SHARE
TWEET

pythonctf2018.py

a guest Jul 12th, 2019 76 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. from contextlib import contextmanager
  2. import socket
  3. import re
  4.  
  5. # Receive data until a certain message is found
  6. def recv_until(socket, message):
  7.     data = ""
  8.  
  9.     while (data.find(message) == -1):
  10.         data += socket.recv(1).decode()
  11.  
  12.     return data
  13.  
  14. # I like to be able to write with sock(...) as s
  15. @contextmanager
  16. def sock(*args, **kw):
  17.     s = socket.socket(*args, **kw)
  18.     try:
  19.         yield s
  20.     finally:
  21.         s.close()
  22.  
  23. # convert a list of data in 'base' to string
  24. def base_to_str(parts, base):
  25.     return ''.join(chr(int(value, base)) for value in parts)
  26.  
  27. # We'll connect directly to the shell and send our exploit data
  28. HOST = "2018shell.picoctf.com"
  29. PORT = 1225
  30.  
  31. with sock(socket.AF_INET, socket.SOCK_STREAM) as s:
  32.     s.connect((HOST, PORT))
  33.  
  34.     # Get the first question and convert the binary values to a string and send
  35.     question = recv_until(s, "To make things interesting, you have 30 seconds.\nInput:\n")
  36.     solution = base_to_str(re.findall("([01]{8})", question), 2)
  37.     print("found '{:s}' from binary string".format(solution))
  38.     s.send((solution + "\n").encode())
  39.  
  40.     # Get the second question and convert the hex values to a string and send
  41.     question = recv_until(s, "as a word.\nInput:\n")
  42.     solution = base_to_str(re.findall("([0-9a-f]{2})", re.findall("the ([0-9a-f]+)", question)[0]), 16)
  43.     print("found '{:s}' from hexadecimal string".format(solution))
  44.     s.send((solution + "\n").encode())
  45.  
  46.     # Get the third question and convert the octal values to a string and send
  47.     question = recv_until(s, "as a word.\nInput:\n")
  48.     solution = base_to_str(re.findall("([0-7]+)", question), 8)
  49.     print("found '{:s}' from octal string".format(solution))
  50.     s.send((solution + "\n").encode())
  51.  
  52.     # Get the flag
  53.     flagline = recv_until(s, "}")
  54.     flagtext = re.findall("(picoCTF\{.+\})", flagline)[0]
  55.     print(flagtext)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top