Skip to content

Instantly share code, notes, and snippets.

@daehee

daehee/main.go

Created January 8, 2020 17:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save daehee/74dace529ff6d1cec0705ff8be6fbe84 to your computer and use it in GitHub Desktop.
Save daehee/74dace529ff6d1cec0705ff8be6fbe84 to your computer and use it in GitHub Desktop.
Download ZIP
Emdee five for life (HTB Web Challenge)
Raw
main.go
package main
import (
"crypto/md5"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
"regexp"
"strconv"
"strings"
)
func parseHash(body string) string {
re := regexp.MustCompile(`h3 align='center'>(.*)<\/h3>`)
rs := re.FindStringSubmatch(body)
return fmt.Sprintf("%x", md5.Sum([]byte(rs[1])))
}
func parseFlag(body string) string {
re := regexp.MustCompile(`p align='center'>(.*)<\/p>`)
rs := re.FindStringSubmatch(body)
return rs[1]
}
func checkErr(err error) {
if err != nil {
log.Fatalln(err)
}
}
func main() {
targetURL := "http://docker.hackthebox.eu:31093/"
res, err := http.Get(targetURL)
checkErr(err)
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
checkErr(err)
cookies := res.Cookies()
hash := parseHash(string(body))
formData := url.Values{"hash": {hash}}
client := &http.Client{}
req, err := http.NewRequest("POST", targetURL, strings.NewReader(formData.Encode()))
for i := range cookies {
req.AddCookie(cookies[i])
}
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(formData.Encode())))
res, err = client.Do(req)
checkErr(err)
defer res.Body.Close()
body, err = ioutil.ReadAll(res.Body)
checkErr(err)
flag := parseFlag(string(body))
fmt.Println(flag)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment