search

nyupcs / pcs-sp21-lab6-server

0 stars 0 forks source link

exploit-main #48

Open limboaz opened 3 years ago

limboaz commented 3 years ago

-----BEGIN PGP MESSAGE-----

hQIMA7KtScPIyW/lARAAuAPa88fuk4I5iFjatPWkLSDa/1r1931l30FYGRq/mJyT FteTFd9/1719gQSiJe0RbYgcuj1irsCgkCZj+oDxfryKGcU+2pCNAd4dytkRPsIX scezcviC1Qy/JTggJG8BGZRLboVcIwkFAHDXFkPR/DQrwt3a5hwTv8up5gw4Oru0 sR1IRNajtMifNZ3N7w1HmSWhLfgJauhaySBb2CDmZ+LHzu8/0mNJ6UwT8CBNoSZE y/APgyg44dT4vCIdTQ2DcYZDuEryNcmNS/1vrqKZbVRlLVgfrqQVUOeq+/SU3geQ RFGLE8wxmShvu66kqCVqNf866rFyiWViWle8eJ0ux2g8R6MKYtaJkAcvNjzDf8nc NUDr82AelpxkN4xdZjYZ2/v4yqlNajNi/+DPC7DdaYcnxrjPZGScjcQsmfKM8nye qrmV0jfdCUV1VDNI6ne4wDAzrpCVWkpa11QPoVQAE+uDeWLVwoBxCuUFQt/RsYEq +hF3YxI6Z3s7rSlVKKQIEK46SpO4oIcMXmsOKOUO3OJiIeMNjEXMEhmT4AyHZQyt 1+I7qWx/lqpcv8XSmeWCZx6NLG5Nzg/GTQjP3lAnrpcWNQlwxIeKmPBbB0XtoXnT XJf5ensovJ9Zs6NS1WnZ1W16vitY+0XJYITneMmuCxQpKipryThAXoSv/yd7cRPS 6gEjOLQLkRla1TScyrmOpzBnxGEpP6zyi73Bdh1xcyeE3x08iNOlIvytce8CffhJ gQrqpyEBekKv8c1MZ3ht0b26TMgDjNeA2eOMHJQri99+FLh3oUu7KGl2QCFUptax XBL98eCm9q9Yv8I3guboAHPEFcxvC0ozjlhw31o4ASGSAcPgvD4JpIIAG4g8YeQZ 4+6G1JDUIADbwLHrckYGP97MlmsYGi5Lg7GWPJ//hrH6Z+Rzk5XjhFuo4+ANPXtv +7W/DCUj4y5vs4YpnCDMxptf3VPwj2lZ9KizWKY73fQXqBxbSuFctkbAII65WyCx WOVBYRJ62j6e0DAzUOpu/FaoHWtybzvul8e5hSKOlmqaZ3m+9ktVvclddtQQQLGJ NDIKxxQEfC6BEllUsixHRcnjGm/MT/6dqk3tvC6imagxa7PR3PGdklScjNEFizTX gOzRJ/McRLw/WFIAfL09J2npAtiWSmF2gRGOdRYpf5FQHhe4y1J6vZwSrv7O7bN0 lXT8C/paFocD8m3R2ajvQAmObjkQH4KpFjjH6uHR9x/RtLXfgnZV2sq8pcWXZDXY nyye039ak6GL97w7oAesb0AxnRQ8FkOAlkolVn6y2JsNCuyWeL+whZzW3v4ZOY8D xDAHN2BEmBGVBw/xXksBB4TEqNxDtNNCPoKU9qGIAhpdFinLWoCcXlbIUpzEeP6U YYx/EDQxBVNsMEEjOjf4p3//qpHGGH3gmGEufn6A/wF49WJW4x/tikrHBvPC+259 17dH5HqE4ThIvyloY+4uaMRl6eFQnFM+CtLTxxW/c+Z6xtiB/hG1q0T3orDr1Rfm dlkhfoaGrrQo3N802QdnLv1Q3dt2gw5LJ+X3whnDvIxcxlq5ZSBRWjH4rki8Nv0v XMkqrEUJqjEV9KeA/BPzkMiLVIMh+LgogVOuPps7ZJC8X7Wnbh5EhfMMza0YIaby 1oEvdmasCsBZg46UN4XmgSlie5g7JoGRQSFrZ6HO9Sc7HiS0gs2YouzC3Ir92mtk Uvy56sdhN+7jx2EXUFLeAYVfrhpbq8JzcHBYCrCTUYoyfCeGBMuiUp05590dM8Bp L2NP4kVthf0GjWcrpuQNcm4Z99AhKyWthbs0mQ+1CJvCpiwO1JzVvXhxKbTGWxHj 2bqemqUHZFCkyihUlimsBxNVmcK5/92qWC/M3gdHprKNq6K3OPJjm9T35TQ91vta 2j6bdQd1w5h6WTsw2BuEXfU3rhcamg2UZqEvxJ+ZFrpx7t8r65Rx2yNepWBRCgPs Koh+Jr/7Acsq31Cv6LN4DLls2oz8Ij7g2jqgRoaQS9CldX+XwgVXKPEKbRHb5AQ4 OiITKTzSzk8H9pIAfnRuWLjpNtV0fNbwBs1t5pLImz10ErvkH/APj+WIU6f3SWPk EEuB6QgXaVQv8/vTUdUn+YTVe5YEoZ8a3RXDgjTpODTr5iv7OCl61PhEABHiF/qJ ZBSYFOH9H3xtsHNGm+IJSrUjYOMa/arxwSzQWf4r9DVSmUNpDYZHByokOiCs1Z8S h5c7GptZZgDWZ8jGFL7mvxfR3y2OZ4ljVijLi20Fd0PFik6CkfIzHqqNLPjNKZx5 M6hK9iWndKXrxAMml1u+5KGY8l1L9Q/lnTvBQR4v2YuDWYPAcx+zVGzkCrR3c5VV bmqYIE+3WaZxM6Go2O8jEXzJ0Cg89rYqhuyLSkklz7Z9lElgnIo3qeuxPp6v07kz zXoxKtnJvgnkhVOb0ofmZYaOdcY0dDXCUVAAROZXMsTx6zYboKY6K74L9Vf0h0mu S58L7KdoYsu1oUHcDnoi5SX3BHI6AGE5v7nZYTiaLlOXPPcql04pYro3ZhukaljQ vq/CQUxY8tAbOun4UEAaKANZotbIm5S/R+OmknlF0opdFboPt1g6F2xK+UDWrUOg TG5I4ucRq3od+EvMtP6+TStltdCVs1Ki/8vbhC2QH6xvJ05nLxNWb5xOY6bPUXjb g1+/QQmTjrXfc14NiTc4edQolMh5mRtzAYneG5tDmVMN8gd8xlibdtHCRiGTKs9Y buB5vq8Q2HR6P9NYUVvdnfkf34NR+WT4zIG2WK47REHdjNJ16EBXBbJQFJsdHfME OpMNPJaKuRRP5r1uv0JIEuEFR5KGSYe5Ydh+HRHvgDE9A+mu1kNHVhfeN66tli/Y U8kwjEK8bZ0aQfWGu+fVfShnfzGg75+/PGhn1g== =cc+V -----END PGP MESSAGE-----

