Skip to content

Instantly share code, notes, and snippets.

@stefan2904 stefan2904/bruteforce.py
Last active Feb 22, 2016

Embed
What would you like to do?
Brute with Force, Internetwache CTF code80 challenge
#!/usr/bin/env python
from pwn import * # NOQA
from pytz import timezone
import hashlib
import datetime
import string
def get_SHA(data):
ha = hashlib.sha1()
ha.update(data)
return ha.hexdigest()
r = remote('188.166.133.53', 11117)
flag = ''
try:
while True:
while True:
msg = r.recvline()
log.info(msg)
if 'the hash is' in msg:
break
msg = msg.strip().split(' ')
char = msg[1].replace(':', '')
time = msg[4].replace(',', '').strip()
digest = msg[16]
# log.info('Char: ' + char)
# log.info('Time: ' + time)
# log.info('Digest: ' + digest)
# Hint: Format is TIME:CHAR
# 051th day of 2016 => today
# +- 30 seconds
time = time.split(':')
time = map(lambda x: int(float(x)), time)
second = (time[2] - 31) % 60
minute = time[1] if second < time[2] else time[1] - 1
hour = time[0] if minute <= time[1] else time[2] - 1
ms = 0
timehigh = datetime.datetime(
2016,
0o2,
20,
hour,
minute,
second,
ms, tzinfo=timezone('CET'))
timestamp = int(timehigh.strftime("%s"))
p = log.progress('bruteforcing ...')
for offset in range(0, 62):
for CHAR in string.printable:
TIME = str(timestamp + offset)
text = TIME + ':' + CHAR
if digest == get_SHA(text):
log.info('Solution: ' + text)
r.sendline(text)
flag += CHAR
p.success('Done bruteforcing!')
except EOFError:
pass
log.info('the flag is: ' + flag)
log.info('fuzzys are done here ...')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.