Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket
- from base64 import *
- from hashlib import *
- import string
- def readuntil(conn, e):
- buf = bytes()
- while not buf.decode().endswith(e):
- buf += conn.recv(1)
- return buf
- def payload(s):
- if len(s) < 43:
- p = socket.socket()
- p.connect(('localhost',33337))
- readuntil(p,': ')
- p.send( '\n')
- readuntil(p,': ')
- p.send( s + '\n')
- message = p.recv(1024).split(': ')[1].strip()
- p.close()
- return b64decode(message)
- else:
- p = socket.socket()
- p.connect(('localhost',33337))
- readuntil(p,': ')
- p.send( s[:43] +'\n')
- readuntil(p,': ')
- p.send( s[43:] + '\n')
- message = p.recv(1024).split(': ')[1].strip()
- p.close()
- return b64decode(message)
- flag = ''
- for k in range(0,5):
- for i in range(0,16):
- n = 21 - i
- real = n*'a'
- plain = payload(real)[0:32 + 16*k]
- for char in string.printable:
- guess = payload(n*'a' + flag + char)[0:32 + 16*k]
- if ( guess == plain ):
- flag+= char
- print flag
- break
- print flag
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement