Home > OS >  The web type ctf problem includes node and python
The web type ctf problem includes node and python

Time:09-13

I am playing with the web type of ctf Questions are as follows

<?php
if(!isset($_FILES["file"]))
    highlight_file(__file__) && die();
$flag = file_get_contents('/flag');
$node = @`node {$_FILES["file"]["tmp_name"]} 2>&1`;
$python = @`python3 {$_FILES["file"]["tmp_name"]} 2>&1`;
if($flag === $node && $flag === $python)
    echo 'Here is your Flag: '.$flag;
else
    echo 'Fail :(';                                         ?>

According to program logic, I uploaded two files I wrote using postman form-data, They are test.js and test.py respectively, I want to get the flag file content in the script and compare it with the $flag variable, But I can't get the $node variable and the $python variable to be true at the same time, I can't get the flag, ask for help

CodePudding user response:

It looks to me like you need a single file that parses as valid JS and valid Python at the same time.

Here's the same code twice with Python and Javascript syntax highlighting:

Python

a = 1 // 1 ; b = '''

// Put your Javascript code here.
// Python will just assign it to a string variable
console.log('Javascript running here');

/* '''

# Put your Python code here. Javascript will ignore it
# because it's inside a comment
print('Python running here')

# */

Javascript

a = 1 // 1 ; b = '''

// Put your Javascript code here.
// Python will just assign it to a string variable
console.log('Javascript running here');

/* '''

# Put your Python code here. Javascript will ignore it
# because it's inside a comment
print('Python running here')

# */

Page link:https//www.codepudding.com/os/542525.html

Prev:How to get ID of the first table in a join table
Next:Check if the email template really exists in SendGrid before sending the email
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding