search

KAIST-IS521 / 2018s-gitctf-team5

1 stars 0 forks source link

exploit-bug2 #51

Closed sunnyeo closed 6 years ago

sunnyeo commented 6 years ago

-----BEGIN PGP MESSAGE----- Version: GnuPG v1

hQEMAy8nZUIPGP0nAQf/SjUMFA4uQaOCZSMq0cO2hNi44cqil/gno4CAwtVnieGz Umd8xMLwbbEKUWXEtODJBx9WCynWRzQiy+4zMBumXYMa7Jdim1i8sfoCJCVIW8Sv PG1ShLR7QStrJmwDWdzyKEtSgPcVvb/PLCVq55ppnaG6vdQT/U98Ujx00WlxvtPk lcCT8d/cF99wd43MKIAaEFwvMZujsf7SXRBzylSfxStc/FIEZZVoenrZRpEePzMl zddSMtkGBaLfdUt+AiAdIippgghVJCkYMvy45GENzc6pCrlxKeJsWR+FxdIn40Mr aoj9PXIjNi4Hx44JZj7T0c1Z2dewWb8o8FlA62QGjoUBjAPcMgCV6N35oQEL/R6H IjVtfXhEBD6q7X4kkskS3rtL4oHrshP6XhFWlyStQvoEBc0cmXyqkjPYLB83dONd xfwZz9tGTunK/zD6cyeQG2dQAIur4pyNXVFIzskNNGgqipEk3ntoLG078ab19KZd hwA6mJxevj2SQID6c5AISdbY+43CwGTPOWkGSq4g4qmaaRMU/QASTcnvdxjhwh2/ +8JKmSGC4n/aEAtw4bZKUZKAOmzVgI+jS9OT3L0KdzcHhhA+qDJpcENBNt5bsnFB 5GxtgJ6MSAS1+ZBods+jEX43pSStt0V8lxri2gWD2oh8dxQhJzhNT9C0pOY0SgFQ GcrnGpCFJlxVnyNNYE1f+vv4GMIk7R0XzBBbBjWKn1khwcFTHQ83vcpHp75J9bCk qQhYq3+ewiW0yq7K9egG4ku6Y5PSPundUdzFSIk+4qEiwq5tuCIcj2P74JSEpN1Z svlWXtsiz82kgIBZB7FA//5S1nXFT4feiURyiyomchzeM44tIZtb3zLS+7ppJdLs ARw78lZCouBguJq6yJ7NtM0YQka/yv15YlsHLGv2Xn1U1thmsmYFt9OoaEfZFsI/ QEvmnX3bcfbNBAJEt4YksQbR4Iu+gghbsavvkD7A7cr03MsLSzLlio7TA9zaU/wk m1f6a2qRR+a4MHgJHZ6w05MRNUhu4+yPqVfVAL2t6+y3vIUbvcBQ0mp5sKq1w3jK OcfOO3xv5WdN0xi63zZNE1HCjAt2RUOvVBWnIjlSyJSF31hb7XnIzZ9V6+pBIbn1 w9L/LPetcJBaTDZ670NTX8O4JPhp3vPRGxAM1lvk+PkVcnz/vyqQWl6mJu0a5XJQ +qgw9WWumWR1EfcuUEbDPKnFcDR4XrQRmo64xz1fi4vDYkS+/nzD7lJC4vQicT1M /E1yiEBzt99GH1M2JXyqnoh7qYH3KdZRmLZ3E/KkWxq3mzeWoBSFQ7hH3LV6OwzX GUofsindYo89xKLKshy646jcP+vsjN4S2EJkEzKYrJz8uYLf5MoLuiZiqvbtHkmZ 0s3GIhwFeqGcdhXIPUCBu8yt0aL8p6+uiT05tt2NMCr4vw97ZZC/VyiH3+8bieVu 2GuReVSUHEy7eaWvj4LPNTHQFG/t3KM6bgwYpnfGaAhiSrxXFzlb3pUh9ppdeM2I