How to make a POST request in the browser console?

0

Good evening everyone! I'm studying penetration testing on an attack-oriented research site. For me to register, I have to "hack" the registration page. Basically I have to type a function in the browser console and it automatically generates the code.

The code is this:

eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\b'+e(c)+'\b','g'),k[c])}}return p}('1 i(4){h 8={"4":4};$.9({a:"7",5:"6",g:8,b:\'/d/e/n\',c:1(0){3.2(0)},f:1(0){3.2(0)}})}1 j(){$.9({a:"7",5:"6",b:\'/d/e/k/l/m\',c:1(0){3.2(0)},f:1(0){3.2(0)}})}',24,24,'response|function|log|console|code|dataType|json|POST|formData|ajax|type|url|success|api|invite|error|data|var|verifyInviteCode|makeInviteCode|how|to|generate|verify'.split('|'),0,{}))

I type in the console makeInviteCode (); and it returns me a base64-encrypted string that decrypts the following message:

  

To generate the invitation code, make a POST request to / api / invite / generate

    
asked by anonymous 03.03.2018 / 03:23

1 answer

1

Let's look at the code first.

When we access the URL responsible for creating these functions, we get the following code:

eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\b'+e(c)+'\b','g'),k[c])}}return p}('1 i(4){h 8={"4":4};$.9({a:"7",5:"6",g:8,b:\'/d/e/n\',c:1(0){3.2(0)},f:1(0){3.2(0)}})}1 j(){$.9({a:"7",5:"6",b:\'/d/e/k/l/m\',c:1(0){3.2(0)},f:1(0){3.2(0)}})}',24,24,'response|function|log|console|code|dataType|json|POST|formData|ajax|type|url|success|api|invite|error|data|var|verifyInviteCode|makeInviteCode|how|to|generate|verify'.split('|'),0,{}))

This code is responsible for creating the functions below:

function verifyInviteCode(code) {
    var formData = {
        "code": code
    };
    $.ajax({
        type: "POST",
        dataType: "json",
        data: formData,
        url: '/api/invite/verify',
        success: function(response) {
            console.log(response)
        },
        error: function(response) {
            console.log(response)
        }
    })
}
function makeInviteCode() {
    $.ajax({
        type: "POST",
        dataType: "json",
        url: '/api/invite/how/to/generate',
        success: function(response) {
            console.log(response)
        },
        error: function(response) {
            console.log(response)
        }
    })
}

Now that we know the functions for generation and validation of tokens, we will call the function for generation, so just run the code below in the browser console:

makeInviteCode()

This function will return an object. This object contains:

  • status return
  • The% encrypted "%"
  • And token which is how it was "encrypted"

These values are random, so you can get the value "encrypted" in enctype , base64 etc.

Return Values

When I tested, I received a rot13 and a base64 .

rot13 is a method for encoding data for download on the Internet (MIME encoding for content transfer)

Since base64¹ is the rotation 13 times of a given letter of the alphabet, for example, if we take the letter rot13 and rotate 13 times, the value will be a .

To transform these values, you can use sites like:

link link

Sending POST request

Now that we know what to do, let's capture our invitation. For this it is necessary to send a request of the POST type to the URL indicated in the step above.

For this we will use n , for example:

let xhr = new XMLHttpRequest();
xhr.onload = function( e ){ console.log(e.target.response) }
xhr.open("POST", "/api/invite/generate")
xhr.send();
Ready! We got our code. Now we just decode the code in XMLHttpRequest and you can already register on the site.

  

Note: While helping to achieve this, it is fair that you always and always look on the internet. The "grace" to be discovering.

References:
¹ What is Base64 encoding?

    
03.03.2018 / 04:04