- Status: Concluded
- Start date: 2021-11-20
- End date: 2021-11-29
- Parts: 4
This is all the information on how to solve the ARG revolving Toontown Rewritten's Field Offices update.
Twisted_Code macks2008
Untrusted-Game
/ untrusted-lvl11-solution.js
Created
January 24, 2021 03:32
Solution to level 11 in Untrusted: http://alex.nisnevich.com/untrusted/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * robot.js | |
| * | |
| * You'll need three keys in order to unlock the | |
| * Algorithm: the red key, the green key, and the | |
| * blue key. Unfortunately, all three of them are | |
| * behind human-proof barriers. | |
| * | |
| * The plan is simple: reprogram the maintenance | |
| * robots to grab the key and bring it through |
darkhappy
/ ARG-Field-Offices.md
Last active
December 3, 2021 17:32
Toontown Rewritten - Cog Field Offices ARG
Log4J has a feature called Java Naming and Directory Interface (shortened to JNDI in this document), which allows a Java program to reach out to an external source to gather data.
If you put a section of text containing ${jndi:query} into the log, the Log4J library will try to resolve the query.
This can be combined with the Lightweight Directory Access Protocol (LDAP) to connect to a remote server.
However, because JNDI is built for retrieving data, and JNDI is a Java program, if you put a JNDI query using LDAP into a log, it will connect to the given site, download a file, and then execute it.
This is called Remote Code Execution.
If you're reading this, you probably suggested to somebody that a particular technical problem could be solved with a blockchain.
Blockchains aren't a desirable thing; they're defined by having trustless consensus, which necessarily has to involve some form of costly signaling to work; that's what prevents attacks like sybil attacks.
In other words: blockchains must be expensive to operate, to work effectively. This makes it a last-resort solution, when you truly have no other options available for solving your problem; in almost every case you want a cheaper and less complex solution than a blockchain.
In particular, if your usecase is commercial, then you do not need or want trustless consensus. This especially includes usecases like supply chain tracking, ticketing, and so on. The whole *p
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Compiled source # | |
| ################### | |
| *.com | |
| *.class | |
| *.dll | |
| *.exe | |
| *.o | |
| *.so | |
| # Packages # |
OlderNewer