Challenges: Grab Bag

JSfuck [117 points, 92 solves]

I was writing some valid ECMAScript to print your flag but my fingers slipped and I added several unwanted characters. Could you please fix it for me?

Download: jsfuck.tgz

Polishop [278 points, 37 solves]

The Polishop sells everything, from polishirts to the woderfull Poliflag, can you buy it?

http://polishop.chall.polictf.it

Server-side sources and exploit script: polishop-sources.zip (sources NOT disclosed to the players!)

y-turtle [425 points, 11 solves]

A new cyber-artistic collective had fun experimenting with metaprogramming and domain specific languages. Here thre is a first, broken, implementation of a Turtle graphic engine.

http://yturtle.chall.polictf.it

Server-side sources and exploit script: y-turtle-sources.zip (sources NOT disclosed to the players!)

file proxy [269 points, 39 solves]

Our Sysadmin made a simple file proxy to load HTTP resources.

http://fileproxy.chall.polictf.it

Server-side sources and exploit script: file-proxy-sources.zip (sources NOT disclosed to the players!)

Tower [154 points, 74 solves]

You are entering a Lab where you will be the experiment

nc tower.chall.polictf.it 31337

(server-side sources not released, sorry)

Pyzzeria [484 points, 3 solves]

An evil pyzza-maker has come to town: he is terrorizing the population by putting pineapple in every pyzza he cooks. Nobody can't stop him as long as he is the only one knowing the secret to alter the recipe...

Our intel sources have identified his evil lab, but unfortunately the access seems restricted to his staff only. Can you help us save the Pyzza?

Update: The challenge is served by a load balancer, and the inet_addr error is intended

Update: the developers left some files on the webserver... maybe there's something interesting! http://pyzzeria.chall.polictf.it/warehouse

Server-side sources: pyzzeria-sources.zip (sources NOT disclosed to the players!)