Tags: misc easy sh
Rating: 2.0
run this code for get flag or search on execution of any sh command or file
import re
import subprocess
import os
import blogdef solve(file_path, search="DUCTF"):
command=""
if not os.path.isfile(file_path):
command=file_path
else:
# Read the command from the file
with open(file_path, 'r') as file:
command = file.read().strip()
# Append commands to save output to temp.sh and run strings on it
full_command = f"{command} > temp.sh && chmod +x temp.sh && strings temp.sh"
# Execute the full command and capture the output
result = subprocess.run(full_command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)# Combine stdout and stderr to cover all output
combined_output = result.stdout + result.stderr
results=[]
# Search for the search string in the command output
for line in combined_output.splitlines() :
if search in line:
results.append(line)
if len(results)==0:
return f"Flag containing '{search}' not found in the command output."
else:
for x in results:
print(x)if __name__ == "__main__" :
# Example usage search on any command or execute of sh file
command = blog.set("curl -sL https://pastebin.com/raw/ysYcKmbu | base64 -d",1)
search = blog.set("DUCTF",2)print(solve(command,search))
