softsec-is521
commented
6 years ago About exploit-bug2 (exploit-service branch)
[*] Starting service from 2018s-gitctf-team5 (branch '8a0b39b831e3bb1efdc845658089c0ae66a36fd7')
Sending build context to Docker daemon 2.193MB
Step 1/33 : FROM debian:latest
---> 8626492fecd3
Step 2/33 : MAINTAINER k1rh4 <k1rh4.lee@gmail.com>
---> Using cache
---> 8e9e3881ec66
Step 3/33 : RUN sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> d58cb6fc7f0d
Step 4/33 : RUN apt-get update
---> Using cache
---> f74c65dc9bfe
Step 5/33 : RUN apt-get install -y xinetd
---> Using cache
---> 845d6f85baa1
Step 6/33 : RUN apt-get install -y libsqlite3-dev
---> Using cache
---> ff66c0e5a29c
Step 7/33 : RUN apt-get install netcat -y
---> Using cache
---> df491e9bff6a
Step 8/33 : RUN apt-get install net-tools -y
---> Using cache
---> 93debded14f4
Step 9/33 : RUN apt-get install -y procps
---> Using cache
---> c472a4cdaf3f
Step 10/33 : RUN useradd -d /home/load load -s /bin/bash
---> Using cache
---> 88d6cfc64fa7
Step 11/33 : RUN mkdir /home/load
---> Using cache
---> 82e3bcea59ce
Step 12/33 : RUN chown -R root:load /home/load
---> Using cache
---> 5aa04924d1ab
Step 13/33 : RUN chmod 750 /home/load
---> Using cache
---> f51da5c3a761
Step 14/33 : ADD ./BUILD/prob /home/load/
---> Using cache
---> 5fa7dbc08b05
Step 15/33 : ADD ./BUILD/modify_usr /home/load/modify_usr
---> Using cache
---> 80d1f6379516
Step 16/33 : ADD ./BUILD/run.sh /home/load/run.sh
---> Using cache
---> 906323f975f1
Step 17/33 : ADD ./BUILD/usr.db /home/load/usr.db
---> Using cache
---> ba9251f94caa
Step 18/33 : RUN chown root:root /home/load/*
---> Using cache
---> bb326fbfe03f
Step 19/33 : RUN chmod 755 /home/load/run.sh
---> Using cache
---> 693348cb1317
Step 20/33 : RUN chmod 755 /home/load/modify_usr
---> Using cache
---> e9b9fc8366c5
Step 21/33 : RUN chmod 755 /home/load/prob
---> Using cache
---> 2b467833030a
Step 22/33 : RUN chmod 766 /home/load/usr.db
---> Using cache
---> e09ce7454b7a
Step 23/33 : RUN mkdir -p /var/ctf/
---> Using cache
---> 836e043d7be7
Step 24/33 : COPY ./flag /var/ctf/flag
---> 131294e49924
Step 25/33 : RUN chown root:load /var/ctf/flag
---> Running in 51f81c8b5a93
Removing intermediate container 51f81c8b5a93
---> e5ab22502c24
Step 26/33 : RUN chmod 440 /var/ctf/flag
---> Running in 7ab2a123355b
Removing intermediate container 7ab2a123355b
---> c09988770f0f
Step 27/33 : ADD ./SRC/load.xinetd /etc/xinetd.d/load
---> 9c800ee48767
Step 28/33 : WORKDIR /home/load
Removing intermediate container f9d79dfe7025
---> 1eb3e671982d
Step 29/33 : ADD ./SRC/start.sh /start.sh
---> e8c57e0bffe8
Step 30/33 : RUN chmod +x /start.sh
---> Running in 33cceee77361
Removing intermediate container 33cceee77361
---> 91f2d8464693
Step 31/33 : RUN su load
---> Running in 665e71936bb1
Removing intermediate container 665e71936bb1
---> 5662428b8b3b
Step 32/33 : RUN /start.sh &
---> Running in d06520b32467
Removing intermediate container d06520b32467
---> 05c29b6a90e1
Step 33/33 : ENTRYPOINT /start.sh
---> Running in 03c249fbf8f8
Removing intermediate container 03c249fbf8f8
---> 4d3097c29352
Successfully built 4d3097c29352
Successfully tagged 2018s-gitctf-team5-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
e2d3771a720daed04fd86267fc71af082b31d4dc9d14e2370ff00a0ea4a0400f
[*] Started service successfully
[*] Running exploit
Sending build context to Docker daemon 7.68kB
Step 1/6 : FROM debian:latest
---> 8626492fecd3
Step 2/6 : RUN sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> 45fa25df3fa6
Step 3/6 : RUN apt-get update
---> Using cache
---> 0845a94ffa3b
Step 4/6 : RUN apt-get install -y python
---> Using cache
---> 371c580f05da
Step 5/6 : COPY /ex.py /bin/exploit
---> Using cache
---> ab83b022bb84
Step 6/6 : RUN chmod 755 /bin/exploit
---> Using cache
---> e6b0a10908f7
Successfully built e6b0a10908f7
Successfully tagged exploit-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
0 �
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 �[
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 �[]
[*] Failed to run exploit
==========================
[*] Exploit returned : None
[*] Solution flag : Fy3QbpZUVQ
[*] Exploit returned a wrong flag string[*] The exploit did not work.
-----BEGIN PGP MESSAGE----- Version: GnuPG v1
hQEMAy8nZUIPGP0nAQf+Mv7NcNEzfoeS6zhy4g9AabFN5HfNqQkUmQXV0ZOU+8mu 6g+0XN7uQY5KBZ0FdUdzC9wAAnD9HTBh3W2+Qc8x4QvPxBKyDKcrWUiMMgeQ45cX S0RcJoPGSWrNWgLNj2hVGDTIFPvYFE0A2i2FZ1eWseu+8KcBjPtibCpyG3hA23fX /kan5gQH5OAtd61w7YRy07gk3p2I3dUBqpYH2hrpEXl/ZPOBSa5zoeytdOkbZt4j 72tnkVQjoswG1TExmnR4S6oJosoWUXENatVRmmWjJh3wpQmUcNKWnwKBPRUKX0mn xdhrvYGDG2A/Hz7c0+MjgulmVyk70kT76/nREubGe4UBjAPcMgCV6N35oQEMAINO uEXTaUIXtBHYvT6jYNo2t+Xk0GNqhFpim/KlOKpRwREB+PvHkjHiMVRJc0GYPKHl pPopIEYmvpC6VDcEPpdZjuWnJqPjwRTf4IK3FE3KBf4gd/SkqVOpxUHhKXjf9xbK dv1a/cyCyURgreVFsKyGZhgGjdGX4gdwDc0fuG6CtyrtOoVCAIQZ4jRllEHPSqCt 1Lix96GlBIh9DN10RxKIQnoGTMbo/w2QwvH41NcSoORTsj+MhQq/StB8jR1+zpeR 77XoKS8uqMapO6uUXDRxz17T3hmTp5nRsi6M6oV7auqXuJ+ytKTk52CfrSs9fsBD U9/t3yxGJ/E4vCgdCRd7o66Y0KmZ9Db6dueOoCIMXWPOD86R6javkMI1J/Xyv/uC UxrxsIEU0/FVh15ISELGMOD2Z3qkXgMQizLABXXBmCkAqpGY2byWFA1sfLravGMc EnANYUurbgQGwgda0PQZtUyw7RUCtNloh/5LYTK6PqvM4sxNsNwEzaKJ+c0T09Lr AUHgeXWrBcRIYChTlVEIwTwd8a16NE6rhpgjaPxjWQrH6FgO8wGuIgJXyEa7RI4d iQlf9toYPSbI5TPlFEDxmJmRElhH3dGPny9i21R8N3mzL4Je7k2ixLYXqFQfrh6n hCXE0oh1RFqXfLd/W8kc7hezXUkeLyY4ArNCVuFbfV1KGO4p2cJxJL8Ur0JD06OO /ZdpYXm3FGm3EDSrn6z13eK5ZfP1+X8/c1T7hyqHHmOxo4Rbo9CNDxWlj+oeImQI mVJF/6YCZhl2MUDwYnF2QXxtWNSMaQU3O+GIaXz1RgEAzt24z9ovC2UyO2zxnurQ aiyLdHWcmu3c/m+NvP+IsZvIk4RD2W1iqJjyretW6XHxw8VZFPxa+QhCeKQBJBg5 4w6M2B5t0bZnGBJXyIo+y69afXt4xX04TiRJg/XGZEh5RYk/xeEuzy24DcM6QiPt 16AZRaKeXsJROXmDsJYQgVF1HjsJyqsjHFSyks7+/+R6wFUNfUEy9NhhS1dfBEa6 aKAKJ4+Fgm7JuR1NJHqGr81A6h62o8JJDwik1eaNIKYmPG4KVAoYcujOg/8i2LiS QTkzC53AQ9i7+ptRfQNGm5HCCOie3QwcEGaHA//7KfZ1qlYp0jEDzClGBYTLSFp/ j6IWS/T+auWbVEuctM+vmBUdDT8EEfNvv0Hlht9Z48IjPsf3GVUvhSbgjxk9jQxf w8VVIY8VP7L1Wcg2PxoR37LDxmddOaaXgNMyN7KauRVpdmUJX/eMyTSaP8eLkrMn dTq/3AWZI6Q6z/BuCMaLGiOveDQXOEjnGvmz3bf9rufEFeLcIOnQ2WgYNPSg86UK Fwa0rZ3C4FopyZdRP3voDR3PeTkS2WTQvng/4/C1kkN5OKkFJGTbBFUsORCuzvk+ 0pQUZkS2p2IWVxRy2GYTY73i4x70MTKXjCFWvcKDmaSTFS13bEOAeaIVQUghquJO WnYanWZpyMh3ednW/6BZAF5Jv7+V8uiqZ/mRrTshbCTSGfEbBWTJ93XE20YnNoY7 jPuzL1Szo3y/Oj/T5vXtTcLqQbx9g5A1wGeSDL+OHcXQfNsNcE/gI2UB0IDOtGo+ gDeqXOcc0isfKVwxJUWR8K6Gn48/X0wF4w0PwFtGBJNNc0Q5t8gZQjWRJ06pr0wq nbJ0mSbcazei2kNYrYatolK9OpzwnKCAt9Vcr8SRVr/aNtBBdBSV+hw7mfw7P7AF E3E02taQ3FMVksX7w02F82jx0DsXqs3kqBIYMoT4B9gtXI326siADGgA31zmKT3W u31xgl3yyV1K4t+Mao/oSKAdyMdwERjNGT8SDXyjyNFL4KG1tos1k/G6wq/aWE/3 ogP4TyfIIOgts5YLZLixAdfwOi4KIg+B5xusEAgJGg4irab4tEuiVUXwcRoa/o7z u2/ThNxMglM5OLQgIDjtO/L6LLCOw0wJh8tkuqAsdgjUDmz5Mh6WLxkg8x/lDSib 4OyDAtnmz05s2cLcA5wEygkxoQDIH9gWjgwmExZs8oedtG3An2JI9HrPTIbp9LNP 00ZhF7haawwVunvP12JQ0sVbUjKvTQMPGvtFLwUkoKOexvI+sXZX5meHFbF/RwaD pJFAwLP/S4Mkp2xaDL6MoNlZT8JcXu+Kl2iVS3ROsfV7kuRPiNwvTYAroh5vrm6J 5D9yJ8fj9KNG4uExCnz4veUWgPnYAeNPjCeFIdnX/aYiRjrlZaSEeiIPuFJpToyw WtDG74KIJylhtDNbS3VsAAfoXtzMwuIYdjcd3h2+QDTyw8hAHaGm1fqSISns3mYO 90fGh7iwHfX9ehWtJ4/c2skTeLUeJwnO5bZp9Hyz+laoQM1QUIao6rRWDfRID+Vg nBJQcLAql2owGUV5SPZj3esmiAC4fMk6ZHJGLIW1cMD/+b0K/JsFlkW2/N/clSyy EcS6yX+lT3XPZ98cjHP58xkL9037WHp5JrLxj2VgQF6aOwcTFtQASyoFhlo4sHr6 eoETK4cxvTi1Fcg0bHH0bUBSvKp9/JCFV056epcuowioEjYU9Drn9WBK7Qc+VirN a5h+jttSnyRRzZMPzdgX9JVYIcbkiolr/5QP+ArZYBBxC3wBGUBHGOLcFrDl/9E9 xfVKD0AqAcgOSoXqc/DeHBrUWeGklLtXlNVl1iR7Fwjw5Si9mGy19BfBMBDdJNEd qzH1sjwq4WDur4/ppzwBGeFe/aAn9XlAqQv8nvlWazpEG78Ks3ZA1ZZSF9XpUbGt 86OqIjlmaEf0JHflpCOCebR/kDjZWQ+pVFcmAg98E/Incm+FpHm9TEu3o5Jpb1Hh wyAoeL8M/g0FDLQS/clFvGb8qao/uqNjijIBH512McDWM6Xe6RXqwzUmvr5T/+M8 saX/1SgfQb0K8Cj3IT+NAYRF+KZ9Y7p8NNhsYRfkAwWRMdtDU6Huxd8AIQvQWU29 JQrD39BvlAhbKZbYC8MSYMb3aLGRcNzTvHsA2CJXZQIxNsppxeUBHfUW8CjVjsKl j1z55RLc7AhU+svq00eZpGSYcZJlVHIsJRhUKEkvQQn1/oGVzk4byQ7y4BeoknyJ 8RvU8U659xNCwbcrkMMu9WnRqTKZqbnfX4Mbm73TeETKq/juqreqgNCN/OpHab0l AS67P0pQdKGVWBjZVahBPqGpJ2SamkXKW0WwYX56p5SK7omfj0RhWst3rkm009LQ kStV025QaSLU3vzKenjikHEXxEhGmhxv1G003t4KsbjA67/lwIU8D90sFOnqSjOE No3aFhymLiRUCIjeqdli+5wqnkx17xuywBBM1r11kD8fktxpehhM3Xj5eq6vDnCN hBEXddp7J9VYuCMGWfx0JZylttXSleKjIuJnOzW+5cU83iIBAV3rDm7ZfB+SQv3I y0GxfeGRjpInwMMuHuhXI9JnTTDIKLYNgTQmxPAjvCVHvLQPY+JJHB+ugbqEgMsU XsbvbVWSOVRutE+81jaJSYVdbs8bgoavxikrKXa24umH6t5MxcGj0j8gADQusD8C 6dYNILI62QmrmTOAcIGeA+mHBH1Q4K16795UAtk6HaPelt0055/OXQzrZBFT6JNs pz+yhpqKZ/Re8tfFj2700ElQLuGqLkc/4PHwThxMHk1D6DjfFzds0T4TgnLYmLGK 55NzblQZBaRo2V2bQyMzorNREcLNDR2VUs4gkz57+wpL8pzee5UHabPNP/jnO/oX wG/nsHtj8axjC3lZjiEei4xuxLOCHkCj2x9gJ8DtWe0dIdrcZ5oj5AYdglE+oCvY /Z6Ia7z/07QhSDRNR2bBdNo+VsbrymoqdGIJMMA= =dF0U -----END PGP MESSAGE-----