Rating:

in this challenge, we're given an elf32 file which is not stripped. after seeing the disassembly it was very straightforward.

gets an input, applies some filters by strstr check, and then appends our input to "ping -c " and calls the system and uses the concatenated command as argument.

so it's basically bypassing some simple strstr checks to run command in bash and read the flag.

I found that it doesn't filter the pipe | character, and also its string (and not single character) checks could be bypassed like instead of cat, write "c""a""t".

and I used 2> /dev/null | "c""at" flag.txt as input and got the flag:

Welcome to our ping serivce
tell me what to ping
ping 2> /dev/null | "c""at" flag.txt
RaziCTF{!_jus7_w4nt3d _t0_h3lp}