From 04cb0feac585efd1f70279c47297d70ecf46593c Mon Sep 17 00:00:00 2001
From: HorcruxAshu <ashumanorkar@gmail.com>
Date: Fri, 12 Jan 2024 23:27:25 +0530
Subject: [PATCH] Added matcher for hostname

---
 hackerden/front/network-utils.js | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hackerden/front/network-utils.js b/hackerden/front/network-utils.js
index 09ba6ab4..5cbbba0e 100644
--- a/hackerden/front/network-utils.js
+++ b/hackerden/front/network-utils.js
@@ -22,12 +22,10 @@ ping = (req,res)=> {
     //this deny list can likely be bypassed, is mainly here to make it harder to cheat than to pass the real challenges
     hostname = hostname.replace("''","")    
     hostname = hostname.replace('""',"")
-    if(hostname.match("FLAG") ||
-       hostname.match("passwd|shadow") ||
-       hostname.match("echo|\\bsed\\b|print|base64|\\bxxd\\b") ||
-       hostname.match("\\b(chmod|rm|mv|cp)\\b")){
-        console.log(`Bypass attempt with ${hostname}`)
-        res.status(400)
+    const disallowedPatterns = /(FLAG|passwd|shadow|echo|\bsed\b|print|base64|\bxxd\b|\b(chmod|rm|mv|cp)\b)/;
+    if (disallowedPatterns.test(hostname)) {
+        console.log(`Bypass attempt with ${hostname}`);
+        res.status(400);
         return res.send("Certain commands have been disallowed. There is a better way.");
     }