raisep0wn

NDH 2k10 public wargame, level3

Apr 24th, 2011
223
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. '''*********************************
  2. |  level3 - brute force cracking   |
  3. |               **                 |
  4. |  http://wargame.nuitduhack.com/  |
  5. |  http://www.nuitduhack.com/      |
  6. *********************************'''
  7. #!/usr/bin/python
  8. import os
  9.  
  10. target = '/home/level3/crackme'
  11. wanted = '2:8vytm&*9|)].l(ol;a'
  12. arg = 'a'*20
  13. solution_string = ''
  14. size = 1024
  15.  
  16. print "-->Brute force cracking"
  17. for char in range(20): # bf one by one
  18.  for ascii in range(1, 256): # for all but \0 (ascii)
  19.   arg = solution_string + chr(ascii) + 'a'*(19-char)
  20.   # beware of bad char :
  21.   if arg.find("'") == -1:
  22.    # /home/level3/crackme 'all but single quote'
  23.    cmd = "%s '%s'"%(target, arg)
  24.   else:
  25.    # /home/level3/crackme "all but double quote"
  26.    cmd = '%s "%s"'%(target, arg)
  27.   # reading the output
  28.   res = os.popen(cmd).read(size)
  29.   # searching for ciphered
  30.   pos = res.find('Ciphered:')
  31.   # ciphered is 20 bytes length
  32.   ciphered = res[pos+10:pos+30]
  33.   # check current ciphered char matching with wanted
  34.   if ciphered[char] == wanted[char]:
  35.    solution_string = ''.join([solution_string, chr(ascii)])
  36.    break
  37.  print '>%d%%'%(char*5)
  38.  
  39. # print solution string
  40. print "\nSolution string: %s"%solution_string
  41. # print string as a list to get unprintable ascii
  42. print "Solution ascii: %s"%[solution_string]
RAW Paste Data