Skip to content

Instantly share code, notes, and snippets.

@bkth

bkth/doit.py

Created February 21, 2018 10:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bkth/2a1014696666c32a90b97bb22ce8b827 to your computer and use it in GitHub Desktop.
Save bkth/2a1014696666c32a90b97bb22ce8b827 to your computer and use it in GitHub Desktop.
Download ZIP
ctf template
Raw
doit.py
#!/usr/local/bin/python2
import time
import telnetlib
import sys
import binascii
import struct
import socket
import random
def randstr(length=10):
return ''.join(random.choice(string.ascii_uppercase + string.digits + string.ascii_lowercase) for _ in range(length))
def log(s):
print "[\033[0;32m***\033[0m] %s" % s
HOST = "127.0.0.1" if len(sys.argv) < 2 else sys.argv[1]
PORT = 4444 if len(sys.argv) < 2 else int(sys.argv[2])
TARGET = (HOST, PORT)
sock = None
try:
sock = socket.create_connection(TARGET)
except:
log("FAILED TO ESTABLISH SOCKET, ABORTING!!!")
sys.exit(1)
def ru(delim):
buf = ""
while not delim in buf:
buf += sock.recv(1)
return buf
def interact():
log("Switching to interactive mode")
t = telnetlib.Telnet()
t.sock = sock
t.interact()
p32 = lambda v: struct.pack("<I", v)
p64 = lambda v: struct.pack("<Q", v)
u32 = lambda v: struct.unpack("<I", v)[0]
u64 = lambda v: struct.unpack("<Q", v)[0]
sa = lambda s: sock.sendall(s)
log("Let's pwn")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment