Try using Sekiro on Tampermonkey

Preface

This article is based on the testing services provided by Intra Technology. If you need to use your own self-built server and require tutorial assistance, you can refer to this document: https://iinti.cn/sekiro-article/sekiro-js-4/

This article uses an HTTP site for testing. If your target site is using HTTPS, please modify ws to wss and configure the certificate by referring to https://iinti.cn/sekiro-doc/02_advance/03_sslForWebsocket.html#%E9%85%8D%E7%BD%AE%E5%9F%9F%E5%90%8D%E5%88%97%E8%A1%A8. You can also consult us directly, as we can provide SaaS solutions.

If you find Sekiro very useful, feel free to contact us for collaboration.

Writing Tampermonkey Script

First, create a new Tampermonkey script. img.png

Then, import the key function SekiroClient()

function SekiroClient(e){if(this.wsURL=e,this.handlers={},this.socket={},!e)throw new Error("wsURL can not be empty!!");this.webSocketFactory=this.resolveWebSocketFactory(),this.connect()}SekiroClient.prototype.resolveWebSocketFactory=function(){if("object"==typeof window){var e=window.WebSocket?window.WebSocket:window.MozWebSocket;return function(o){function t(o){this.mSocket=new e(o)}return t.prototype.close=function(){this.mSocket.close()},t.prototype.onmessage=function(e){this.mSocket.onmessage=e},t.prototype.onopen=function(e){this.mSocket.onopen=e},t.prototype.onclose=function(e){this.mSocket.onclose=e},t.prototype.send=function(e){this.mSocket.send(e)},new t(o)}}if("object"==typeof weex)try{console.log("test webSocket for weex");var o=weex.requireModule("webSocket");return console.log("find webSocket for weex:"+o),function(e){try{o.close()}catch(e){}return o.WebSocket(e,""),o}}catch(e){console.log(e)}if("object"==typeof WebSocket)return function(o){return new e(o)};throw new Error("the js environment do not support websocket")},SekiroClient.prototype.connect=function(){console.log("sekiro: begin of connect to wsURL: "+this.wsURL);var e=this;try{this.socket=this.webSocketFactory(this.wsURL)}catch(o){return console.log("sekiro: create connection failed,reconnect after 2s:"+o),void setTimeout(function(){e.connect()},2e3)}this.socket.onmessage(function(o){e.handleSekiroRequest(o.data)}),this.socket.onopen(function(e){console.log("sekiro: open a sekiro client connection")}),this.socket.onclose(function(o){console.log("sekiro: disconnected ,reconnection after 2s"),setTimeout(function(){e.connect()},2e3)})},SekiroClient.prototype.handleSekiroRequest=function(e){console.log("receive sekiro request: "+e);var o=JSON.parse(e),t=o.__sekiro_seq__;if(o.action){var n=o.action;if(this.handlers[n]){var s=this.handlers[n],i=this;try{s(o,function(e){try{i.sendSuccess(t,e)}catch(e){i.sendFailed(t,"e:"+e)}},function(e){i.sendFailed(t,e)})}catch(e){console.log("error: "+e),i.sendFailed(t,":"+e)}}else this.sendFailed(t,"no action handler: "+n+" defined")}else this.sendFailed(t,"need request param {action}")},SekiroClient.prototype.sendSuccess=function(e,o){var t;if("string"==typeof o)try{t=JSON.parse(o)}catch(e){(t={}).data=o}else"object"==typeof o?t=o:(t={}).data=o;(Array.isArray(t)||"string"==typeof t)&&(t={data:t,code:0}),t.code?t.code=0:(t.status,t.status=0),t.__sekiro_seq__=e;var n=JSON.stringify(t);console.log("response :"+n),this.socket.send(n)},SekiroClient.prototype.sendFailed=function(e,o){"string"!=typeof o&&(o=JSON.stringify(o));var t={};t.message=o,t.status=-1,t.__sekiro_seq__=e;var n=JSON.stringify(t);console.log("sekiro: response :"+n),this.socket.send(n)},SekiroClient.prototype.registerAction=function(e,o){if("string"!=typeof e)throw new Error("an action must be string");if("function"!=typeof o)throw new Error("a handler must be function");return console.log("sekiro: register action: "+e),this.handlers[e]=o,this};

Write a Sekiro startup function, with the following considerations:

  • You can start by using the test service
    • Login with the test user at http://sekiro.iinti.cn/
    • Username: sekiro
    • Password: sekiro
function start_sekiro() {
    // 根据ip和port进行配置,创建client
    var client = new SekiroClient("ws://sekiro.iinti.cn:5612/business/register?group=demo-ws&clientId=" + Math.random());  // 修改成自己的group
    // 注册分组
    client.registerAction("testAction", function (request, resolve, reject) {
        var param = request["param"]; // 接收传递的参数
        if (!param) {
            reject("need param{param}");
            return;
        }
        console.log(`testAction:${param}`);
        try {
            var result = document.cookie; // 获取页面cookie
            resolve(result); // 将cookie传递出去
        } catch (e) {
            reject(`error:${e}`); // 异常处理
        }
    })
}

