[Wargame Write-up]/Challengeland
[Challengeland] [Programming] Programming 2 (220p)
Kevin S.
2017. 3. 25. 06:14
Programming 2번째 문제이다.
각 변수가 오른편과 같을 때, 주어진 식의 값을 계산해 Response 페이지로 전송하는 문제이다.
계속 새로고침 해보면 연산자까지도 바뀌는 것을 볼 수 있다.
실패 메시지는 전과 동일하다.
A~E 변수에 추출한 값을 넣어, 추출한 식을 eval 함수를 이용해 계산하도록 작성했다.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85 |
#-*- coding: utf-8 -*-
import requests
import getpass
import sys
import os
def clear_screen():
if sys.platform == 'win32':
os.system("cls")
else:
os.system("clear")
def get_session(login_url, username, password):
data = {}
try:
data["user"] = username
data["pass"] = password
print("\n [*] Connecting to " + login_url)
session = requests.Session()
if "200" not in str(session.post(login_url, data=data)):
raise requests.exceptions.ConnectionError
print(" [*] Connection Success\n")
except requests.exceptions.ConnectionError:
print(" [*] Connection Failed\n")
sys.exit()
return session
def extract_necessary_string(session, target_url, find_text):
response = session.get(target_url).text
expression = response[response.find(find_text[0][0]) + len(find_text[0][0]):response.find(find_text[0][1])]
parsed_operands = response[response.find(find_text[1][0]) + len(find_text[1][0]):].split(',')
extracted_operands = list()
for operand in parsed_operands:
extracted_operands.append(int(operand.split('=')[1]))
print(" [*] Expression: " + expression)
print(" [*] Operands:"),
print(extracted_operands)
A = extracted_operands[0]; B = extracted_operands[1]; C = extracted_operands[2]
D = extracted_operands[3]; E = extracted_operands[4]
result = eval(expression)
print(" [*] Extracted Strings: %s" % result)
return result
def submit_answer(session, submit_url, answer):
print(" [*] Answer to submit: %s\n" % answer)
response = session.post(submit_url, data={"solve": answer}).text.encode('utf-8')
if "Slow" not in response:
print(" [*] Submit Success :)")
print("\n [*] The Key is " + response)
else:
print(" [*] Submit Failed :(")
def main():
target_domain = "http://challengeland.co/"
target_url = target_domain + "Challenges/Programming/aff396c38aRequest"
submit_url = target_domain + "Challenges/Programming/aff396c38aResponse"
login_url = target_domain + "Site/Login"
find_text = [[": ", " ="], ["with"]]
clear_screen()
session = get_session(login_url, raw_input("\nUsername: "), getpass.getpass())
submit_answer(session, submit_url, extract_necessary_string(session, target_url, find_text))
if __name__ == '__main__':
main()
|
cs |
성공하면 키 값을 보내주는데,
받은 값을 입력하면
Clear~
