vaibhavpandeyvpz/infosec-iq-qa.js

## infosec-iq-qa.js
function getCsrfToken() {
  var parts = ('; ' + document.cookie)
    .split("; csrf=");
  if (parts.length === 2) {
    const value = parts.pop().split(";").shift();
    return decodeURIComponent(value);
  }
}

function sendXhr(url, method, data = null, headers = {}) {
  const xhr = new XMLHttpRequest();
  xhr.open(method, url, false);
  Object.keys(headers)
    .forEach((key) => {
      xhr.setRequestHeader(key, headers[key]);
    });
  xhr.send(data);
  if (xhr.status === 200) {
    return xhr.responseText;
  }
}

const uniqueLink = window.location.pathname.split('/').pop();
const responseText1 = sendXhr(`https://securityiq.infosecinstitute.com/learner/api/course/${uniqueLink}.json`, 'GET', null, {
  'x-csrf-token': getCsrfToken(),
  'x-requested-with': 'XMLHttpRequest',
});
const { data: { activityGroups } } = JSON.parse(responseText1);

activityGroups.forEach(({ activities }) => {
  activities.forEach(({ id, completed, type }) => {
    if (type === 'assessment' && !completed) {
      const responseText2 = sendXhr(`https://securityiq.infosecinstitute.com/assess/assessments/${id}/assessment-questions?lang=en-br&sessionQueryParam[uniqueLink]=${uniqueLink}`, 'GET');
      const { data: { attributes: { 'assessment-stat': { assessment: { assessments_assessment_questions: questions }, questionCount: count, initialResponses } }, id: question_id } } = JSON.parse(responseText2);
      const previous = [];
      const max = count - (initialResponses?.length || 0);
      for (let i = 0; i < max; i++) {
        let url = `https://securityiq.infosecinstitute.com/assess/assessments/${id}/assessment-questions?lang=en-br&sessionQueryParam[uniqueLink]=${uniqueLink}`;
        previous.forEach((x) => {
          url += '&previous[]=' + x;
        });
        const responseText2 = sendXhr(url, 'GET');
        const { data: { attributes: { 'assessment-stat': { assessment: { assessments_assessment_questions: questions }, questionCount: count } }, id: question_id } } = JSON.parse(responseText2);
        const choice = questions.find((x) => (x.assessment_question.id + '') == question_id)
          .assessment_question.assessment_choices.find((x) => x.is_correct);
        const data = JSON.stringify({
          data: {
            type: 'assessment-answers',
            attributes: {
              id: null,
              assessmentQuestionId: question_id,
              assessmentId: id,
              isCorrect: true,
              timedOut: false,
              assessment_answer_choices: [{ assessment_choice_id: choice.id + '' }],
            }
          },
          meta: {}
        });
        sendXhr(`https://securityiq.infosecinstitute.com/assess/assessment-answers?sessionQueryParam=${encodeURI(JSON.stringify({ uniqueLink }))}`, 'POST', data, {
          'content-type': 'application/vnd.api+json',
          'x-csrf-token': getCsrfToken(),
        });
        previous.push(question_id);
      }
    }
  });
});

## infosec-iq-training.js
function getCsrfToken() {
  var parts = ('; ' + document.cookie)
    .split("; csrf=");
  if (parts.length === 2) {
    const value = parts.pop().split(";").shift();
    return decodeURIComponent(value);
  }
}

function sendXhr(url, method, data = null, headers = {}) {
  const xhr = new XMLHttpRequest();
  xhr.open(method, url, false);
  Object.keys(headers)
    .forEach((key) => {
      xhr.setRequestHeader(key, headers[key]);
    });
  xhr.send(data);
  if (xhr.status === 200) {
    return xhr.responseText;
  }
}

const uniqueLink = window.location.pathname.split('/').pop();
const responseText1 = sendXhr(`https://securityiq.infosecinstitute.com/learner/api/course/${uniqueLink}.json`, 'GET', null, {
  'x-csrf-token': getCsrfToken(),
  'x-requested-with': 'XMLHttpRequest',
});
const { data: { activityGroups } } = JSON.parse(responseText1);

activityGroups.forEach(({ activities }) => {
  activities.forEach(({ id, completed, type }) => {
    if (type === 'captivate' && !completed) {
      const responseText2 = sendXhr(`https://securityiq.infosecinstitute.com/learner/api/course/${uniqueLink}/module/${id}.json`, 'GET', null, {
        'x-csrf-token': getCsrfToken(),
        'x-requested-with': 'XMLHttpRequest',
      });
      const { data: { captivateUrl } } = JSON.parse(responseText2);
      const url = new URL('https:' + captivateUrl);
      const pathname = url.pathname.split('/');
      pathname.pop();
      pathname.push('assets/js/CPM.js');
      url.pathname = pathname.join('/');
      url.hash = '';
      const responseText3 = sendXhr(url.toString(), 'GET');
      const slideNames = responseText3.match(/slides:'([\w,]+)'/);
      if (slideNames?.length === 2) {
        const slides = slideNames[1].split(',');
        const form = new FormData();
        form.append('uniqueLink', uniqueLink);
        form.append('id', id);
        form.append('slide', slides.length);
        form.append('totalSlides', slides.length);
        sendXhr('https://securityiq.infosecinstitute.com/Training/trackProgress.json', 'POST', form);
      }
    }
  });
});
	function getCsrfToken() {
	var parts = ('; ' + document.cookie)
	.split("; csrf=");
	if (parts.length === 2) {
	const value = parts.pop().split(";").shift();
	return decodeURIComponent(value);
	}
	}

	function sendXhr(url, method, data = null, headers = {}) {
	const xhr = new XMLHttpRequest();
	xhr.open(method, url, false);
	Object.keys(headers)
	.forEach((key) => {
	xhr.setRequestHeader(key, headers[key]);
	});
	xhr.send(data);
	if (xhr.status === 200) {
	return xhr.responseText;
	}
	}

	const uniqueLink = window.location.pathname.split('/').pop();
	const responseText1 = sendXhr(`https://securityiq.infosecinstitute.com/learner/api/course/${uniqueLink}.json`, 'GET', null, {
	'x-csrf-token': getCsrfToken(),
	'x-requested-with': 'XMLHttpRequest',
	});
	const { data: { activityGroups } } = JSON.parse(responseText1);

	activityGroups.forEach(({ activities }) => {
	activities.forEach(({ id, completed, type }) => {
	if (type === 'assessment' && !completed) {
	const responseText2 = sendXhr(`https://securityiq.infosecinstitute.com/assess/assessments/${id}/assessment-questions?lang=en-br&sessionQueryParam[uniqueLink]=${uniqueLink}`, 'GET');
	const { data: { attributes: { 'assessment-stat': { assessment: { assessments_assessment_questions: questions }, questionCount: count, initialResponses } }, id: question_id } } = JSON.parse(responseText2);
	const previous = [];
	const max = count - (initialResponses?.length \|\| 0);
	for (let i = 0; i < max; i++) {
	let url = `https://securityiq.infosecinstitute.com/assess/assessments/${id}/assessment-questions?lang=en-br&sessionQueryParam[uniqueLink]=${uniqueLink}`;
	previous.forEach((x) => {
	url += '&previous[]=' + x;
	});
	const responseText2 = sendXhr(url, 'GET');
	const { data: { attributes: { 'assessment-stat': { assessment: { assessments_assessment_questions: questions }, questionCount: count } }, id: question_id } } = JSON.parse(responseText2);
	const choice = questions.find((x) => (x.assessment_question.id + '') == question_id)
	.assessment_question.assessment_choices.find((x) => x.is_correct);
	const data = JSON.stringify({
	data: {
	type: 'assessment-answers',
	attributes: {
	id: null,
	assessmentQuestionId: question_id,
	assessmentId: id,
	isCorrect: true,
	timedOut: false,
	assessment_answer_choices: [{ assessment_choice_id: choice.id + '' }],
	}
	},
	meta: {}
	});
	sendXhr(`https://securityiq.infosecinstitute.com/assess/assessment-answers?sessionQueryParam=${encodeURI(JSON.stringify({ uniqueLink }))}`, 'POST', data, {
	'content-type': 'application/vnd.api+json',
	'x-csrf-token': getCsrfToken(),
	});
	previous.push(question_id);
	}
	}
	});
	});