Skip to content

Latest commit

 

History

History

chess portal

Folders and files

NameName
Last commit message
Last commit date

parent directory

..

public

public

 
 

setup

setup

 
 

sol

sol

 
 

README.md

README.md

 
 

docker-build.sh

docker-build.sh

 
 

docker-run.sh

docker-run.sh

 
 

README.md

Chess Portal

Category: pwn

Author: R3D

Description

We've created a chess portal for our developers. This seemed to be working perfectly up until now. A Soviet spy claims to have hacked our portal and stolen sensitive information. Being a hacker yourself, can you help us figure out where we went wrong?

Points

N/A

Solution

Reveal Spoiler

Vulnerability

  1. Identify what you are allowed to execute and what not.
  2. Bypass restrictions (blacklisting).
  3. Escape python jail.

A solution that performs the above steps is provided in sol.py