diff --git a/week04/hard/client.py b/week04/hard/client.py index 1748591..d1f9a31 100644 --- a/week04/hard/client.py +++ b/week04/hard/client.py @@ -3,7 +3,7 @@ import json import base64 # Fill in the right target here -HOST = "netsec.net.in.tum.de" # TODO +HOST = "localhost" # TODO # HOST = "localhost" PORT = 20204 # TODO @@ -27,15 +27,12 @@ def search_password(target_pass, rainbow_dict): return None -def crack_hash(targets): +def crack_hash(target): rainbow_dict = None with open("rainbow_table.json", "r") as f: rainbow_dict = json.load(f) hash_dict = decode_hash(rainbow_dict) - found_dict = {} - for target in targets: - found_dict[search_password(target, hash_dict)] = target - return found_dict + return search_password(target, hash_dict) def get_flag(): @@ -44,26 +41,29 @@ def get_flag(): s.connect((HOST, PORT)) sf = s.makefile("rw") # we use a file abstraction for the sockets print(sf.readline().rstrip("\n")) + print("GET_SECRET Initiated") sf.write("GET_SECRET\n") sf.flush() print(sf.readline().rstrip("\n")) + print("inserted Username admin") sf.write("admin\n") sf.flush() print(sf.readline().rstrip("\n")) + print("inserted password 'rand123'") sf.write("ran123\n") sf.flush() output = sf.readline().rstrip("\n").split("Passwords do not match hashes ")[1] pos_pas = parse_list_string(output) - passwords = crack_hash(pos_pas) - print(passwords) - for password in passwords: - print(sf.readline().rstrip("\n")) - sf.write("admin\n") - sf.flush() - print(sf.readline().rstrip("\n")) - sf.write(f"{password}\n") - sf.flush() - print(sf.readline().rstrip("\n")) + password = crack_hash(pos_pas[0]) + print(f"Password found {password}") + print(sf.readline().rstrip("\n")) + sf.write("admin\n") + sf.flush() + print(sf.readline().rstrip("\n")) + print(f"inserted password '{password}'") + sf.write(f"{password}\n") + sf.flush() + print(sf.readline().rstrip("\n")) print(sf.readline().rstrip("\n")) sf.close() s.close()