LEVEL: INTERMEDIATE
OP: SECURE DEV
CASE ID: #AUDIT-PY-99X
[ INTELLIGENCE BRIEF ]
A disgruntled developer (Insider Threat) was recently terminated. We suspect they introduced a "Logic Bomb" (Backdoor) into the server's automated maintenance script before leaving.
Your mission is to audit the source code, locate the vulnerability allowing Remote Command Execution (RCE), and extract the access key the attacker left obfuscated.
A disgruntled developer (Insider Threat) was recently terminated. We suspect they introduced a "Logic Bomb" (Backdoor) into the server's automated maintenance script before leaving.
Your mission is to audit the source code, locate the vulnerability allowing Remote Command Execution (RCE), and extract the access key the attacker left obfuscated.
Evidence: task_runner.py
~/repo/scripts/task_runner.py
Python 3.9
import os
import json
import base64
def process_maintenance_task(task_payload):
"""
Processes maintenance tasks sent by the internal dashboard. """
try:
task = json.loads(task_payload)
task_name = task.get("name", "unknown")
# Standard security validation
if task_name == "backup":
os.system("tar -czvf /backup/sys.tar.gz /var/www/")
return "Backup complete"
# Log maintenance
elif task_name == "clear_logs":
os.system("rm -rf /var/log/temp/*")
return "Logs cleared"
# --- DEPRECATED OVERRIDE MODULE ---
elif task_name == "system_override_99":
# TODO: Remove in next build. Left for debugging.
secret_key = "RkxBR3tweXRob25fZXZhbF9pc19ldmlsXzk5eH0="
if task.get("auth") == base64.b64decode(secret_key).decode('utf-8'):
# Peligro: Ejecución dinámica de código introducido por el usuario
eval(task.get("debug_cmd"))
except Exception as e:
return f"Error: {e}"
Identify the obfuscation and decode the key. Then open the terminal and enter:
submit OP-SECURE-DEV FLAG{...}
submit OP-SECURE-DEV FLAG{...}