[LRUG] Ruby prison escape challenge

Wed Jul 11 07:55:57 PDT 2018

Yup, a fun afternoon.  I initially tried adding a public method to prison
that calls unlock to get around it being private and to do that I had to
construct an array without commas.  That got me to 59.  Seeing the
prison.method version from Stephen let me throw away the extra method
definition and call unlock directly, and this took me down to 50, and that
“no space for a symbol argument” hint from Paul let me get it to 49.  Par
with Matz!

I’m willing to pretend that all the payload size versions I saw that were
smaller than that were all fake (I’m sure that’s not true).  Looking
forward to hearing about some more innovative solutions.  I’m sure there’s
a different approach where we can change the prison entirely rather than
working out how to call unlock on it.

Thanks for the game Marek!

On 11 July 2018 at 16:36, Paul Battley <pbattley at gmail.com> wrote:

> That was fun. I used a similar tactic, but couldn't get below 50
> (hint: you can save one byte because you don't need a space before a
> symbol argument).
>
> Unfortunately, someone has properly hacked it and removed the
> scoreboard data. You could coax the app into revealing the database
> connection details pretty easily.
>
> P
>
> On 11 July 2018 at 13:52, Stephen Best <bestie at gmail.com> wrote:
> > That was really fun, thanks for sharing! Unfortunately I'm getting an
> > application error when I submit.
> >
> > Copying the runtime code you provided I can say this solution "works on
> my
> > machine" :D
> >
> > I managed 51 chars. Will you be sharing the solutions soon?
> >
> > I've copied Rob's very considerate spoiler mitigation tactic
> >
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > .
> > u=prison.method :unlock;u.curry[11]["secret"][self]
> >
> > On Wed, 11 Jul 2018 at 14:08, Rob Miller <rob at bigfish.co.uk> wrote:
> >>
> >> Nice challenge! Best I can do is 87, thought I suspect there’s a much
> >> cleverer approach that I haven’t thought of…
> >>
> >> My solution (after a few linebreaks so people can ignore spoilers if
> they
> >> want to):
> >>
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >> .
> >>
> >> payload = Class.new{def
> >> to_str;caller[0]=~/m/?"":"prison.send(:unlock,22,'
> secret',self)"end;}.new
> >>
> >> On 11 Jul 2018, at 11:23, Marek L wrote:
> >>
> >> Hello, lrug-ers.
> >> Hope you are enjoying summer and Ruby.
> >> I have created a small fun challenge that I thought you may enjoy as
> well.
> >>
> >> https://ruby-prison-break.herokuapp.com/escapes/new
> >>
> >> So far, Matz broke it with incredible 49 characters!
> >> Happy hacking and feel free to share.
> >> Marek
> >> _______________________________________________
> >> Chat mailing list
> >> Chat at lists.lrug.org
> >> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> >> Manage your subscription: http://lists.lrug.org/options.
> cgi/chat-lrug.org
> >> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
> >>
> >> _______________________________________________
> >> Chat mailing list
> >> Chat at lists.lrug.org
> >> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> >> Manage your subscription: http://lists.lrug.org/options.
> cgi/chat-lrug.org
> >> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
> >
> >
> > _______________________________________________
> > Chat mailing list
> > Chat at lists.lrug.org
> > Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> > Manage your subscription: http://lists.lrug.org/options.
> cgi/chat-lrug.org
> > List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
> >
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20180711/01c9b8c2/attachment-0002.html>