Easy Pisy - Crypto , Web
you will see
Sign your payload and
Execute your signed payload two file upload service.
This challenge gives a
samples.tgz file for example, showing how this service work.
First service : Server will Recognized pdf input via OCR and sign (by openssl_sign($data, $signature, $privkey), but it will reject to sign on EXECUTE command)
Second one : Give the signed value and pdf, this service will execute the command(extracted by ocr) if the signed verify.
- list of directory
We found that
openssl_sign($data, $signature, $privkey), this function will sha1(data) before signing.
Therefore, draw two command on picture,and put them into the pdf, Google released last year, to get two pdf with sha1 collision
send the picutre 1 (without EXECUTE) to first service to get the signature
pass this signature and sha1-collision pdf ( with EXECUTE cat < flag) to get the flag.