Notice
Recent Posts
Recent Comments
Link
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | 11 | 12 | 13 | 14 |
15 | 16 | 17 | 18 | 19 | 20 | 21 |
22 | 23 | 24 | 25 | 26 | 27 | 28 |
29 | 30 |
Tags
- filesystem
- wargame
- elasticsearch
- forensic
- 가이드라인
- elk stack
- 백엔드개발자
- Index
- Threat Intelligence
- software
- #C언어 #연산자
- AD
- pwnable
- rce
- ATT&CK
- #whitespace #
- Mitre
- sql인젝션
- PetitPotam
- 프론트엔드개발자
- 시스템해킹
- windows
- exploit
- 정보보안
- SQLMap
- error 583066
- Credential Access
- node.js
- 랜섬웨어
- 침해사고
Archives
- Today
- Total
Plit00's Story
[Plaid CTF] 본문
try:
val = 0
inp = input("Input value: ")
count_digits = len(set(inp))
if count_digits <= 10: # Make sure it is a number
val = eval(inp)
else:
raise
if val == secret_value_for_password:
print(flag)
else:
print("Nope. Better luck next time.")
except:
print("Nope. No hacking.")
exit(1)
I thought that the flag was filtered, so I kept seeing it, but after a write-up I was devastated. When analyzing this source, I thought secret_value_password should be equal to or less than 10
so if you write long, you have to do it again next time, and even if you write it somewhat, "nope! Hacking" came out and guessing how filtering was done.
I was not able to solve it on time.
'Security > CTF ' 카테고리의 다른 글
DEFCON CTF Qualifier 2018 - Easy Pisy (0) | 2018.05.14 |
---|
Comments