Misc

Details This is my solution for the Real Baby Ruby challenge from DownUnderCTF 2023. It is overcomplicated but I find it interesting. The challenge was a ruby jail, with the following code: while input = STDIN.gets.chomp do eval input if input.size < 5 && input !~ /`|%/ end If you want the intended solution, here is the author’s writeup: Writeup Solution Limitation We are limited to 4-character ruby commands, and we can’t use the following characters: ` % The first iteration of this challenge didn’t have the character limitation and was easily solved with `sh`. ...

Challenge files HERE Details This is a challenge I created for TFCCTF 2022 and my intended solution. Description We managed to get access to the source code but we got disconnected before being able to download all of it. There has to be a way to get it… Solution If you play around with the application you’ll get a few prompts Enter your name: Bob What would you like to do? 1. Check balance 2. Work 3. Buy hint ($30) 4. Buy flag ($1337) 5. Exit >>> [INPUT] Shows your current balance Work and get money. You can only work 6 times and each time you get between $5 and $10 Prints a useless string for $30 Prints the flag if you have $1337 Exits After looking at main.py, one can see the lines ...