To comply with the write-up rule of root-me.org, in this write-up, I just listed hints related this challenge. Here is no solution and correct answer. I ask for your understanding.
<Source code>
#!/usr/bin/python2
import sys
def youLose():
print "Try again ;-)"
sys.exit(1)
try:
p = input("Please enter password : ")
except:
youLose()
with open(".passwd") as f:
passwd = f.readline().strip()
try:
if (p == int(passwd)):
print "Well done ! You can validate with this password !"
except:
youLose()
import sys
def youLose():
print "Try again ;-)"
sys.exit(1)
try:
p = input("Please enter password : ")
except:
youLose()
with open(".passwd") as f:
passwd = f.readline().strip()
try:
if (p == int(passwd)):
print "Well done ! You can validate with this password !"
except:
youLose()
In this source code, there is "input()" function. It has a critical vulnerability, The post I wrote before about "input()" function maybe helps you.
Using this vulnerability can result in a number of cases. I could get the flags without satisfying the condition of the if statement.