limboaz commented 3 years ago

My NetID is yz3948, Yinuo Zhang, and my pub key id is 68D1848376CB6C38

limboaz commented 3 years ago

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGAqs0YBEADusNkTlsEj9olkHTDO40kQMwE5u0hgoCo8DaZKrdV2GM0tShcM tysCJB5K1NSBsk8+pWtkR27ZaA3XLW5oJp8vsAxgdGZNe9aNAPcKnlsxhCmp3aUF pUfQHgcw7/nnu0R5JbrHsLjmEqc4FX/yQ8Rz4ioeT20akbDhqs3xZkGcvATVymMO 2acERKA1bIyWZKN5To+7wjGHwUMLF3N0KIXHffCEGTSpL+AdqyeeRHetIZlOg6MA +U97oNxJ8/DmoaSUwYf7CWFC36Q/K1nC6QKa8E3yUBPHH2fMLjPnczp2+XCHFSlK H/nwnCzgI6b9pf31kq3of3/FBrx60qR9xS04HYUFF934CtA2TFFfsiOBOYZ9TPgi Q22Gg0lGhHD+BEZ+vakm/A+g1TRq9mGf0bX9daZHiOGXZRJKHNT1K4lyWKbngOU1 fJpgWaOrG5n7X0jnP+SrOOI5eih2TH9652FItSNERC1hby3Ul+6wUHWg4/g5qulR yd1ypwSjApNjHwFRDWzAqGCPHlZDFbAon6Cu5yomDoyAvlxEwLoB1RRtgqzvBSRH dORzGwLDTyJfu3P8KTAzci9wCzaR+QOhVyLuAbx4Zc3pkVWd6uW47FG8ME0dZG7n AZkhWg0I8GXvxrZvNBc3LyvxDyhnYnhwbAHxlBhv+B+v7GhFpwcae3DCOwARAQAB tCtZaW51byBaaGFuZyAoZm9yIFBDUykgPGxpbWJvYXpAb3V0bG9vay5jb20+iQJO BBMBCgA4FiEEZ8Z6qaetItSWG69eaNGEg3bLbDgFAmAqs0YCGwMFCwkIBwIGFQoJ CAsCBBYCAwECHgECF4AACgkQaNGEg3bLbDjPohAAtJorIIueUg2Y/7gw3vsGCeGd dkCRG5Qp7foOLgMaoqQ1f2/5eyePtaUdlOUMrWQlMiiCsqLEpzxhBg9H6F3V9a/J Yz/sOzsx/hQtoqMVlJIjJMFBdlHy1G2LZhomMYsCVis6gvvhlGxu3gL6RtoMl7hL Qi1j64YK6F598qm1RILltSPWLy6OxZ1N+HeCyNZe5r45Nbysxagrm8+TKltk8sIZ hcTo92iuqcWE290GXiH1dh3gOqOMxL8ZU6VGcsL7KYzG9SvvgebZzhFZI4V3meB8 aWkO/5+vmrGGKteB3LSVuRKNSc6zaUMBZjP4P2rjr09HrvbwUNf4vcWOiyFXkkq9 dimAGiaNVD1pfp3+Xtf5W0xDRT8TCM/qD9nwodgyNQ7AFRbm9drzAGp9li8hE1xl mjcxTRiex5TZ0MhcR8vEqeMrOrLD0gpgyWwAzxZWYZAspVbZ/zUFa7J8ZfdSZsy8 gka9AhBOqMqxVSaYHSfa7o8HA8/sl1EHxdIgijQ//aCiJ14raB5TWbM244eSyJZf m1sb8Wri5h0kwZzKig+RvPuApg5i5JX1gTFyHKxZrdE97CnJdTRfxZ/W+ex4JJ/v