39 lines
1.1 KiB
Python
39 lines
1.1 KiB
Python
from pwn import *
|
|
|
|
# Vortex Level 0 -> Level 1
|
|
#
|
|
# Level Goal
|
|
#
|
|
# Your goal is to connect to port 5842 on vortex.labs.overthewire.org and read
|
|
# in 4 unsigned integers in host byte order. Add these integers together and
|
|
# send back the results to get a username and password for vortex1.
|
|
#
|
|
# This information can be used to log in using SSH.
|
|
#
|
|
# Note: vortex is on an 32bit x86 machine (meaning, a little endian architecture)
|
|
|
|
io = remote('vortex.labs.overthewire.org', 5842)
|
|
|
|
# You can receive data manually. We want exactly four bytes.
|
|
data = io.recvn(4)
|
|
|
|
# Now let's unpack them as a 32-bit little-endian integer
|
|
value = unpack(data, bits=32, endian='little')
|
|
|
|
# By default, pwntools sets everything to i386, which is 32-bit little endian.
|
|
# Because of this, there is no need to specify the extra arguments.
|
|
#
|
|
# The above line could instead just read:
|
|
value = unpack(data)
|
|
|
|
# There's also a helper available directly on the tube itself
|
|
# Let's read the other integers
|
|
value += io.unpack()
|
|
value += io.unpack()
|
|
value += io.unpack()
|
|
|
|
# Now let's send it back
|
|
io.pack(value)
|
|
|
|
# Receive all data until the connection closes
|
|
log.info(io.recvall()) |