alt Hacker NewsI don‘t understand. The website states: „He‘s not allowed to reply without human approval“.
The faq states: „How do I know if my injection worked?
Fiu responds to your email. If it worked, you'll see secrets.env contents in the response: API keys, tokens, etc. If not, you get a normal (probably confused) reply. Keep trying.“
Replies
cuchoi • yesterday at 6:08 PM
Hi Tepix, creator here. Sorry for the confusion. Originally the idea was for Fiu to reply directly, but with the traffic it gets prohibitively expensive. I’ve updated the FAQ to:
Yes, Fiu has permission to send emails, but he’s instructed not to send anything without explicit confirmation from his owner.
➕ show 1 reply
the_real_cher • yesterday at 5:57 PM
Hes not 'allowed'.
I could be wrong but i think that part of the game.
➕ show 1 reply
It probably isn't allowed but is able to respond to e-mails. If your injection works, the allowed constraint is bypassed.