search

KAIST-IS521 / 2018s-gitctf-team5

1 stars 0 forks source link

exploit-bug2 #52

Closed sunnyeo closed 6 years ago

sunnyeo commented 6 years ago

-----BEGIN PGP MESSAGE----- Version: GnuPG v1

hQEMAy8nZUIPGP0nAQgAhXJjfhsTiN6MhWmYPBH6ajccgfoJYblAuT391h0Ef9Zn P8FkJ8MgvdQMkZz2QmkGa2MOeVA0xGBSgMpwobHwnpSBs9KOtxZpVAJu+7JpyTau R8gzfAnu2Zu5oK+4INp1zfzVD2ka9VHie3IontKly4++8l5ylBatmTnaAzXG3ctX JN7oa2MCrN0dj5q/0Ym34hyp12F6PBJsK6A2/DnnLTwshp8qDP0tWXR/s1EgoYlC PFOjEHVBs1SL1tgSFo8RvPFJbfzypMHDLgB2f5ijX6ZIZgDNcNvVnEZtjiiDObfC hbjaf/NC15m2ZjlOOkQU/fkS/he7zb6PX2ASqMg7T4UBjAPcMgCV6N35oQEMAOb/ Yo42qEhX3lFjF17Sl8We8l6uYl+I/fwsME/mUOksN/BZf7sto1ok7ZATCLWagTqU AoW/K4tjaGkgMUTk/S02YTtejUqAyKMrxzlKSpBHg2C3Y2lVIBt8zJXy1nzHXcQJ 0qs0uxDbGizxlekQLwERZrgVeKPWSdwjCpBBPjawgro/+sduWOvNtKhOwlx7VeIW EE/4/6pxH17TqiUhGk0SsdNF5UPKvI9zXaoTMV4JkSpj8lDFD9EJXMojwlGCtXxf ICIKZ3nPr41MipJRUxb1Y3lxumRgI4tjtyl+Sx8HrF2UxjfNaI9ZSYh9BFefUVxo dA91ghdOr3wmRhSIsfONEYKOjli1/tsf6Vfnqo/BaWn1dtfXspz9cqI1I5sG8Hs1 QB5ZLXjGK/FcydvrPvtYvDwDHCCS9XNlr20cXpH2rqoQaMNf5fKe9e8OCWkHbZa6 SivdAPVaS7+jhKZTCxA6yDr9BtzQJj2FMKDXY/Al8ghRaOmvbe1YZG92vWY5EdLs ATiIuavbT5qluxAejOWFpFXUkt7torzsK62PBUkfs31l+52bnYGLESiyx5YINbmP EFVeDKKepiXB0gIR5xnCXHhI3aldwXYXXpK0nN9oi1+9PCfrApRv4dh0RGpweOKz RZgIjePi7cIJBHo21uIPrL09H/YfP/aEAmY8a36HFemgl+G0UOl1lgJYynVj9TvH 6ZhORkoOxscNhFFwSnnCtpToMlTLQb6hHvEcHbK7OgHQcg8Ow74oFlJQRtyds2fW kCsQunSYhiKZQsN+WmOqtDiZQkQHAtZiIY7Vijz1auwYup4fY4uwrG0bR3nSxNfw X1A3QMpLjq4VWdde99bNm1bhxfoyppdFA5Veh1QbNURj+zn0eQ4iwjrtRzPYQXvJ iDBNnUMjCaCLWO2zv2+BNhHtPvCtr3dirwxg5V2z0ZLRGHbDWD22DYMvh6hkdY22 NFNw1s0BRuk8JLYKJfgmcahv3ZP0foY24ulO65fbfHU7TWRsHDDWV9Ehrbml05DY JZmdG3hVMGX3Tvzj1Hek9GRtRkfrTri4S5Nnuq9DVpwLQ+FJoUK3DUI8Ol54KUi0 xuxjuq99A+/JRI9bDpggqn9ruAci370qbPzjBtoPsUOAd/144VFKuI/gabvEJcEL 0kPN7hd/hOb0PKzzs4+ANlk6UP8lFrxojg7aevZ+2zHEYwnWm91Lv7l8ex+ixTYo Np0Bd0DVXy4bXdvWjN31eebbJrJ+itnbDJd7oSnS2BZ6Mqn/TC56je1loCDPlGFw Snrl1IvwanCwZV6ZHo/OwCNG9FlW8QN4wtrl7oYsxgZYL8joMQNYm97BOdRj/fNe QuLuIq47ZNpx3Cg060WxS9hn+NVBoOrsl0npKg9hkoa86lRh2IWDYgw8/dqtFAhi mwdpuClTZFUTTNrpQAThNxzaHedSelmtcS8dZ4iiHMXMN2eyQFlZNfJ7s4tyrcGT u33us/aLAOUR4NjYFRnM28Gc0UFQRJhrO7Nheo59Gn3X3HvpKlb8sygnMFO9AOEO 8vdBtH94Fh24SHzSRjwCqyxVRBMUR8e9Eb3lEQuVmftPKcWg0ebzSmQKpbRJHH+k 1CyZqsgtlNNW969aOg0xlXI3DhQ4oVLn1nkBfaacoF55dUk7Umvcri0Pi48i74mL RV3XO8pcbO0rz7sstIN4kqTDvm8B1tubGL3Zv7eLUh1bOZJrH8UrUerCiw3eJ6NF 0Skl7NKOUnWPsdBDAl9Xytgd4qiRZEywU/gzh0cod+RhuX2YrcdRKzRKkw0FsdnH e8Jw/sRjx5cKqHUPcWURfM8uLLpxgjMTp+YHZS/5mlBBpLG86VAcTvrQ9KkW5/nf doROkvpRs5VVHnRuOJRQAPxTukNlBTXDxyMZ7522/SZhIAk1r0GqLuB6FTBRd2nW s8Q2NI445KboM3FpgufuIrQptbjbEnvJcfLIA9oOXvNLi6ygk1NcyaaBIhb5iA0V 2Axza9XVRspBEwzkwls+ODe2OEUQlrSr3bWCpq7Ez3nz2+f2pAOEgK1cqZBGb4ab hsS77ULnD5K2kB1pesSRJLoxkfnySzk2+utDAc8MkYpN4/aNaN+Bk++URcfKbYp3 3gM6w8SdBuuk0ebj06LAPnZxicLZaCSf0W/bhOy5OAgfCjon649mqWRYSNXTHUUq VwkZ/KfF2tLbaw/YwDuUEvtBuFOwLut6RrngKGRzweTOVBIhGbfGVqqUN3p1C789 Ywu5D1Bfn49+VJdKcbktYLcIYTuoS8lyODUfjGiDnDjo+pjTS22iCZlN8Y1da0oC f/0+ECUP277P0UQCdSlbqyh0VrSwCjMEPlmjX7ih3DoG5yxGSDUQi5uTnvCNBaZ1 0CgpJfsukdlQ5WLdA1086N5vXIvHTcLLW6tZ6ARvPDVt7c5v8foMlnMud4ijfbhV 8bch/V6LDYbUFrtY8/fvQsA0Jyvrv3Bk7dpvGThTLkz/800PTUjBnmNKzOUcv29L gpft26Y29PokCy3SpyYbG2D7aPCWHCBesRG+CYqTtHfNE8esR/zSAhGIUf/u59Ao duav0PkuazQH5s6qvEcqD8M4ctczsg7p2OloF12poiyKKXBMxbPydmkBvtU088q9 0lQrI1RdGONfx8dVTGyOc4PChrg3lg5tmbolOoEpHs9PNtBPELhDKCJ3/NtijMY+ 53GDBvxiHH2gpeRU/EwhvgyAOrIN7q/Wx07lOWNFBT38pj/BjYFPSvqdQ5OpXqKV DrAUkh5ce7cGSMVDgXvHn+ogA7xTMhZSHAIU0l0Nu5ugXqb+qZFAB8Zx4SEcsz4/ rMoOLUU/cZ+CStGeLw7S/+XcMVZAhWEPGz3Eo733fvbxvHG2Aidi1ZBUoAmjt4QU jjwzse1ZTCMg22e4nw/iZUfspiy46yBN2zZNhPmbgRg1Gw4wqTTOK9u1cdgn8rre SRTA37zdGy6l0mIGjOZur892h/fyX+D+sR4iJsYhB3bRmXMBZrNo2jO9rw8aW8fK ape170PSIaWL9e3MCO463+P3bgYqxsByOp+dcgpB+bYRtzFQw7HwOo0m038taXP2 82dNtGo4+YxVO7l/95d6SygFOP1adiHr23OElWJjld68C9BuACt+MZ1saAEVDmBZ 27vPOIC4kWPR34eR35fmLLeKf+GbFXcmGaDM3qXdrk3CQhMR83V6s7Xzt26zT/Uq B1WpQO6JLaYgLc5pgXzxbhsPzY6nuKR0uqnqGBa2HcUXiZwbq9bNK/93ItG8LPDj 3KhFjVe/qRV/B0Y+zG49BHJzuLtmtrEzSuDQjexp3KACrVnpEelks7emU0Vsr4I1 B+rhEylXBd5oO7WVOX88NPfSm/mqQfNWtXsaaSMCYVrDRmJtVbDeeLEpF/mjwDmB xK8JcmFIQMOcsvvM+JUNUMqcmAuwb3oj6J9zU+r49MF79T+M22liMXan3/19fIBb MoPmsYQxzgQ76AR2wSUg7s5+YAUVmsxuzOTtMy9BpAy36d02uuBq/+A4ozQZ5NRK Bre1P5Stw4f3CPuOO8dY5geaUDzZRZWCDIsgLgQKuVb07Mv770j1P4TTXVC8hJhR Y2U6pez4SV2qtEcTCox8mgyYOoJu/U/7+2eQk4FGUL2ges96RrT+F+ctF9JzanAS 0W5IE/aKNjKqiQAMBx5QlOShn0J/ZkFwWssO0VTvPr4YZe0yrCSKdQ/0+NewigWL eLbQbG1xMCTDmktkJSsxbgTP993TRttU+ynch4+kiI2eUXcleFisJhiRl3FxmeBe GduckV/bXLEfiOYPimdiQX5SC0QiaWeXLtd+LDe/i53+3NWYFt/46Yw+8Y31KE5Z 7WP8QGaQhyS23vVWucGytji+VxVXE3NhqMpb5y/4JN03dGqkyDydZ+CNOnCCQ7y0 MHEIVsrnGDdiqVv9BpuP0cE0DFWM3X+K/BfwA5kMqCOvn1kqNUjdlviLriy2uW8q nExtwWudaNzM/uno39hiNySPMbqcq+U6Pj6wj+WHl3KCXdoDUOu0xxD1gAug18GB Qztir6GbYvRqXCsWKGpE29NLJpyj2Xyv87KiTGmW+/yEvFv8G5mB/ZZPAR7d45JE 1MNeoMWRdfXqsFdTCHf7OAOSieNizt4mcsMCn+0JTO/qXQy6mVm2XY8bR6Lajc82 S0aVY64YtO/YAkoMUoMvtTjoOE4TP1knYOmk+FFfcgJkb+ZOr7Ib9fh+IOJ3w57f ZbssZ8+I1mhOHF+sEQYMrpX1KlcS4LRFy72fDTP2VhO+/mAVeLZPgPZ34Xt3taCz wEdF9Q5gu6UhThb0T1sZncakT8P/dx4s+nLpjU7D8v6KhSEIznLzWNifTia0MXJE aHsCCBWy/78qAMs89kfdwlhLkVDN73V7gseiPvgV62JL/LoRLOkSrzB49BSRb6Or pR7TSUYkccMFqUjj6jCc1eKHJOZ4yAxmaQafWOlBq4UWnsdAWokjVlX6jeeKGKK2 y/Mu7A+5wFf8hKol6TdgImURT2EJS3ydpFapR2TlcRgnc1vHZb2ZqzUb13oe6GxN m8toIeKk5qEd1D841BJejz9W25Pa3WmicJTPqIKcI3PnbEFYodSUko6aHG0NQjk2 KLFAR3UFtlYuQzEHxnzlxYXXhl4ueLMOYpxt2nyPo3DYVhd7wMUoAqXJP2bH3XJH