NAME

Hack::Natas::15 - solve level 15 of the Natas server-side security war games

VERSION

version 0.003

DESCRIPTION

This class will solve level 15.

METHODS

response_to_boolean

Does an HTTP GET of the resource described by the key-value pairs, and parses the response. If it contains the string This user exists, then return true; if it contains This user doesn't exist, then return false.

get_password_length

Although we suspect that the password is 32 characters long, we can verify our assumption with an SQL injection. This does a search for the password length (which ends up being 32, so I have restricted the search space to avoid wasting time).

guess_next_char

Given the current position in the password, guesses the next character by iterating through the alphabet doing a case-insensitive search. If a letter matches, then do a single case-sensitive search to verify the case. Returns the found character.

run

Runs the typical search, as implemented by Hack::Natas::IncrementalSearch, but then verifies the whole password in a single shot, using a case-sensitive comparison.

AVAILABILITY

The project homepage is https://hashbang.ca/tag/natas.

The latest version of this module is available from the Comprehensive Perl Archive Network (CPAN). Visit http://www.perl.com/CPAN/ to find a CPAN site near you, or see https://metacpan.org/module/Hack::Natas/.

SOURCE

The development version is on github at http://github.com/doherty/Hack-Natas and may be cloned from git://github.com/doherty/Hack-Natas.git

BUGS AND LIMITATIONS

You can make new bug reports, and view existing ones, through the web interface at https://github.com/doherty/Hack-Natas/issues.

AUTHOR

Mike Doherty <doherty@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2013 by Mike Doherty.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.