Skip to content

Instantly share code, notes, and snippets.

@firefart

firefart/nullcon2013_prog5.rb

Last active December 12, 2015 05:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save firefart/4725518 to your computer and use it in GitHub Desktop.
Save firefart/4725518 to your computer and use it in GitHub Desktop.
Download ZIP
Solution for "Programming challenge 5 - copy paste" of Nullcon CTF 2013
Raw
nullcon2013_prog5.rb
#!/usr/bin/env ruby
require "net/http"
require "uri"
url = URI.parse("http://ctf.nullcon.net/challenges/programming/challenge.php")
found = false
while not found do
response = Net::HTTP.get_response(url)
body = response.body
cookie = response.response["set-cookie"].split("; ")[0]
puts "Session Cookie: #{cookie}"
body2 = body.gsub(/<span><\/span>/, " ").gsub(/&nbsp;/, " ").gsub(/ /, " ")
answer = body2[/<br \/>\s(.*)<\/p>/, 1].gsub(/ /, " ").strip
puts "Answer: #{answer}"
http = Net::HTTP.new(url.host, url.port)
request = Net::HTTP::Post.new(url.path)
request.add_field("Cookie", cookie)
request.add_field("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:18.0) Gecko/20100101 Firefox/18.0")
request.add_field("Referer", url.to_s)
request.set_form_data({"answer" => answer, "submit" => "Submit"})
request.body = request.body.gsub("%20", "+")
resp = http.request(request)
flag = resp.body[/(.*)<html>/im, 1]
puts "bad timing. trying again..." if flag.nil?
found = true unless flag.nil?
end
puts "#################################"
puts "Flag: #{flag}"
puts "#################################"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment