Last active
March 16, 2017 20:10
-
-
Save intrd/3db9a49167b84785287e01059f3188ec to your computer and use it in GitHub Desktop.
Nozzlr module : ARGV2 - hash commandline bruteforce (solution to shx5-rev200-lil_arm)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Nozzlr module : ARGV - hash commandline bruteforce (solution to shx5-rev200-lil_arm) | |
| # @author intrd - http://dann.com.br/ | |
| # @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
| from subprocess import Popen, PIPE, STDOUT | |
| def nozz_module(payload, self=False, founds=False): | |
| payloads=':'.join(str(v) for v in payload.values()) | |
| foundslen=len(founds) | |
| flag_header="shellter{"+founds | |
| flag_mid=founds | |
| flag="187 169 1b0 1a5 1a9 196 1ac 1de 1e0 21f 1fc 1f8 260 24f 2a8 2ce 2a6 31d 2e7 2ee 362 347i" | |
| flag=flag.split(" ") | |
| flag_full=flag_header+payload[0] | |
| nexthash=flag[0] | |
| for i in range(foundslen): | |
| nexthash+=flag[i+1] | |
| test="b5a7adbec4cd12410c175"+nexthash | |
| #print test | |
| commandline="./hash.bin "+flag_full | |
| print commandline | |
| #exit() | |
| out={} | |
| out["code"]="" | |
| out["result"]="" | |
| code="null" | |
| try: | |
| process = Popen(commandline, shell=True, stdin=PIPE, stdout=PIPE, stderr=STDOUT, close_fds=False) | |
| (output, err) = process.communicate() | |
| except Exception as e: | |
| out["result"]=format(str(e)).strip() | |
| out["code"]="error" | |
| return out | |
| if not test in output: | |
| out["code"]="NEXT" | |
| else: | |
| print output | |
| founds=payload[0] | |
| out["code"]="NEXT" | |
| out["founds"]=founds | |
| return out | |
| return out |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment