def ch9(offline=False): if offline: fn = 'ch9.exe' result = solve_ch9(fn) else: ch, s = 9, ringzer0.login() data = ringzer0.read_challenge_file(s, ch) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) result = solve_ch9(fn)
def ch188(offline = False): if offline: fn = './data/steg.ch188.txt' result = solve_ch188(fn) else: ch, s = 188, ringzer0.login() data = ringzer0.read_challenge_file(s, ch) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) result = solve_ch188(fn)
def ch11(offline = False): if offline: fn = 'ch11.bin' result = solve_ch11(fn) else: ch, s = 11, ringzer0.login() data = ringzer0.read_challenge_file(s, ch) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) result = solve_ch11(fn)
def ch111(offline = False): if offline: fn = BIN_FILE result = solve_ch111(fn) else: ch, s = 111, ringzer0.login() data = ringzer0.read_challenge_file(s, ch) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) result = solve_ch111(fn)
def ch188(offline=False): if offline: fn = './data/steg.ch188.txt' result = solve_ch188(fn) else: ch, s = 188, ringzer0.login() data = ringzer0.read_challenge_file(s, ch) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) result = solve_ch188(fn)
def ch17(): ch, s = 17, ringzer0.login() r = ringzer0.open_challenge(s, ch) wrapper = ringzer0.get_wrapper(r.text) img = wrapper.xpath('.//img')[0] src = img.attrib['src'].replace('data:image/png;base64,', '') data = base64.b64decode(src) with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, data) ringzer0.output('solving') result = solve_ch17(fn) ringzer0.output('solved', result) response = ringzer0.submit_challenge(s, ch, result) ringzer0.output('response', response)
def ch15(): ch, s = 15, ringzer0.login() sections = ringzer0.read_challenge(s, ch) title, msg, chksum = sections['title'], sections['elf message'], sections['checksum'] ringzer0.output('solving') elf = msg while re.match(r'^[a-zA-Z0-9+/]*={0,3}$', elf): elf = base64.b64decode(elf) elf = elf[::-1] elf_md5 = hashlib.md5(elf).hexdigest() if chksum != elf_md5: ringzer0.error('checksum mismatch ({0} vs {1})'.format(chksum, elf_md5)) result = '' with ringzer0.tmpfile() as (fd, fn): ringzer0.write_bin_file(fd, elf) r2 = r2pipe.open(fn) asm_lines = r2.cmd('aa; s sym.main; pif~&mov,rbp').splitlines() asm_rg = re.compile(r'^mov [^,]*\[rbp\s?-\s?([0-9a-fx]+)\],\s?([^\s]+)$') asm_vals, top = {}, 0 for asm_line in asm_lines: rx = re.match(asm_rg, asm_line) if not rx: continue pos, val = rx.group(1), rx.group(2) if val.startswith('r'): continue if val.startswith('0x'): val = val[2:] if len(val) % 2 == 1: val = '0' + val pos, val = int(pos, 16), val.decode('hex') asm_vals[pos] = val top = max(top, pos) stack = bytearray('\0' * top) for k in sorted(asm_vals, reverse=True): v = asm_vals[k] stack[top - k:len(v)] = v[::-1] result = stack[:stack.index('\00')] ringzer0.output('solved', result) response = ringzer0.submit_challenge(s, ch, result) ringzer0.output('response', response)