From 08ac997abc3c404616a97cfac412fd2fada15ad4 Mon Sep 17 00:00:00 2001 From: Yan Date: Sat, 25 Jan 2025 19:43:43 -0700 Subject: [PATCH] cmdi-touch variants --- web-security/cmdi-touch-blind/_0/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_1/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_10/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_11/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_12/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_13/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_14/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_15/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_2/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_3/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_4/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_5/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_6/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_7/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_8/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/_9/server | 39 ++++++++++++++++++++++++ web-security/cmdi-touch-blind/server | 35 --------------------- web-security/module.yml | 4 +++ 18 files changed, 628 insertions(+), 35 deletions(-) create mode 100755 web-security/cmdi-touch-blind/_0/server create mode 100755 web-security/cmdi-touch-blind/_1/server create mode 100755 web-security/cmdi-touch-blind/_10/server create mode 100755 web-security/cmdi-touch-blind/_11/server create mode 100755 web-security/cmdi-touch-blind/_12/server create mode 100755 web-security/cmdi-touch-blind/_13/server create mode 100755 web-security/cmdi-touch-blind/_14/server create mode 100755 web-security/cmdi-touch-blind/_15/server create mode 100755 web-security/cmdi-touch-blind/_2/server create mode 100755 web-security/cmdi-touch-blind/_3/server create mode 100755 web-security/cmdi-touch-blind/_4/server create mode 100755 web-security/cmdi-touch-blind/_5/server create mode 100755 web-security/cmdi-touch-blind/_6/server create mode 100755 web-security/cmdi-touch-blind/_7/server create mode 100755 web-security/cmdi-touch-blind/_8/server create mode 100755 web-security/cmdi-touch-blind/_9/server delete mode 100755 web-security/cmdi-touch-blind/server diff --git a/web-security/cmdi-touch-blind/_0/server b/web-security/cmdi-touch-blind/_0/server new file mode 100755 index 00000000..60903fd1 --- /dev/null +++ b/web-security/cmdi-touch-blind/_0/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/task", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("full-path", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_1/server b/web-security/cmdi-touch-blind/_1/server new file mode 100755 index 00000000..bc661507 --- /dev/null +++ b/web-security/cmdi-touch-blind/_1/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/initiative", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-dest", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_10/server b/web-security/cmdi-touch-blind/_10/server new file mode 100755 index 00000000..72bdbd04 --- /dev/null +++ b/web-security/cmdi-touch-blind/_10/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/exercise", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-pathname", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_11/server b/web-security/cmdi-touch-blind/_11/server new file mode 100755 index 00000000..a6f6c28b --- /dev/null +++ b/web-security/cmdi-touch-blind/_11/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/competition", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-name", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_12/server b/web-security/cmdi-touch-blind/_12/server new file mode 100755 index 00000000..3cb1aa2b --- /dev/null +++ b/web-security/cmdi-touch-blind/_12/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/goal", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-or-directory", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_13/server b/web-security/cmdi-touch-blind/_13/server new file mode 100755 index 00000000..554bbcb3 --- /dev/null +++ b/web-security/cmdi-touch-blind/_13/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/quest", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-name", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_14/server b/web-security/cmdi-touch-blind/_14/server new file mode 100755 index 00000000..39b71147 --- /dev/null +++ b/web-security/cmdi-touch-blind/_14/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/task", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-or-dir", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_15/server b/web-security/cmdi-touch-blind/_15/server new file mode 100755 index 00000000..04f05adb --- /dev/null +++ b/web-security/cmdi-touch-blind/_15/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/mission", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-dest", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_2/server