Protostarnet2
This level is at /opt/protostar/bin/net2Source code
#include "../common/common.c"
#define NAME "net2"
#define UID 997
#define GID 997
#define PORT 2997
void run()
{
unsigned int quad[4];
int i;
unsigned int result, wanted;
result = 0;
for(i = 0; i < 4; i++) {
quad[i] = random();
result += quad[i];
if(write(0, &(quad[i]), sizeof(result)) != sizeof(result)) {
errx(1, ":(\n");
}
}
if(read(0, &wanted, sizeof(result)) != sizeof(result)) {
errx(1, ":<\n");
}
if(result == wanted) {
printf("you added them correctly\n");
} else {
printf("sorry, try again. invalid\n");
}
}
int main(int argc, char **argv, char **envp)
{
int fd;
char *username;
/* Run the process as a daemon */
background_process(NAME, UID, GID);
/* Wait for socket activity and return */
fd = serve_forever(PORT);
/* Set the client socket to STDIN, STDOUT, and STDERR */
set_io(fd);
/* Don't do this :> */
srandom(time(NULL));
run();
}
这题也是从上一题延伸过来,通过分析题目可以得到程序通过一个for循环生成4个随机数,分4次大小以sizeof(result)发送,用另一个变量来保存4个变量相加的和,如果客户端返回四个数的和相等的数即可。
#!/usr/bin/env python
from socket import *
from struct import *
from optparse import OptionParser
def main(hostname,port):
s = socket(AF_INET,SOCK_STREAM)
s.connect((hostname,port))
result = 0
for i in range(4):
rec = s.recv(4)
num = unpack(" print "num[%d]:%d"%(i,num)
result += num
print str(result)
s.send(pack(" print s.recv(1024)
s.close()
if __name__=="__main__":
parse = OptionParser("usage: %prog [options]")
parse.add_option("-H",dest="hostname",default="127.0.0.1",type="string",help="The ip of the target")
parse.add_option("-P",dest="port",default=2997,type="int",help="The port of the host")
(options,args)=parse.parse_args()
main(options.hostname,options.port)
运行结果:D:\Python27\a\protostar>debug.py -H 192.168.0.71
num[0]:605764919
num[1]:1932937542
num[2]:278220490
num[3]:835448954
3652371905
you added them correctly
网页名称:Protostarnet2
文章分享:http://scyanting.com/article/pcihdj.html
#include "../common/common.c"
#define NAME "net2"
#define UID 997
#define GID 997
#define PORT 2997
void run()
{
unsigned int quad[4];
int i;
unsigned int result, wanted;
result = 0;
for(i = 0; i < 4; i++) {
quad[i] = random();
result += quad[i];
if(write(0, &(quad[i]), sizeof(result)) != sizeof(result)) {
errx(1, ":(\n");
}
}
if(read(0, &wanted, sizeof(result)) != sizeof(result)) {
errx(1, ":<\n");
}
if(result == wanted) {
printf("you added them correctly\n");
} else {
printf("sorry, try again. invalid\n");
}
}
int main(int argc, char **argv, char **envp)
{
int fd;
char *username;
/* Run the process as a daemon */
background_process(NAME, UID, GID);
/* Wait for socket activity and return */
fd = serve_forever(PORT);
/* Set the client socket to STDIN, STDOUT, and STDERR */
set_io(fd);
/* Don't do this :> */
srandom(time(NULL));
run();
}
#define NAME "net2"
#define UID 997
#define GID 997
#define PORT 2997
void run()
{
unsigned int quad[4];
int i;
unsigned int result, wanted;
result = 0;
for(i = 0; i < 4; i++) {
quad[i] = random();
result += quad[i];
if(write(0, &(quad[i]), sizeof(result)) != sizeof(result)) {
errx(1, ":(\n");
}
}
if(read(0, &wanted, sizeof(result)) != sizeof(result)) {
errx(1, ":<\n");
}
if(result == wanted) {
printf("you added them correctly\n");
} else {
printf("sorry, try again. invalid\n");
}
}
int main(int argc, char **argv, char **envp)
{
int fd;
char *username;
/* Run the process as a daemon */
background_process(NAME, UID, GID);
/* Wait for socket activity and return */
fd = serve_forever(PORT);
/* Set the client socket to STDIN, STDOUT, and STDERR */
set_io(fd);
/* Don't do this :> */
srandom(time(NULL));
run();
}
#!/usr/bin/env python
from socket import *
from struct import *
from optparse import OptionParser
def main(hostname,port):
s = socket(AF_INET,SOCK_STREAM)
s.connect((hostname,port))
result = 0
for i in range(4):
rec = s.recv(4)
num = unpack(" print "num[%d]:%d"%(i,num)
result += num
print str(result)
s.send(pack(" print s.recv(1024)
s.close()
if __name__=="__main__":
parse = OptionParser("usage: %prog [options]")
parse.add_option("-H",dest="hostname",default="127.0.0.1",type="string",help="The ip of the target")
parse.add_option("-P",dest="port",default=2997,type="int",help="The port of the host")
(options,args)=parse.parse_args()
main(options.hostname,options.port)
from socket import *
from struct import *
from optparse import OptionParser
def main(hostname,port):
s = socket(AF_INET,SOCK_STREAM)
s.connect((hostname,port))
result = 0
for i in range(4):
rec = s.recv(4)
num = unpack(" print "num[%d]:%d"%(i,num)
result += num
print str(result)
s.send(pack(" print s.recv(1024)
s.close()
if __name__=="__main__":
parse = OptionParser("usage: %prog [options]")
parse.add_option("-H",dest="hostname",default="127.0.0.1",type="string",help="The ip of the target")
parse.add_option("-P",dest="port",default=2997,type="int",help="The port of the host")
(options,args)=parse.parse_args()
main(options.hostname,options.port)
D:\Python27\a\protostar>debug.py -H 192.168.0.71
num[0]:605764919
num[1]:1932937542
num[2]:278220490
num[3]:835448954
3652371905
you added them correctly
num[0]:605764919
num[1]:1932937542
num[2]:278220490
num[3]:835448954
3652371905
you added them correctly