{"id":16345675,"url":"https://github.com/senges/lightshot","last_synced_at":"2025-10-26T01:31:43.521Z","repository":{"id":30537154,"uuid":"125295536","full_name":"senges/lightshot","owner":"senges","description":"Lightshot image grabber ","archived":true,"fork":false,"pushed_at":"2020-08-15T11:07:12.000Z","size":658,"stargazers_count":19,"open_issues_count":4,"forks_count":2,"subscribers_count":0,"default_branch":"master","last_synced_at":"2024-10-28T16:50:51.663Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/senges.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-03-15T01:28:39.000Z","updated_at":"2024-09-27T14:05:54.000Z","dependencies_parsed_at":"2022-08-24T17:50:57.906Z","dependency_job_id":null,"html_url":"https://github.com/senges/lightshot","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/senges%2Flightshot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/senges%2Flightshot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/senges%2Flightshot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/senges%2Flightshot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/senges","download_url":"https://codeload.github.com/senges/lightshot/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238241420,"owners_count":19439767,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T00:32:52.668Z","updated_at":"2025-10-26T01:31:38.149Z","avatar_url":"https://github.com/senges.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Lightshot Filename Path Disclosure (POC)\n\nThis proof of concept shows how lightshot screenshot hosting service can be easily crawled without any restriction.  \nThis weakness was first discovered with [Naïm GALLOUJ](https://www.naimo.me/).  \nScript Author : Charles SENGES (me, btw).\n\n## Update !\n\nSeems like cloudflare protection has been added since.\nMay bypass this later.\nIf you have any suggestion, just drop me an email.\n\n**Monster-Geek :** Bash crawler seems to crawl swlowly but without getting banned. Python script got banned pretty fast... \n\n**Squ3D :** Java Crawler seems to crawl without issue, feel free to pm me if you face any problem using it.\n            Update : Added a Py Scrapper.\n\n## Usage\n\n```bash\n$  ./pull.sh \u003curl\u003e \u003cnumber of level\u003e\n```\n\n* URL : Your startig point\n* Levels : How much you want to crawl the url. (See exemples)\n\n```New Python Script\n$ pip3 install -r requeirements.txt\n$ python3 scrappyer.py\n```\n\n## Exemples\n\n```bash\n$  ./pull.sh https://prnt.sc/abc123 1\n```  \n  \nWill go from `https://prnt.sc/abc120` to `https://prnt.sc/abc12z`  \nCould also be seen as `https://prnt.sc/abc12*`  \n  \nIn the same way :  \n  \n```bash\n$  ./pull.sh https://prnt.sc/abc123 6\n```\n\nCould be seend as `https://prnt.sc/******`\nThe script would then crawl the whole website (could be long if you don't have a quantum computer (I know quantum computer wouldn't help but.. come on))  \n\n## References\n\n* Korben published [an article](https://korben.info/attention-a-ne-pas-uploader-de-trucs-sensibles-sur-prnt-sc-lightshot.html) about this weakness.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsenges%2Flightshot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsenges%2Flightshot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsenges%2Flightshot/lists"}