This is the write up for the Misc challenge “babybash” during the Junior CTF at the 34C3.
When connected to the box via netcat, you were presented with a babybash prompt.
threw an error message. It stated that illegal characters were used, and to run help
This printed the illegal characters:
and the hint to run /get_flag to retrieve the flag. The use of upper case letters was allowed, and therefore access to environment varaiables was possible. With clever use of the builtin substring feature in bash(1) the command could be assemble.
For solving the challenge I used the following variables: