search

hahwul / dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
https://dalfox.hahwul.com
MIT License
3.46k stars 389 forks source link

[G] Found dalfox-google-api via built-in grepping #479

Open petruuux opened 1 year ago

petruuux commented 1 year ago

Question

While testing a site dalfox found: 

[G] Found dalfox-google-api via built-in grepping / payload: dalfox"
    AIzadx_QVpX5lOMPdFvwz6kbYfkJiRaM3w2qWU0
[POC][G][GET][BUILTIN] http://site.com/?l=%2564%2561%256C%2566%256F%2578%2522&lang=

However if i access the site trough the POC link i can't find the api anywhere. Could this be a false positive? "AIzadx_QVpX5lOMPdFvwz6kbYfkJiRaM3w2qWU0" is the api right?

Environment

KAFILTAFISH21 commented 2 weeks ago

Did you get any solution for this bro ?