Recent

Author Topic: Synapse and Javascript...  (Read 4123 times)

lazzaro2023

  • New Member
  • *
  • Posts: 36
Synapse and Javascript...
« on: January 03, 2025, 09:30:26 am »
Hi guys,
I’d like to use Synapse to integrate REST APIs on a free hosting service. However, when I try to call a PHP file on the server, I get an error because the system requires JavaScript to be enabled in the browser. Is there a way to work around this issue?

Thanks in advance for your help! 😊

egsuh

  • Hero Member
  • *****
  • Posts: 1524
Re: Synapse and Javascript...
« Reply #1 on: January 03, 2025, 09:51:37 am »
It seems that the response PHP file contains javascript codes. If your Lazarus application is receiving the response from webserver I think there are no way to run the page correctly.

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #2 on: January 03, 2025, 10:34:45 am »
BTW. This has nothing to do with PHP itself. You, as a client, are not even aware the page is created by PHP. It could even have been created by FPC ;) (The extension does not guarantee the language behind it)

But yes, you need to dive into the javascript to see what it does to see if you can simulate that with FPC.
Without knowing which service we can't do that for you.

Normally the javascript (on client side) can talk to an API of that service so you need to use the Developer tools (F12 or CTRL+SHIFT+I) of your browser to see what URLS are actually called during execution of that javascript.

lazzaro2023

  • New Member
  • *
  • Posts: 36
Re: Synapse and Javascript...
« Reply #3 on: January 08, 2025, 12:00:19 pm »
Thank you for your response.

I understand that the page could be created by different languages and that the extension doesn't guarantee the language behind it. I have inspected the JavaScript using the Developer tools and found that the server responds with the following code:
Quote
<html>
  <body>
    <script type="text/javascript" src="aes.js"></script>
    <script>
      function toNumbers(d) {
        var e = [];
        d.replace(/(..)/g, function(d) {
          e.push(parseInt(d, 16));
        });
        return e;
      }
     
      function toHex() {
        for (var d = [], d = 1 == arguments.length && arguments[0].constructor == Array ? arguments[0] : arguments, e = "", f = 0; f < d.length; f++) {
          e += (16 > d[f] ? "0" : "") + d[f].toString(16);
        }
        return e.toLowerCase();
      }
     
      var a = toNumbers("f655ba9d09a112d4968c63579db590b4"),
          b = toNumbers("98344c2eee86c3994890592585b49f80"),
          c = toNumbers("73dd13e2f3322a2a254eb8f009b8b2d2");
         
      document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
      console.log(document.cookie);
      location.href = "http://example.rf.gd/phpcode.php?i=1";
    </script>
    <noscript>
      This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support.
    </noscript>
  </body>
</html>


How can I circumvent this response to access the data I need?

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #4 on: January 08, 2025, 12:13:23 pm »
How can I circumvent this response to access the data I need?
The javascript is relatively simple.
You see that there that it creates a cookie named __test:
Code: Pascal  [Select][+][-]
  1.  document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
after that it simply redirects to http://example.rf.gd/phpcode.php?i=1

So all you need to do is recreate that javascript to create a cookie and pass it with you get of the HTTP page.

BTW. I see the cookie expires in 2037 so you might even get away with just copying the value of an existing cookie (which you can find in the developer tools (CTRL+SHIFT+I) and pass that to http://example.rf.gd/phpcode.php?i=1

lazzaro2023

  • New Member
  • *
  • Posts: 36
Re: Synapse and Javascript...
« Reply #5 on: January 08, 2025, 12:31:01 pm »
I tried following your advice, but I'm still getting the same response. Here is the code I used:
Quote
program SynapseExample;

{$mode objfpc}{$H+}

uses
  Classes, SysUtils, httpsend, ssl_openssl, synacode;

var
  HTTPSender: THTTPSend;
  URL: string;
  Cookie: string;
  UserAgent: string;
  Response: TStringList;
begin
  // URL of the page you want to access
  URL := 'http://example.rf.gd/?i=1';

  // Cookie to set
  Cookie := '__test=a0b750cece14afcfc3e9484b2479758d';

  // User-Agent to simulate a browser with JavaScript enabled
  UserAgent := 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36';

  // Create the HTTPSender object
  HTTPSender := THTTPSend.Create;
  try
    // Set the User-Agent header
    HTTPSender.Headers.Add('User-Agent: ' + UserAgent);

    // Set the cookie
    HTTPSender.Cookies.Add(Cookie);

    // Send the HTTP GET request
    if HTTPSender.HTTPMethod('GET', URL) then
    begin
      // Read the response
      Response := TStringList.Create;
      try
        Response.LoadFromStream(HTTPSender.Document);
        WriteLn('Response: ', Response.Text);
      finally
        Response.Free;
      end;
    end
    else
    begin
      WriteLn('HTTP request error: ', HTTPSender.ResultCode, ' ', HTTPSender.ResultString);
    end;
  finally
    HTTPSender.Free;
  end;
end.

