hacker:: [[turmio]] description:: Zoom plugin lisens on localhost which means it can be triggered open via specific URL to localhost. Same goes to URI format zoommtg:// . Since there was not much information I'll do some reversing and put notes here. Maybe it helps other hackers. If you find some interesting approaches and release something about it, please let me know. started:: <> ##content goes here = Reguests to localhost = {{{ GET /app_check?action=checkVersion&domain=zoom.us&usv=66916&uuid=-8592519063090374108&t=1556175347396 HTTP/1.1 Host: localhost:19421 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36 DNT: 1 Accept: image/webp,image/apng,image/*,*/*;q=0.8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9,fi;q=0.8 }}} {{{ GET /launch?domain=zoom.us&usv=66916&action=join&confid=dGlkPWNkMWZhMDVlNWZkMDRiY2VhYjYyOGY2MTlmZjdlMTcz&confno=457840795&zc=64&pk=&mcv=0.92.11227.0929&browser=chrome&wc=https%3A%2F%2Fzoom.us%2Fwc%2Fjoin%2F457840795&uuid=-8592519063090374108&t=1556175348534 HTTP/1.1 Host: localhost:19421 Connection: close User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36 DNT: 1 Accept: image/webp,image/apng,image/*,*/*;q=0.8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9,fi;q=0.8 }}} * Simplified URL to launch test meeting with username "JohnDoe" * curl -v 'http://localhost:19421/launch?confno=457840795&uname=JohnDoe' == Links == * https://medium.com/zoom-developer-blog/zoom-url-schemes-748b95fd9205 === Attachments === <> ---- CategoryProjekti