Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import subprocess
- import string
- # We'll get the flag one char by one
- # Added more 'a's just out of caution
- initial = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaafying code is: &"
- # The position at which the character is to be replaced
- replace = 122
- while True:
- # instead of checking for all 256 bytes, since we know the flag
- # structure, check only for printable characters
- for c in string.printable:
- current = initial[:replace] + c + initial[(replace + 1):]
- output = subprocess.run(["nc", "2018shell3.picoctf.com", "33893"],
- input=bytes(current + '\n', 'utf-8'),
- stdout = subprocess.PIPE).stdout
- output = output[56:]
- if output[10 * 32: 10 * 32 + 32] == output[18 * 32: 18 * 32 + 32]:
- print(f'Found c: {c}')
- initial = current[1:]
- break
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