hNtXhu6gh1l7aA03E8A9NjGsqDC2JPr2zUTssdzV5T85fLg4Fe11LaeZxOLHPw0K 96mx5LlwLtw8HNGp8y9te2MqbILVMxTZ6Ff8fnSoimnSTezvmQnlrqeH5Qoo+PE4 pbPSwEZypOeik7x4VjuSzGX4D53lPz4Qr4cTLrPojxfTCMzjmrkqUk5KOrPFs3OB 924wWtwOYrblmbDgBvtx9E9Y6aJYydAib2aPD3CUTQvaXVMu64Y1vZygZ7fM+9BK DuW88zoTKnCkqOVDsptXXNcStpqOcGkWCN4jnL3cStJ6TEPpapeubAEMBhloq3gC D4pvgpgVCOdouMCAsd2h9UUefW+LqaILjIBUTnzsAzw01yqaZJ0/3jOxzxSaKTb6 wZBsMbLe7233pBN7dagNxOxJXxbrzvDRzoxK+MbMKx9hFAiWiC/IXg8TMS5iYVJ3 YTnu/jUeSGeuYd9JuuLVSyii53JzCYWNh+0lhNlY/Hv24ghfVU1VdKW9pPOXNQWD 21C5s4Mt9ZSmXAwj3YqxdjTzsxEX4+FMqxj+IuRed5o55qE5+e49wM+jsmXixtjD d096IVXJo4k9/1J15PEtmQVsXvuCOHg9mF+ko8WPAbcGU3Bcwg4X6bgx8e0ESYyF U1fHLyC7+UTualhUKcpyGmAloO6CYhuCuXn9G6pXhuu/AcSJJPTN3BpLVUlE9Bpb GNCaQLDF5umOLkj2z2AGCL2FKDhJahL+n2TAED3nzSd9vNC7+kjgwSJA00B/apUW GGmFxFHNJEz0RoaHX0gcYP376IDTAq4//ed/fS9vIjaYMpGsUdy07cZZ6gIknL1q eYz1Fa+8S/AxSfaOKtC2lleeXsN1QvbVPOSLd1JKkfChoy466o4ETRPdpZNwfXpY Lo/CJlBDfcOwXRtM6eaeLAC8afjG5bl3Vd6SQ1vqTauzivHfmr5Y/h3LIbhMVfyN DQy90Hz3x/2vIfuOUA1x4lcXcG0BvBEYnrbtx19kIudU87jsqLtMk21R00ck/3qb SiZeCZnU3lJvisUu92EWBSJmo9kgsXrvTh5NQqSwXidnl3qSepvUJxgLZrImQIHp aA05JqssAY03f9OlFFtCUmHtzXHl0a0SXe0ZvmR/znCQIfOC3yCQ8l2DTKHhaLW4 qN2gE6CKyWuRgF9rUfC+sVT0dIHeXYGWO/BsuWGEmx/Xy+bhLforknWP84iQaz/9 WxUxHc1ngF81VoAI8sCNuZUNCwy5iavm4cQmnol0Gat1sSoebWehp+GKlWUaHinW E7z5q/2tSvBiBXODV/Sqri4R51Ecrm0nBqGsOgSuVQms83UwB94iYASHct0aUi5k iPJIe/K0/x8xJTCOig6zMJOS+hl4/7njfF98nbPk1zbh/eM6b8XWFu2dYWEY6N+i CQQNvb2pj2xufVmeltTxTB3UmKEoemkroGWKlw5pp4sUnS0HVx4GNqgqsmFzS2fJ 8ex9WweQo3C6XHYPsIKjUAMdmtiEmZQ1J8cvGWIke7+9L6MWhPFcu06Z63OcJiPU gflUuAP20vM8ZNRa1iL9TZ/fGF1C+/sN1tt6+5JB8tum0UBO6ORO09cz+PmJTsvx 0uhCP3nH9c78RAJ9ChkEMiyA/B6lvoA9GqHlK0ee7x7XIY6e+kb/nYEkoIVb509R LfLME4rgb2ZeKT5ijc4a/c6BpmOcaoh32kCaxvIIajsgqOMtttPY5g+BCffnUBO3 TPJGRR3dQ94zkDTGQ13fbe1AcMyGb2Ye5Vlb22bpAiGDSWX5lGLkyBnFcEfNAx++ oAHa42qz1IzBKybndckwNhyCXvd9CWQFH0XPIlEkIErLZ5K+3qRqG5vQojnRxooi WV9avpDWEGCPSBVDkBVODfbOLm4RinIt5i8ttS2NT44i3iFI1Vhx20xCxi7PqqpO dFGE4Bu725nSs/LHIqr+zPRpZFfszSGVxGlJyhnu4i6kGn0shmCar4GlumO9LQQK OMDuC2q/F+O9TmuwxIt3wYJLadHm+MNPv+dYTbW5ELpIkRr+j7klLoKqgFYTcqix UAv6Fa1ZJ3b5qtToFe1bbxISk+pXlIZHK1tSRELqwwV2C2QXEy+dWan9ObQpO+ov 8wZMxM4zaB+1MDl5SPVdhC4XHzq6n64TOZyno+JbWLiR0lvcR1+5swBVaYS4U7Xf 06cYJwI/vL6Us4FebVEDeNNxNZHD0ZlBNC2at/gv6goSq+ppYhrdGUhqZ1c8QS9Q LULIaaNmEgGBUcW7LxoFXZWBJeSjSPrrVEhVet2tbrUk3xYZTjktVyEPxatCDwg4 3JPYipvWfwbZCocC2CEH+/GP3amym4LcG3TW197Vrg+Fn8DB75qt89WWCan5Wcm0 cSTwIQbOKqafhhM/FvO2H6V+LiMNBFE5XCVuoKod2XaT/WY9GZ2WKm979YSwwxKP /WKhuyf3HWOUv9xwJyGuzvRdZlg2zsbNa7Y7M72y2otsc80yIenRIQj6FiHDwQhC vS700iBRdc/7IN6953tpJ8OAYv55+uwwxgBKOMzJUAG5jLEhHjKYaNVXr2ret4QD ntU6S3PeSxhrjPma0dtu5cAmPALVW0+0R4bobHpBjVHmvOmc4h6GXA+A5rOT+NB7 2jQ/xaSP5Ti0RzhNWtcdiEt3fKOfbqYhxN9c3HYaKOoZY6urb37DtDD/irJLDiwJ USNaxDV008uL4FPRWff5E1Gmq+yOHyJt86pJnD1SaZljaDlrpasmF9aBf34nkw9p p4JkfiS/7hi/17KKWMVpkKEmUpOX6nE+Px7X36NRNQHh0CDEv3IEPQDmcLLSkG+9 WF4OSlY8c0FFaIkP4ThSMDWh1U84yrvmSyR+pjsOaeQXRWnR2SMaKGXqfFGWCDhb yZgfaU5jGP0lPug+KcpHBWz7bgkoPGxIahjOShLn3sXV8x9M3ZLes2asPvyX+FA3 IY7UmehP3OmLjhSAKBJLaI5VMbbIrFMKmTV5BKj6A3hXzaQvV7exsuMBbwi6bh/d vCUAFd7/J5QJ3fEWeBmQvHfawpsKR1QoLoWSyPOPiBlAAiQK9hysztwt4GLTprbB Xelx+LvhAtyfzhoNqGbUcLvtpgEPsSAWPd4vcotT4tqehP88RqO76dO1cMZm2eqW A96DNKpZGrPAEBzyhQfBjkyujmos1p2HlH80wZHQ4VG0e46NaZ+cCAi1kO4mp0ap Fji9Q60i1TbXgvvyova1jBXanADBHU7CIRuCN+GiLVCD1bQFyUuUqUmLPq7ZloG5 VIqCuiQYUclQJvpssghzLfZKhiqrVzTS/UMeJU0FIExUlhNrYbzZ+oTMXeydHH3k W2DqouTC6hxGjqu2/5cRREEbTC/88p9/Xn0+BSOwhg8QCtF31de+BmQdOevQtvcW fTJrw5/+rTkcTS3OEKNNDFLkslGIHYPJVXzYSeDHNi2FLABhJfNkUqi7FEltI1J3 xkdqbs1eZ9w715tK1dREXDjSJxRrSOq1X+RbHVLTTgdVGyPUlEzPm/p/z6p+1uK0 ijNJB2nrvjT4YJ88TQPeTTy8QaZLIImef7yVfJm/sJZj9spmv05spHdciNo/VjFf H2bv+JTaxXFB4HSBCRHkYbkJxuMmTSP4okjAnf1i6MWKNmOJVVCwW4Mb5cOAjMdt ZXxN7/7Xtb7+fKTjoTSeMeWgUy74Tz1LFanmuqpEDGLZChtOLZ7RPaBuLx0wJSvd C7wSZ5GyB9OsmaP6CbpLKCuhdKK7fzPLbkEhmQVVcy2cDk0+VbDkhmZLl/WDje10 ivoktfA2XrdC2B70/MTq4qhvQz4YvRgr9aA2o7RF/mQIq7Q8kTCvJCCxl6or9wEU TELafeoGkxaEv6zZL37Xpaa92I+brTO3DafHxyRlqPw6Mt27sroAZkWp91kgXxCp WhkIiFfEIl7Z9esfm1juUyY+r5JHj+SPwgbtILGFUwoEiFa+Y4feubzIJwgNwVhe y5favHG/5oLP6FKsPprk3IIR16uACEOK2984V2Fzc0oLYkEWAm9K4Rg0oeSpzD0l adhVv+J5HWtZO/gdbkuE1lury28xIxdLG0tuQPETHlUlbuPeOh3AO6zJCw4DJqQ3 gZ+GPjlUR1p/9WDstvNHOXHwSGuTYhEAy0Fd8sNEoZiNt/tkWUwZ2GzMQ99w8dmS 9hOwYNR3y3lJ9XeiEYVT08lJiKBMkZcpZQxRJWwUwHYaSyISAhH93Gi5cXClgz6J GeieOyWvgyzUFDhSlEXnPmFD2AmRCvLQfsFvwoDo3A5aJSjzJS/gaETv5EFTGOTc C5CxruH6cZPxZZyNNoU1n1h9npS/ipN935dou39mOb3TwYhusSw/EUBQGBoBSLSP leXm/gZwUyRKiCt5J5loOPwY2UY5WtJGWzU78mfVSjWuJkNqqoVedUAlxhzDy/Gk YE3YtIkRc+6wCKdNrtLBBu5TKpfnm3I8xjIzI2F4Uf1FXdqA0BKnpsYZcH/imJ61 Hnw8245dmcMkrwkq6DSCj+KYlKmeACaS+tM5gDhUxfR7P1yGSxpHQXtpCVFRG2cz gng8TYJW1ujTHpRrmen36/cPNwanslkkhdxN5rOU+lTg/7L+B6we4e2V7lzWMiMn POqSNbnpIeQ2iR8zZVeZ3EgKBw71a4yPBxValUnMcfzGr4ySDjUQC0ZBYP1ydVX4 gYww81OO5Osb5YtxZu8/yWeYCCsNvHva3I1xaKxlc6vwGIK2TzO307xz/E9bE5hI Y+7Ky6hPJCo8J57TTpjlMAfyrwjLHoX7zQYF2PNuTjP4jOooJBC8ObAuqiVK8Fbj Ol7tkRfrqf8oeYjxxqO/m8Bxx8lYld7SHYGlZ0NeUOh0iLAAgyhvJ1y2/bhYJlOJ ZZ7M7MQsGNoq9P2MDb+rW1yOBuGmA2TEtW+zMzhhuv8pXKaZsXmUY50p60+PubsV haeXQcBnkHJPxakdqlvsqkJTXPfnbPXPJgaDqn9NmJg53emAGafeKbGbz8UZxEb6 SQ3vH11R0OFdkDWN40QMNFVPQkqIbSyY+P0YGTrGE10mNP/ToCaKIEJ62vfgLZXM NuEcAwJwqeSH3Z9hpbxbN/Orj0HKwLuOXsUPfehC5zs5J0PgzASZnIp7Ugd+YdZ0 hzrcC5bFERQymOkbAWItSLuzNgjRjD8ijtO9H2AqUNi1kwvCLJ82mgV0MdbaLBnU 9LHwbSEI5l8SINq7WynYCRnZXwc9JHsDibXSOAJWHGCPc2M= =W17C -----END PGP MESSAGE-----