gyafrlEQn8HwK3VKP55WVsvC9WIFeUp5J1xb5Q+/GTDarJ1BnQLqh43xXUmt7vK7 DZQK/S4d7G38FiU55HO5Ag0EYCqzRgEQALOk6+kkGKdrhKIQXDZ3hKROr4owY4UK FnnIyMs6GgnYA7kLFH6sRh/APsg7V/oRt55R5/9pEwyOHyE0SaMm2ryYx0YYjTN5 lAFtUQQ65ir+HGmRunv4z2PYmwvreEpwFt2rgXzRqOfCCgFCa9Tl7ZEoogqARI1K 3bfBZiR6PLxnJW0loRqdw+43C7EK42QlS2MKlxnFNUbcbQGkEPj4j6k8GA7hmHSs 9lgHFgVOaR2lz633/WKuF9lR6+6CmZEY+QPmk8FLxr5RPU/JfulkA8g/TizjKZf/ 7acMk6AmoCo3dVTpv+bf3a6ipSPnQ+MwBIynAJB0PTjkvBsgJDrQiiFyTwV1srO6 otgToLzQECvlfzPCWrhRvlcFkSwRebfu2iGj6QhMCxlWlTHvX9PKfc51mM979zGc 3lL6m2F75bUHRga14LZR4sfwowKJEcRDvo6yEUCNsyVE0qENxrP+7HPIofcxljKE MNp38mXfbM26997aHvFaIpmTq3tz4o8PdDhEVrSZXFq8pfeucJyxoXhf1+nrx9bN 6EY954B1g6pKKijQauc3UzxHd6g2dPUcPyXw+5JgrcbT997duKKrKgWbrwsr618f 0kID09sv9TEckeHp0ppgzQqmfToF2+HG3mYz7Lq6MCbfzDucfEEi51S23dEtrzrK tL7XZfxi8PYXABEBAAGJAjYEGAEKACAWIQRnxnqpp60i1JYbr15o0YSDdstsOAUC YCqzRgIbDAAKCRBo0YSDdstsOJhJD/43O9wplIF39CJY1yq6z6E08ORd8f/AyFjL EihNEBFgTEf67ORwPigLChcCboDmk4Cd9mAsxU7mkSrd/vyBhxYIypB4bjcYXvYv E+pStWtKLaCo81XROmb52od43BUpQqZG8wLZSBnTEYKwXI2LUbnWtxipK1Xin/S/ OD66YEMM0+GWZIRTlvuxvk+7aPC2edVKsMTvwo//BsXFKgD0kko9BPmjPQgpB1V6 kFfVp2m595mIkOvDIbe8z7Oa6fN95dpOQi6vEAfh4x4bjFRVXUZ6HZdP0UHuJlTz futxhka4GVQtWJmX3Jzv+mltTCcbaxduF/VLJG5N3y39jSHOT0/ii6EFHUyG16RK 9bnc20O1+UTlmyLPYRAzrAXKjYAuDyyGu9tziWOYmebiBJmrWspanIWSH6Hgppem sJ10L8aUV0DvhBJ76nmMAgFyaGtshD0fNo9lfWiBe9v3n41HkCbWx2CfRP+mjtnV K2XucJtTMe/K8kuAQnNR7pW/CyrMNpywAavmRjYhVJENUZ71Tt8k2eDShzDihbM3 5qiakDnUnL+WA5Pu3MDlpWNvoJJtRk55oc0sfUIUYEDy/cRr+Mjkm2vIrNJnLYYX vN7d05OrguPJrn4WrZvdTDjExC7Il0WZ2Ta9BGMtK1f8QVKRFsCPgdarfDSGBSIy TFDPes0q1A== =/Dqv -----END PGP PUBLIC KEY BLOCK-----

