20 lines
759 B
Plaintext
20 lines
759 B
Plaintext
source demo.sh
|
|
type "This is an interactive demo on how to solve this challenge.\n\n"
|
|
sleep 1
|
|
type "Note, that you can run the commands pre-typed for you by\
|
|
hitting ENTER (do it now to continue).\n"
|
|
wait
|
|
clear
|
|
type "The website on the right checks whether a user is an administrator\
|
|
or not by comparing the username to the string 'admin'.\n\n"
|
|
type "This is very bad practice, for several reasons\
|
|
(other than only allowing a single administrator account to exist).\
|
|
Let's see why:\n\n"
|
|
type "This is the non-free binary blob used by the website right here:\n"
|
|
execute 'file $(realpath strcmp.out)'
|
|
sleep 2
|
|
type "\nThis executable seems to compare strings. Badly:\n"
|
|
execute './strcmp.out cats cats'
|
|
execute './strcmp.out cat cats'
|
|
|