We launched a new service today. It’s called ENOJAIL™ and gives the user access to an unlimited IPython shell. Sadly, management decided we need to leave our valuable flag.txt on the server, so naturally, engineering had to lock it back down a bit. But we are sure you will still enjoy all of the possibilities, such as.. Calculating 5/5 fully interactively, evaluating ‘1’, and so much more! What’s going on?...
Give me a sign for the magic words and the flag is yours. What’s going on? This service is using gmp, a library for arbitrary precision arithmetic in C. A brief code explanation: The target string is created by appending magic words in a random order. We’re told that string and asked for its signature. A simple modular exponentiation is performed ($m \equiv sig^3 \pmod n$) m is converted to a string and compared against our previous target string using strcmp....
My brother went to NullCon and all I got was this lousy number. He was supposed to bring me a picture of the flag. So let me shout out to the Swarm. Maybe they can help. The solution Convert the number to binary, paste it in an editor with line-wrap enabled and play around with the window size until you see the flag show up. The first line of thought we followed for solving this challenge was that the number might be the raw binary data of a picture....
Online LaTeX editors are quite famous now, but are the associated risks as well? Hint: The flag is at /FLAG. What’s going on? We have this website, which compiles LaTeX code from the text area and executes it on a remote server. If the syntax is valid, a link with the compiled PDF appears on the website. The solution We googled LaTeX command injection and we found out this interesting website, which shows some ways to do command injection....