Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: auto leak information #23

Open
ImJoke opened this issue Jul 27, 2023 · 1 comment
Open

Feature request: auto leak information #23

ImJoke opened this issue Jul 27, 2023 · 1 comment
Labels
delayed The issue will be fixed with a big update later enhancement New feature or request

Comments

@ImJoke
Copy link

ImJoke commented Jul 27, 2023
edited
Loading

This feature will work like {{config|attr(request.args.a)}}&a=__init__ that leaking information like token, etc. Btw don't forget for the obfuscator

In my case if the web only be injectable with POST data, I need to change from {{config|attr(request.args.a)}}&a=__init__ to {{config|attr(request.args.a)}} and change the url path to http://<IP>/?a=__init__
@ImJoke ImJoke changed the title Feature request : auto leak information Feature request: auto leak information Jul 27, 2023
@vladko312
Copy link
Owner

Information disclosure is planned, but WAF bypasses are really hard to automate, as there are just too many things that can be blocked.

@vladko312 vladko312 added enhancement New feature or request delayed The issue will be fixed with a big update later labels Jul 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
delayed The issue will be fixed with a big update later enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vladko312 @ImJoke