Exploit Education | Phoenix | Net One Solution

The description and source code can be found here:
http://exploit.education/phoenix/net-one/

This level is asking us to do the opposite of the previous level. Now we need to convert a bytes value from native endian format to an integer and send that back as an ASCII string. Again, I can use netcat to verify this:

user@phoenix-amd64:~$ nc 127.1 64001
Welcome to phoenix/net-one, brought to you by https://exploit.education
_z��1000
Close, you sent "1000", and we wanted "2511501919"

Yup. After receiving 4 bytes of random data, I sent “1000” (as an ASCII string) and the program verified that’s what I sent.

I wrote another Python script to automate this:

#!/usr/bin/env python3

import socket
import time

IP = "127.0.0.1"
PORT = 64001

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((IP, PORT))

# Get the first 2 lines
print(s.recv(132).decode())
time.sleep(0.1)
msg = s.recv(132)[1:] # Cutting off the newline character

# Display what was received & display it as a hex value
print("Received: {}".format(msg))
intval = int.from_bytes(msg, byteorder='little')
print("Hex value: {}".format(hex(intval)))

# Send the data as bytes
print('Sending integer value: "{}"\n'.format(intval))
s.send(str(intval).encode() + b'\n')

# Print the last message
print(s.recv(132).decode())

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.