Bash injection without letters or numbers - 33c3ctf hohoho (misc 350)

The biggest twist of the whole video is that 11 other teams managed to solve it.

That is the most dope ctf challenge i think i've ever seen, well done

damn... I can follow what you're saying but I'd never have figured it out

That was insane. Some of these challenges are hugely complicated.

I stumbled upon this video while looking for a way to inject into a bash shell without using /lowercase/ letters (uppercase okay), but you seem to have blown that out of the water. Good job. That ö function is genius.

“What language did you use to write the solution?” “German”

Hahahaha amazing! The people that write these CTFs are insane

LiverOverFlow god mode activated

Damn, I've learnt so much from one 11 mins. video :O

The part of constructing the ascii characters by using numbers created with the amount of parameters was genius!!

Nicely done... this is one more proof that the arbitration between convenience and security is not easy.

Damn, that's really really interesting. I would've never thought about that, but I can pretty much follow what you're saying (idk a lot about Bash escape sequences and Bash in general tbh), but as you revealed each part, with the filenames, getting numbers, and getting letters, it was so interesting.

I have never smiled so much while watching a video online. BRAVO!

Damn, this was creative af hahaha. Even though I barely know any bash, this was very interesting to watch. Oh, and congrats on solving it :D

That is very clever. You essentially convert from bijective base 1 -> digits in base 8 -> ascii string. And all of this stemmed from noticing a single error when you were entering whether you were naughty or nice.

I thought I knew Linux but clearly I have so much more to learn . Well done

Well done. Reminds me in "JSFuck"

That was pure genius.... and drunk bash devs

I'm a noob linux user... just learned a whole lot more about my shell haha.
amazing!

That was insane! Very cool process!

Totally forgot about the * in bash, nice work here

This is the dopest injection I have ever seen, god, that's incredible work

this looked like it was really fun to solve.
nicely done.

That is incredibly genius. Wish I could’ve taken part in that!

Man you should be proud !! Thats amazing work . Btw how experience are those guys which wrote the CTF , are they machines :D?

Very cool. Wasn't following for a while but then you made it make sense. Thanks!

wow, what an amzing and unique ctf

0:55 club mate konsum ist stabil wie man sieht 👍

Knowing about jsfuck and Church encoding, I knew what to expect from the video title. Still learned a few things.

this really makes me want to go to a ctf
if i could talk to people that is

4:10 running zsh lmao

3:10
Oh I got it. You have to use a fork bomb ;)
In all seriousness I guessed using those fancy escape strings right when I saw it so like yay

This is what true madlads do.

This made realize how dumb I'm and freaking slow my brain is :(

Redstar OS, u are a genius

Brilliant!

You did it. You made SHFuck.

me reaching 9:30 and realising what you'd done: YOU MAD LADS !

beautiful!

This was super smart! wow!

this blow my mind, never see this before in my life...thanks bro

Holy fuck... you and your teammates are insane, I love this

Amazing solution! I would never have figured that out! Any good resources on that topic to learn more about it? Kinda got hooked on the idea

well done

The letter ä is also used in Finnish
Edit: and obviously ö

Man this is brilliant!!

what the fuck the shell expansion fuckery was amazing

damn with all those drinks on-site, LiveOverflow is basically the fucking demoman from team fortress 2

that was amazing...great work indeed

pure beauty

I'm wondering if there is always just this one solution to finding the flag?

Reminds me to the programming language called "brain fuck".
Great job, TNX for sharing your experience.

i saw the Mate there, i really germany just cuz of that drink xD

Hi, are you planning to do some reversing on windows executables?
Great video, as always.

Unbelievable!

picoCTF 2024 is doing something really similar to this right now, and I cannot figure it out.

amazing!
I have a question that :
how did you knew that the name of the script that ran the /flag file was named "get_flag".
besides, how did you knew that the %s in this "get_flag" file can be provided as a program terminal argument?
Thanks a lot for the videos!
I r34lly appreciate your work!

That's such a difficult ctf

Wow! God work!

Incredible work :)

Amazing!!! Just mind blowing. One thing i would like to ask, couldn't you use "_" and "__" as function names instead of those German characters?

3:54 redstar-os

Mind blown.

How can you ever dislike this video?

omg! what a player!

This was awesome.

"ä and ö" xD lachflash

The best video.... thanks

As special characters are allowed (mentioned in the video) a non german could also have used characters like / and _
I had to use ???nt? instead of ???n?? because it was expanding to:
/???/???/???n??
/usr/bin/printf /usr/bin/telnet /usr/lib/kernel
here is the function definition for /
/() { /???/???/???nt? ${@}; }
/ hey
hey
Love the approach :D

Hey LiveOverflow, off-topic question: What color theme is that in the terminal?

Mind blowing

insane

Great challange. Any chance to setup this chalange on my own? Are these CTFs open after the challange?

mind blowned 🙃🙃

That's actually fucking genius

Great one.

Amazing

In what way is this going to be useful in everyday life?

Holy hell that's clever.

i wasnt sure up until now after watching some random videos of yours, but now im pretty sure you're german ^^ anyway, great solution to sth i would have given up after 10 minutes xD

It reminds me of the time when I was stuck with a single PC that would not boot properly (only text mode kinda worked) and the system had only one localisation (I was/am a linux noob and didn't know how to fix that) so I wasn't able to do some characters at all and I had to use a similar workaround to use these characters (I think it was % and maybe something else) just so I could wget and dd an .iso file to my usb flashdrive to chroot into the system and do the stuff I needed to.

Sorry my English. My dream is to be like you, I really want to learn what you know, but I do not know where to start. Can you help me where to start?

hmm.....u guys crazy lah

very cool....
I missed the cingress this time :-(

I haven't ctfed in a while, but I

wow, awesome!

I'm surprised Unicode characters were allowed through, how were they doing the filtering?

[GERMAN]
Ich denke mit eurer ersten Reaktion auf das Rätsel wart ihr schon ganz richtig ich hätte auch instant äh öh gesagt....
[ENGLISH]
I think with your first reaction to the riddle you were quite right I would have said "äh öh" (German for huh?, Wait what?) immediately ...

YES 3B1B

around the 6 min mark how do you make your screen show some char in purple and the other chars in white?

Delitefully devilish seimor

omg that's insane

Wie einfach alle Club Mate konsumieren! xD

this dude is using redstar os. wow

3blue1brown ❤️

Can't you extract the password with a bunch of var=${ü#*NULL CHARACTER} or similar? Start with ü="$(that cat command you used to find it)"

crazy

just wow

Satisfactory is an actual game

ä (å too) and ö is also used in nordic languages such as Swedish