Cyber 101: My PWN Toolbox

Quick Maths

Looking through the given server code the idea is fairly simple, we have 60 seconds to answer 100 simple maths questions.

The challenge title hints at using pwntools so let's put together a script to get the flag:

from pwn import *

p = remote('puzzler7.imaginaryctf.org', 2222)

# Skip the welcome line
p.recvline()

for _ in range(100):
        q = p.recvline().decode().strip()
        # Using eval on the unsanitised response from the server
        # is an awful idea here, but we've read the server code
        # and I trust that the same code is running remotely :)
        print(f"{q} = {eval(q)}")
        p.sendline(str(eval(q)).encode())

print(p.recvline().decode())

Running the script gets us the flag: ictf{Bu1lDin6_my_PWN_h0u5e}!