# cat blog >> /dev/brain 2> /proc/mind
cat blog >> /dev/brain 2> /proc/mind
# cat mission_10.py from pwn import * host = '31.133.0.131' #'127.0.0.1' port = 9393 def get_mask_len(): i = 64 while True: j = i * 8 r = remote(host, port) r.sendlineafter('\n', 'A' * j) re = r.recvuntil('\n') r.close() if 'Meh' in re: break i += 1 return j def get_secret2(): b1 = '00000001' mask = b1 * (ml / 8) r = remote(host, port) r.sendlineafter('\n', mask) re = r.recvuntil('\n') b0 = '0' bits = b0 * (ml / 8) r.sendline(bits) re = r.recvuntil('\n') if 'Access Granted' in re: for _ in range(4): print r.recvuntil('\n') r.close() def get_bits(): b = '' for i in range(len(mask)): if mask[i] == '1': b += secret1[i] return b def check_result(m, b): r = remote(host, port) r.sendlineafter('\n', m) re = r.recvuntil('\n') r.sendline(b) re = r.recvuntil('\n') r.close() return re def binary_to_str(binary): s = '' for i in range(0, len(binary), 8): b = '' for j in range(8): b = binary[i + j] + b s += chr(int(b, 2)) return s def get_secret1(): for i in range(len(mask)): if mask[i] == '0': mask[i] = '1' tmask = ''.join(mask) for j in '01': secret1[i] = j bits = get_bits() if 'Access Granted' in check_result(tmask, bits): break ml = get_mask_len() get_secret2() secret1 = ['0'] * ml mask = [i for i in '00000001'] * (ml / 8) get_secret1() print binary_to_str(get_bits()) # python mission_10.py You have received one secret message: --- Just Another Secret Message --- This Crypto Is Absolutely Secure And There Will Be No Problem With It.
cat mission_10.py
python mission_10.py
Post a Comment
No comments:
Post a Comment