Last active
October 22, 2024 11:40
-
-
Save robertobarreda/4c28054b25da88373675ef1437469320 to your computer and use it in GitHub Desktop.
Calculate SHA256 hash from error message in "Parameter Tampering" > "Bypass Client Side JavaScript Validation" using the browser console
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // You need to type in console `allow pasting` and hit enter. | |
| // This is one time thing and will enable the pasting functionality. | |
| // If this code doesn't work on your browser, take the output from: | |
| // document.querySelector("#message.info").innerText.trim() | |
| // and use an online tool like https://emn178.github.io/online-tools/sha256.html | |
| // to get the SHA256 digest | |
| async function sha256(rawData) { | |
| const data = typeof rawData === 'object' ? JSON.stringify(rawData) : String(rawData); | |
| const msgBuffer = new TextEncoder().encode(data); | |
| const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer); | |
| const hashArray = Array.from(new Uint8Array(hashBuffer)); | |
| return hashArray.map(b => b.toString(16).padStart(2, '0')).join(''); | |
| } | |
| sha256(document.querySelector("#message.info").innerText.trim()).then((hash) => { console.log(hash); }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment