/
exploit.py
38 lines (30 loc) · 1007 Bytes
/
exploit.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
from pwn import *
conn = remote('chal.imaginaryctf.org', 42015)
conn.recvuntil(b'out!)\n\n')
for _ in range(300):
received = conn.recvuntil(b'\n')[:-1].decode('utf-8')
if '__import__' in received:
print(received)
result = 'forkbomb\n'
else:
print(received,end=' = ')
equation = received.split(' ')
c = []
operands = []
for i,elt in enumerate(equation):
if i%2 == 0:
c += [complex(elt[1:-1].replace('i','j'))]
else:
operands += [elt]
result = c[0]
for i,op in enumerate(operands):
if op == '+':
result += c[i+1]
elif op == '-':
result -= c[i+1]
result = (result.__str__()[1:-1].replace('j','i')+'\n')
print(result)
conn.send(result.encode())
received = conn.recvuntil(b'\n')[:-1].decode('utf-8')
print(received)
print(conn.recvall().decode())