<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal"><p dir="auto">The banning-words-with-regex thing was what I got fixated on, so I went down the route of creating a payload that behaved like a string, but insidiously snuck past the matching logic. Turns out that’s more characters than just trying to call the “unlock” method more craftily!</p>
<p dir="auto">On 11 Jul 2018, at 16:19, Stephen Best wrote:</p>
</div>
<blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><div id="884BD8C0-1032-4209-A9C4-8AB2914E34A8"><div dir="ltr">It has been a pleasure pooling obscure Ruby syntax knowledge.<div><br></div><div>I can't test it anymore since the site is down and I left the code on my work laptop but taking cues from Paul and Murray I may have found a solution at 47 chars :O</div><div><br></div><div>Can anyone verify if this works?</div><div><br></div><div>Re: previous solutions - wasn't `send` banned in regexp?</div><div><br></div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>.</div><div>u=prison.method:unlock;u[*[11]<<"secret"<<self]<br></div></div><br><div class="gmail_quote"><div dir="ltr">On Wed, 11 Jul 2018 at 16:56, Murray Steele <<a href="mailto:murray.steele@gmail.com">murray.steele@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Yup, a fun afternoon. I initially tried adding a public method to prison that calls unlock to get around it being private and to do that I had to construct an array without commas. That got me to 59. Seeing the prison.method version from Stephen let me throw away the extra method definition and call unlock directly, and this took me down to 50, and that “no space for a symbol argument” hint from Paul let me get it to 49. Par with Matz!<div><br></div><div>I’m willing to pretend that all the payload size versions I saw that were smaller than that were all fake (I’m sure that’s not true). Looking forward to hearing about some more innovative solutions. I’m sure there’s a different approach where we can change the prison entirely rather than working out how to call unlock on it.</div><div><br></div><div>Thanks for the game Marek!</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 11 July 2018 at 16:36, Paul Battley <span dir="ltr"><<a href="mailto:pbattley@gmail.com" target="_blank">pbattley@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">That was fun. I used a similar tactic, but couldn't get below 50<br>
(hint: you can save one byte because you don't need a space before a<br>
symbol argument).<br>
<br>
Unfortunately, someone has properly hacked it and removed the<br>
scoreboard data. You could coax the app into revealing the database<br>
connection details pretty easily.<br>
<span class="m_-6177884706031452880HOEnZb"><font color="#888888"><br>
P<br>
</font></span><div class="m_-6177884706031452880HOEnZb"><div class="m_-6177884706031452880h5"><br>
On 11 July 2018 at 13:52, Stephen Best <<a href="mailto:bestie@gmail.com" target="_blank">bestie@gmail.com</a>> wrote:<br>
> That was really fun, thanks for sharing! Unfortunately I'm getting an<br>
> application error when I submit.<br>
><br>
> Copying the runtime code you provided I can say this solution "works on my<br>
> machine" :D<br>
><br>
> I managed 51 chars. Will you be sharing the solutions soon?<br>
><br>
> I've copied Rob's very considerate spoiler mitigation tactic<br>
><br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> .<br>
> u=prison.method :unlock;u.curry[11]["secret"][self]<br>
><br>
> On Wed, 11 Jul 2018 at 14:08, Rob Miller <<a href="mailto:rob@bigfish.co.uk" target="_blank">rob@bigfish.co.uk</a>> wrote:<br>
>><br>
>> Nice challenge! Best I can do is 87, thought I suspect there’s a much<br>
>> cleverer approach that I haven’t thought of…<br>
>><br>
>> My solution (after a few linebreaks so people can ignore spoilers if they<br>
>> want to):<br>
>><br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>> .<br>
>><br>
>> payload = Class.new{def<br>
>> to_str;caller[0]=~/m/?"":"prison.send(:unlock,22,'secret',self)"end;}.new<br>
>><br>
>> On 11 Jul 2018, at 11:23, Marek L wrote:<br>
>><br>
>> Hello, lrug-ers.<br>
>> Hope you are enjoying summer and Ruby.<br>
>> I have created a small fun challenge that I thought you may enjoy as well.<br>
>><br>
>> <a href="https://ruby-prison-break.herokuapp.com/escapes/new" rel="noreferrer" target="_blank">https://ruby-prison-break.herokuapp.com/escapes/new</a><br>
>><br>
>> So far, Matz broke it with incredible 49 characters!<br>
>> Happy hacking and feel free to share.<br>
>> Marek<br>
>> _______________________________________________<br>
>> Chat mailing list<br>
>> <a href="mailto:Chat@lists.lrug.org" target="_blank">Chat@lists.lrug.org</a><br>
>> Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
>> Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
>> List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
>><br>
>> _______________________________________________<br>
>> Chat mailing list<br>
>> <a href="mailto:Chat@lists.lrug.org" target="_blank">Chat@lists.lrug.org</a><br>
>> Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
>> Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
>> List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
><br>
><br>
> _______________________________________________<br>
> Chat mailing list<br>
> <a href="mailto:Chat@lists.lrug.org" target="_blank">Chat@lists.lrug.org</a><br>
> Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
> Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
> List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
><br>
_______________________________________________<br>
Chat mailing list<br>
<a href="mailto:Chat@lists.lrug.org" target="_blank">Chat@lists.lrug.org</a><br>
Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
</div></div></blockquote></div><br></div>
_______________________________________________<br>
Chat mailing list<br>
<a href="mailto:Chat@lists.lrug.org" target="_blank">Chat@lists.lrug.org</a><br>
Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" rel="noreferrer" target="_blank">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a><br>
</blockquote></div></div></blockquote>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px">
</blockquote><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">_______________________________________________<br>
Chat mailing list<br>
Chat@lists.lrug.org<br>
Archives: <a href="http://lists.lrug.org/pipermail/chat-lrug.org" style="color:#777">http://lists.lrug.org/pipermail/chat-lrug.org</a><br>
Manage your subscription: <a href="http://lists.lrug.org/options.cgi/chat-lrug.org" style="color:#777">http://lists.lrug.org/options.cgi/chat-lrug.org</a><br>
List info: <a href="http://lists.lrug.org/listinfo.cgi/chat-lrug.org" style="color:#777">http://lists.lrug.org/listinfo.cgi/chat-lrug.org</a></p>
</blockquote></div>
</div>
</body>
</html>