Skip to content

Kringle Kiosk

Location: Castle Approach

Introduction

Welcome to our castle, we're so glad to have you with us!
Come and browse the kiosk; though our app's a bit suspicious.
Poke around, try running bash, please try to come discover,
Need our devs who made our app pull/patch to help recover?

Escape the menu by launching /bin/bash

Press enter to continue...

Capture of Kringle Kiosk

Hint

See Command Injection

Solution

All of the options on the menu were explored to see what they did before determining that "4. Print Name Badge" accepted user input.

It was determined that there was no input validation and that the menu option was probably running the command cowsay whatever_was_typed or should that be reindeersay.

In bash it is possible to run a command one after another on a single line using either ; or &&. In the former case it does not matter if the previous command works or not but for the latter the command must succeed or the second command will not run.

In this case, the solution is either something ; /bin/bash or something && /bin/bash.

Answer

something ; /bin/bash or something && /bin/bash