pull down to refresh
From X
Ok so.. they left their CDN exposed.If you ping the domain, you get this ip:151.101.129.49It turns out this is a https://t.co/wqDjtIZMEy IP . I had never heard of fastly but it looked to be something similar to vercel, so I figured maybe they had custom deployment links like vercel does.Tried a few different combos and BINGO:https://t.co/VUGl0CQFJmThis took me to this:https://t.co/EaQKYxNtOyThat’s their CDN bucket on AWS. They currently have it setup so that any invalid endpoints redirect back to index.htmlI went on a hunch and figured that they’d probably already have their production app stored somewhere in the CDN ready for deploymentI used SECLISTs (https://t.co/gafGrACoMC )and ffuf to try out over 20k different combinations on this URL.After some sleuthing, BINGO!! I found these two files:live.html.DS_STOREThe important one here that immediately caught my eye was “live.html”. That sounded like a prod deployment.And sure enough, it was!This is what the https://t.co/eY5zWkX10Z site will look like on the day the faucet goes live:https://t.co/vXn9H24Gvjhttps://t.co/M7ExI8pQymIt turns out the entire faucet will be revealed to just be a promotion scheme to get you to buy a bitkey and use cash app.There is no faucet - at least in the sense most were expecting.
live.html.DS_STORE
https://twiiit.com/mork1e/status/2040478966616637945
From X