Djinn TryHackMe python Script development for port 1337

Hello guys back again with another article this time am going to be taking you guys a step to step wakthrough on creating a python script for djinn room from TryHackMe port 1337 exploit. I’ve done the room pretty recently and i decided not to do an entire walkthrough since there are plenty of walkthrough’s out there but what i noticed is that no walkthrough really explained how they went about creating the python script and that's why i decided to do the room some justice and create a proper article on how the script is created .The core of the script is understanding how sockets work in python the rest greatly varies depending on your understanding of python but I’ll be going into details how regular expression also work in python and i believe it will be a fun learning experience. Without much say let’s jump in

The script that i created looks something like below

And when we execute the script we get the following output

I think it looks really nice considering the colors that it comes with when we execute the script. The script that we’ll be creating will be pretty bare we just want to make sure that it gets the work done but it won’t have fancy features like colored output. If you want the script with fancy feature I’ll leave a link of my GitHub page where you can clone the repository and see how i did it.

First when we do a nmap scan the box we see that port 1337 (leet) is open

Let’s try to connect to the port with netcat.

Looking at the output we are asked to answer 1000 question and once we are done there are some goodies that will be given. Let’s try answering some few questions.

And as seen the questions just keep popping up after we answer them.

What if we just put a wrong answer maybe the application doesn’t check if the answers provided is wrong or right

Looking above we are now sure that there is some kind of validation going on meaning we can’t just input a wrong answer. Also the application just hangs and then disconnects

Now let’s start scripting

Now we need to import two libraries

Next let’s declare two variable

Next we’ll tell sockets to connect using an IPV4 address and also we’ll be using a TCP port and we’ll put this in a variable called client_socket as seen below. Don’t forget this variable because we’ll be using it a lot from here onward

next we are use that same variable called client_socket and tel it to connect to the IP address and port provided above

Next we know that we will have to answer the question 1000 times and because of this we’ll have to use the for loop in python which tells python to repeate a command 1000 time

This means that whatever code is below this for loop will be repeated 1000 times

Next we’ll use client_socket.recv which tells the python script to pull data from the port. we’ve put that command in a variable called banner

What print does is outputs the string or result of a variable to stdout. meaning we’ll be able to see the output

Now let’s save the code and then run the script then see what we see

And as seen above we just print the banner of port 1337.

Let’s receive another 1024 bytes in a variable called banner and print it’s results

Saving the code again and running it again we get both the banner and the first question we are supposed to answer

Looking at the output we have our first calculation but the problem is how can we just extract the numbers and math operators from the entire output.

This is where re library becomes handy because we’ll search for it in that entire string and only get the problem we want to solve

The source code is as you see below

Next we tell python to print what it finds after doing a search

Now lets save the code and try running it again

Sweet but still the problem has unwanted characters like commas(,) and single quotes (’) now let’s remove the using the syntax below

I implement as you can see below

After replacing those characters lets save the script and execute it again we get the exact calculation that we need to run as you see below

Boom we have the problem that we are required to solve . By passing this problem to eval it will be able to perform the evaluation and python will give us the answer

I’ve implemented the logic in the source code as seen below

Executing the script again after saving the source code prints the results as you can see below

Sweet now we need to send this result to the application using the socket that we created using the .send syntax

After sending the first answer we need to receive the next question using the same syntax as shown some few moments back but since we are running it in loop the code will just go back to the begining of the loop and execute the code again

This process will now happen for 1000 times fun right but we have finished our code !!!!! This code is enough to give us the gift we were told 😀

That was fun right ????

Now let’s save the script and execute it again

As you see above we are getting multiple questions one after another meaning that all went well and our script is working perfectly 😀

Now let’s add a little more spice that tells us which question we are tackling

The syntax i used is

After saving the script and executing it again we see below that it works

Now after the calculations are finished it will give us the gifts using the code below

Now lets execute the script and let it run to the end

And as seen below it works perfectly

All the writeups I’ve looked at have really complex code but it was as simple as I’ve shown you guys above hope you liked the article if so don’t forget to clap for me down below and follow me so that you won’t miss any upcoming articles

That’s it for now guys till next time take care

My GitHub link

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store