Class: NatasLevel11

Inherits:
NatasLevelBase show all
Defined in:
lib/natas.rb

Overview

Level 11

Constant Summary collapse

LEVEL = 
11
PAGE = 
'/'
DEFAULT_DATA = 
{
  'showpassword'  => 'no',
  'bgcolor'       => '#ffffff'
}.freeze

Constants inherited from NatasLevelBase

NatasLevelBase::HOST, NatasLevelBase::LOGIN, NatasLevelBase::PASSWORD_LENGTH, NatasLevelBase::PORT, NatasLevelBase::WEBPASS

Instance Attribute Summary

Attributes inherited from NatasLevelBase

#login, #password

Instance Method Summary collapse

Methods inherited from NatasLevelBase

#get, #initialize, #level, #post

Constructor Details

This class inherits a constructor from NatasLevelBase

Instance Method Details

#execObject 



349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
 
# File 'lib/natas.rb', line 349

def exec
  log("Getting the Cookie HTTP header from the page: #{PAGE}")
  response = get(PAGE)
  cookie = response['Set-Cookie']
  data = cookie.split('=')[1]
  data = URI.decode_www_form_component(data)
  log("Data: #{data}")

  log('Searching the XOR encryption key')
  key = xor_encrypt(
    Base64.strict_decode64(data),
    JSON.generate(DEFAULT_DATA)
  )
  log("Key found: #{key}")
  log('Searching a pattern of the key')
  pattern = String.new
  key.chars.each_with_index do |c, i|
    pattern << c
    break if pattern == key[(i + 1)..(i + pattern.length)]
  end
  log("Pattern found: #{pattern}")
  key = pattern

  data = DEFAULT_DATA.dup
  data['showpassword'] = 'yes'
  data = JSON.generate(data)
  log("Encrypting of new data: #{data}")
  data = xor_encrypt(
    data,
    key
  )

  data = "data=#{Base64.strict_encode64(data)}"
  log("Setting the new Cookie HTTP header: #{data}")
  log("Parsing the page: #{PAGE}")
  data = get(
    PAGE,
    {
      'Cookie' => data
    }
  ).body
  match = /The password for natas12 is (\w{32})<br>/.match(data)
  not_found unless match
  found(match[1])
end

#xor_encrypt(data, key) ⇒ Object 



341
342
343
344
345
346
347
 
# File 'lib/natas.rb', line 341

def xor_encrypt(data, key)
  out = String.new
  data.chars.each_with_index do |c, i|
    out << (c.ord ^ key[i % key.length].ord).chr
  end
  out
end