Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/senges/lightshot

Lightshot image grabber
https://github.com/senges/lightshot

Last synced: 8 months ago
JSON representation

Lightshot image grabber

Awesome Lists containing this project

README 

          
# Lightshot Filename Path Disclosure (POC)



This proof of concept shows how lightshot screenshot hosting service can be easily crawled without any restriction.  

This weakness was first discovered with [Naïm GALLOUJ](https://www.naimo.me/).  

Script Author : Charles SENGES (me, btw).



## Update !



Seems like cloudflare protection has been added since.

May bypass this later.

If you have any suggestion, just drop me an email.



**Monster-Geek :** Bash crawler seems to crawl swlowly but without getting banned. Python script got banned pretty fast... 



**Squ3D :** Java Crawler seems to crawl without issue, feel free to pm me if you face any problem using it.

            Update : Added a Py Scrapper.



## Usage



```bash

$  ./pull.sh  

```



* URL : Your startig point

* Levels : How much you want to crawl the url. (See exemples)



```New Python Script

$ pip3 install -r requeirements.txt

$ python3 scrappyer.py

```



## Exemples



```bash

$  ./pull.sh https://prnt.sc/abc123 1

```  

  

Will go from `https://prnt.sc/abc120` to `https://prnt.sc/abc12z`  

Could also be seen as `https://prnt.sc/abc12*`  

  

In the same way :  

  

```bash

$  ./pull.sh https://prnt.sc/abc123 6

```



Could be seend as `https://prnt.sc/******`

The script would then crawl the whole website (could be long if you don't have a quantum computer (I know quantum computer wouldn't help but.. come on))  



## References



* Korben published [an article](https://korben.info/attention-a-ne-pas-uploader-de-trucs-sensibles-sur-prnt-sc-lightshot.html) about this weakness.