HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #105
From team Stealth Assassin
New advisory by : thaidn
Affected service(s): Goferdee
Severity [lmh] : high
===== Problem =====
"dir" command save a list of files inside /service/ICANHASGOFERDEE to the 'listing' file. By keep issuing dir command and monitor the content of the 'listing' file, attacker can find out the new added flag file from the score server to retreive the flag.
===== Impact =====
===== Fix =====
--
Disable dir command for a quick fix
--- goferdee.lol.old 1970-00-00 00:00:00.000000000 -0600
+++ goferdee.lol 1970-00-00 00:00:00.000000000 -0600
@@ -20,11 +20,11 @@
IZ inputz SORTA "^dir$" O RLY?
YA RLY
I HAS A cmd ITZ "." N "/" N "ls >" N "listing"
- TIKLE cmd
+ BTW TIKLE cmd
VISIBLE "0Directory listing\tlisting\t127.0.0.1\t7000"
VISIBLE "."
Rating
[1] correct, but empty impact section