miscmedium
Неуязвимый калькулятор (Invulnerable Calculator)
hackerlab
Task: Ruby eval-based calculator with blacklist filtering. Solution: Bypass filters using string concatenation to build method names and alternative .() syntax instead of .call().
$ ls tags/ techniques/
sandbox_escapeeval_injectionblacklist_bypassrubystring_concatenationmethod_objectalternative_call_syntaxfilter_evasion
Ruby eval injectionBlacklist bypass via string concatenationMethod object manipulationAlternative method call syntax (.() instead of .call)
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Create a free account with GitHub, then upgrade to Pro.
$ssh [email protected]