Rivit

Untitled

Sep 26th, 2020
718
152 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import subprocess
  2.  
  3. FLAG_LEN = 0x14
  4.  
  5. combs = [(7, 'm'), (7, ' ')]
  6.  
  7. possibs = [[] for _ in range(FLAG_LEN)]
  8. for bb in combs:
  9.     possibs[bb[0]].append(bb[1])
  10.  
  11. for char_pos in range(FLAG_LEN):
  12.     if char_pos == 7:
  13.         continue
  14.  
  15.     for i in range(0x20, 0x7d):
  16.         c = chr(i)
  17.  
  18.         kernel = ' ' * FLAG_LEN
  19.         kernel = list(kernel)
  20.         for i, l in enumerate(possibs):
  21.             for ch in l:
  22.                 kernel[i] = ch
  23.                 # break
  24.  
  25.         kernel[char_pos] = c
  26.  
  27.         for pos in combs:
  28.             a, b = pos
  29.             kernel[a] = b
  30.             flag = "CTFlearn{" + ''.join(kernel) + "}"
  31.  
  32.             try:
  33.                 output = subprocess.check_output(["./Roma", flag, "-v"])
  34.                 spl = output.split(b'\n')
  35.  
  36.                 good = True
  37.                 last_line = 0
  38.                 for k in kernel[:char_pos+1]:
  39.                     for i, line in enumerate(spl):
  40.                         if i <= last_line:
  41.                             continue
  42.  
  43.                         if b'Woot Woot you found a match! ' + k.encode() in line:
  44.                             good = True
  45.                             last_line = i
  46.                             break
  47.                     else:
  48.                         good = False
  49.  
  50.                     if not good:
  51.                         break
  52.  
  53.                 if good:
  54.                     print("[{}] = {}".format(char_pos, c))
  55.                     possibs[char_pos].append(c)
  56.             except Exception as e:
  57.                 pass
  58.  
  59. flags = []
  60. def print_possibs(idx, s):
  61.     if idx >= len(possibs):
  62.         # if not s.startswith("K1ng_R0mulus_Of_"):
  63.         #     return
  64.  
  65.         flags.append(s)
  66.         # print(s)
  67.         return
  68.  
  69.     for c in possibs[idx]:
  70.         print_possibs(idx + 1, s + c)
  71.  
  72.  
  73. print_possibs(0, "")
  74. print(possibs)
  75.  
  76. flags = map(lambda s: "./Roma CTFlearn{" + s + "}", flags)
  77.  
  78. with open("./flags.sh", "wt", newline='\n') as f:
  79.     f.write('\n'.join(flags))
RAW Paste Data