 147 | "onwebkitanimationstart", 148 | "onwebkittransitionend", 149 | "onwheel", 150 | "onauxclick", 151 | "ongotpointercapture", 152 | "onlostpointercapture", 153 | "onpointerdown", 154 | "onpointermove", 155 | "onpointerup", 156 | "onpointercancel", 157 | "onpointerover", 158 | "onpointerout", 159 | "onpointerenter", 160 | "onpointerleave", 161 | "onselectstart", 162 | "onselectionchange", 163 | "onanimationend", 164 | "onanimationiteration", 165 | "onanimationstart", 166 | "ontransitionrun", 167 | "ontransitionstart", 168 | "ontransitionend", 169 | "ontransitioncancel", 170 | "onafterprint", 171 | "onbeforeprint", 172 | "onbeforeunload", 173 | "onhashchange", 174 | "onlanguagechange", 175 | "onmessage", 176 | "onmessageerror", 177 | "onoffline", 178 | "ononline", 179 | "onpagehide", 180 | "onpageshow", 181 | "onpopstate", 182 | "onrejectionhandled", 183 | "onstorage", 184 | "onunhandledrejection", 185 | "onunload", 186 | "alert", 187 | "atob", 188 | "blur", 189 | "btoa", 190 | "cancelAnimationFrame", 191 | "cancelIdleCallback", 192 | "captureEvents", 193 | "clearInterval", 194 | "clearTimeout", 195 | "close", 196 | "confirm", 197 | "createImageBitmap", 198 | "fetch", 199 | "find", 200 | "focus", 201 | "getComputedStyle", 202 | "getSelection", 203 | "matchMedia", 204 | "moveBy", 205 | "moveTo", 206 | "open", 207 | "postMessage", 208 | "print", 209 | "prompt", 210 | "queueMicrotask", 211 | "releaseEvents", 212 | "requestAnimationFrame", 213 | "requestIdleCallback", 214 | "resizeBy", 215 | "resizeTo", 216 | "scroll", 217 | "scrollBy", 218 | "scrollTo", 219 | "setInterval", 220 | "setTimeout", 221 | "stop", 222 | "webkitCancelAnimationFrame", 223 | "webkitRequestAnimationFrame", 224 | "chrome", 225 | "caches", 226 | "ondevicemotion", 227 | "ondeviceorientation", 228 | "ondeviceorientationabsolute", 229 | "originAgentCluster", 230 | "cookieStore", 231 | "showDirectoryPicker", 232 | "showOpenFilePicker", 233 | "showSaveFilePicker", 234 | "speechSynthesis", 235 | "onpointerrawupdate", 236 | "trustedTypes", 237 | "crossOriginIsolated", 238 | "openDatabase", 239 | "webkitRequestFileSystem", 240 | "webkitResolveLocalFileSystemURL", 241 | ]) 242 | 243 | for (const key of Object.keys(window)) { 244 | if (!standardGlobals.has(key)) { 245 | results[key] = { 246 | typeof: typeof window[key], 247 | object: window[key], 248 | toString: window[key] ? window[key].toString() : "", 249 | } 250 | } 251 | } 252 | return results 253 | } 254 | 255 | window.ptest.formcontrols = () => { 256 | var forms = document.querySelectorAll("form") 257 | 258 | for (var i = 0, len = forms.length; i < len; i++) { 259 | var tab = [] 260 | 261 | console.group("HTMLForm quot;" + forms[i].name + "quot;: " + forms[i].action) 262 | console.log( 263 | "Element:", 264 | forms[i], 265 | "\nName: " + forms[i].name + "\nMethod: " + forms[i].method.toUpperCase() + "\nAction: " + forms[i].action || 266 | "null", 267 | ) 268 | 269 | ;["input", "textarea", "select"].forEach(function (control) { 270 | ;[].forEach.call(forms[i].querySelectorAll(control), function (node) { 271 | tab.push({ 272 | Element: node, 273 | Type: node.type, 274 | Name: node.name, 275 | Value: node.value, 276 | "Pretty Value": isNaN(node.value) || node.value === "" ? node.value : parseFloat(node.value), 277 | }) 278 | }) 279 | }) 280 | 281 | console.table(tab) 282 | console.groupEnd() 283 | } 284 | } 285 | 286 | window.ptest.logglobals = () => { 287 | "use strict" 288 | 289 | function getIframe() { 290 | var el = document.createElement("iframe") 291 | el.style.display = "none" 292 | document.body.appendChild(el) 293 | var win = el.contentWindow 294 | document.body.removeChild(el) 295 | return win 296 | } 297 | 298 | function detectGlobals() { 299 | var iframe = getIframe() 300 | var ret = Object.create(null) 301 | 302 | for (var prop in window) { 303 | if (!(prop in iframe)) { 304 | ret[prop] = window[prop] 305 | } 306 | } 307 | 308 | return ret 309 | } 310 | 311 | console.log(detectGlobals()) 312 | } 313 | 314 | window.ptest.cookies = () => { 315 | "use strict" 316 | 317 | if (document.cookie) { 318 | const cookies = document.cookie.split(/; ?/).map((s) => { 319 | const [, key, value] = s.match(/^(.*?)=(.*)$/) 320 | return { 321 | key, 322 | value: decodeURIComponent(value), 323 | } 324 | }) 325 | 326 | console.table(cookies) 327 | } else { 328 | console.warn("document.cookie is empty!") 329 | } 330 | } 331 | 332 | // eval that tells you the arguments 333 | window.ptest.eval = eval; 334 | eval = function(){ 335 | console.log(arguments) && window.ptest.eval(...arguments); 336 | } 337 | // sql injection trick 338 | window.ptest.sqllogintrick = (username_ele_id, password_ele_id, submit_ele_id, username_replace="asdf", password_replace="pwd form") => { 339 | document.getElementById(username_ele_id) = username_replace // or 1=1 or 1=1 or 1=1 or ‘a’=’a”; 340 | document.getElementById(password_ele_id) = password_replace; 341 | document.getElementById(submit_ele_id).click(); 342 | } 343 | 344 | })(window) 345 | --------------------------------------------------------------------------------