A disturbing lack of taste. Just another WordPress site

15Jan/140

Hack you 2014 – Net 300 Writeup

<?php
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
$result = socket_connect($socket, "54.194.41.119", 0);
if ($result === false) {
echo "socket_connect() failed.\nReason: ($result) " . socket_strerror(socket_last_error($socket)) . "\n";
} else {
/******** 1st stage: get / files  ********/

#$p="GET / HTTP/1.0\r\n\r\n";
#socket_write($socket,$p , strlen($p));
#echo socket_read($socket, 2048);

/******** 2nd stage: get nice.png ********/

#$a="GET /nice.png HTTP/1.0\r\n\r\n";
#socket_write($socket,$a , strlen($a));
#$pp="";
#while($img=socket_read($socket, 1024)){
#    $pp.=$img;
#}
#$f=fopen("prov.png","w");
#cut off http headers from response
#fwrite($f,substr($pp,252));
#fclose($f);

/******** 3rd stage: connect with ssl and get flag *****/

$ip="54.194.41.119";
$port="0";
$command="GET / HTTP/1.0\r\n\r\n";
$socket = stream_socket_client("tcp://{$ip}:{$port}", $errno, $errstr, 30);
if($socket) {
stream_set_blocking ($socket, true);
stream_socket_enable_crypto ($socket, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT);
stream_set_blocking ($socket, false);
fwrite($socket, $command);
$buf = null;
while (!feof($socket)) {
$buf .= fread($socket, 20240);
}
fclose($socket);
echo $buf;
}
}?>

Razor4x

Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.