d0hm+Sbz/pLs5qeUW/4WHsNO59BhcepQAUQ//ZPALfV0G7Ahn6XpKvKD8TF5Su8c W0tH67fFsG+5WpGbbXg83lAHkaXqas3mtFD0ApEk/4RQwLRG0aEqNaqvVdJm/2dh tsx5ozsAjVbzrNl0EBMiKdM37eJZM0QLBOS5vLVyqcPIxik6db321QUIoS85X3hY sRdvkkI3EckZTTIyEiLIF5YEesVAQnatIUkVFzRJuDWbBPKv7zX3hualxfOLYre5 OSOkzIzKxhSi+JZHM3ApYmklyB6CoxogcJ+m98aVQ+Ba7kJiF59/wbmxEcZB2FSQ cemj66lax4oG8F3RDKdNjhRUhHMpwKd1Z4snUs0QmHAgHtYHy3HXsZbQvNCKsvW2 z/VLOmQ4+kUUxPtd/LUglGvugG2FhDaZlml0B8VrfTXI+y4Q/bnNPbg4hdUal6aE ai5yuGgziLoF2DC3o7KU7NritZHxFO+oAHNJd8G9waI/tjyFmgdwtUXrF3879mMM uVjKRHrMJlyyg1vxb44vZ2mfAvloNtT0rsfSJftosZaDmBSdKWpZXIbMq5kWRi6J WQgbnNofWVET5Ofh33TwUC1I1PW1fEsSXc30BaUSjOuwNvNnzZrTnNMWjcSGFvo9 7PsaezUPxtwWhMqyehxDwECGH9mHlZDC/eQO5wfIf8NAAADfmvTwMNj1JMiyYSrX rxP0/IjogouaKQPktzfmL/PNOLCqmu53VLKusjWKGdmZcftozK3qYLh570Dpm3Pf H/mNIImegWcoK+xRmkz7HrZByPZGOl+FG3SvEKta4HP8X+TmEqpxmu+6ayLCixwm KLxrBNk+ZpoyPAjb3ui0hgk4Gj9i7k/+O4JBZ4PZQwKVfYIVLR9ujke7CquPrbT8 mjRB+8KQGmiFlIoM5OPJPqFtetkcdICSzCnBzGHmzFZ7fqpxSPN6Keqt8n+GtWjJ HkBTMGWYrCaITIbW002+TV4IZmuZiUSOjyHpcOWp2lRLw0TpPfUdyJr65mYXBhCx vDe+o/UA/SHjjoE3vFlQPyfBLjoB7Bhh6ksUaxzStKcoPaQhrfO+RE2LW1Gd9xan Af9k94WVSgpPvzZfjB/EXU1nyvIfV6F+xMEk59+V9VKFZyXX9qlC6g07s31kfy2Y 42T1ntLP0tyZBup+u8Ck6hTBSMFpTXoEO5i6U7pY4bFUieQTgGWGPzYhJy7PXKlo QKzpfkNKroEgsZOnYqEnwk42oPHCgtkYCyLNo3s45o1tebvEPlnOvDiOer2WIF0h p3pht1ld0oIdulgxarABP8By5+NJu+OzI5DOr0wEeO6/DNorfyk8GccihLbKQAux v4cr8kCtbkVhFAOffA+8aCVXy9VOpGPHd8irX3XxQm88gfE1AInqaN0qiB8XDDuC MxSwk2tKoDc6MQakzX0Mrk4WUyfctxtivZ7qDAIbkpWX1kHp9MvetAlI86xhvo0+ OBeVHlfaMgerKyk0IR8fOIAfkuLXqbsywBak5W94MNYo9qxtz7N3J4jkQf95QOKc QRRhhXWH6rGSSwn5MQuFtV7u8/sgvFl9gp3SPGPocQxuJJcXDIHVh62HNW695ieC 9r8t5liIxcMWQTl4tjn61KFKLfeKekf+r8Eshra+/FBeScw2WQ3EkKc/Kfmp33fA nUtnCeFjvS0UEOAsjnX50teiUkHWPLwdec+9aUpnPgNqchST =aoet -----END PGP MESSAGE-----

softsec-is521 commented 6 years ago 
About exploit-bug2 (exploit-service branch)
[*] Starting service from 2018s-gitctf-team5 (branch '8a0b39b831e3bb1efdc845658089c0ae66a36fd7')
Sending build context to Docker daemon  2.193MB
Step 1/33 : FROM debian:latest
---> 8626492fecd3
Step 2/33 : MAINTAINER k1rh4 <k1rh4.lee@gmail.com>
---> Using cache
---> 8e9e3881ec66
Step 3/33 : RUN         sed -i 's/deb.debian.org/ftp.daumkakao.com/g' /etc/apt/sources.list
---> Using cache
---> d58cb6fc7f0d
Step 4/33 : RUN apt-get update
---> Using cache
---> f74c65dc9bfe
Step 5/33 : RUN apt-get install -y xinetd
---> Using cache
---> 845d6f85baa1
Step 6/33 : RUN apt-get install -y libsqlite3-dev
---> Using cache
---> ff66c0e5a29c
Step 7/33 : RUN apt-get install netcat -y
---> Using cache
---> df491e9bff6a
Step 8/33 : RUN apt-get install net-tools -y
---> Using cache
---> 93debded14f4
Step 9/33 : RUN apt-get install -y procps
---> Using cache
---> c472a4cdaf3f
Step 10/33 : RUN useradd -d /home/load load -s /bin/bash
---> Using cache
---> 88d6cfc64fa7
Step 11/33 : RUN mkdir /home/load
---> Using cache
---> 82e3bcea59ce
Step 12/33 : RUN chown -R root:load /home/load
---> Using cache
---> 5aa04924d1ab
Step 13/33 : RUN chmod 750 /home/load
---> Using cache
---> f51da5c3a761
Step 14/33 : ADD ./BUILD/prob /home/load/
---> Using cache
---> 5fa7dbc08b05
Step 15/33 : ADD ./BUILD/modify_usr /home/load/modify_usr
---> Using cache
---> 80d1f6379516
Step 16/33 : ADD ./BUILD/run.sh /home/load/run.sh
---> Using cache
---> 906323f975f1
Step 17/33 : ADD ./BUILD/usr.db /home/load/usr.db
---> Using cache
---> ba9251f94caa
Step 18/33 : RUN chown root:root /home/load/*
---> Using cache
---> bb326fbfe03f
Step 19/33 : RUN chmod 755 /home/load/run.sh
---> Using cache
---> 693348cb1317
Step 20/33 : RUN chmod 755 /home/load/modify_usr
---> Using cache
---> e9b9fc8366c5
Step 21/33 : RUN chmod 755 /home/load/prob
---> Using cache
---> 2b467833030a
Step 22/33 : RUN chmod 766 /home/load/usr.db
---> Using cache
---> e09ce7454b7a
Step 23/33 : RUN mkdir -p /var/ctf/
---> Using cache
---> 836e043d7be7
Step 24/33 : COPY ./flag    /var/ctf/flag
---> 0fba7355d404
Step 25/33 : RUN chown root:load /var/ctf/flag
---> Running in a451b2b84ee6
Removing intermediate container a451b2b84ee6
---> e67284e7208e
Step 26/33 : RUN chmod 440 /var/ctf/flag
---> Running in 969ecc662a70
Removing intermediate container 969ecc662a70
---> 47bc7a1fa812
Step 27/33 : ADD ./SRC/load.xinetd /etc/xinetd.d/load
---> 303aa8f907a1
Step 28/33 : WORKDIR /home/load
Removing intermediate container 638e25f8390f
---> 5ce36df41ddb
Step 29/33 : ADD ./SRC/start.sh /start.sh
---> 9b161919f63b
Step 30/33 : RUN chmod +x /start.sh
---> Running in 051733fa2cb6
Removing intermediate container 051733fa2cb6
---> 27b2fedeb209
Step 31/33 : RUN su load
---> Running in 976fbee7c3de
Removing intermediate container 976fbee7c3de
---> 0a2e4005f4aa
Step 32/33 : RUN /start.sh &
---> Running in 35b338c2483b
Removing intermediate container 35b338c2483b
---> b40e5985964d
Step 33/33 : ENTRYPOINT /start.sh
---> Running in 2bee03a0ef24
Removing intermediate container 2bee03a0ef24
---> 715012ee3ab3
Successfully built 715012ee3ab3
Successfully tagged 2018s-gitctf-team5-8a0b39b831e3bb1efdc845658089c0ae66a36fd7:latest
3f9c715c6a6e6cbfabca462cf53067bc34b1b1658218e916a582202c56fe62f6
[*] Started service successfully
[*] Running exploit
Can not show your exploit log because it cannot decode the content of exploit
[*] Failed to run exploit

==========================
[*] Exploit returned : None
[*] Solution flag : UoPGMaaDtJ
[*] Exploit returned a wrong flag string

[*] The exploit did not work.