๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
๋ฐ˜์‘ํ˜•

Round#41

[Dreamhack] CTF Season 5 Round #4 - BypassIF ๐Ÿ›Ž๏ธ Access Admin์˜ KEY๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค! ์•Œ๋งž์€ KEY๊ฐ’์„ ์ž…๋ ฅํ•˜์—ฌ ํ”Œ๋ž˜๊ทธ๋ฅผ ํš๋“ํ•˜์„ธ์š”. ํ”Œ๋ž˜๊ทธ ํ˜•์‹์€ DH{...} ์ž…๋‹ˆ๋‹ค. ๐Ÿ‘พ Exploit Algorithm & Payload > ./app.py ๋”๋ณด๊ธฐ #!/usr/bin/env python3 import subprocess from flask import Flask, request, render_template, redirect, url_for import string import os import hashlib app = Flask(__name__) try: FLAG = open("./flag.txt", "r").read() except: FLAG = "[**FLAG**]" KEY = hashlib.md5(FLAG.encode()).h.. 2024. 2. 25.
๋ฐ˜์‘ํ˜•

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”