Last Monday, I presented my solutions to the Natas server-side security war games at NSLUG. Afterwards, I spent some time to clean up my code, and I’ve now published it to CPAN as Hack::Natas
, which comes with modules and scripts to solve level 15 and 16 in an automated way, plus walkthroughs for all the levels up to 17 written in Markdown (those are almost the same as my blog posts, so you’re not missing out by looking at only one or the other).
Optimization
First, I added an optimization that was suggested during my talk. In level 15, I made a common mistake with STRCMP
in MySQL. That’s a case-insensitive comparison, and I needed to add BINARY
to make it respect case. However, this opens to the door to a simple optimization. You can nearly halve the search space by checking only lower-case letters, using a case-insensitive comparison. Once you’ve found the right letter, you do a single case-sensitive search to find the right case.
Refactoring
Next, I refactored the code into modules using Moo
and Type::Tiny
. I wanted to use Moo
for the quick startup time it offers in comparison to Moose
. I wanted to use Type::Tiny
because it’s new and fancy, and seems to offer the features I typically want for type constraints. These both fit the bill quite well.
I factored out common code into two roles. Hack::Natas
contains the most generic attributes and code that would be needed for adding new levels. The username and password to access the current level, and an HTTP::Tiny
object to do requests, for example. The next role was common to the two levels that are currently implemented. Both level 15 and 16 require you to guess each one-character slice of the password. The password_so_far
and a run
method which does the search using an API it defines with requires
. Then, the classes for levels 15 and 16 consume those roles, and implement the required methods. I’m not sure this is the most sensible design to use, but it seems to suit for now.
Demo on ascii.io
In the past couple days, I also discovered http://ascii.io, which is a command-line program and webservice to do no-fuss terminal recordings, and sharing recordings via an in-browser JS terminal emulator. It’s pretty cool – I uploaded a demo of my script for level 15.