What's new
Heapleak - Scripthub

Get the most out of HeapLeak by creating a free account! Once signed in, you’ll gain full access to restricted content, be able to share your own scripts, and participate in our member-only discussions.

console http spy

Version / Update: v1.0.0
Download / Script Link
assert(type(rconsoleprint) == "function", "exploit missing rconsoleprint")

if type(import) == "function" then
loadstring(game:HttpGet("https://raw.githubusercontent.com/zzerexx/scripts/main/SynapseToScriptWare.lua"))()
end

local Console = {}
Console.__index = Console

function Console.new()
local self = setmetatable({}, Console)
self._p = rconsoleprint
self._ansi = {
lblue = "\27[94m",
lgreen = "\27[92m",
orange = "\27[38;5;208m",
magenta = "\27[35m",
red = "\27[31m",
lgray = "\27[37m",
cyan = "\27[36m",
yellow = "\27[33m",
reset = "\27[0m",
}
self._methodColors = {
GET = "\27[94m",
POST = "\27[92m",
PATCH = "\27[38;5;208m",
HEAD = "\27[35m",
DELETE = "\27[31m",
}
return self
end

function Console:color(name)
assert(type(name) == "string", "color: name must be string")
self._p(self._ansi[name] or self._ansi.reset)
end

function Console:reset()
self._p(self._ansi.reset)
end

function Console:write(text)
assert(type(text) == "string", "write: text must be string")
self._p(text)
end

function Console:tag(label, colorName, newline)
assert(type(label) == "string", "tag: label must be string")
assert(type(colorName) == "string", "tag: colorName must be string")
self:color("lgray")
self._p("[")
self:color(colorName)
self._p(label)
self:color("lgray")
self._p("] ")
self:reset()
if newline then self._p("\n") end
end

function Console:logRequest(funcName, method, url, blocked)
assert(type(funcName) == "string", "logRequest: funcName must be string")
assert(type(method) == "string", "logRequest: method must be string")
assert(type(url) == "string", "logRequest: url must be string")
assert(type(blocked) == "boolean", "logRequest: blocked must be boolean")
self:tag(blocked and "BLOCKED" or "ALLOWED", blocked and "red" or "lgreen")
self._p(self._methodColors[method] or self._ansi.lgray)
self:tag(method, "lgray")
self._p(funcName .. " | " .. url .. "\n")
end

function Console:clear()
rconsoleclear()
end


local HttpSpy = {}
HttpSpy.__index = HttpSpy

function HttpSpy.new()
local self = setmetatable({}, HttpSpy)
self._con = Console.new()
self._hooks = {}
self._loading = false
self._loaded = false
self._ctrl = false
self._cfg = {
blockWebhooks = false,
blockAll = false,
paused = false,
}
self._status = {
HttpGet = false,
HttpGetAsync = false,
HttpPost = false,
HttpPostAsync = false,
request = false,
}
return self
end

function HttpSpy:_isBlocked(url)
assert(type(url) == "string", "_isBlocked: url must be string")
if self._cfg.blockAll then return true end
if self._cfg.blockWebhooks and (url:find("webhook") or url:find("websec")) then return true end
return false
end

function HttpSpy:_hookRequest(func, name)
assert(type(func) == "function", "_hookRequest: func must be function")
assert(type(name) == "string", "_hookRequest: name must be string")
local spy = self
local old; old = hookfunction(func, function(...)
local data = select(1, ...)
if type(data) == "table" and type(data.Url) == "string" then
local method = type(data.Method) == "string" and data.Method:upper() or "GET"
local blocked = spy:_isBlocked(data.Url)
if not spy._cfg.paused then
spy._con:logRequest(name, method, data.Url, blocked)
end
if blocked then
return { StatusMessage = "Bad request", Success = false, StatusCode = 400, Body = "", Headers = {} }
end
end
return old(...)
end)
self._hooks[func] = old
return true
end

function HttpSpy:_hookHttp(func, name, method)
assert(type(func) == "function", "_hookHttp: func must be function")
assert(type(name) == "string", "_hookHttp: name must be string")
assert(type(method) == "string", "_hookHttp: method must be string")
local spy = self
local old; old = hookfunction(func, function(self2, url, ...)
if type(url) == "string" then
local blocked = spy:_isBlocked(url)
if not spy._cfg.paused then
spy._con:logRequest(name, method, url, blocked)
end
if blocked then return nil end
end
return old(self2, url, ...)
end)
self._hooks[func] = old
return true
end

function HttpSpy:_hookNamecall()
local spy = self
local old; old = hookmetamethod(game, "__namecall", newcclosure(function(self2, ...)
local ncMethod = getnamecallmethod()
local url = select(1, ...)
if type(url) == "string"
and (ncMethod == "HttpGet" or ncMethod == "HttpGetAsync"
or ncMethod == "HttpPost" or ncMethod == "HttpPostAsync") then
local reqMethod = ncMethod:find("Post") and "POST" or "GET"
local blocked = spy:_isBlocked(url)
if not spy._cfg.paused then
spy._con:logRequest(ncMethod, reqMethod, url, blocked)
end
if blocked then return "" end
end
return old(self2, ...)
end))
end

function HttpSpy:_renderUI()
if self._loading then return end
self._loading = true
local c = self._con
c:clear()
c:tag("http spy by koboldpaws#0", "cyan") c:tag("v2.0.0", "cyan") c:write("\n\n")
c:tag("controls", "cyan", true)
c:tag("-", "lgreen") c:tag("focus roblox window to use controls", "yellow", true)
c:tag("!", "red") c:tag("toggling settings clears logs", "yellow", true)
c:tag("CTRL+1", "lgreen") c:write("clear logs\n")
c:tag("CTRL+2", "lgreen") c:write("pause/resume ") c:tag(self._cfg.paused and "PAUSED" or "RUNNING", self._cfg.paused and "red" or "lgreen", true)
c:tag("CTRL+3", "lgreen") c:write("block webhooks ") c:tag(self._cfg.blockWebhooks and "ON" or "OFF", self._cfg.blockWebhooks and "lgreen" or "red", true)
c:tag("CTRL+4", "lgreen") c:write("block all ") c:tag(self._cfg.blockAll and "ON" or "OFF", self._cfg.blockAll and "lgreen" or "red", true)
c:tag("CTRL+BACKSPACE", "lgreen") c:write("unload\n\n")
c:tag("hooks", "cyan", true)
for name, hooked in next, self._status do
c:tag(name, "lgreen") c:tag(hooked and "OK" or "NO", hooked and "lgreen" or "red", true)
end
c:write("\n")
c:tag("log", "cyan", true)
self._loading = false
end

function HttpSpy:_unload()
for func, original in next, self._hooks do
hookfunction(func, original)
end
self._loaded = false
if type(rconsoleclose) == "function" then
rconsoleclose()
else
self._con:tag("unloaded", "red", true)
end
end

function HttpSpy:start()
rconsolename("Http Spy")
local ok, err = pcall(function()
self:_hookNamecall()
self._status.HttpGet = self:_hookHttp(game.HttpGet, "HttpGet", "GET")
self._status.HttpGetAsync = self:_hookHttp(game.HttpGetAsync, "HttpGetAsync", "GET")
self._status.HttpPost = self:_hookHttp(game.HttpPost, "HttpPost", "POST")
self._status.HttpPostAsync = self:_hookHttp(game.HttpPostAsync, "HttpPostAsync", "POST")
local anyReq = false
if type(syn) == "table" and type(syn.request) == "function" then
anyReq = self:_hookRequest(syn.request, "syn.request")
end
if type(http) == "table" and type(http.request) == "function" then
anyReq = self:_hookRequest(http.request, "http.request")
end
for _, name in next, {"request", "http_request"} do
if type(getgenv()[name]) == "function" then
anyReq = self:_hookRequest(getgenv()[name], name)
end
end
self._status.request = anyReq
end)
if not ok then
self._con:tag("hook error: " .. tostring(err), "red", true)
end
self:_renderUI()
local uis = game:GetService("UserInputService")
uis.InputBegan:Connect(function(i, gp)
if gp then return end
local key = i.KeyCode.Name
if key:find("Control") then self._ctrl = true end
if not self._loaded or not self._ctrl then return end
if key == "One" then self:_renderUI()
elseif key == "Two" then self._cfg.paused = not self._cfg.paused; self:_renderUI()
elseif key == "Three" then self._cfg.blockWebhooks = not self._cfg.blockWebhooks; self:_renderUI()
elseif key == "Four" then self._cfg.blockAll = not self._cfg.blockAll; self:_renderUI()
elseif key == "Backspace" then self:_unload()
end
end)
uis.InputEnded:Connect(function(i, gp)
if not gp and i.KeyCode.Name:find("Control") then
self._ctrl = false
end
end)
self._loaded = true
end

HttpSpy.new():start()
[ View More ]
20bb8f92-7fde-44bf-afd7-58e2936c5af7.webp


might be cool might be not who knows
 
Click to expand...
You must log in or register to reply here.
Back
Top