""" ╔══════════════════════════════════════════════════════════════════════╗ ║ EXPLOIT READY - RUN ME! ║ ╚══════════════════════════════════════════════════════════════════════╝ Hey! All scripts are ready. Here's the simplest path to the flag: STEP 1: Get a webhook → Open: https://webhook.site → Copy your unique URL STEP 2: Run this script → Run: python exploit_remote.py → Paste webhook URL when asked → Choose: 10 (try all payloads) STEP 3: Wait & Watch → Check webhook.site for incoming requests → Look for '?flag=' parameter → Copy the long JWT token STEP 4: Decode JWT → Run: python decode_jwt.py → The flag will be displayed! ═══════════════════════════════════════════════════════════════════════ Files you have: ✓ exploit_remote.py - Main exploit (runs against remote server) ✓ decode_jwt.py - Decode captured JWTs ✓ webhook_server.py - Optional local server (if using ngrok) ✓ test_connection.py - Test server connectivity ✓ START_HERE.md - Detailed guide ✓ QUICKSTART.md - Quick reference ═══════════════════════════════════════════════════════════════════════ Need help hosting a webhook? Option A: webhook.site (easiest) - Free, no signup - Just visit and get a URL - Perfect for this challenge Option B: ngrok (if you want to see auto-decoding) Terminal 1: python webhook_server.py Terminal 2: ngrok http 8080 Terminal 3: python exploit_remote.py (use ngrok URL) Option C: RequestBin - Go to requestbin.com - Create a bin, use that URL ═══════════════════════════════════════════════════════════════════════ What the exploit does: 1. Creates account on remote server 2. Sends XSS payload in message to admin 3. Triggers bot to read messages 4. Bot has flag in cookie after visiting /flag 5. XSS bypasses DOMPurify and exfiltrates cookie 6. Your webhook receives the cookie with flag! ═══════════════════════════════════════════════════════════════════════ Ready to start? python exploit_remote.py Good luck! 🚩 """ print(__doc__)