ksmaybe commented 3 years ago 
About exploit-main (exploit-service branch)
[*] Starting service from pcs-sp21-lab6-server (branch '0ff895975bf20c1233991128be75afbddf7b0049')
[*] Failed to start service
#1 [internal] load build definition from Dockerfile
#1 sha256:83607793bab9a7b90b5a6b9919b5fedeb0dd893499446acd13dcde84cde486ec
#1 transferring dockerfile: 303B done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 sha256:28998e4351e60971a2918d2cc8bf418460837ff214ba98f1397e39af7c013009
#2 transferring context: 2B done
#2 DONE 0.0s

#3 [internal] load metadata for docker.io/selenium/standalone-chrome:89.0
#3 sha256:beb2bf66ef313fd2e3aace2d303a1c73abc80369b025ce6bfeb4a2cc5920b54e
#3 DONE 0.2s

#4 [1/7] FROM docker.io/selenium/standalone-chrome:89.0@sha256:beb559d9a8fddb3cc154122598a527c6fb00f19751577974013924a209431f91
#4 sha256:cfa7f2d3a3cae72a7b4a2fd6d9e3fe6bf7d6c6a4462d83f9fadb5866bd1543d1
#4 DONE 0.0s

#6 [internal] load build context
#6 sha256:dda6911be531b4ea739ddc3242e6d79c7f5409dab91737146d48275855255d18
#6 transferring context: 99.32kB 0.0s done
#6 DONE 0.0s

