{"id":28098805,"url":"https://github.com/rmanluo/ciscn2019_final_web4","last_synced_at":"2025-10-27T19:15:10.533Z","repository":{"id":153334158,"uuid":"199009332","full_name":"RManLuo/ciscn2019_final_web4","owner":"RManLuo","description":"全国大学生信息安全竞赛决赛web4，SSTI+TensorFlow模型","archived":false,"fork":false,"pushed_at":"2019-07-26T12:29:33.000Z","size":630,"stargazers_count":28,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-13T18:02:02.728Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RManLuo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-07-26T12:02:09.000Z","updated_at":"2025-04-22T16:52:53.000Z","dependencies_parsed_at":"2023-04-21T14:00:56.933Z","dependency_job_id":null,"html_url":"https://github.com/RManLuo/ciscn2019_final_web4","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/RManLuo/ciscn2019_final_web4","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RManLuo%2Fciscn2019_final_web4","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RManLuo%2Fciscn2019_final_web4/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RManLuo%2Fciscn2019_final_web4/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RManLuo%2Fciscn2019_final_web4/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RManLuo","download_url":"https://codeload.github.com/RManLuo/ciscn2019_final_web4/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RManLuo%2Fciscn2019_final_web4/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267962748,"owners_count":24172744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-30T02:00:09.044Z","response_time":70,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-05-13T17:58:52.446Z","updated_at":"2025-10-27T19:15:05.022Z","avatar_url":"https://github.com/RManLuo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"---\r\ntypora-copy-images-to: img\r\n---\r\n\r\n## 题目信息：\r\n\r\n* 题目名称： a_msg_board_plus_\r\n* 预估难度：中等\r\n\r\n\r\n## 题目描述：\r\n```\r\n这是个环境为 Ubuntu, Python 3.6 、还带了乐色消息和嗨客识别的爱马杀鸡宝德加\r\n```\r\n\r\n## 题目考点：\r\n```\r\n1. Jinja2模板注入（SSTI）\r\n2. Flask session机制\r\n3. TensorFlow模型审计（相比区域赛添加新步骤）\r\n```\r\n\r\n## 思路简述：\r\n通过留言板的模版注入获取到服务器配置信息，通过配置中的secret_key伪造session成为管理员，再利用站点设置选项的TensorFlow相关设置，取得模型内的后门，读取 `/flag` 文件。~~论不要随便乱跑网上下载来的模型~~\r\n\r\n\r\n## 题目提示（难度从低到高）：\r\n1. SSTI\r\n2. Flask Session，注意时间戳\r\n3. 出题人也不知道TensorFlow模型是从哪来的\r\n\r\n\r\n## 原始 flag 及更新命令：\r\n\r\n```shell\r\n    # 原始 flag\r\n    flag{flag_test}\r\n    # ..\r\n    # 更新 flag 命令\r\n    echo 'flag{85c2a01a-55f7-442a-8712-3f6908e1463a}' \u003e /flag\r\n```\r\n\r\n\r\n## 题目环境：\r\n```\r\n1. ubuntu 14.04 LTS（更新到最新）\r\n2. Python 3.6 \r\n```\r\n\r\n## 题目writeup：\r\n1. 进入网站，为一个留言板服务，并且带有机器人过滤机制，页面底部有一个管理员入口但无法进入。\r\n\r\n2. 留言的作者存在SSTI，但有位数限制不能使用长payload\r\n\r\n   ![1562314188392](img/1562314188392.png)\r\n\r\n3. 使用`{{config}}`获取服务器配置信息，其中泄露了`SECRET_KEY`\r\n   ![1556719148044](img/1556719148044.png)\r\n   \r\n4. 观察Flask的session（Flask的session存于cookies并且用`SECRET_KEY`签名）`{\"admin\":false,\"name\":\"{{config}}\"}`，可断定服务器通过session判断是否有管理员权限。\r\n\r\n5. 通过前面获取到的`SECRET_KEY`来伪造`{\"admin\":true}`的session（本地生成一个Flask实例，通过该实例生成合法session，过程见gen_cookie.py）\r\n\r\n   （后续步骤为相对于区域赛修改部分）\r\n\r\n6. 登录管理员后可以进入`/admin`后台，其中后台提供了网站源码和TensorFlow模型上传，并且从网页的注释和源码中可得知网站可以下载当前使用的模型。![1562304489115](img/1562304489115.png)\r\n\r\n![1562304584548](img/1562304584548.png)\r\n\r\n7. 审计Web逻辑和TensorFlow模型（使用TensorBoard浏览模型二进制文件）可以发现当输入的字符串字符总和为1024时会触发读取`/flag`的后门（模型生成代码可参考`model_init.py`，题目已包含生成好的二进制模型）\r\n```\r\nTensorboard可视化\r\ndef init(model_path):\r\n    new_sess = tf.Session()\r\n    meta_file = model_path + \".meta\"\r\n    model = model_path\r\n    saver = tf.train.import_meta_graph(meta_file)\r\n    saver.restore(new_sess, model)\r\n    return new_sess\r\nsess = init('detection_model/detection')\r\nwriter = tf.summary.FileWriter(\"./log\", sess.graph)\r\n然后在命令行执行tensorboard --logdir ./log\r\n```\r\n  \r\n   ![1562307817821](img/1562307817821.png)\r\n\r\n   \u003ccenter\u003e将评论转换为特征值（考虑比赛环境，简化为一个数字，由字符串总和得）\u003c/center\u003e\r\n   \r\n   ![1562307493848](img/1562307493848.png)\r\n   \u003ccenter\u003e当特征值为1024时触发flag分支\u003c/center\u003e\r\n   \r\n   ![1562307600460](img/1562307600460.png)\r\n   \u003ccenter\u003e`/flag`字符串节点，作为ReadFile参数\u003c/center\u003e\r\n   \r\n   ![1562307636446](img/1562307636446.png)\r\n   \r\n   \u003ccenter\u003eReadFile节点\u003c/center\u003e\r\n8. 因此我们可以构造一个总和1024的字符串，读取出flag（比如`aaaaaabxCZC`）。\r\n\r\n![1562307755402](img/1562307755402.png)\r\n\r\n9. 考虑到awd防御环节，网站提供了修改模型的功能，选手只需要将flag节点去除，将模型上传生效即可。\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frmanluo%2Fciscn2019_final_web4","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frmanluo%2Fciscn2019_final_web4","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frmanluo%2Fciscn2019_final_web4/lists"}