softsec-is521
commented
6 years ago About exploit-bug2 (exploit-service branch)
[*] Starting service from 2018s-gitctf-team5 (branch '8a0b39b831e3bb1efdc845658089c0ae66a36fd7')
Sending build context to Docker daemon 2.193MB
Step 1/33 : FROM debian:latest
---> 8626492fecd3
Step 2/33 : MAINTAINER k1rh4 <k1rh4.lee@gmail.com>
---> Using cache
---> 8e9e3881ec66
Step 3/33 : RUN sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> d58cb6fc7f0d
Step 4/33 : RUN apt-get update
---> Using cache
---> f74c65dc9bfe
Step 5/33 : RUN apt-get install -y xinetd
---> Using cache
---> 845d6f85baa1
Step 6/33 : RUN apt-get install -y libsqlite3-dev
---> Using cache
---> ff66c0e5a29c
Step 7/33 : RUN apt-get install netcat -y
---> Using cache
---> df491e9bff6a
Step 8/33 : RUN apt-get install net-tools -y
---> Using cache
---> 93debded14f4
Step 9/33 : RUN apt-get install -y procps
---> Using cache
---> c472a4cdaf3f
Step 10/33 : RUN useradd -d /home/load load -s /bin/bash
---> Using cache
---> 88d6cfc64fa7
Step 11/33 : RUN mkdir /home/load
---> Using cache
---> 82e3bcea59ce
Step 12/33 : RUN chown -R root:load /home/load
---> Using cache
---> 5aa04924d1ab
Step 13/33 : RUN chmod 750 /home/load
---> Using cache
---> f51da5c3a761
Step 14/33 : ADD ./BUILD/prob /home/load/
---> Using cache
---> 5fa7dbc08b05
Step 15/33 : ADD ./BUILD/modify_usr /home/load/modify_usr
---> Using cache
---> 80d1f6379516
Step 16/33 : ADD ./BUILD/run.sh /home/load/run.sh
---> Using cache
---> 906323f975f1
Step 17/33 : ADD ./BUILD/usr.db /home/load/usr.db
---> Using cache
---> ba9251f94caa
Step 18/33 : RUN chown root:root /home/load/*
---> Using cache
---> bb326fbfe03f
Step 19/33 : RUN chmod 755 /home/load/run.sh
---> Using cache
---> 693348cb1317
Step 20/33 : RUN chmod 755 /home/load/modify_usr
---> Using cache
---> e9b9fc8366c5
Step 21/33 : RUN chmod 755 /home/load/prob
---> Using cache
---> 2b467833030a
Step 22/33 : RUN chmod 766 /home/load/usr.db
---> Using cache
---> e09ce7454b7a
Step 23/33 : RUN mkdir -p /var/ctf/
---> Using cache
---> 836e043d7be7
Step 24/33 : COPY ./flag /var/ctf/flag
---> d9ca0b3aad86
Step 25/33 : RUN chown root:load /var/ctf/flag
---> Running in 11a71caa34bb
Removing intermediate container 11a71caa34bb
---> 15fbf95fcde2
Step 26/33 : RUN chmod 440 /var/ctf/flag
---> Running in b4165e7d803c
Removing intermediate container b4165e7d803c
---> 929243f4a582
Step 27/33 : ADD ./SRC/load.xinetd /etc/xinetd.d/load
---> 99f2cbf100f7
Step 28/33 : WORKDIR /home/load
Removing intermediate container 2c893959023a
---> ad7b5b8063ce
Step 29/33 : ADD ./SRC/start.sh /start.sh
---> 7964f98fe8b5
Step 30/33 : RUN chmod +x /start.sh
---> Running in e27e7a36de96
Removing intermediate container e27e7a36de96
---> d3d8db06ecef
Step 31/33 : RUN su load
---> Running in f310ec2115ce
Removing intermediate container f310ec2115ce
---> 25272d78dd5a
Step 32/33 : RUN /start.sh &
---> Running in badd71087e13
Removing intermediate container badd71087e13
---> e24256c07822
Step 33/33 : ENTRYPOINT /start.sh
---> Running in 5bd76efc26c5
Removing intermediate container 5bd76efc26c5
---> 76640e3640d3
Successfully built 76640e3640d3
Successfully tagged 2018s-gitctf-team5-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
26b5d10533b22d7b1b6c114b5a8138aac8ebae0857a610e55c8873b9867b67ff
[*] Started service successfully
[*] Running exploit
Sending build context to Docker daemon 7.68kB
Step 1/6 : FROM debian:latest
---> 8626492fecd3
Step 2/6 : RUN sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> 45fa25df3fa6
Step 3/6 : RUN apt-get update
---> Using cache
---> 0845a94ffa3b
Step 4/6 : RUN apt-get install -y python
---> Using cache
---> 371c580f05da
Step 5/6 : COPY /ex.py /bin/exploit
---> Using cache
---> cd005dbac82b
Step 6/6 : RUN chmod 755 /bin/exploit
---> Using cache
---> 68e5f6361bd0
Successfully built 68e5f6361bd0
Successfully tagged exploit-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
0 �
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 �
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 �
[*] Failed to run exploit
==========================
[*] Exploit returned : None
[*] Solution flag : NE9dIQXV0Q
[*] Exploit returned a wrong flag string[*] The exploit did not work.
-----BEGIN PGP MESSAGE----- Version: GnuPG v1
hQEMAy8nZUIPGP0nAQf+Jh2O7mtH3USzG5rkH1y/YRSRV3I4aW6Shia/uSYNbmCZ NcDdZpERnK1/eB9kGVOAVGlVLNtKyTn8JSK706uwBd+eZwoSfVvlijAp9kRzk6yv 06CnVrDLzHIlnXslZX9QBod3/9v0oO0cKgTKg8Ha5Nx6c92nLxp5aQlCEhS8iSGF t6/1wpHqtL3Bq+XidduCYOqLTsTilrst7a7HkQTmqFR0iLK8qJcOJ4vlfNJmXGfB QeiOba5nXmOhe+QlVb+p+TTqcGPv591y2dKThdINQ5VLPP1jOwuIZyBBVMtVGr9q 0Gv/5ZYAqCH4MdZHJOIFldTmusTYvEE+NloALKn9tYUBjAPcMgCV6N35oQEL/1fN 6gng3c7jKhWldhy62gZjwOJjOie/gWGwG0nSxWwJlXdpVsXtRbtMEdyhIXeAguRE h2O39n3mrPFZt/C49otjppS9esvoi152Kmd267NfwRyNSV7tdyKlWRTilyOt6B2J tc7a+O2QCczFWMjpFKhAXSbDHmnnHtt1nPQ5SvVSfzqd4eQnUu9x3cBo31pILsL8 lcnOjr03z7/ku1jvtd8FnVO9M/R/uBXWKgO2W321+YoiBNRX0qiPoBD9cFx1DIo8 F8f/KwD2Jp7OcHwnaq60OOpApRy9woVzzVojwTLgBw0ixutIBsohbRmmXBCNffGx GUkK79rXIf8y/OaURv3lkG0A8cQpM8sE88wQvks4fbtq54TEwyoPddlfeyFTkN5R WgKzHzY1sqfSADmPWVE+6YTkP8OT0b1jpnXcUEa4paYODwKB460eK56s/O/QXDpt wXFHYO9Px98dw1pqOQ0yd358QtpWufbMQ+4imVwBitHt9CiHz3/6ei+SHyQfnNLr Ae5zaD3OWxju8vg+yY3KZ4BzFwDGDQgFYxeH+Wbg85k4cxcU2pnBMZfbbLuUTwDy BdJLCULAe9da5tE/Gt79BeheSdU0vL9grl649ZxkK1ujZIujBGDW4mMqZQYc4aBU sE07LB2XVR/MRQSsj839AizZ6Cnm5WPXR4i+FOobuYmg/s5xfLxZa4xM31zz1XGW vzGCa4Dh2/KwnSmABYnswIkf5eOg450lA4Zu086uNIv3ZB2CdqCF6jETXiKxfsRG 649SQHBpjOEc0UN2zQx+aaU1uD4YjG9ApIyDGiqrwP8wNyi7X2dymVUjsXbo2nKw NQi6ofIsWit6fUDWi8WPuTrOP8yx1GD7x/ud9T+nEvDR4XylFEPl1hUxVfeIAn2f DyUH/Aqxl/cpD8qLJjNPNiJf2K8/h1n4sblWB4QcuyssubaA/vcj5ivIQXUWqPXb SSHDoNVKVcmilSbesLbnpqZlS9uZvIFaoxVgEF3HHhFbdQJPe4v2D6jkuSOZ54F6 Aj1yKCCBKtEGYlj2RIzsjvSbTDXB54lHtjhpuEyH5Xpwx2dZi+6rlBfZXO0YsRF3 2oZTJc4h3NyW2VKt9s45yrV3oaMzKRZwPgv71EkegnQzlWnIPK473BBwC8iT2TDG mFqnPG3yjI/gXZ7YdrEzx103d8KUfvb6LrzWEm3+++/zYpQawZ0lWVsidNYIVQBb +5enEgAP6CyEPPfPiNfxX9WWUKUu2skL9fE2J2y3h1rY7b3ZRs7NTqcaSJKhNlaU +7pTFVOLiqfNuI5G6JNHYVwVZ0//CehidGHeN7jeZfDiFWNBClJOuQpTco6nlw4h FeHZSmlajHcbExqwkxMzBhOk5yDqNwB784A1yh9ye8hcM1swOyXRKWuhDiA+g/M9 1Dsbpk/m22E4yI+Sr5piWjL9p7uiwix5xjbSgGjLY9iATcZKkQ2R1QMRBUbVPl7l 6mnT7SqEKAJDpkanMZUvwlQVzxjF21b/LLLst8sdEBO6T1FlLpsu2a5x7NHzBxOJ 0/DY7LjOU8bezKzNOqPqtLPJIG8JdGEzvbEpfn0FO81DQ2aJ5bOMRe4s251TvyJF CY/6cKPll4TwA7ZueyKc5dA+Af40Z5h0WY8SY02EBbr9d9Y7glukbJnhiUadE4Ub 0wD2HHQ/4vsYzXzCLGEqh56OkL5CWBU+CHfboBoHu3AzZwIv3xOmTkv+9u97n9BJ cgcQkbbUrFMhexe7iLbZoX92XdZCPT6O6zx3sMs2bnEsCv1n3Ke6sfTm3A4kWLQi TUlOkt8uDdmwTtStd5RB0xzzfAqtKUsoOua0OkdsZiDnUE4epubO9WDRYe6Okgd0 Q7jqdZrtDAbv6uTSlsPf7WuTqUwA01Lf4tnHsUt4YkIYfXM1wwMxACsTIs3+OxJF /bP3DRsrZXxYFzVxjWil3a9ocoIJNfObiYNnPyv2Yhiqg4w6YC1SHSMMehbzjJ5h sQ+bI1dW78Bx5f5HJ33fEyO+JoY/SwxAXVK09AYtMgLhCmjPKBUBnwsnS6DuAmEv p0Dcg2gPf9a8lvwNnKyS7BgROJkKgiWY50TBBL2W6kBftWFwdrIoWG/oS4klMl5Z YCEzuk2c8iarWB3EY55MS6kUDxVwIz2CmKtnllA8kDgW/U9Tnxw4fpwDfp2CoESB CDMw9UnlIij8di+TvbbYTbPkpcB+f77aWP1lLUpOKezDDy2S6xtSu9z2YGmifwRf OdlPOFONsEJaJv3A8fbGb08ArOMfyjFzmCKg8RbDNfEX7hzpoyqWGTUP8Gj9lwCw Xlu9hwBi9vt+I1VRKTJwYGjL3osDgPFxX9O2boeQ2G7b1J/IvVtrrJ5Vg3i45Hwr K5Ft0OhC36bxP78eYb8ZNDCcTlIibWR3AUvz2Fnv80kcMshSeKgmnYl4EIZiG3oy HNmsKWpwG8nPsknR3Hf2Uytx+kmv9FuGymAYzmGw8hfVxsdzHmiauPJJzuAsU+Wl MVwGtAZbciZFs2webkXVTBp/KKNFHIUuW38z8MOI9iY/sKqxef205qZ3qR0+hCLE jGm1w/9rqqNw+U0tKdEZcjjjzcrahxnXyNKJcLnM7hfIR9kZRRD4JWFTdLLkyv4G n6L5sr8m8hbTQTM0KUxoE1PziIZN+vX87QJIQZDHZwMp/TMFowUaziIkKvdZMgsf li2hX+7++B5dc7OCdzk7MCHwGg0QtRV73q2Qx8ecdq3/tqUE+TFhrR0sb5N4ai7Q FgKCggy+LAOZKCBb5ZJnPLZNi6PtWKIDPexitwvrvHrvUMJUT2WeSPGFylZ1GIFT cueQP8yl6rlIG8U+e6w1i9Z7BjhZxc8snFxx3KYeTV4BQRczEvdVHDTN1Y5pkR3N WsaUPDERFT22Q3EE896EQtSVSoS5HxI/IDRCgchdDuCj7rJ0FxV8Nim+y4hIOkM7 bbO4dqthOrJ79vTsCUGQk1mgZNmdRn8GAYumnjWFUnNNLZMLV4aLuPIJWrQHglO3 wsAOLkZbDm4FVtJMHunc05+klLElhHO+1uwrSKCM/Lj2mmtm/PESKWW9M2earZlA gjBdBFHQS3shSF55rZAlqMeOxyA6frhI1MZzuxFZRyITJBd/Q9ytAX4FD2z93rSP X2CDxhp/pBzb0rS6vOLnYTtrjizv4ps78Pwu/vK0yLtCkpCQ7SEJTlgDA5vUKEd5 bgKir6wxTcr6ErYBR5ksO0I7yF5Dr6w0IwlrY0Nk/7nAr9ioPi2KW1iFi0WdG6XM l5vIrJ9ydwxnRfU+LlOYZm067B953TPOyh7juDUJZJsrSrA0yQIwbj46tZ5aavbs tkIR4Uts97XpbY4MaaZEy8GBAozw4FRerjudJa/k2qQUz9z+RWApAWHKmlF2xrnh L5vo0+8I1oLE0Wkwtu3UDub2Ixru6caKXDxOuMAZCqpYgxnZP2/Vp40N4H7dnc96 7xUxwIiBAub+SFn2b/jx7LeUVsVFmp6hnfoJOMgU19CRjx/iCYApsmYIuYIR9Myy GP3ucZ8at73WtWg5RhjQO4qpQm/SeqqrvrfCAv+BAl5jaGFMc24GtiXfLVCYTtYO t0E4YYZG6Qb1LNHSpzJ6kFTUMGBDlvqHn/8FdSkcfN8s/Gz1DsS8RzGwJVuJk+RI 2UkP+jdBXZCUtLNnxFYVp2zJQ65B3NROqzVYLrjf4yJ68gDW2NwGIy3kwhuiJyYU Us/AqCGv4zIifYyD5L7oa4w= =230N -----END PGP MESSAGE-----