#5 [2/7] RUN apt-get update && apt-get install -y python3 python3-pip
#5 sha256:1f82db4cdd0345e13bbf91421a58803f0de60b2a8230a42c43c8a09334118de0
#5 CACHED

#7 [3/7] COPY . /app
#7 sha256:1b22631029f41d7fb16d4838693cef0fcd87a719779d943def0b7ba110e5860f
#7 DONE 0.1s

#8 [4/7] WORKDIR /app
#8 sha256:29045a8e97ce3ae12e46b0b434bcf5be67d7893b157fa322356eaaaf0751e8b0
#8 DONE 0.0s

#9 [5/7] RUN mkdir -p /var/ctf
#9 sha256:bb5dd6b698c3c379cd78b61dbced90ef6abe4141eeb345d0468a46dc367ffd27
#9 DONE 0.3s

#10 [6/7] COPY flag /var/ctf/
#10 sha256:fbae78e7cccf5b0a060b5a597ae2f8d100a5d5bd09faa85ca0fd105e9d091dbd
#10 DONE 0.0s

#11 [7/7] RUN pip3 install -r requirements.txt
#11 sha256:7979f229e8f7c73ee91eb3018a2be6e9e33f53357e4a9f8301597b44230016da
#11 1.001 WARNING: The directory '/home/seluser/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
#11 1.128 Collecting click==7.1.2
#11 1.177   Downloading click-7.1.2-py2.py3-none-any.whl (82 kB)
#11 1.236 Collecting Flask==1.1.2
#11 1.249   Downloading Flask-1.1.2-py2.py3-none-any.whl (94 kB)
#11 1.312 Collecting itsdangerous==1.1.0
#11 1.322   Downloading itsdangerous-1.1.0-py2.py3-none-any.whl (16 kB)
#11 1.387 Collecting Jinja2==2.11.3
#11 1.397   Downloading Jinja2-2.11.3-py2.py3-none-any.whl (125 kB)
#11 1.478 Collecting MarkupSafe==1.1.1
#11 1.487   Downloading MarkupSafe-1.1.1-cp38-cp38-manylinux2010_x86_64.whl (32 kB)
#11 1.561 Collecting selenium==3.141.0
#11 1.575   Downloading selenium-3.141.0-py2.py3-none-any.whl (904 kB)
#11 1.680 Collecting urllib3==1.26.3
#11 1.689   Downloading urllib3-1.26.3-py2.py3-none-any.whl (137 kB)
#11 1.767 Collecting Werkzeug==1.0.1
#11 1.781   Downloading Werkzeug-1.0.1-py2.py3-none-any.whl (298 kB)
#11 1.842 Installing collected packages: click, MarkupSafe, Jinja2, Werkzeug, itsdangerous, Flask, urllib3, selenium
#11 2.320 Successfully installed Flask-1.1.2 Jinja2-2.11.3 MarkupSafe-1.1.1 Werkzeug-1.0.1 click-7.1.2 itsdangerous-1.1.0 selenium-3.141.0 urllib3-1.26.3
#11 DONE 2.4s

#12 exporting to image
#12 sha256:e8c613e07b0b7ff33893b694f7759a10d42e180f2b4dc349fb57dc6b71dcab00
#12 exporting layers 0.1s done
#12 writing image sha256:ef5237dfb9da144e78b0edc24939658821f660060cfcdd36a439cb3b04306411 done
#12 naming to docker.io/library/pcs-sp21-lab6-server-0ff895975bf20c1233991128be75afbddf7b0049 done
#12 DONE 0.1s
docker: Error response from daemon: Conflict. The container name "/pcs-sp21-lab6-server-0ff895975bf20c1233991128be75afbddf7b0049" is already in use by container "8091eae6427042a587827ed4ffe9bb129700b81cd8917e1bf7ccecbbe79645d5". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.

==========================

[*] The exploit did not work.

ksmaybe commented 3 years ago

This submission has been verified. Well done!