UIUCTF 2020: Bot Protection IV
In this challenge, we have a website with captcha. Base on the question, we need to solve 500 captcha within 10 minutes. Very easy right?...
In this challenge, we have a website with captcha. Base on the question, we need to solve 500 captcha within 10 minutes. Very easy right?...
Update: It was assigned as CVE-2020-14343 after the contest. This was a fun challenge exploiting a deserialize service in Python. The server is using pyYAML and Flask, with the source code below: from flask import Flask, session, request, make_response import yaml import re import os app = Flask(__name__) app.secret_key = os.urandom(16) @app.route('/', methods=["POST"]) def pwnme(): if not re.fullmatch(b"^[\n --/-\]a-}]*$", request.data, flags=re.MULTILINE): return "Nice try!", 400 return yaml.load(request.data) if __name__ == '__main__': app....
Challenge Summary Tom Nook is testing a new encryption scheme for nookphones, but it seems to be a bit faulty... can you break it? nookcrypt is a netcat service that have no source code released. There are two functions exposed: Gets an encrypted copy of the flag (and the message hello world). Encrypts an arbitrary message. For example, this is what I had when trying out the options:...