To recap, we now have a session cookie and a Flask secret key. Hardcoded in login.py and is LOLOLOL_I_Am_So_Secret! We also can see that Flask is the web framework Reading through the strings output we see something that should catch our eye.
Strings provides the following output: ] $ strings login.pyc A tool like Uncompyle2 works well.īefore going through the effort of decompiling, we'll 'strings' the binary as a first step (as we usually Given that python is a high level language that gets compiled toīytecode (which doesn't protect the code) we can nearly fully decompile the. eJw9zsFrgzAYBfB_ZeS8g8YNOmGHjlix8H1BSSPJpWjVxmjK6DrUlP7vkw12eJf34Me7k91YnUl8J081iUkeGNbSfKpt06EoKISbECgu4Juu8viKcjPX49pFe7qm03b3BV6-kcczOfbNv6PZOeAsCzQbPPqmR6cicEmEFiYupFNl4bhAowT24LTRpTSrM6JVlItDoMRHz9PCoZNG262HtBg4KwywjIJPFqAJ1evKxXYCdqLIkhCYNJztR21PCwr4c-xhRpG96FLN2jY92CHSJY5IccA0j7SD99_3Hhz13PR-1元7NFSfeotkV0DUĪs we continue to gather information, we go back to the challenge page where we see a server binary is We also take a look at the document cookies in order to get a better understanding of the system as aĬhecking the sites cookies, we find the following: session.
As a result this leads us to believe the site is not injectable or vulnerable to XSS (though we There are no input boxes or query string parameters in Up of nothing but a little css super mario game. When we visit the provided website and login using the given credentials we see that the website is made
0 kommentar(er)
