exploit-main - Githubissues

-----BEGIN PGP MESSAGE-----

hQIMA7KtScPIyW/lAQ/+IAvtLXzJH8wq01rMrsuXHqEg6f3jZdmaMSesGUIAwCUY lXLBzDu7mwAQ2Y0VcffUIaM7XIQm6b/d3oNZesWGnqTgvFNqaqOk/1hoRwkfZnpH SJw2uEEvvKL98TRWnBT4mS5+wQrsTAxvfnncnxcgoejfAJ2ITZNXhZQYvi5jn1ug Rvdh7qR6nBUq+8NQqMWR6TTZoUtEIsSqPdPpjuPCEvoxWsepNsCTVFF440zMe7np UfOlCRtysPULB+WFozcmBwnVPir8OabmBAIImPTFJMYsKJldw2GBEgAI4uw6gaif J4PCwpCllvHI7OBFNcHepzaFAyrzLncMKAxBHhDp6jpfTp7ECn2jQweZyv2YODxl 5NP/DftU+NFxHlLfnRG+Dz7PDvz7wAWWnqa6BdwZ0NH/IYQOHRfK/ziZbjNyJaZt j5N8CnQFDSh5vdi7fzzDSBt1fdPWSSgY7cjbRJP5zGG9sgHJ1Jg8p8Pr2VuBXR7/ UwTHyRsFBQVaJKW8WVnz3TlMgsgjWPSVJp0+xsAl3BJDliaX7O65zzQtPIB8mycH JhIyY2TFlK71J4cJpabDRu4FlU0/mKN3T9r3J1qbXOH1Bfms1mS1+SDhhQpWn5lA xBq7xutq6UxXIzHJPUseau63MFJ9ZTbDMML2z15BD1z6t5mWXMPWhpVyAvHM3wjS 6wH/Ata1HmOhCU4+65c8uqvVCSWuKucw+irr2AQXIo/h3NmgRJldVMakg/5lWgoa n7iM75Hq0SUr3t10V+/Kqb8dPsktg/AbDLjTDHkfKjUW7n8WrjYFEq6lAGICHVyl kxclUZu3bnRgBl9JimcrNpupQr7u9tJVu/mvuuoaH7pNeMJAGSjaGT2a7IeS2VXL LnJNSJe3GzyIUmzHzKy2ZTbi8NUJowniIrgLnV6isZtXY4+1qxa9f58qmKCjnENm 3QYD2AxF7TUYszrQXuOHKXzPHVvjerk3EEIcZD8mAMm7uQSliU5ibN2IMMt30gvm yG53Vo4jg9qAPS6sGeQEz6mkh00dINNmM7k5DS/gPHSrS1pbjpY8Fjqap/mRWH73 Y1FXp55ymFsNHtG23iErvuc74kGjx06AHpYQ3ppJ5ftLmpTBqdtExeVgeBqMUT3u vYR6u+2SBsA2kmSU5xmp/GS/Zk5kzbN4Kyg0gdJy1shdER1YrZch57NTwJqPV1hF ApbuNy4wR4tDXPvOdhVbpWRNrTWnZb30byMCaVigIrrH9+cZ2xXpj/FwP+u4v+nV IvCjvoOcOckyYcKM1zP1zyDKiS6sAN0mg12oyglHXRpT+Q2YylgWCWo83/f0Mavw jAyhpxk0hLSK5fduGdh56TwOK3iHHgZiJOPZE9el/JgDW4l+7bJQvhu6sDzqDou0 79XP1Mrxvt86tM8EGHgRdrQ9dUVx/sN81+/R2s9PdyDSyktXbci2jWZm+sFzvh8v gsK/dvYpa2c19VL94MwoIM/151qrVjoGPtTaxnIuUULalFrCuLSUPVFskdQnk6Ur Vm86vtJeVPrXoUMZiP813TcnuOyYrfm6wRE0E/FK3dwJJxPV+PKCNJa1uejA7qDd gqGrnCWgGdjk6Pn7NAkGyvHWmGDo3BpUUt+ZDaM57fUXZPAIzTYY3B/1sTrVoSbl 4SyuiUg8dXBpgLvOvadsFTBLu++fd6BKWKpQH2TG+NgGoWNcAHYePQuzN5v9NNJU lhU61iNcRodh8ScsV+rVbJh6TiEB/0cY41E9wTOP+Z1QAZQ57np/4ZjgYbBOWb0X dWH9DP9chcovkt5GI2FG0wb65MS6eseqvOi5fpWe1Ekf+OkZ3n30XtFp0KC7YIcZ cYCGVsTFbeMsJVrtwPggG3zdRurEZ6D/8t9g9f0vO6q5CcEMwVuF23dP3eu7vSWc pooaNytS2i0hMwJtWtUgOP3GpbKNJfcooBrgI3x5nZROUk6E4dS4oy1C9tfa37l9 gD9ICqfZRge/eUkkcuqzKuV6xAlwOgrqQijF434EXIe8UuOA76ezY4w/VL0WCxP+ 6I9QADcimJz3NldD1X35TgF6sQ4ra/qMSxhHdk+wiECUydXQQ55ufPeCcN0yIgW2 0HN1ZtZ7gH4VvVqh0I/rHRJ5/hL2Ma8WbMLLEPGqxPftZ5olWCQJl59EffAJjm0+ 4I/xNul6fmCogC7CtDrRlXeolOuG24oObwodktLF/x9p+ldUf/bmb/p6UWIMLHXb x6if4QM6bnTdOKWSCF3VEN/nLBEofDTdG8P7seopb7Essf/xY0e9tvIiPu7tKeOr rRoMg6T7e3qus1nfmVjDXSJ2OUZhVEnteKldffcj3GniN4Qo4WvMfqK54bpxsQlQ wNTLWzf0sui8NgF3PLnMm158J9nM6YnQsbNIDfmpsONoTQpHuDXcXTplWlmxunHv y6slm4xIRTPDG+3jHZ1dgLJAeb9Zk1OjLcoh31FAwWVj2kC3SmahfP9UfE7gHKeV bTIt6LejG2JLNW3Jhf/rWIcrK42xVPWQpnq86+vuMEuxKPl4MMzqQMdNI3ASU6tW phLjHiWfYZqLJZGW6MZbnf4mgz19fS+fuHDYFguTCyMuk4F5ibG0kWIOT/l0A/hu gt4r6RQuiRPmNYXBKhmtPbtam5p4xBobiimFziOlY1VU78eZYRs4hJdGvOKSQbOh SkK4WJOs7+BSNRi1J2a2P03T/UAam9m5uu/ewpXD33jE7CiuStJWkf15CvLUgHn7 GGYMPoeI8XjdigxE664MkK1+xdxGub/XAc5Q1UW/RbqNIGVBJhZsty9w6pOlrGlj s2rtUEvZdEzeBSMgLEbuTHYdNKu9iSmmgnuAPO6fFcOmCefkiAdq3N9ZZU3qC81B nG+TB/eKrChzGOMCbbda+ZAl92VuMqBbzLevN4zeuKHDCwNDAKVBlhaa6j0rLQ1u xRe0s2DL9KTusb579Hwz0IazbG5+P2hNoqeYZs/DmdRmjkHfP3PEdhp9u9tXYGn6 HgrXNN9qfpvQuvHiokHUxJPKQQQce3tY3GmWYhuNAYQbh/z33RBEO74Y2cm2AIRS rKcZT7pdMZsR1ceFRwxfsMlNOp3UuWYjrY79ioYncriqx+SrPXMU8txmco3D505M darVexfO/D/tJ6OWg+Gns+hpED80uwsxsQNcR0y2j+8mvTpPv2ryoNKmkLaZTA7B uTx3cGhBjUiEHePeIAes2wyRgZ4GC3tP03y0RI5i+93vQ4XhGnPjS8May9Eb+H9s oygI5sQG4W/bbb32zJaV9IYJT8oYi6OYinIDh07M7D+N+LKM4fXn2bzSIVd885qh /qshGDPCuDO2ZnXDNvCrL4E6QLyoJkANRZNvcV9eX6hquLBKkhmpEKb1k4IGT9vt W6JkXTJqueFJ7usHgTVXleW1UwGeodMJs4oazZ+OJiGgwBICkWn5V734PPQeB4vr bWgv+JIgWSMzbGqyYH/qYjFAKlI9Jn7MSguY2Zu8arL+Uh6DgvyBt4C5ChLxSYxp ocdo6GURrpzSPr7Q7ZNT6FV1YqieMlZpblPeKAaN0TtPaVHNh6XdTeS5wkuar3LK Oe37gqI5A5mehBV0EMz6gta9VweE8/oraCvhAOBqNxcHNxDu55S9ZYeABXhQdnyp TCAqJnfbnf27MinBTIiIaRzAtkkAcOtabd2f6Yt6cERYRBtb1sXaRJqnYuYkI/Il ArpQ6iU= =S6ez -----END PGP MESSAGE-----

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGAmlyYBEACxvnD2Ga2o38svrSboH26qC1O4YWSUf1K14YuqlXZXtTIHVzg8 AKwVF43aDUk/Pwqi5urwWOw9jY1JhLSGu8aD5Gv3axWxHlXN2YNVfbWLdaXDQjYt 7kYcCnTHNYOUrEItgPad1t23IVfyTZLd1yK+Xd3/2kLuNqN1/ZT6fToqGE7H5A40 dOCiMg5vtcLvY74wRZzjpA+1tVgpG9jSDB9+T0J4WWxbGxi39jwlTEc/fss3DO0s McxKVFZ0M0GhqMD7tZ3y+djaQQ3lfAhp7/YJs73ydrriI6jgynpuRV80KsRnFiBt oVIux6UnjYRo/gh1TVEUxDJ0U0AtYFctt97Qyq21ZxznJbEPDIu148ml4RTHL73y 423ZUWXouF6OfDC+J591uOWFI7ZIupRoXEkeyF0JF50iIAurAuULPG2r/ls5neYz V9n4NhcVqx/hQy3uPno7xaq1emMOduKzsKpdF9aGtZunmImtoflcKXJqLvp5OtSN sgxAtxk83Ly45tCqnl40kFMULCNGiac7fuUORfgCm75U9v51CJSUuK4dXuvfX1Jr 1mmzAjW7iJttt6rGfe53Cqu5kC5zLZ/ZbXVNg718PDMxakMNg4c4YTyo1hiqWMHn Ttp6/qSUw/Pjdc9LKnFwig0jFXwdvuCThvHtcMAinMiEsp7wOm8oJtkwBwARAQAB tCBhbWV5bSAoZ3BnIGtleSkgPGFybTk5NEBueXUuZWR1PokCVAQTAQoAPhYhBL1S vU0ciR0GhzCSbcEF9eaIFIq8BQJgJpcmAhsDBQkA7U4ABQsJCAcCBhUKCQgLAgQW AgMBAh4BAheAAAoJEMEF9eaIFIq8ruQQAKFWCG7Ge1l+XHWR1AEZsfASvf3/pes0 GanfjSlP6i4NklyBe1+eje/xb0gDM8OfvYDilUli6Srhzs28oAg1XJgpKBg7bs/H ij/pwNUYKjj/V3Lqj7zhxEhz2bw0tDLjIzt412bvyo4JUkcMusyzEGKI5xnbj2JL 8G5aStX4UDmD7BXncz7UaTf7XfskPfMLsbXPXmiHrEE0aoKAskNDsa5vXSH+MAMU ovIPTBLPS7phZhH25AJ0ruyjLMmQFdygnRLANeoCgSteK3CRprIa4iogfv7dfwbL Z7rBtKY6dKevLJqH0XYvh4CaAWmU206o0G4/5bHGO3CTofMQ6RRkdc4a0DyPXo2/ rMtfZx1LbRvAnraPy9BOZcZRS+mIc5Q08YdQushokiDYwJAKyIsUp5/0X3eKEqKG t7Z7ZTRPYaRpE4rrd4PfgzxQJSeASsKs8Ez8pLq5qAC7ny/Un4EXowsOzPRMGeZ8 uJcX536QveNT1CTJSodousldwgawrJ4Dw4mmVtH85YIXkJMrP5eNEFi7POkirHUF /6U1rwdxDBwWsb6gV5f5KAujYDn/OQAF4NFu52M1OaYR8gY/UHYyozzN74Qgnomr H3QYzCoeA3weob7WWnXwqRr4gnBzuJ/a1PfxpWLFD08HSQxMfBDhwryMHjjmMFqJ 6i6i/PsoyD0muQINBGAmlyYBEAClETtBwB8/PTKLpowyFiTmtGTk9OU8K/NIJXJw zgqBtrG6Qzi+LPES9Crmy32lakG6SpZvZGaVMF3rtfSFGw8/G9xrHnyg4i7V9lqt 561JASelqiJRZgsAKIV3bP/DTFZctzXwvDM5pUQt0ZIe10qU0sHdF0aXMwX/TqNB zHAm04WNlwk0iSPZ6PJWDwFtJViVHDDLpUIRIEjTnQi2oWX7Es7efrZqQnoSzIVE v1tpXuYfhaVHuy91e7dAm0RxnftKV1KNdeYjTp02GFd9mXiDtHHqqIjN1ppRte4j IduS24R+XRUrEA0g1JLyxoweLzIpxgO+4caPXspY91oP1mZ5/8wFsB6Cl6TwJ+ZX ofAn4HNGpQ99NsnoO8LiIF58H6NIVFseo5rGIRKsqcUWr7BJaj7S8SCoFM2mrmZS zkuNC+GBGNyA07CPAWxZ3kfkhXICJGWB5bZ5gDaZCoRT4pATT8vda6M2d6la89OM r9t8y58GNRqof+ywCnNq98QTB76zN4Vw3a7aa6o/go6jzIekuTyMVsRMPbduM74J CSRP6Llaw/3MxeMRXeN9Q+5dUzPQVE2Gbkh9zQiP7aI1wPpIX36iL8L0mQkYPyzH bEuOGcYPh/i6sFUs4e6hnqLlnajo/R/yXNFWwXyyR0m3ISprxTQM2uS6WE+hAf1I nnVE2wARAQABiQI8BBgBCgAmFiEEvVK9TRyJHQaHMJJtwQX15ogUirwFAmAmlyYC GwwFCQDtTgAACgkQwQX15ogUirygMw/+MRtLOb2kaKgMfsmHpPAOe+yDQq3U6Kp/ 7itLSrnp8BvfOPnUIKjUvuPQRWGSAS+V0QJoErLtP1o/DS497RkOLyEOpu1AhzaN nP4JI3m+Sm3pZeX/4vmpsUz6okysJ3OWnhLcjuEpVYRGxEktW7/ahwfK3f9YJYul D7TMSdXwTRtrthNuvZfjxm/PNnzYnM0JAi8L/A0Ih8xDa8P7X6BbYOOqEjTNHIqr ALnld+pcF3aBzwCQF2x5KohqoJjn/0AeqkRtQxsrOho4I4HD6/EmWo33JD1nhFqr kqEg78MJFB6TIV+K2Mipk2wB4hYQ4UCMzNHKTSDwQhd7tFhd4clXeDvmNrqT3sC/ dX2XGims8YXr+ixlWGu6hrCJ70/GJnAUP2A3e4ZZxGtbFiEeKl6FSKb9+KByeqIi 9x6gDj5gPKeaWZcNffihqaoJ0BGIrTg5LELKo8FWESKhsgMaFu6Uojv2axcMsP9y H3xOFu4+p8/IWOVUsHYvV6HvhM6VYmJrY+FO+8vyZ55pbcpaYMkR1iMXgO8ZK3NI p+U2Jbu0WbB9HEeELpohgHcmu01cutplVSmkd9zGKGIMo047fwN8rQPd4wrPx0Ek veD37QL/5MU18Bje+wT1LOZEIeOV9Adypq+sW9grFLxBPAiWEJklueFfNZvIKVCq PKcVe7pPcjg= =Mn96 -----END PGP PUBLIC KEY BLOCK-----

