antibot - basic pow with javascript
This commit is contained in:
parent
16e5ede130
commit
6645632846
|
@ -7,7 +7,15 @@
|
|||
return hashHex;
|
||||
}
|
||||
(async () => {
|
||||
const digestHex = await digestMessage('%s');
|
||||
const nonce = '%s';
|
||||
var i = 0;
|
||||
while (true) {
|
||||
var digestHex = await digestMessage(nonce + i.toString());
|
||||
if (digestHex.startsWith("0000")) {
|
||||
break;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
xhr = new XMLHttpRequest();
|
||||
xhr.open('POST', '%s');
|
||||
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
|
||||
|
@ -16,6 +24,6 @@
|
|||
window.location.replace('%s');
|
||||
}
|
||||
};
|
||||
xhr.send(encodeURI('challenge=' + digestHex));
|
||||
xhr.send(encodeURI('challenge=' + i.toString()));
|
||||
})();
|
||||
</script>
|
||||
|
|
|
@ -242,7 +242,7 @@ if use_crowdsec then
|
|||
end
|
||||
|
||||
-- cookie check
|
||||
if use_antibot_cookie then
|
||||
if use_antibot_cookie and ngx.var.uri ~= "/favicon.ico" then
|
||||
if not cookie.is_set("uri") then
|
||||
if ngx.var.request_uri ~= antibot_uri then
|
||||
cookie.set({uri = ngx.var.request_uri})
|
||||
|
@ -258,7 +258,7 @@ if use_antibot_cookie then
|
|||
end
|
||||
|
||||
-- javascript check
|
||||
if use_antibot_javascript then
|
||||
if use_antibot_javascript and ngx.var.uri ~= "/favicon.ico" then
|
||||
if not cookie.is_set("javascript") then
|
||||
if ngx.var.request_uri ~= antibot_uri then
|
||||
cookie.set({uri = ngx.var.request_uri, challenge = javascript.get_challenge()})
|
||||
|
@ -268,7 +268,7 @@ if use_antibot_javascript then
|
|||
end
|
||||
|
||||
-- captcha check
|
||||
if use_antibot_captcha then
|
||||
if use_antibot_captcha and ngx.var.uri ~= "/favicon.ico" then
|
||||
if not cookie.is_set("captcha") then
|
||||
if ngx.var.request_uri ~= antibot_uri then
|
||||
cookie.set({uri = ngx.var.request_uri})
|
||||
|
@ -278,7 +278,7 @@ if use_antibot_captcha then
|
|||
end
|
||||
|
||||
-- recaptcha check
|
||||
if use_antibot_recaptcha then
|
||||
if use_antibot_recaptcha and ngx.var.uri ~= "/favicon.ico" then
|
||||
if not cookie.is_set("recaptcha") then
|
||||
if ngx.var.request_uri ~= antibot_uri then
|
||||
cookie.set({uri = ngx.var.request_uri})
|
||||
|
|
|
@ -32,12 +32,15 @@ function M.get_code (challenge, antibot_uri, original_uri)
|
|||
end
|
||||
|
||||
function M.check (challenge, user)
|
||||
ngx.log(ngx.ERR, "debug challenge = " .. challenge)
|
||||
ngx.log(ngx.ERR, "debug user = " .. user)
|
||||
local resty_sha256 = require "resty.sha256"
|
||||
local str = require "resty.string"
|
||||
local sha256 = resty_sha256:new()
|
||||
sha256:update(challenge)
|
||||
sha256:update(challenge .. user)
|
||||
local digest = sha256:final()
|
||||
return str.to_hex(digest) == user
|
||||
ngx.log(ngx.ERR, "debug digest = " .. str.to_hex(digest))
|
||||
return str.to_hex(digest):find("^0000") ~= nil
|
||||
end
|
||||
|
||||
return M
|
||||
|
|
Loading…
Reference in New Issue