请问如何获取h1的token?还有bc和fuzz的
Closed this issue · 5 comments
LonelyBoy2005 commented
[es]
hosts=http://192.168.182.134:9200
auth_user=elastic
auth_passwd=darkangel123
[bc]
bc_cookie=_crowdcontrol_session=xx
[h1]
h1_cookie=__Host-session=xx
x_csrf_token=xx
[fuzz]
key=xx
Bywalks commented
h1、bc的token就是hackerone和bugcrowd的账号token,抓包就能看到,fuzz的是扫描器fuzz功能的key,目前没放出来该功能,暂时不用管。
LonelyBoy2005 commented
我通过burp抓包抓到了h1_cookie=__Host-session=xx和x_csrf_token=xx,但是运行 python3 darkangel.py --add-new-domain时却显示05:42:19,149 [INFOR] collecth1domain:90 - H1-Token失效,请及时更新。
RebootEx commented
is it possible to add a domain (target) manually...??
Bywalks commented
is it possible to add a domain (target) manually...??