python challenge 20解题总结

by 3720人阅读

 

python challenge 20网址:www.pythonchallenge.com/pc/hex/idiot.html,查看网页源码后,可以看到idiot2.html,于是打开网址:www.pythonchallenge.com/pc/hex/idiot2.html,查看网页的源码就看到了but inspecting it carefully is allowed,于是想到需要用到httplib模块,并且需要用认证的信息,于是源代码如下。 

import httplib, base64

base64_login = base64.encodestring('%s:%s' % ("butter", "fly"))[:-1]
headers = {"Authorization": "Basic %s" % base64_login}
conn = httplib.HTTPConnection("www.pythonchallenge.com")

# Needless to say that normally we wouldn't know about the exact byte
# ranges yet and thus probably use infinite loops instead ...

for n in range(30203, 30314):
    headers["Range"] = "bytes=%s-%s" % (n, n + 1)
    conn.request("GET", "/pc/hex/unreal.jpg", "", headers)
    response = conn.getresponse()
    data = response.read()

    if data:
        print data

# We now know that our username is "invader".

for n in (2123456744, 2123456743):
    headers["Range"] = "bytes=%s-%s" % (n, n + 1)
    conn.request("GET", "/pc/hex/unreal.jpg", "", headers)
    response = conn.getresponse()

    print response.read()

# We learned that "the password is your new nickname in reverse", thus:
# "redavni". Further, that "it is hiding at 1152983631".

headers["Range"] = "bytes=1152983631-1152983632"
conn.request("GET", "/pc/hex/unreal.jpg", "", headers)
response = conn.getresponse()

h = open("data.zip", "wb")
h.write(response.read())
h.close()

# Unzip the file and read the "readme.txt" it contains.