Overthewire Vortex Level0

Do you know http://overthewire.org/ ? It has a very cool wargames section. I found it a few weeks ago. I’m currently doing the “Vortex” level [stuck at level8 :-)].

The Level0 is very easy, you must read 4 integers from a remote port and send back the sum of them, to get a shell account for Level1.

I choose python to solve this problem. I think python fits good to hacking challenges because of low-level libs like structs or ctype.

#!/usr/bin/env python

from socket import *
from struct import *

s = socket(AF_INET, SOCK_STREAM)
s.connect(("vortex.labs.overthewire.org" , 5842))

sum = 0;
#print ' '.join(["%02X"%ord(x) for x in s.recv(32)])

for i in range(4):
    data = s.recv(4)
    sum += unpack("<I", data)[0]

s.send(pack("<I",(sum & 0xFFFFFFFF)))
print s.recv(1024)
s.close ()

The result is:

Username: vortex1 Password: *********
This entry was posted in Wargame and tagged , , . Bookmark the permalink.

9 Responses to Overthewire Vortex Level0

  1. Johnny says:

    On line 16, why do you add “0xFFFFFFFF”?

  2. sr says:

    Thanks a lot! Nice post.

  3. Abby Edwards says:

    Thanks, I really like your post. I’m a neophyte with this stuff, and I love how succinct your python solution looks. I am trying to (re)learn sockets in C, so I took the overcomplicated route. I don’t want to spam your blog, but if you think it’s appropriate, I’m happy to share the C source code of my approach to solving this problem… granted, I’m not sure if it works as-written outside of my PPC Linux box, but anyway. Kudos!

  4. snake says:

    Thanks I was stuck on the unpack part

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s