About exploit-main (exploit-service branch) [*] Starting service from pcs-sp21-lab3-full-credit-server (branch 'ee3ec9f03ae4322dc09064d307f676d312d834be') 13618672ddd591b47ccdf8006f5081130dc74d91c4427c6284f898ec8180fcef [*] Started service successfully [*] Running exploit ['Welcome to echo server!\nf7f44690', 'ff88d000', '566141d5', 'f7f1f000', '56617000', 'ff88d088', '56614227'] interact Address is: 0x56614227 call_system Address is: 0x56614230 return_addr is at addr: 0xff88d08c Traceback (most recent call last): File "/bin/exploit", line 45, in <module> idx = flag.index('qem') ValueError: substring not found [*] Failed to run exploit #1 [internal] load build definition from Dockerfile #1 sha256:19fc623a793da9babac3731c906af4c926476aed4b32da7b1fe206b5a388cde9 #1 transferring dockerfile: 1.43kB done #1 DONE 0.0s #2 [internal] load .dockerignore #2 sha256:7ce0d98d3cfa6bf469a1f082c33c47868808ef676106bb7fce0fc8d127e172f1 #2 transferring context: 2B done #2 DONE 0.0s #3 [internal] load metadata for docker.io/i386/debian:buster-20201117 #3 sha256:75a539c8c393dbf6f00775110fb2d8912abfeeb171f3fda973a23f6f7f79ba9d #3 DONE 0.1s #4 [1/3] FROM docker.io/i386/debian:buster-20201117@sha256:0ea86907b0bde94cce2b66db2ee41d32dd420d8c6aa5afce91ddbaaa70d9af12 #4 sha256:4ea7fa44a29b4a4d9ab0aba13e61e83eb47ed268d4e04e91ad97d4b67cd944e1 #4 DONE 0.0s #6 [internal] load build context #6 sha256:bc3be8b1507e32316b1459fb5b131759fbf82fb6cb56a07e36372811e6e18d47 #6 transferring context: 1.20kB done #6 DONE 0.0s #5 [2/3] RUN apt-get update && apt-get install -y make gcc python3 #5 sha256:1f1363483e94b35df0b3a11a98fdc6d1564cf6de1dde250d55c4bdc97e97840e #5 CACHED #7 [3/3] COPY exploit /bin/ #7 sha256:9092cb7f3c26de21dc4b7a8de628e2a6b7fc5732338c0b8cb613724017ce4e3a #7 DONE 0.0s #8 exporting to image #8 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00 #8 exporting layers 0.0s done #8 writing image sha256:cf7c3d3488bdb971fdb9bf2a73b3c8ee78bd3724073ef394e61e84bfb945e0cf done #8 naming to docker.io/library/exploit-ee3ec9f03ae4322dc09064d307f676d312d834be done #8 DONE 0.0s WARNING: The requested image's platform (linux/386) does not match the detected host platform (linux/amd64) and no specific platform was requested ========================== [*] Exploit returned : None [*] Solution flag : 9H7Eos5pD7 [*] Exploit returned a wrong flag string