softsec-is521 commented 6 years ago 
About exploit-bug2 (exploit-service branch)
[*] Starting service from 2018s-gitctf-team5 (branch '8a0b39b831e3bb1efdc845658089c0ae66a36fd7')
Sending build context to Docker daemon  2.193MB
Step 1/33 : FROM debian:latest
---> 8626492fecd3
Step 2/33 : MAINTAINER k1rh4 <k1rh4.lee@gmail.com>
---> Using cache
---> 8e9e3881ec66
Step 3/33 : RUN         sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> d58cb6fc7f0d
Step 4/33 : RUN apt-get update
---> Using cache
---> f74c65dc9bfe
Step 5/33 : RUN apt-get install -y xinetd
---> Using cache
---> 845d6f85baa1
Step 6/33 : RUN apt-get install -y libsqlite3-dev
---> Using cache
---> ff66c0e5a29c
Step 7/33 : RUN apt-get install netcat -y
---> Using cache
---> df491e9bff6a
Step 8/33 : RUN apt-get install net-tools -y
---> Using cache
---> 93debded14f4
Step 9/33 : RUN apt-get install -y procps
---> Using cache
---> c472a4cdaf3f
Step 10/33 : RUN useradd -d /home/load load -s /bin/bash
---> Using cache
---> 88d6cfc64fa7
Step 11/33 : RUN mkdir /home/load
---> Using cache
---> 82e3bcea59ce
Step 12/33 : RUN chown -R root:load /home/load
---> Using cache
---> 5aa04924d1ab
Step 13/33 : RUN chmod 750 /home/load
---> Using cache
---> f51da5c3a761
Step 14/33 : ADD ./BUILD/prob /home/load/
---> Using cache
---> 5fa7dbc08b05
Step 15/33 : ADD ./BUILD/modify_usr /home/load/modify_usr
---> Using cache
---> 80d1f6379516
Step 16/33 : ADD ./BUILD/run.sh /home/load/run.sh
---> Using cache
---> 906323f975f1
Step 17/33 : ADD ./BUILD/usr.db /home/load/usr.db
---> Using cache
---> ba9251f94caa
Step 18/33 : RUN chown root:root /home/load/*
---> Using cache
---> bb326fbfe03f
Step 19/33 : RUN chmod 755 /home/load/run.sh
---> Using cache
---> 693348cb1317
Step 20/33 : RUN chmod 755 /home/load/modify_usr
---> Using cache
---> e9b9fc8366c5
Step 21/33 : RUN chmod 755 /home/load/prob
---> Using cache
---> 2b467833030a
Step 22/33 : RUN chmod 766 /home/load/usr.db
---> Using cache
---> e09ce7454b7a
Step 23/33 : RUN mkdir -p /var/ctf/
---> Using cache
---> 836e043d7be7
Step 24/33 : COPY ./flag    /var/ctf/flag
---> 2682b01fd8f7
Step 25/33 : RUN chown root:load /var/ctf/flag
---> Running in b4fc7b4c394c
Removing intermediate container b4fc7b4c394c
---> 3e1d1d88e845
Step 26/33 : RUN chmod 440 /var/ctf/flag
---> Running in 916d98a90d6a
Removing intermediate container 916d98a90d6a
---> 497618d48e0f
Step 27/33 : ADD ./SRC/load.xinetd /etc/xinetd.d/load
---> fd0deb5708d5
Step 28/33 : WORKDIR /home/load
Removing intermediate container 5a88c2f7b3f6
---> e87f3ec19e8a
Step 29/33 : ADD ./SRC/start.sh /start.sh
---> 148dd331415b
Step 30/33 : RUN chmod +x /start.sh
---> Running in 2ce3f9497c62
Removing intermediate container 2ce3f9497c62
---> 939de7373799
Step 31/33 : RUN su load
---> Running in f9311d53c442
Removing intermediate container f9311d53c442
---> 41e055943e3a
Step 32/33 : RUN /start.sh &
---> Running in 2ee517a42649
Removing intermediate container 2ee517a42649
---> 40e184089a7c
Step 33/33 : ENTRYPOINT /start.sh
---> Running in 391df04a089c
Removing intermediate container 391df04a089c
---> 06be62bc7ff2
Successfully built 06be62bc7ff2
Successfully tagged 2018s-gitctf-team5-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
3ae75e6d14792ab567f0425968729dbc0ad564a3975df1f82db6c545eb4a1d1d
[*] Started service successfully
[*] Running exploit
Can not show your exploit log because it cannot decode the content of exploit
[*] Failed to run exploit

==========================
[*] Exploit returned : None
[*] Solution flag : CudXNYnhjX
[*] Exploit returned a wrong flag string

[*] The exploit did not work.