b/web-security/cmdi-touch-blind/_2/server new file mode 100755 index 00000000..29b7e0d4 --- /dev/null +++ b/web-security/cmdi-touch-blind/_2/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/level", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("filename", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_3/server b/web-security/cmdi-touch-blind/_3/server new file mode 100755 index 00000000..c91e2b7a --- /dev/null +++ b/web-security/cmdi-touch-blind/_3/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/test", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-or-dir", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_4/server b/web-security/cmdi-touch-blind/_4/server new file mode 100755 index 00000000..03b046a6 --- /dev/null +++ b/web-security/cmdi-touch-blind/_4/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/task", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("output-file", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_5/server b/web-security/cmdi-touch-blind/_5/server new file mode 100755 index 00000000..1c65589b --- /dev/null +++ b/web-security/cmdi-touch-blind/_5/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/resource", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-or-directory", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_6/server b/web-security/cmdi-touch-blind/_6/server new file mode 100755 index 00000000..40701e6a --- /dev/null +++ b/web-security/cmdi-touch-blind/_6/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/quest", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("file-dest", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_7/server b/web-security/cmdi-touch-blind/_7/server new file mode 100755 index 00000000..d48419c0 --- /dev/null +++ b/web-security/cmdi-touch-blind/_7/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/dare", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("filename", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_8/server b/web-security/cmdi-touch-blind/_8/server new file mode 100755 index 00000000..784ce264 --- /dev/null +++ b/web-security/cmdi-touch-blind/_8/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/puzzle", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("the-file", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/_9/server b/web-security/cmdi-touch-blind/_9/server new file mode 100755 index 00000000..41aeae0a --- /dev/null +++ b/web-security/cmdi-touch-blind/_9/server @@ -0,0 +1,39 @@ +#!/opt/pwn.college/python + +import subprocess +import flask +import os + +app = flask.Flask(__name__) + + +@app.route("/goal", methods=["GET"]) +def challenge(): + arg = flask.request.args.get("filepath", "/challenge/PWN") + command = f"touch {arg}" + + print(f"DEBUG: {command=}") + result = subprocess.run( + command, # the command to run + shell=True, # use the shell to run this command + stdout=subprocess.PIPE, # capture the standard output + stderr=subprocess.STDOUT, # 2>&1 + encoding="latin", # capture the resulting output as text + ).stdout + + return f""" + + Welcome to the touch service! Please choose a file to touch: +
+
+ Output of {command}:
+ 
{result}
+ + """ + + +os.setuid(os.geteuid()) +os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +app.secret_key = os.urandom(8) +app.config["SERVER_NAME"] = f"challenge.localhost:80" +app.run("challenge.localhost", 80) diff --git a/web-security/cmdi-touch-blind/server b/web-security/cmdi-touch-blind/server deleted file mode 100755 index 6c3547a3..00000000 --- a/web-security/cmdi-touch-blind/server +++ /dev/null @@ -1,35 +0,0 @@ -#!/opt/pwn.college/python - -import subprocess -import flask -import os - -app = flask.Flask(__name__) - -@app.route("/", methods=["GET", "POST"]) -def challenge(): - filepath = flask.request.args.get("filepath", "/challenge") - command = f"touch {filepath}" - print(f"DEBUG: {command=}") - subprocess.run( - command, # the command to run - shell=True, # use the shell to run this command - stdout=subprocess.PIPE, # capture the standard output - stderr=subprocess.STDOUT, # 2>&1 - encoding="latin" # capture the resulting output as text - ) - - return f""" - - Welcome to the touch service! Please choose a file to touch: -
-
- Ran the command: touch {filepath} - - """ - -os.setuid(os.geteuid()) -os.environ["PATH"] = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -app.secret_key = os.urandom(8) -app.config['SERVER_NAME'] = f"challenge.localhost:80" -app.run("challenge.localhost", 80) diff --git a/web-security/module.yml b/web-security/module.yml index f7cde656..6cb01aed 100644 --- a/web-security/module.yml +++ b/web-security/module.yml @@ -45,6 +45,10 @@ challenges: variants: 16 - id: cmdi-touch-blind name: CMDi 5 + auxiliary: + pwnshop: + challenge: CommandInjectionTouch + variants: 16 - id: cmdi-ls-filter name: CMDi 6 auxiliary: