Instantly share code, notes, and snippets.

Embed
What would you like to do?
module PrisonBreak
class Visit
attr_accessor :free_prisoner
attr_reader :prison, :payload
DISABLED_SYMBOLS = %w{, ` ( ? ! + <<}
DISABLED_WORDS = %w{send eval system exec popen rm puts require new load create file include free call push concat irb }
GUARD_RE = Regexp.new((DISABLED_SYMBOLS + DISABLED_WORDS).map {|i| Regexp.escape(i) }.join('|'))
def initialize(prison, payload)
@prison = prison
@payload = payload
end
def secure?
if !GUARD_RE.match(payload).nil?
raise "Unpermitted item: #{Regexp.last_match(0)}"
end
true
end
def perform
instance_eval(payload)
end
end
class Prison
def initialize
@cells = {
11 => ['Edmond Dantès'],
22 => ['Henri Charrière'],
33 => ['Michael Scofield']
}.freeze
end
def empty_cell?
cells.values.any? &:empty?
end
private
attr_reader :cells
def unlock(cell, password, guest)
if password == 'secret'
guest.free_prisoner = cells[cell].shift
end
end
end
end
def test(payload)
prison = PrisonBreak::Prison.new
visit = PrisonBreak::Visit.new(prison, payload) # <= your payload goes here
visit.perform if visit.secure?
prison.empty_cell? && !visit.free_prisoner.nil?
end
def perform_test
file = File.read "payload.rb"
puts "success: #{test file} #{file.length }"
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment