softsec-is521
commented
6 years ago About exploit-bug4 (exploit-service branch)
[*] Starting service from 2018s-gitctf-team1 (branch '4be58078ee4aa3a3c07a2496e6d2a4ec07a925af')
Sending build context to Docker daemon 837.6kB
Step 1/18 : FROM debian:latest
---> 8626492fecd3
Step 2/18 : MAINTAINER 2018s-gitctf-team1
---> Using cache
---> 173b439cabbc
Step 3/18 : ENV DEBIAN_FRONTEND noninteractive
---> Using cache
---> 81acfea5c34f
Step 4/18 : RUN DIST=xenial && sed -i 's/deb.debian.org/ftp.daumkakao.com/' /etc/apt/sources.list && apt-get update && apt-get install -y python-pip python-dev build-essential mysql-server make gcc g++ libcurl4-openssl-dev
---> Using cache
---> f56f1fc367ba
Step 5/18 : WORKDIR /etc/mysql
---> Using cache
---> 8badbb91e0aa
Step 6/18 : RUN pip install --upgrade pip numpy bitarray pyMySQL
---> Using cache
---> 6d0e0293d9fe
Step 7/18 : RUN rm -rf /var/lib/apt/lists/* && apt-get clean
---> Using cache
---> 17f7684a4921
Step 8/18 : RUN mkdir -p /var/ctf
---> Using cache
---> c0f63c0a7265
Step 9/18 : COPY flag /var/ctf/
---> f52532e7a9d4
Step 10/18 : ADD hackttp /hackttp
---> 350364866bbc
Step 11/18 : ADD Service /var/www/cgi
---> 816de5cd0d92
Step 12/18 : ADD init.sh /init.sh
---> 7fbb5ee5cb8c
Step 13/18 : ADD init_db.sh /init_db.sh
---> 84b73f6be4ad
Step 14/18 : RUN chmod +x /init.sh
---> Running in 854aca937173
Removing intermediate container 854aca937173
---> 9cda4dd0a207
Step 15/18 : RUN chmod +x /init_db.sh
---> Running in 49a2111f4892
Removing intermediate container 49a2111f4892
---> 61e26c0a0149
Step 16/18 : RUN /init_db.sh
---> Running in 471e079085a4
Starting MariaDB database server: mysqld.
Stopping MariaDB database server: mysqld.
Removing intermediate container 471e079085a4
---> e980ef48cfff
Step 17/18 : RUN make -C /hackttp
---> Running in 516112b01e1a
make: Entering directory '/hackttp'
Creating Release directory
Building object: Release/Request.o
Building object: Release/Response.o
[91msrc/Response.cpp: In constructor 'Response::Response(int, DataHandler::Resource)':
src/Response.cpp:71:23: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
if (body.size() != content_length) {
~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
[0mBuilding object: Release/DataHandler.o
Building object: Release/Exec.o
Building object: Release/Router.o
Building object: Release/Worker.o
Building object: Release/Util.o
Building object: Release/server.o
Building HackTTP: hackttp
make: Leaving directory '/hackttp'
Removing intermediate container 516112b01e1a
---> 8316752ee04b
Step 18/18 : CMD ["/init.sh"]
---> Running in a692c7e15a13
Removing intermediate container a692c7e15a13
---> 4924e8f62ca2
Successfully built 4924e8f62ca2
Successfully tagged 2018s-gitctf-team1-4be58078ee4aa3a3c07a2496e6d2a4ec07a925af:latest
4f1c62c730cdf49786f904760a03afe0bf555bdbca0c0ec04a9ef88dfa123b87
[*] Started service successfully
[*] Running exploit
Sending build context to Docker daemon 13.82kB
Step 1/3 : FROM debian:latest
---> 8626492fecd3
Step 2/3 : RUN apt-get update && apt-get install -y make gcc python
---> Using cache
---> 51b2b521bad3
Step 3/3 : COPY exploit /bin/
---> Using cache
---> 28509c679774
Successfully built 28509c679774
Successfully tagged exploit-4be58078ee4aa3a3c07a2496e6d2a4ec07a925af:latest
[*] Failed to run exploit
==========================
[*] Exploit returned : None
[*] Solution flag : 1S75dKpQUg
[*] Exploit returned a wrong flag string[*] The exploit did not work.
-----BEGIN PGP MESSAGE----- Version: GnuPG v1
hQEMAy8nZUIPGP0nAQf/TrT1wfFg+4O0xZCJJwPaiPDMlXUzMkHptbRs4i9Os/JD /RB9v02ldqHiE0b1fZrN9zwPgqFBfrwvd//+11QppVVCT/7kfMFO+c8eIWW/0X+9 E1cFK51l/uj+qnotfsmhBUydG/P8DZAfrw9E9ldRhG13qo1G7M14QIINsBWYWvao /dUHPOsx6ODKzFDGGnEjM3ZoMfun8L/tNGQEUA8m2LIP2GSeEZ3Pz47xQwWVFTul TKjsnY2x2dUNqioq1lSLZ+CK+WnQ0pRcgltgLItSO4Vs2YeCP65CYt3gRXdCTyzv 9SxaNb2OQrj5Ou5I146ettKHJA2T/aXcaVjCRqqfe4UBDAPeOndPYIEeEwEH/20x gXaXw3nsbJ7SbwD2SHK0Eap96t7iGXk/EB4oeTQ4hucj3CCebwY41xQ/Mn6Q5t5A zFJTuNNIhzkJTReA2OVyJrbKqTfNURdLQp0t8GCzBwxFt+97xOKvRcPJGrtgy1Ey MCbnqNmbZBLEMOsdrgw20spQTXWFWgDjLRi671LVPm3LNQ3quTkWCrHn3O8gIHd0 LT3CX5JKcmjHWI995l431NtZlVHj6cZe0QJiZJl8D2Ws0LnnuAhL8ZnF6qkPBi7+ yXBZNqHZEjkIXrOhUH6B0BRnC1mtKnnO/coZ9PdSh0TDe30cjEjwCeOiBo2C9b8O v1e8A5nsjjRwtzEbzXXS1FoBdyMCIyVToK5P6CV2vHqV3j3kc1a9/wMbC1+a4ibQ OAba7i+jdHgL0cDSV5WXiQXD/bO51Ez9yblXZXzd4H5KDhspA1093zhfub3xHrTV 6Bl6OAm4xUa3dKRnp/j3iqnd8hsuBD8hlhhaL1W3nduMX1hx8F3aqslbUV18tyIv NtqLLzQZ7oJLss3R5SBMbIyXdQCQcLobjabZLu1eaQNh03XfQgfmgGtVbwnMvnMU ytDPBrl9133JqaIkq00x5zFjVlBbD81jjv46hSDViJWE8eDdk1iKPa7KTeBg3S3T pxOHmIUzjmoEAEQ2VrOC6grP0z/ax/ZTOfP6XbyVabUmNjztgU50QW5lAuvvINlF DiCqAef7t4pgu+IMKBuNYU9Vwg76Fru95eW7f6BxKWR0DcqfhefG/gUCVOR0cAXj kiOFSHek5G1DjxyDLx2MeWvQYl89SkSV7DByZIv7J+V7/TvRsqvO1k0YJO2t2z/m c/gltnE8AL4atr5vd8I5WlAqfDlQ0mN82ZQLsQEmO35wPWUCphqGNHlhTtx/WBQk UZk0EV/rox0fFI9LHdnAyYug/MTTZrH4Y2T+g/ZrDen4ob73TQyac3q+0fhGUFtl CfqZgwmvgDwmpgUGUFOddy4rRJOGzjkitVv/HhVoeaxsg8NF2ivv/7U9cq7kS7PX vdxQ5RmY1FbTW+sJwDWbrZ4zUG0U8bkFmuDhUkWTeDPXGv7AFHSVcLQXXsAh9s90 X2GJX2odMRpV4yYFPqiMsIsGuGoq/t+O3xC3yWPJ8EOi8dZdMh6bpEe0RRYHxpuD n2aFh2StVUGjy9W6I6rm+0+QumK8gc+prHl5K3HVEJlvHOBpcr5KtKtcsy2suyVU ercewl2zPpR0sXQjwQjKy/lCLH6nQM8q3N7cU+ZS4C20SLU7744EBNRvhDeW3q2J lr54PtN/8mbc/Ox6G6JlW3mPpehNxaXg/kZ0zOqGHad8e7/ChPQo6/EncCaP77M7 MTTQt1Ub6N8ZReiHHCHSiHiixY4qftG0spHrSZoYF0lEjD+CMKKICA8thx2pLPWm cQFueXySs5P4iJcaQ7d0hG3PnemVZfLmsxOgATtwWHYFvYR6mrtWyV5EhCzfqbGP dQVPcpqyQqeHwf6mnO4p+xFOyP7BAsvm2ZU9+gdx0aedr04niPmFIqWiYB5ocMDM +wksT+T2K5r1/AqWb+y7R+qZf7cTUjZZeg+LjXy1s4bLvc4/nn+1CXYtY+E+A9lP hNBEoL53dfb5CM2mhHDS7CwvU5e7WzuNlTS8LLZSotHCMv2lxjzTTstMzYYr1sd9 w4srlOPDzMnd16mRXD7NuosEEcE+3bAh3YAO7XH4VgNobcpJGqwDMD2WyP99TSvH p09XUWBvlDxwVTl9+G8UqEWngw/WOvP+/YatA2ftBaiPmIwH/9G2X/7YGaSogoJ5 qakfa6Q6mU3DBmzm3nFOUn+kTFd7YjeLuTOuHEROAWys8ROIa/Z2ZX2bIUd445x1 MoC8QDEiAqUDizWLkmNHh8mQSmRUv/T+mrT5klPI4kIveq6wgtcO0aY9RdgG1J0f LrxBtK969tWxna1/+RpRgG3kSeqbm6oWcNFrbS93lxduKuMAOoP3tgxCGuO2uRhR 41E6641Gk5dls2dltUKcUG8k9kYVs/12Dc4eBb28N6rKFozxRpIiSrLB0nOacG4j VGirCyYZDKYqV7aG0rWEBis6MWPbaV0+6oWMN+pEl5pZvIVKw+iaTq5N3PsksAOh jpBRCQpTlWmWYaNVHDLURrg4KlAemQzPJWESNAaaNerPuKoVTcCItJqt+hfuCLh1 0SLL+WkQKO/W7h/DakiWigtHSi9TLgMMQTyyNVg+thTZ+NErl3U0yjoPi5YQwu1u IDV23l46zLN4y85IP3fbds+uIXak+4RscgumShxOFQ4Ruc65suZ4/bjK4WcQoMW6 fMbSkInpO8tBSY9mQXEy670RJ7cLjoi3bonpTMLKJd1+hxnoU3mqlF3Nd9LoSJi/ dsOYa6itupjfh/w4fDcKIJcyO+Vb1DxyKe1MlesYaYsx0RUKSEIgQKwGv3imX25R 2+y97vvJ12RbSwRVImSlXjMeDoSJhN5zIznmkaiAd0L/rGTO6NjiV1qfqpPs/MBG OVaP8bH7gaZQoMfeJRMTpYYLK09Fj3Bcu/TIIJoKWM0KKDpaeqqudt/w8W+3LBo6 sloagJQNiaQnQmhaOJs4M2v/ij+Qa9cWW0h1nTq7ozhQ+W29w9tP/uAGz2i1tIOG FA9WcTZKuFWNBBd4LjKlW6gRU1SRQ29SjA0qEyZQUtDDRIGB9HGCHMGD9pu/eB6q z5W0xebFMMNAN7j0z58AgAQqNAQxgfhObnct70GCjr25vsEgruOQAnYxrlL76xEe mW0uj6zZXhvxSg4Mo8olyb4+Q4TMZMT/8goOBiBIF7OAKaampt+SVlk8b5uMetOZ WZNJqisH9PPeGGKMDC4mXfHzUb+JXPvyEuEWPClu2vKE/nSHJHmLjsjY6yNggBhx iwZZG61lpuqRpfwYJteK546KuaZcFvNFaM0jeAiAk1ZnLmHeGH6d4B+o8RarU6iB Dnbwe88EHiBqlFU/riqItm1DXNtfNen748kXAzyajirS7SkAl+fxbnLOUvpfsY8X NK03gt6RUW3OCsu7Mro1dOQ0ZYBLj/BcSHGmjy/HGywlMK9m+tzbqJr+0Rfg5WlE xL6xaf0rRL6X9u0yQTAzvpVM7LSANd+34oKaqXcr+JusfQPfLWzKtHR9IOms6E+z Gd6bfELskTqKLrBBi/DB5szKRpn6/6LRrg22Odux/nWl4sWE3RoJoBzEtLLjnI5g MVrW4ufnrJuoTPILnmUJKTOO8Xh07ZJoIpigaHvySQvPCB98dlrd+Sj0iGtegd5t AF7J3PZ7OTAomOFpue0fBIybQ4JfaMYIjaoiRyyxfrzCQ7xDO9KkMyXwDNGW+s+2 GjDCaYK/BangRN2tVJ3xVSX6/7kdfnCiiYMRPITiJ6Ewk0UOOGdB0H+6XlKGk1AA 6AsLl7vm3geChjoVGH3CacOuMbCQeNlFTLjNDs+BTkYNMsEqL4UQQf7eN8tPYPzW MJ2Ufgz5QdW5hCWTdPsMByMcb0+lD53XP7zC7Kl6ODK7/BbfRU7kG8YAliFcQwuq OVttf/CVNfTYdPUdcb70hN1rPXp+TgJnPEYyuv5v2ksKhSL0qebr47NQ6DKNJiZ5 5Vq6Wl8WLOKr0NCUBfQgaJ6aggTz1zUlAtnr8PaLMaCZIyH1ln2sw0mjtAjuvtDj kvhRNmhsAjVPohFD/Gk8PcD3/uNFz50sgCKY6J8u9jl6f39B3dVwd3M7xyJBtjDO +sKkOZLLFq3j6F5DFhCj5qkoZ7+LMXleZY9HHwGZ0/eKUgMf7hHCjjkzUESKZRV9 4T6vy+36sKQY35gA96GiM5Mvxph5ioZZuKg6iIBvtDWOszxxAB0QBkUgzovXk3B0 w+8S/5BL4mHQp3ih6Qwtg4NK9AZi4tmq+3rEqwmJd0rQlCP6dzc7zsD1grMyV5TH fvnNl5pc0+2TXYf8ugYJacrzNEcWArqiLWQWMURewGdkzOoDf+vhHvkjt4PnenPP qEKlmiwIhWo9l4k3yaR6tSWdE4/4qVpi2VxCHH9UX2XBGQOZWhf/YArFyFbHWGta B9sZgGSwwDZtqq5tGWNlYpdcyvzp0bJ93MiKXI+Nn2x0Y7EBYpbgksVkynlF+rsj YaIfK2Q2KNyQ3EMAjQ4/XwSecnmOR8fhgUGqbsRaK/LIt7yb+L2RZjM7E1qGur/0 RBd4rBZ3+aSJaWmCyL4l/vngjFIMsx2QvoOnMrIykXCI0n2ewiPeOlOiTNP/8aLl JwsHoAV0mbDfgyHlBjyXfkU3ixB8rG+FrJFOm1f3MfXd8kvU492J5Zej+hB9Ve4I urNDiI6VkGh4ygyfEGat1Bkqf2kAOFHEgmmw7tdP6QVU0l84OCGLAvmPbgLPV5Tt 04gcIvn962pjH/ScX2pls/p36M2N3CXd0NVVHo4OzbAEgGLxzn533b/wx4Q/j/fM HCAWYnLOYi2AOnXutmruWZiviXdcQaAg1t6flXvc1JCodd2KZ3rqPnrqLZ51SKSG qg3GVPVaV1RVQ5GAQTJFY8Yo6/1zqfVVN/tYNBLsPbpw7XL+W03YcXl85/WIVaQ0 3dtEpfhJLDVqbZTzzv0AA7ijpDeu/tEC4x991iN8+JRGonbgN8tHtVZ1G5F4+55S 1xk4ym1Xz7UoiF0T4kxncVpCLoRtXLUblYXoKrzobN36qYtFh4QHJPnkhZ2uG2hS HBcg7MN7m9upZFbaWNewBVvM7qurTPHQgxAFce27CyzEeXd6yoXbDMSq9nFGpM4O ZB1QhJtbQtZkTHjFhw4d4PPd7TZ3SU/csjGIp8AjBgz8Ej2h0y0ouVuKAn9Ste0Q uCQ1t+Xp97xy03NH92h3M6gNPDf3QJkCVCvuIy8QI+UVi4DVjrTiQLL5JHqvibIo hshjOs03439E+VunwzKVEUujdECY0xB17xuaR3SHsTiTUcK5HiWMq+Fk1r064cYY YTHvcincdSlIAVJhWUey1tWWe6BjzFwLdZStmgHxeZICP8BWQhtockpajMi1K+BX DrEVkVjqjrKA6T+rJPJx/mxmuS1W03IEnbJZ47Ds25M3U6OYIMkYO+vGMqWvIsZL qrx7Nt4lWB2qknGVfnLsyn1T8/BonC7DT0q5Kf8+1xSYlgALVUiM09UqPZ/Evd9l 2HzffVB4A7Hwa2y2j7J9d2jyYqO5jE5pOPXfRXAedQ4pThkws+u8IqwvLPBobXW+ fpCQvCkIlYNDGwyJjAzkKYuTZaa87o6H5U3gE9/tf+q6Qo1TrZX62ZFQy9bOeMxJ eASZLq7d6cnjwmB0fSDTsP+MBxZ7DkfoYpuZZXLAdLkLJKOg5uQCc7+IcpjPY15o bwu4ADcQFGzL9jY1JaD+2lkhPxya9CksYAGEezNUkBQn3Yf/jeSfygS8pBKWhkwP 3ggGhKnidwqEMOiQuWWw6U2c5C4E+rcm6RQRFTblN4F8boCMQdbgqVJ4lcDVNXJN E8CUcbjZeiAMAmLOyUiosRapJlJmMFoCxLuqrHYfMkFa3+0F9kH+DD6IsuuR5fGW muX2hixk/9tG9b0ub9mLkPi/d5cUoppzZ6luKGmwmlgAu3roEHqjxrbWgx/y+tu+ HSt5QpDk0edm1wymowkB54cHds2Ar8V0mdGAQXBblO5oJVqgd1LZplw3AjZUea7n yBgJu9juzSBkebT7LfRbTNievNowuBTIhq/zL+h2gK8TPU0HkTzhpdowmQ/6lOwu 8VXZqa0D2H0Co4RI0+yAOMP9DDrz0Lt6lG3NOttk56IonY1bkVV8k4Bqr8fpGkIL RmLaqPAPz2qMNMZsclqqhkZDyiv7/WYV4Xa4AfE0KaZXtUeF1doU8McpzGkrMFfQ Hr6HDQ7OBRC5cCLsZ056jUhO9i0/pVo1XW+zKoYQTAjKXyR+ViNK8r3wyTQVsR60 84KrUU/Y7/QTFL4HxzKi2h0e6kzZ9fMdq7uJ4rVYtWHrB5BoPmJI6c4jmOBuAM/O rbUSmVd9V/qRnrCHpqlfVv3oYwDJvEPVZab4udshfEJJxk2p6YIbD9gOPHPz2iqS ZpTAhLwSusVascFZaRlM+rJYedB/fGlK8PCjAdia360L8lRK+vDLwSUmu8Na7TD9 49audXDw8nU+unWAC1h/9Uh5h29rKaLfV96BQs3Px4DHo9L3hPrJmBoG47ONKhNd BtQqRTpOPQKrwOPzWHGeTW/omfmB/WqjQX1JbNvAItNM969bpyV8DdSuiHLKS7sM ton7GBVti6EU7gUEEkNmcT8l+pCV/D+JwE+M8cYovAstWYiVRRnPKp5bThRaek7S KEBXf7oUQO2nnJf6A3cAUya5Ll03sshdTk+wTT0jUZVN8tKDiyF1NBYOxMwGSpCY fIzTSiVLqBMHahbl4k3X4iUdK+R6o18RNhpWEwm51h3/REu+oB1Hm9KhXD19fOLI 1EHks5C5IYF3UL0iUSKlias5WohiczNdz4jyAjYzHdf2tJRRGBqsB/EF1cE2nPA/ pJGQtLmhdZ9Vn+LLOeuq+mr8Bq8v02RfjgkwqOacYoMAVFTET0aexVwh1lHsUf+1 uNvCHdjM0u0UvA3emIkVbEgi37Vzd07TyTRWlpqA8muxCs61fYn/t/kG5Z8YPAqs GxrsZLXHFA/CWT/rLFS0Dpa327Qt5Xz2dQmlA/fjTkvUnwTqFbE5tcfmEsgfAC3L z+yvFjgqzHfRyS0NfFxJCkZRO5uRNS5BRfBYpMVUyUnosoN5tEl05ueUoKQd/gpY O8iO1bESryUicF7OF+zELoNmp0ro1bxuRnRqRULaLweQIRwO5aVPVgSXJ6NAL6P3 8ZyVpNm0Ow7CTP/HpBMK85LW6CmenvkIz5FrqfWDB2IAxCVVCilwzTHyb1/8qqDE KfOyA8JDrVdlSkGLCysQ9uiL3O0mXczBt654cnlFGQb1ZwVu4E+iTr7284O+7V6i Jzb9ZZoz7Kx3Fr60OWDoh4RRS1JU5KSwuLdIgTLmDagyYWzIQwx3XddaLh+iUh8W 3V9KslTfpGP22OzP5W2jUXkxP08zbe0SW5hHRgje4/pNcjsNKizdIddYwwD6vls3 mt/LOE7dS3b/wZCxEQeB2ZXoE5xrtQqTqTKqqym0H7xEWShLVh/WUxyibYxjnStU AjQMkA5S0zkdn6Wwz48wbfkjK/W/l0E0K48Ahu7TU9eBeFn64+y7OXoV1yTqc3yy sJ0r7tWFB+OhMRoat6lOExgZCHXtgrdvnAupkOdYyMEwEFCEOA/YT0eCGwVQ+1Pr HCKxRJTOrxEazuzdqQc5yCMrMsZXzIHsD2q++lKPc7ChBZ/lJN3uqnNBSMO3v+Xt JYgdH7JppPeiinetqSl36+UHvWbZmtHGrF5crzaK9vPgp1A2cLs35AGwIxRdpmuk LLB9UXS60fl7hPda3DgsWHms3X+Usr+Re0GPoexugWV2JA4fc83RScfEE+Ia2eBE 2tnaOHWTjtfgr3tzzZ7JeOkn0eemR2lQ6hygZbO4j3yQOaeV0sn7kTR+6NBwy9pM pNMaDdKD++1Ge+SPtU0nCVGWD7+sdLPM5jwk1RggR9IglSspCEGrKj9bqg== =CFiB -----END PGP MESSAGE-----