write-ups-challenges-2020-2021/ruby_challenge/ruby_challenge.rb

#!/bin/env ruby
require 'cgi'

## Ruby metaprogramming challenge
#
# Remember CGI scripts?

flag = 'IGCTF{de056a6b-c4e2-4e21-8c2c-ccdac5340c6d}'

cgi = CGI.new

method = cgi['method']
args = cgi.params['args']

cgi.out { <<-HTML }
<style>
  head,title {
    display: block;
    font-family: monospace;
  }
  title {
    font-size: 32pt;
  }
  pre {
    display: none;
  }
</style>
<title>Challenge</title>
<pre>
#{
if method && !method.empty?
  unless %w(system send eval public_send exec instance_eval).include? method
    Object.new.send(method, *args)
  end
end
}
#{
open(__FILE__) do |f|
  CGI.escapeHTML(f.read.gsub(flag, 'FLAGGY_WAGGY_UWU'))
end
}
</pre>
HTML
initial commit 2022-11-24 17:03:20 +00:00			`#!/bin/env ruby`
			`require 'cgi'`

			`## Ruby metaprogramming challenge`
			`#`
			`# Remember CGI scripts?`

			`flag = 'IGCTF{de056a6b-c4e2-4e21-8c2c-ccdac5340c6d}'`

			`cgi = CGI.new`

			`method = cgi['method']`
			`args = cgi.params['args']`

			`cgi.out { <<-HTML }`
			`<style>`
			`head,title {`
			`display: block;`
			`font-family: monospace;`
			`}`
			`title {`
			`font-size: 32pt;`
			`}`
			`pre {`
			`display: none;`
			`}`
			`</style>`
			`<title>Challenge</title>`
			`<pre>`
			`#{`
			`if method && !method.empty?`
			`unless %w(system send eval public_send exec instance_eval).include? method`
			`Object.new.send(method, *args)`
			`end`
			`end`
			`}`
			`#{`
			`open(__FILE__) do \|f\|`
			`CGI.escapeHTML(f.read.gsub(flag, 'FLAGGY_WAGGY_UWU'))`
			`end`
			`}`
			`</pre>`
			`HTML`