Link : http://zumbo-8ac445b1.ctf.bsidessf.net/index.template
View source code we will see server.py file which contents :
import flask, sys, os
import requestsapp = flask.Flask(__name__)
counter = 12345672@app.route(‘/’)
def custom_page(page):
if page == ‘favicon.ico’: return ”
global counter
counter += 1
try:
template = open(page).read()
except Exception as e:
template = str(e)
template += “\n\n” % (page, __file__)
return flask.render_template_string(template, name=’test’, counter=counter);@app.route(‘/’)
def home():
return flask.redirect(‘/index.template’);if __name__ == ‘__main__’:
flag1 = ‘FLAG: FIRST_FLAG_WASNT_HARD’
with open(‘/flag’) as f:
flag2 = f.read()
flag3 = requests.get(‘http://vault:8080/flag’).textprint “Ready set go!”
sys.stdout.flush()
app.run(host=”0.0.0.0″)
and flag1 = FLAG: FIRST_FLAG_WASNT_HARD -> yup this is what i need
Home 