Guide: Remote Exploit

Connect to Remote Server

The server is hosted at kayle.snu.ac.kr.

After making the local exploit work, now you will need to carry out the remote exploit to capture the real flag. Each challenge is served by the CTF server.

Port Number

The port number is different per CTF problem. The port number 12345 here is just an example. You should change the port number laster as instructed in the problem.

Example code for Remote Exploitation

Using pwntools, the remote exploitation code is quite similar to the local exploitation. The only difference is in invoking remote() with the server's host and port information, instead of invoking process() with the binary name.

exp_remote.py
from pwn import *

# Connect to the remote CTF server
host = 'kayle.snu.ac.kr'
# Replace with the port number provided for the challenge
port = 12345

# Establish a connection to the server
connection = remote(host, port)

# Interact with the server (example: connection.sendline(b'input'))
connection.sendline(b'input')

# Receive and print the flag
flag = connection.recvline()
print(flag.decode())

# Close the connection
connection.close()

Running the Script Remotely

Save the code above as exp_remote.py, and then run it.

python3 exp_remote.py

Using this remote example, we showed how to perform the following jobs using pwntools.

How to connect to the remote CTF server
How to send the input to the server
How to receive the output of the server
How to capture the real flag from the server

Example code for Remote Exploitation​

Running the Script Remotely​

Example code for Remote Exploitation

Running the Script Remotely