Last Monday, I presented my solutions to the Natas server-side security war games at NSLUG. Afterwards, I spent some time to clean up my code, and I’ve now published it to CPAN as
Hack::Natas, which comes with modules and scripts to solve level 15 and 16 in an automated way, plus walkthroughs for all the levels up to 17 written in Markdown (those are almost the same as my blog posts, so you’re not missing out by looking at only one or the other).
First, I added an optimization that was suggested during my talk. In level 15, I made a common mistake with
STRCMP in MySQL. That’s a case-insensitive comparison, and I needed to add
BINARY to make it respect case. However, this opens to the door to a simple optimization. You can nearly halve the search space by checking only lower-case letters, using a case-insensitive comparison. Once you’ve found the right letter, you do a single case-sensitive search to find the right case.
Next, I refactored the code into modules using
Type::Tiny. I wanted to use
Moo for the quick startup time it offers in comparison to
Moose. I wanted to use
Type::Tiny because it’s new and fancy, and seems to offer the features I typically want for type constraints. These both fit the bill quite well.
I factored out common code into two roles.
Hack::Natas contains the most generic attributes and code that would be needed for adding new levels. The username and password to access the current level, and an
HTTP::Tiny object to do requests, for example. The next role was common to the two levels that are currently implemented. Both level 15 and 16 require you to guess each one-character slice of the password. The
password_so_far and a
run method which does the search using an API it defines with
requires. Then, the classes for levels 15 and 16 consume those roles, and implement the required methods. I’m not sure this is the most sensible design to use, but it seems to suit for now.
Demo on ascii.io
In the past couple days, I also discovered http://ascii.io, which is a command-line program and webservice to do no-fuss terminal recordings, and sharing recordings via an in-browser JS terminal emulator. It’s pretty cool – I uploaded a demo of my script for level 15.
Posted: Aug 18, 2013