# Photobomb ## Nginx creds `pH0t0:b0Mb!` From http://photobomb.htb/photobomb.js ## Nmap ## POST `curl -X POST 'http://pH0t0:b0Mb!@photobomb.htb/printer'` ```html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN"> <HTML> <HEAD><TITLE>Length Required</TITLE></HEAD> <BODY> <H1>Length Required</H1> WEBrick::HTTPStatus::LengthRequired <HR> <ADDRESS> WEBrick/1.6.0 (Ruby/2.7.0/2019-12-25) at 127.0.0.1:4567 </ADDRESS> </BODY> </HTML> ``` `curl -X POST 'http://pH0t0:b0Mb!@photobomb.htb/printer' -d ''` ## Code ```ruby post '/printer' do photo = params[:photo] filetype = params[:filetype] dimensions = params[:dimensions] # handle inputs if photo.match(/\.{2}|\//) halt 500, 'Invalid photo.' end if !FileTest.exist?( "source_images/" + photo ) halt 500, 'Source photo does not exist.' end if !filetype.match(/^(png|jpg)/) halt 500, 'Invalid filetype.' end if !dimensions.match(/^[0-9]+x[0-9]+$/) halt 500, 'Invalid dimensions.' end ```