Notice
Recent Posts
Recent Comments
Link
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | 11 | 12 | 13 | 14 |
15 | 16 | 17 | 18 | 19 | 20 | 21 |
22 | 23 | 24 | 25 | 26 | 27 | 28 |
29 | 30 |
Tags
- 백엔드개발자
- 프론트엔드개발자
- exploit
- PetitPotam
- 시스템해킹
- sql인젝션
- AD
- #whitespace #
- error 583066
- Index
- Mitre
- 랜섬웨어
- elasticsearch
- wargame
- node.js
- elk stack
- Threat Intelligence
- rce
- software
- SQLMap
- 정보보안
- ATT&CK
- filesystem
- 가이드라인
- #C언어 #연산자
- Credential Access
- pwnable
- windows
- forensic
- 침해사고
Archives
- Today
- Total
Plit00's Story
[Plaid CTF] 본문
try:
val = 0
inp = input("Input value: ")
count_digits = len(set(inp))
if count_digits <= 10: # Make sure it is a number
val = eval(inp)
else:
raise
if val == secret_value_for_password:
print(flag)
else:
print("Nope. Better luck next time.")
except:
print("Nope. No hacking.")
exit(1)
I thought that the flag was filtered, so I kept seeing it, but after a write-up I was devastated. When analyzing this source, I thought secret_value_password should be equal to or less than 10
so if you write long, you have to do it again next time, and even if you write it somewhat, "nope! Hacking" came out and guessing how filtering was done.
I was not able to solve it on time.
'Security > CTF ' 카테고리의 다른 글
DEFCON CTF Qualifier 2018 - Easy Pisy (0) | 2018.05.14 |
---|
Comments