About exploit-main (exploit-service branch) [*] Starting service from pcs-sp21-lab3-full-credit-server (branch 'ee3ec9f03ae4322dc09064d307f676d312d834be') 0ffe4e25b78d6ec6e5723c9ce0dfa2f5fe54aaaca266783fffc9ce6222d77f76 [*] Started service successfully [*] Running exploit ['Welcome to echo server!\nf7f9d690', 'ff82cd40', '566101d5', 'f7f78000', '56613000', 'ff82cdc8', '56610227'] interact Address is: 0x56610227 call_system Address is: 0x56610230 return_addr is at addr: 0xff82cdcc Traceback (most recent call last): File "/bin/exploit", line 45, in <module> idx = flag.index('qem') ValueError: substring not found [*] Failed to run exploit #1 [internal] load build definition from Dockerfile #1 sha256:6a6634aea1e0723cd0039f897a5bf8530811d228196d327cd7cf55c0f111d5ce #1 transferring dockerfile: 1.43kB done #1 DONE 0.0s #2 [internal] load .dockerignore #2 sha256:b647891bb089b36e7350dd81cb381547b5fcad1cc8e2f5d55fe656ca2ecec615 #2 transferring context: 2B done #2 DONE 0.0s #3 [internal] load metadata for docker.io/i386/debian:buster-20201117 #3 sha256:75a539c8c393dbf6f00775110fb2d8912abfeeb171f3fda973a23f6f7f79ba9d #3 DONE 0.1s #4 [1/3] FROM docker.io/i386/debian:buster-20201117@sha256:0ea86907b0bde94cce2b66db2ee41d32dd420d8c6aa5afce91ddbaaa70d9af12 #4 sha256:4ea7fa44a29b4a4d9ab0aba13e61e83eb47ed268d4e04e91ad97d4b67cd944e1 #4 DONE 0.0s #6 [internal] load build context #6 sha256:a9e43e5ab4c71e7f2c746d05020a2bbb28aabe399084444f8c65343bc4a94c33 #6 transferring context: 1.20kB done #6 DONE 0.0s #5 [2/3] RUN apt-get update && apt-get install -y make gcc python3 #5 sha256:1f1363483e94b35df0b3a11a98fdc6d1564cf6de1dde250d55c4bdc97e97840e #5 CACHED #7 [3/3] COPY exploit /bin/ #7 sha256:3e59dc329c102a480af476620b67c36880d4a826da93a4414add8cb4eda7617e #7 CACHED #8 exporting to image #8 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00 #8 exporting layers done #8 writing image sha256:cf7c3d3488bdb971fdb9bf2a73b3c8ee78bd3724073ef394e61e84bfb945e0cf done #8 naming to docker.io/library/exploit-ee3ec9f03ae4322dc09064d307f676d312d834be done #8 DONE 0.0s WARNING: The requested image's platform (linux/386) does not match the detected host platform (linux/amd64) and no specific platform was requested ========================== [*] Exploit returned : None [*] Solution flag : Vt3Aik1IVh [*] Exploit returned a wrong flag string

nyupcs / pcs-sp21-lab3-full-credit-server

exploit-main #12