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #6 on: January 08, 2025, 12:32:55 pm »
I tried following your advice, but I'm still getting the same response. Here is the code I used:
You still used the wrong URL http://example.rf.gd/?i=1%27;
In the javascript code you see there is a redirect to http://example.rf.gd/phpcode.php?i=1
So you need to get that page with the cookie set.

lazzaro2023

  • New Member
  • *
  • Posts: 36
Re: Synapse and Javascript...
« Reply #7 on: January 08, 2025, 01:12:21 pm »
I corrected it, but the response is still the same.

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #8 on: January 08, 2025, 01:15:21 pm »
I corrected it, but the response is still the same.
Well, you didn't even mention what the actual result was so I don't know.
Without actual URL we can't even test this ourselves.
So there you are on your own.

My only advice is to use the Developer tools and look if there is something else passed on when doing this in the browser.
You need to mimicks this exactly.

It's also possible the cookie is only valid 1 time.
In that case you would need to create the cookie yourself with exactly the same code (converted to FPC).

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #9 on: January 08, 2025, 01:17:15 pm »
BTW looking at that javascript it seems to be similar to this:

https://github.com/HakkanR/slowAES

So maybe you have some use with that page.

lazzaro2023

  • New Member
  • *
  • Posts: 36
Re: Synapse and Javascript...
« Reply #10 on: January 09, 2025, 07:44:24 am »
Thanks for the heads-up! 
I checked out the link you shared, but the library is written in C. 
I tried following the suggestions on GitHub, but I'm not getting the expected values from the slowAes decrypt. 
I used DCPcrypt, but the decrypted value doesn't match. 
If anyone wants to help, here's the link: http://synapse.rf.gd/test.php
test.php outputs "Hello world."


egsuh

  • Hero Member
  • *****
  • Posts: 1524
Re: Synapse and Javascript...
« Reply #11 on: January 09, 2025, 08:15:27 am »
The server seems to check whether your browser, in this case, HTTPSender, can process javascript first.

When you type in http://example.rf.gd/?i=1 at browser, you'll see the normal page. But when I called the link from my synapse example, I got the response that you posted.

Don't know how the (PHP) server operates.

rvk

  • Hero Member
  • *****
  • Posts: 6643
Re: Synapse and Javascript...
« Reply #12 on: January 09, 2025, 09:05:47 am »
If anyone wants to help, here's the link: http://synapse.rf.gd/test.php
test.php outputs "Hello world."
Eye... that was a tricky basterd  ::)

I tried a few things. Ended up seeing if it would work with curl and indeed that worked.
Code: Bash  [Select][+][-]
  1. curl -v -A "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" -H "Cookie: __test=9755fad6fdef4cf5dec0f7c231a4e4b1"  http://synapse.rf.gd/test.php

Eventually I found out that site really really really doesn't like any variation in User-Agent.
So if you give it an exactly correct user-agent... it should work:

BTW. Once you have a cookie value, you don't need the ?i=1 anymore.
I'm not sure if that same cookie can be used with different variations of that site and if it keep being valid.

Code: Pascal  [Select][+][-]
  1. program synapseexample;
  2.  
  3. {$mode objfpc}{$H+}
  4.  
  5. uses
  6.   Classes, SysUtils, httpsend, synacode;
  7.  
  8. var
  9.   HTTPSender: THTTPSend;
  10.   URL: string;
  11.   Response: TStringList;
  12. begin
  13.   URL := 'http://synapse.rf.gd/test.php';
  14.  
  15.   // URL := 'http://httpbin.org/get';
  16.  
  17.   HTTPSender := THTTPSend.Create;
  18.   try
  19.     HTTPSender.UserAgent := 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36';
  20.     HTTPSender.Headers.Add('Cookie: __test=9755fad6fdef4cf5dec0f7c231a4e4b1');
  21.  
  22.     if HTTPSender.HTTPMethod('GET', URL) then
  23.     begin
  24.       Response := TStringList.Create;
  25.       try
  26.         Response.LoadFromStream(HTTPSender.Document);
  27.         WriteLn('Response: ', Response.Text);
  28.       finally
  29.         Response.Free;
  30.       end;
  31.     end
  32.     else
  33.     begin
  34.       WriteLn('HTTP request error: ', HTTPSender.ResultCode, ' ', HTTPSender.ResultString);
  35.     end;
  36.   finally
  37.     HTTPSender.Free;
  38.   end;
  39.   readln;
  40. end.

egsuh

  • Hero Member
  • *****
  • Posts: 1524
Re: Synapse and Javascript...
« Reply #13 on: January 09, 2025, 12:59:33 pm »
Quote
    HTTPSender.UserAgent := 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36';
    HTTPSender.Headers.Add('Cookie: __test=9755fad6fdef4cf5dec0f7c231a4e4b1');

Wow. This is a great finding.

lazzaro2023

  • New Member
  • *
  • Posts: 36
Re: Synapse and Javascript...
« Reply #14 on: January 09, 2025, 03:18:36 pm »
Thanks for the tip.
Awesome!!!"

 

TinyPortal © 2005-2018