这题需要在时间限制内赢100次二分猜数游戏。 记得数据结构课上老师就说过,二分查找的实现还是很容易错的。一开始写的版本总是用光次数猜不对。 网速比较慢的话就得先用其他题的账户登上去然后本地连接到9007端口执行。
from pwn import * sh = remote('pwnable.kr', 9007) sh.recvuntil('starting in 3 sec') print 'Waiting for 3 sec to start ...' def play_round(): sh.recvuntil('N=') N = int(sh.recvuntil(' ')) print 'N=%d' % N sh.recvuntil('C=') C = int(sh.recvuntil('\n').replace('\n', '').rstrip()) print 'C=%d' % C # binary search lo = 0 hi = N-1 cnt = 0 re = -1 while lo < hi: cnt += 1 mi = lo + (hi - lo) / 2 guess = ' '.join([str(i) for i in range(lo, mi+1)]) # print 'Test #', cnt, 'range: [%4d, %4d]' % (lo, hi), 'Guess: [%4d, %4d]', lo, mi sh.sendline(guess) re = int(sh.recvline()) # print 'Ret:', re if re < 10 * (mi - lo + 1): hi = mi else: lo = mi+1 while cnt < C: cnt += 1 sh.sendline(str(lo)) re = int(sh.recvline()) print 'Aha! Found:', lo, 'Sending...' sh.sendline(str(lo)) print sh.recvuntil('\n') # receive "Congraduate (#round_number)" win = 0 while win < 100: play_round() win += 1 sh.interactive()