HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #67
From team squareroots
New advisory by : manager
Affected service(s): CGIBAS
Severity [lmh] : high
===== Problem =====
Uploading .bas file to the repository and executing them via inclusion in index.bas allows execution of arbitrary basic code.
The command "foo" of the cgibas-interpreter allows to execute arbitrary shell code.
===== Impact =====
System access with www-data user
===== Fix =====
change internal foo in /usr/bin/cgibas.pl to e.g.
sub internal_foo {
return "narg";
}
Rating
[3] very nice