Rating:
No Code - Web
We received a link and a source code of a web application.
It contains the POST /execution route.
Using regex, the code checks if the value at the beginning of our string is in the range of the ASCII characters. If so, it returns an error.
If it does not enter the if statement, it will run the code.
We can see that by forming a POST request and send our code, it returns an error because the characters are within the ASCII range.
However, by adding a newline (using its URL encoded value) at the beginning of our code, it passes the regex check and runs the code.
uoftctf{r3g3x_3p1c_f41L_XDDD}
