Level 0

Level Goal:: Your goal is to connect to port 5842 on vortex.labs.overthewire.org and read in 4 unsigned integers in host byte order. Add these integers together and send back the results to get a username and password for level 1.

Note: that vortex is on an x86 machine (meaning, a little endian architecture)

Helpful Reading Material: C Programming Introduction; Network Programming Tutorial

Summary : socket programming , little endian , sum all received data and send back

문제에서 요구하는것은 vortex.labs.overthewire.org:5842에 접속하여 4개의 unsigned integers(little endian)를 받고 , 합하여 재전송해주는 것이다.
이를 python script로 작성해 문제를 해결한다.

script가 해야하는 동작을 순서대로 나열해보면

1) Connect
2) Receive * 4
3) Sum
4) Send

위와 같이 간단하다.
하지만 주의할 점은 server에서 little endian byte order에 따라 unsigned integer을 전송해주기 때문에 data를 수신하거나 전송할때에 struct 모듈을 이용하여 자료형을 맞춰주어야 한다.

[pwn3r@localhost io]$ cat exploit.py
#!/usr/bin/python

from socket import *
import struct

HOST = "vortex.labs.overthewire.org"
PORT = 5842
data = 0

print "[!] Exploit started !"

s = socket(AF_INET , SOCK_STREAM)
s.connect((HOST , PORT))

print "[+] Connected to server!"

for i in range(4):
tmp = struct.unpack("<l" , s.recv(4))[0]
print "[+] Received : " + str(tmp)
data += tmp

print "[+] Sum of data is : " + str(data)

data = struct.pack("<l" , data)

print "[!] Sending data"
s.send(data)
key = s.recv(1024)
print "[+] Key : " + key

s.close()

[pwn3r@localhost io]$ python exploit.py
[!] Exploit started !
[+] Connected to server!
[+] Received : 514893279
[+] Received : 449990647
[+] Received : 866074304
[+] Received : 1362899077
[+] Sum of data is : 3193857307
[!] Sending data
[+] Key : Username: vortex1 Password: Gq#qu3bF3

vortex1 user의 password를 획득했다.