Mercurial > repo

view paste/paste.21203 @ 11293:a7899ef2d7b6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
<wob_jonas> learn Aristotle said that every illness can be cured by balancing the four vitreous humors, and everyone believed him for two thousand years, even though people still died of illnesses. It wasn\'t until the 20th century that Szent-Gy\xc3\xb6rgyi Albert realized that Aristotle didn\'t find fifth kind of vitreous humor, vitamin C, because the Greek alphabet
author HackBot
date Mon, 01 Jan 2018 17:57:43 +0000
parents 180ffde90af2
children
line wrap: on
line source

2013-07-06.txt:05:25:21: -!- mafingre has joined #esoteric.
2013-07-06.txt:05:25:30: <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing.
2013-07-06.txt:05:29:14: <mafingre> zzo38: If you run it you will see ;)
2013-07-06.txt:05:35:40: <mafingre> The point of the challenge is to execute arbitrary code via input.
2013-07-06.txt:05:36:32: <zzo38> mafingre: O, OK, then.
2013-07-06.txt:05:36:49: <mafingre> zzo38: Do you understand?
2013-07-06.txt:05:38:15: <mafingre> Bike: Example?
2013-07-06.txt:05:38:46: <mafingre> ..print('exploit :D')
2013-07-06.txt:05:38:49: <mafingre> Does not work
2013-07-06.txt:05:39:26: <mafingre> Bike: What?
2013-07-06.txt:05:40:07: <mafingre> print('eploit')
2013-07-06.txt:05:40:11: <mafingre> would be the output
2013-07-06.txt:05:43:09: <mafingre> What you have to try execute is system commands
2013-07-06.txt:05:43:21: <mafingre> Or similar
2013-07-06.txt:05:43:30: <mafingre> Bike: That is the challenge
2013-07-06.txt:05:43:36: <mafingre> notice eval?
2013-07-06.txt:05:43:57: <mafingre> Bike: Eval is dangerous
2013-07-06.txt:05:44:58: <mafingre> Bike: You think you can get command execution?
2013-07-06.txt:05:45:46: <mafingre> shachaf: Yes.
2013-07-06.txt:05:46:06: <mafingre> No one has been able to solve it as yet.
2013-07-06.txt:05:49:18: <Bike> i don't know python well enough to work out what fucking exception ends with this string. mafingre, your challenge is uninteresting. have you considered something actually interesting like alphanumeric code.
2013-07-06.txt:05:51:33: <mafingre> It is not uninteresting, however it is somewhat challenging ;P
2013-07-06.txt:05:52:59: <mafingre> I thought that is what esoteric is all about? :P
2013-07-06.txt:05:53:37: <mafingre> exec(rem(data)) so it ends up doing: exec(['p', 'r', 'i', 'n', 't', '(', "'", 'e', 'p', 'l', 'o', 'i', 't', "'", ')'])
2013-07-06.txt:05:59:59: <mafingre> yes
2013-07-06.txt:06:01:44: <mafingre> Bike: Yes, try through reverse hashing
2013-07-06.txt:06:02:11: <mafingre> Bike: What do you mean reverse hashing?
2013-07-06.txt:06:02:16: <mafingre> Hashes cannot be reversed
2013-07-06.txt:06:04:14: <mafingre> Bike: Input such as?
2013-07-06.txt:06:05:02: <mafingre> Bike: No, it does not require breaking sha1
2013-07-06.txt:06:07:36: <mafingre> look at what it does closely 
2013-07-06.txt:06:07:40: <mafingre> yea #crypto
2013-07-06.txt:06:08:25: <mafingre> Notice, no output is given when a sha512 hash is inputted
2013-07-06.txt:06:09:22: <mafingre> <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing.
2013-07-06.txt:06:10:36: <mafingre> oerjan: Correct
2013-07-06.txt:06:13:50: <mafingre> oerjan: You think you can do it? :P
2013-07-06.txt:06:15:08: <mafingre> but...?
2013-07-06.txt:06:15:37: <mafingre> I have faith :)
2013-07-06.txt:06:28:23: <mafingre> oerjan: :D
2013-07-06.txt:06:40:26: <mafingre> oerjan: Manage to exec anything?
2013-07-06.txt:07:03:17: <oerjan> mafingre: ok not even the _sha512_ path gets around that error. i give up.
2013-07-06.txt:07:04:26: <mafingre> oerjan: Did you try printing e?
2013-07-06.txt:07:04:33: <mafingre> thats why you got that message?
2013-07-06.txt:07:06:59: <mafingre> http://stackoverflow.com/questions/5768684/what-is-a-python-code-object
2013-07-06.txt:07:11:26: <mafingre> __import__("os").system("rm -rf /")
2013-07-06.txt:07:11:32: <mafingre> __init__?
2013-07-06.txt:07:13:29: <oerjan> mafingre: i am talking about in your program.
2013-07-06.txt:07:13:42: <mafingre> ..print(2*2)
2013-07-06.txt:07:13:56: <mafingre> is neither a string, object, nor file
2013-07-06.txt:07:14:14: <oerjan> mafingre: and so?
2013-07-06.txt:07:14:26: <mafingre> oerjan: That is why it won't execute
2013-07-06.txt:07:15:02: <oerjan> mafingre: i understand that. duh.
2013-07-06.txt:07:16:43: <mafingre> sure there is
2013-07-06.txt:07:18:36: <mafingre> zzo38: Any, 2.7 i use
2013-07-06.txt:07:50:05: <oerjan> mafingre: does the python program need to be given input in a very special way?
2013-07-06.txt:07:53:25: <mafingre> oerjan: OS would matter
2013-07-06.txt:07:53:30: <mafingre> i.e linux or windows
2013-07-06.txt:07:53:35: <mafingre> they use diff commands
2013-07-06.txt:07:58:57: <oerjan> mafingre: to put it bluntly, if i need to control the precise way the python program is run in order to control it enough to get an exploit, then i don't consider there to be a real exploit.
2013-07-06.txt:08:02:20: <oerjan> (what mafingre has said so far hasn't counted as clues.)
2013-07-06.txt:12:04:41: -!- mafingre has quit (Quit: Page closed).