You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: level04/resources/How.md
+1-1
Original file line number
Diff line number
Diff line change
@@ -19,7 +19,7 @@ sub x {
19
19
}
20
20
x(param("x"));
21
21
```
22
-
**sub x**define a subroutine. In it, there's a variable **y** that takes the value of the first argument of the function. The back ticks mean for **print** that it has to execute the shell command `echo $y 2>&1` instead of print `echo $y 2>&1`. So we can conclude that **y** aka the first param will be executed. So the idea in this case is to pass `getflag` as argument to the **x** subroutine. To do so, we'll use that command:
22
+
**sub x**defines a subroutine. In it, there's a variable **y** that takes the value of the first argument of the function. The back ticks mean for **print** that it has to execute the shell command `echo $y 2>&1` instead of print `echo $y 2>&1`. So we can conclude that **y** aka the first param will be executed. So the idea in this case is to pass `getflag` as argument to the **x** subroutine. To do so, we'll use that command:
23
23
24
24
`curl 'localhost:4747?x=$(getflag)'` gives us **`ne2searoevaevoem4ov4ar8ap`**
0 commit comments