Python & Pwn

sicc

whoami

112 NISRA 會長

輔大資工大三

被程式壓榨的大學生

環境建構

環境建構

文字編輯器

Run ~

print("Hello World")

Lab 0x0

  • 試著印出 Hello World 吧!

Colab

Data Type

# 註解
a = 1 		# int
b = 1.23	# float
c = "String"	# String
d = 'String'	# String
f = True	# bool
'''
多行註解
'''

Data Type

  • ascii code

Data Type

a = 1	 	# int
b = float(a)	# change int to float
print(type(b)) 	# get the type of b

Data Type

x = [1, 3.14, "NISRA"]
x.append("Hello")

print(x[0])	# 1
print(x[-1])	# Hello
print(x[0:2])	# [1,3.14]
print(x[1:])	# [3.14, 'NISRA', 'Hello']
print(x[:])	# [1, 3.14, 'NISRA', 'Hello']

  • list

Data Type

x = {
	"name" : "John",
	"StudentID" : 1,
	"PI" : 3.14,
}#dict

print(x["name"])	# John
print(x["StudentID"])	# 1
print(x["PI"])		#3.14

  • dict

input

str_in = input("Input what you want:")
# 預設 Data Type 為 String
print(str_in)

int_in = int(input("Input a number:"))
# int type
print(int_in)

a,b = input ("Enter 'A B'").split()
# 以空白鍵分開輸入
print(a,b)

print

a = "string"
b = 1234
print(a , b)
print("{0:5} {1:4}".format(a,b))
print("{} {}".format(a,b))
print(f'{a} {b}')
#string 1234

operator

Arithmetic operators

  • +, -, *, /,
  • %
  • ** 次方
  • // 整數除法

operator

Assignment operators

  • =
  • +=, -=, *=, /=
  • %=
  • **=, //=
  • ...

operator

Compare operators

  • ==
  • >=, <=
  • >, <
  • !=

operator

Logic operators

  • and
  • or
  • not

operator

想學更多嗎?

 

https://www.w3schools.com/python/python_operators.asp

Condition

if

x = 10
if(x >= 10):
  # in if
  # in if
#out if
x = 10
if(x >= 10){
  # in if
# in if
  # in if
}
#out if

Condition

if

x = 10
if x >= 10:
  # in if
  # in if
#out if
x = 10
if(x >= 10){
  # in if
# in if
  # in if
}
#out if

Condition

if ... else

x = 10
if(x >= 10):
  # in if
  # in if
else:
  # in else
# out if...else
x = 10
if(x >= 10):
  # in if
elif(x == 9):
  # in elif
else:
  # in else
# out if

if ... elif ... else

Lab 0x1

算算看

0 + 9
8 - 7
6 * 5
4 / 3

input

0 + 9 = 9
8 - 7 = 1
6 * 5 = 30
4 / 3 = 1

output

Lab 0x1 Solution

算算看

user_input = input()
a, op, b = user_input.split()
a = int(a)
b = int(b)
if(op == '+'):
	print(user_input," = ",a+b)
elif(op == '-'):
	print(user_input," = ",a-b)
elif(op == '*'):
	print(user_input," = ",a*b)
else:
	print(user_input, " = ",a//b)

Loop

for

for i in range(10):
  print(i,end=' ')
# 0 1 2 3 4 5 6 7 8 9
print()
for i in range(1,10):
  print(i,end=' ')
# 1 2 3 4 5 6 7 8 9
print()
for i in range(2,10,2):
  print(i,end=' ')
# 2 4 6 8
print()

Loop

for

number = ["one","two","three"]
for i in number:
  print(i,end=' ')
number = ["one","two","three"]
for i in "number":
  print(i,end=' ')

Loop

while

a = 1;
while(a <= 5):
  print(a,end=' ')
  a+=1
# 1 2 3 4 5

Methods

define method (function)

def multiply(a, b):
  c = a * b 
  return c
  
print(multiply(99, 495))
# 49005

Methods

Pwntool

https://docs.pwntools.com/en/stable/intro.html

Pwntool

windows : pip install pwntools

Linux : sudo apt install pwntools

Pwntool

用 import 的方式載入 Pwntool 資料庫

Pwntool

recv(int) 接收 <int> 個字節
recvuntil(str) 接收直到 <str>
recvline() 接收直到換行

  • 如何接收字元

Pwntool

send(str) 送出 <str>
sendline(str)  送出 <str> 字尾會加上 \n

Pwntool

  • remote
    • 遠端連線
    • remote(str(host), port)
  • process
    • 本地執行
    • process(str(path))

Lab 0x2

試著用上面的語句讀出自己輸入的字串吧~

#include <stdio.h>
#include <string.h>
int main(){
	char str[200];
	printf("Enter what you want:\n");
	gets(str);
	printf("%s",str);
	return 0;
}

Lab 0x2

from pwn import * # import  pwn
p = remote("<網址>",<port 號>)
print(p.)	# 收取 Enter What you want:
p.  		# 送一句指令
print(p.) # 收取一個剛剛的東西

chall2.nisra.net:44008

Lab 0x2 Solution

from pwn import *
p = remote("chall2.nisra.net",44008)
print(p.recvline())
p.sendline('adjfo jdofaj')
print(p.recvline())

Lab 0x3

試著利用上面的東西找到 flag 吧

class.nisra.net 上面吧

python

By sicc

Made with Slides.com

python

  • 200

More from sicc