KCTF_7_一触即发 subprocess交互 + 爆破

subprocess交互 + 爆破

一开始想用winpwn写交互，后来没有处理好接受字符串的功能，就尝试使用了subproces

import subprocess
from struct import *
from itertools import *
import threading
ans = b""
def output_reader(proc):
    global ans
    while 1:
        rd = proc.stdout.readline()
        if rd != b"":
            ans += rd
            if b"success" in rd:
                print(ans.count(b"->",0)-1)

sh = subprocess.Popen(r"C:\Users\Administrator\Desktop\KCTF\gtest.exe",shell=True,stdout=subprocess.PIPE,stdin=subprocess.PIPE)
table = "0123456789"
t = threading.Thread(target=output_reader, args=[sh])
t.start()
for i in product(table, repeat=7):
    ad = "".join(i)+"\r\n"     #不要使用\r\n而是使用\n
    sh.stdin.write(str.encode(ad))
    sh.stdin.flush()

 

 

这可能是KCTF中最简单的逆向题了....