π Connect β Writeup (pwn.college)
Writeup from Intercepting Communication
π Challenge Summary
Youβre placed at 10.0.0.1 and must connect to a remote server at 10.0.0.2 on port 31337.
This challenge tests basic understanding of TCP client connections. The server simply listens and sends back a flag upon connection.
π§ Understanding the Setup
The provided Python code inside /challenge/run:
import socket
class ServerHost(Host):
def entrypoint(self):
server_socket = socket.socket()
server_socket.bind(("0.0.0.0", 31337))
server_socket.listen()
while True:
try:
connection, _ = server_socket.accept()
connection.sendall(flag.encode())
connection.close()
except ConnectionError:
continue
- The server binds to 0.0.0.0:31337.
- When a client connects, it sends the flag and closes the connection.
How We Exploit It
There is no exploit needed β just use Netcat (nc) to connect.
nc 10.0.0.2 31337
Final Exploit Command
root@ip-10-0-0-1:~# nc 10.0.0.2 31337
pwn.college{gg1HJhGCkcntOmNvNCXZK6pp_wK.QX5UzMzwSM0IzMyEzW}
Output
pwn.college{gg1HJhGCkcntOmNvNCXZK6pp_wK.QX5UzMzwSM0IzMyEzW}
Flag
pwn.college{gg1HJhGCkcntOmNvNCXZK6pp_wK.QX5UzMzwSM0IzMyEzW}