Finally, refresh the target website page in the browser to enable the Tampermonkey script. You can see in the console that the connection has been successfully established~ img_1.png

The complete code is as follows:

(function () {
    // 引入关键函数
    function SekiroClient(e){if(this.wsURL=e,this.handlers={},this.socket={},!e)throw new Error("wsURL can not be empty!!");this.webSocketFactory=this.resolveWebSocketFactory(),this.connect()}SekiroClient.prototype.resolveWebSocketFactory=function(){if("object"==typeof window){var e=window.WebSocket?window.WebSocket:window.MozWebSocket;return function(o){function t(o){this.mSocket=new e(o)}return t.prototype.close=function(){this.mSocket.close()},t.prototype.onmessage=function(e){this.mSocket.onmessage=e},t.prototype.onopen=function(e){this.mSocket.onopen=e},t.prototype.onclose=function(e){this.mSocket.onclose=e},t.prototype.send=function(e){this.mSocket.send(e)},new t(o)}}if("object"==typeof weex)try{console.log("test webSocket for weex");var o=weex.requireModule("webSocket");return console.log("find webSocket for weex:"+o),function(e){try{o.close()}catch(e){}return o.WebSocket(e,""),o}}catch(e){console.log(e)}if("object"==typeof WebSocket)return function(o){return new e(o)};throw new Error("the js environment do not support websocket")},SekiroClient.prototype.connect=function(){console.log("sekiro: begin of connect to wsURL: "+this.wsURL);var e=this;try{this.socket=this.webSocketFactory(this.wsURL)}catch(o){return console.log("sekiro: create connection failed,reconnect after 2s:"+o),void setTimeout(function(){e.connect()},2e3)}this.socket.onmessage(function(o){e.handleSekiroRequest(o.data)}),this.socket.onopen(function(e){console.log("sekiro: open a sekiro client connection")}),this.socket.onclose(function(o){console.log("sekiro: disconnected ,reconnection after 2s"),setTimeout(function(){e.connect()},2e3)})},SekiroClient.prototype.handleSekiroRequest=function(e){console.log("receive sekiro request: "+e);var o=JSON.parse(e),t=o.__sekiro_seq__;if(o.action){var n=o.action;if(this.handlers[n]){var s=this.handlers[n],i=this;try{s(o,function(e){try{i.sendSuccess(t,e)}catch(e){i.sendFailed(t,"e:"+e)}},function(e){i.sendFailed(t,e)})}catch(e){console.log("error: "+e),i.sendFailed(t,":"+e)}}else this.sendFailed(t,"no action handler: "+n+" defined")}else this.sendFailed(t,"need request param {action}")},SekiroClient.prototype.sendSuccess=function(e,o){var t;if("string"==typeof o)try{t=JSON.parse(o)}catch(e){(t={}).data=o}else"object"==typeof o?t=o:(t={}).data=o;(Array.isArray(t)||"string"==typeof t)&&(t={data:t,code:0}),t.code?t.code=0:(t.status,t.status=0),t.__sekiro_seq__=e;var n=JSON.stringify(t);console.log("response :"+n),this.socket.send(n)},SekiroClient.prototype.sendFailed=function(e,o){"string"!=typeof o&&(o=JSON.stringify(o));var t={};t.message=o,t.status=-1,t.__sekiro_seq__=e;var n=JSON.stringify(t);console.log("sekiro: response :"+n),this.socket.send(n)},SekiroClient.prototype.registerAction=function(e,o){if("string"!=typeof e)throw new Error("an action must be string");if("function"!=typeof o)throw new Error("a handler must be function");return console.log("sekiro: register action: "+e),this.handlers[e]=o,this};

    function start_sekiro() {
      // 根据ip和port进行配置,创建client
      var client = new SekiroClient("ws://sekiro.iinti.cn:5612/business/register?group=demo-ws&clientId=" + Math.random());  // 修改成自己的group
      // 注册分组
      client.registerAction("testAction", function (request, resolve, reject) {
        var param = request["param"]; // 接收传递的参数
        if (!param) {
          reject("need param{param}");
          return;
        }
        console.log(`testAction:${param}`);
        try {
          var result = document.cookie; // 获取页面cookie
          resolve(result); // 将cookie传递出去
        } catch (e) {
          reject(`error:${e}`); // 异常处理
        }
      })
    }
    setTimeout(start_sekiro, 2000) // 等待20s加载Sekiro客户端
})();

Verification

Use a GET request in the browser address bar for verification: https://sekiro.iinti.cn/business/invoke?group=demo-ws&action=testAction&param=testparm

You should see a successful return of our cookie (the logic registered for testAction in the Tampermonkey script). img_2.png

Sekiro Documentation & Test Account Login

Documentation link: Sekiro Documentation

Login site: Sekiro Login

  • Test account username: sekiro
  • Password: sekiro

After logging in, users can establish their own groups. img_4.png

They can also view group-level monitoring, action-level monitoring, client monitoring, etc. img_7.png img_6.png