Created
December 24, 2023 23:55
-
-
Save xryuseix/217286e00e27bd3ed10239345add4481 to your computer and use it in GitHub Desktop.
seccon ep 2023 ctf4b workshop web1 problem4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { ChallRes } from "./types.ts"; | |
| import { getFlag } from "./flags.ts"; | |
| import { Form, FormFile } from "https://deno.land/x/[email protected]/mod.ts"; | |
| import { join } from "https://deno.land/[email protected]/path/mod.ts"; | |
| const getFilename = (image: FormFile | FormFile[]) => { | |
| if (Array.isArray(image)) { | |
| // Case for FormFile[] | |
| return image.map((file) => file.filename); | |
| } else { | |
| // Case for FormFile | |
| return [image.filename]; | |
| } | |
| }; | |
| const doNotPathTraversal = (filename: string[]) => { | |
| const myReplace = (str: string) => { | |
| while (str.includes("../")) { | |
| str = str.replaceAll("../", ""); | |
| } | |
| return str; | |
| }; | |
| return filename.map((file) => myReplace(file)); | |
| }; | |
| export function chall4(req: Form): ChallRes { | |
| const filename = getFilename(req.files.image); | |
| const safeFilename = doNotPathTraversal(filename); | |
| const savePath = join("public", "images", ...safeFilename); | |
| // TODO: implement file saving | |
| // Deno.writeFileSync(savePath, req.files.image.content); | |
| if (savePath === "../etc/passwd") { | |
| return { flag: getFlag("chall4"), message: "okay...nice hacking!" }; | |
| } else { | |
| return { error: `OK! savePath -> ${savePath}` }; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment