Ability to share by email

src/Component.php

@@ -307,7 +307,7 @@ public function report($key)
         }
 
         if (isset($this->reportInfo[$key])) {
-            return ($key == 'time') ? date("F j, Y, g:i a", $this->reportInfo[$key]) : htmlspecialchars(
+            return ($key == 'time') ? date('F j, Y, g:i a', $this->reportInfo[$key]) : htmlspecialchars(
                 $this->reportInfo[$key]
             );
         }

src/Request.php

@@ -79,7 +79,7 @@ public function json()
                 return $this->convert($this->user->deleteReport($this->post('id')));
                 break;
             case 'share-report' :
-                return $this->convert($this->user->shareReport($this->post('reportid'), $this->post('domain')));
+                return $this->convert($this->user->shareReport($this->post('reportid'), $this->post('domain'), $this->post('email')));
                 break;
             case 'killswitch' :
                 return $this->convert($this->user->killSwitch($this->post('pass')));

src/User.php

@@ -408,31 +408,96 @@ public function deleteReport($id)
      * @method shareReport
      * @param string $id report id
      * @param string $domain domain to share with
+     * @param string $email email to share with
      * @return string success
      */
-    public function shareReport($id, $domain)
+    public function shareReport($id, $domain, $email)
     {
         $report = $this->database->fetch('SELECT * FROM reports WHERE id = :id LIMIT 1', [':id' => $id]);
 
         if (!isset($report['id'])) {
             return 'This report does not exists.';
         }
 
-        $report['referrer'] = !empty($report['referer']) ? 'Shared via ' . $_SERVER['SERVER_NAME'] . ' - ' . $report['referer'] : 'Shared via ' . $_SERVER['SERVER_NAME'];
-        $report['shared'] = true;
+        if(empty($domain) && empty($email)) {
+            return 'No domain or email submitted.';
+        }
+
+        if(!empty($domain)) {
+            $report['referrer'] = !empty($report['referer']) ? 'Shared via ' . $_SERVER['SERVER_NAME'] . ' - ' . $report['referer'] : 'Shared via ' . $_SERVER['SERVER_NAME'];
+            $report['shared'] = true;
+
+            $cb = curl_init((parse_url($domain, PHP_URL_SCHEME) ? '' : 'https://') . $domain . '/callback');
+            curl_setopt($cb, CURLOPT_CUSTOMREQUEST, 'POST');
+            curl_setopt($cb, CURLOPT_POSTFIELDS, json_encode($report));
+            curl_setopt($cb, CURLOPT_RETURNTRANSFER, true);
+            curl_setopt($cb, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
+            $result = curl_exec($cb);
+
+            if ($result != 'github.com/ssl/ezXSS') {
+                return 'Unable to find a valid ezXSS installation. Please check the domain.';
+            }
+
+            return 'Report is successfully shared via domain!';
+        }
 
-        $cb = curl_init((parse_url($domain, PHP_URL_SCHEME) ? '' : 'https://') . $domain . '/callback');
-        curl_setopt($cb, CURLOPT_CUSTOMREQUEST, 'POST');
-        curl_setopt($cb, CURLOPT_POSTFIELDS, json_encode($report));
-        curl_setopt($cb, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($cb, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
-        $result = curl_exec($cb);
+        if(!empty($email)) {
+            if (!empty($report['screenshot'])) {
+                $report['screenshot'] = $this->basic->screenshotPath($report['screenshot']);
+            }
+
+            $htmlTemplate = str_replace(
+                [
+                    '{{id}}',
+                    '{{domain}}',
+                    '{{url}}',
+                    '{{ip}}',
+                    '{{referer}}',
+                    '{{payload}}',
+                    '{{user-agent}}',
+                    '{{cookies}}',
+                    '{{localstorage}}',
+                    '{{sessionstorage}}',
+                    '{{dom}}',
+                    '{{origin}}',
+                    '{{time}}',
+                    '{{screenshot}}'
+                ],
+                [
+                    $report['shareid'],
+                    htmlspecialchars($this->basic->domain()),
+                    htmlspecialchars($report['uri']),
+                    htmlspecialchars($report['ip']),
+                    htmlspecialchars($report['referer']),
+                    htmlspecialchars($report['payload']),
+                    htmlspecialchars($report['user-agent']),
+                    htmlspecialchars($report['cookies']),
+                    htmlspecialchars($report['localstorage']),
+                    htmlspecialchars($report['sessionstorage']),
+                    htmlspecialchars($report['dom']),
+                    htmlspecialchars($report['origin']),
+                    date('F j, Y, g:i a', $report['time']),
+                    $report['screenshot']
+                ],
+                $this->basic->htmlBlocks('mail')
+            );
+
+            $emailfrom = $this->database->fetch('SELECT * FROM settings WHERE setting = "emailfrom"');
+
+            $headers[] = 'From: ' . $emailfrom['value'];
+            $headers[] = 'MIME-Version: 1.0';
+            $headers[] = 'Content-type: text/html; charset=iso-8859-1';
+            mail(
+                $email,
+                '[ezXSS] Shared XSS on ' . htmlspecialchars($report['uri']),
+                $htmlTemplate,
+                implode("\r\n", $headers)
+            );
 
-        if ($result != 'github.com/ssl/ezXSS') {
-            return 'Unable to find a valid ezXSS installation. Please check the domain.';
+            return 'Report is successfully shared via email!';
         }
 
-        return 'Report is successfully shared!';
+        return 'Something went wrong..';
     }
 
     /**

templates/report.html

@@ -116,8 +116,16 @@ <h3 class="m-b-xs">Share</h3>
                         <hr>
 
                         <div class="form-group">
-                            <label class="control-label" for="domain">Domain</label>
-                            <input class="form-control" id="domain" name="domain" type="text" value="">
+                            <label class="control-label" for="domain">Share by domain</label>
+                            <input class="form-control" id="domain" name="domain" type="text" value="" placeholder="demo.ezxss.com">
+                        </div>
+                        <button class="btn">Share</button>
+
+                        <hr>
+
+                        <div class="form-group">
+                            <label class="control-label" for="email">Share by email</label>
+                            <input class="form-control" id="email" name="email" type="text" value="" placeholder="security@company.com">
                         </div>
                         <button class="btn">Share</button>
                     </form>

templates/reports.html

@@ -102,8 +102,16 @@ <h3 class="m-b-xs">Share</h3>
                         <hr>
 
                         <div class="form-group">
-                            <label class="control-label" for="domain">Domain</label>
-                            <input class="form-control" id="domain" name="domain" type="text" value="">
+                            <label class="control-label" for="domain">Share by domain</label>
+                            <input class="form-control" id="domain" name="domain" type="text" value="" placeholder="demo.ezxss.com">
+                        </div>
+                        <button class="btn">Share</button>
+
+                        <hr>
+
+                        <div class="form-group">
+                            <label class="control-label" for="email">Share by email</label>
+                            <input class="form-control" id="email" name="email" type="text" value="" placeholder="security@company.com">
                         </div>
                         <button class="btn">Share</button>
                     </form>