Skip to content

Instantly share code, notes, and snippets.

@stefan2904

stefan2904/bruteforce.py

Last active Feb 22, 2016
Embed
What would you like to do?
Brute with Force, Internetwache CTF code80 challenge
#!/usr/bin/env python
from pwn import * # NOQA
from pytz import timezone
import hashlib
import datetime
import string
def get_SHA(data):
ha = hashlib.sha1()
ha.update(data)
return ha.hexdigest()
r = remote('188.166.133.53', 11117)
flag = ''
try:
while True:
while True:
msg = r.recvline()
log.info(msg)
if 'the hash is' in msg:
break
msg = msg.strip().split(' ')
char = msg[1].replace(':', '')
time = msg[4].replace(',', '').strip()
digest = msg[16]
# log.info('Char: ' + char)
# log.info('Time: ' + time)
# log.info('Digest: ' + digest)
# Hint: Format is TIME:CHAR
# 051th day of 2016 => today
# +- 30 seconds
time = time.split(':')
time = map(lambda x: int(float(x)), time)
second = (time[2] - 31) % 60
minute = time[1] if second < time[2] else time[1] - 1
hour = time[0] if minute <= time[1] else time[2] - 1
ms = 0
timehigh = datetime.datetime(
2016,
0o2,
20,
hour,
minute,
second,
ms, tzinfo=timezone('CET'))
timestamp = int(timehigh.strftime("%s"))
p = log.progress('bruteforcing ...')
for offset in range(0, 62):
for CHAR in string.printable:
TIME = str(timestamp + offset)
text = TIME + ':' + CHAR
if digest == get_SHA(text):
log.info('Solution: ' + text)
r.sendline(text)
flag += CHAR
p.success('Done bruteforcing!')
except EOFError:
pass
log.info('the flag is: ' + flag)
log.info('fuzzys are done here ...')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment