List of usage examples for org.openqa.selenium WebDriver switchTo
TargetLocator switchTo();
From source file:wsattacker.sso.openid.attacker.evaluation.SeleniumBrowser.java
License:Open Source License
public static void loginVictimToWordpress() { WebDriver driver = getWebDriver(); JavascriptExecutor jse = (JavascriptExecutor) driver; jse.executeScript("var win = window.open('https://de.wordpress.com/wp-login.php');"); List<String> windowhandles = new ArrayList<>(driver.getWindowHandles()); driver.switchTo().window(windowhandles.get(1)); WebElement element = driver.findElement(By.id("user_login")); element.clear();//from w w w .ja va 2s.c o m element.sendKeys("victim123456789"); element = driver.findElement(By.id("user_pass")); element.clear(); element.sendKeys("Victim1234!"); element.submit(); /*windowhandles.forEach((windowHandle) -> { System.out.println("windowHandle: " + windowHandle); });*/ driver.switchTo().window(windowhandles.get(0)); }
From source file:wsattacker.sso.openid.attacker.evaluation.strategies.InjectJavaScriptLoginStrategy.java
License:Open Source License
@Override public LoginResult login(User user, ServiceProvider serviceProvider) { // before loginAndDetermineAuthenticatedUser remove all cookies SeleniumBrowser.deleteAllCookies();//w w w .ja v a 2s.c o m // copy log entries before login List<RequestLogEntry> logEntriesBeforeLogin = new ArrayList<>(RequestLogger.getInstance().getEntryList()); // open url WebDriver driver = SeleniumBrowser.getWebDriver(); driver.get(serviceProvider.getUrl()); /* Search the page for the OpenID input field. According to the standard it should be called "openid_identifier" but some other frequent names are also tried. */ WebElement element = null; String[] possibleNames = { "openid_identifier", "openid", "openID", "openid_url", "openid:url", "user", "openid-url", "openid-identifier", "oid_identifier", "ctl00$Column1Area$OpenIDControl1$openid_url", "user_input", "openIdUrl" }; for (String possibleName : possibleNames) { try { element = driver.findElement(By.name(possibleName)); System.out.println("Find OpenID field with name: " + possibleName); break; } catch (NoSuchElementException exception) { //System.out.println("Cannot find: " + possibleName); } } // save old XRDS lcoation String oldIdentity = OpenIdServerConfiguration.getAttackerInstance().getHtmlConfiguration().getIdentity(); /* If an input field is found, it is filled with the OpenID identifier. Selenium cannot set text of hidden input field, consequently, JavaScript is injected which performs this task. */ if (element != null) { JavascriptExecutor jse = (JavascriptExecutor) driver; // set text of text field switch (user) { case VICTIM: jse.executeScript("arguments[0].value='" + serviceProvider.getVictimOpenId() + "'", element); break; case ATTACKER: jse.executeScript("arguments[0].value='" + serviceProvider.getAttackerOpenId() + "'", element); break; case ATTACKER_RANDOM: String attackerOpenId = serviceProvider.getAttackerOpenId(); if (attackerOpenId.endsWith("/")) { attackerOpenId = attackerOpenId.substring(0, attackerOpenId.length() - 1); } String randomAttackerIdentity = attackerOpenId + RandomStringUtils.random(10, true, true); OpenIdServerConfiguration.getAttackerInstance().getHtmlConfiguration() .setIdentity(randomAttackerIdentity); jse.executeScript("arguments[0].value='" + randomAttackerIdentity + "'", element); break; } // special case: owncloud if (driver.getCurrentUrl().contains("owncloud")) { // set arbitrary password WebElement passwordElement = driver.findElement(By.id("password")); passwordElement.clear(); passwordElement.sendKeys("xyz"); WebElement submitElement = driver.findElement(By.id("submit")); jse.executeScript("var element = arguments[0]; element.removeAttribute('id');", submitElement); } // submit form if (element.isDisplayed()) { // element.submit(); // does not work as expected element.sendKeys(Keys.RETURN); } else { jse.executeScript("var element = arguments[0];" + "while(element.tagName != 'FORM') {" + "element = element.parentNode;" + "console.log(element);" + "}" + "element.submit();", element); } } // click on accept in modal alert window (if present) try { driver.switchTo().alert().accept(); } catch (NoAlertPresentException ex) { // do nothing } // wait 10 seconds: hopefully, all redirects are performed then try { Thread.sleep(10000); } catch (InterruptedException ex) { Logger.getLogger(ServiceProvider.class.getName()).log(Level.SEVERE, null, ex); } /* determines the log entries of the current login procedure: logEntries = logEntriesAfterLogin - logEntriesBeforeLogin (subtraction of sets) */ List<RequestLogEntry> logEntriesAfterLogin = RequestLogger.getInstance().getEntryList(); List<RequestLogEntry> logEntries = (List<RequestLogEntry>) CollectionUtils.subtract(logEntriesAfterLogin, logEntriesBeforeLogin); // invert order of log - should be chronological Collections.reverse(logEntries); File screenshot = SeleniumBrowser.takeScreenshot(); String pageSource = driver.getPageSource(); // restore old XRDS location OpenIdServerConfiguration.getAttackerInstance().getHtmlConfiguration().setIdentity(oldIdentity); return new LoginResult(pageSource, logEntries, screenshot, driver.getCurrentUrl()); }