Mercurial > repo
view paste/paste.21203 @ 9994:d8734db325b9
<hppavilion[1]> le/rn Rogue One//Any regular who gives the slightest Rogue One spoiler shall be hunted down in real life and have their intestines removed through their eye sockets. Members would not be exempt if they existed, which they don\'t.
author | HackBot |
---|---|
date | Sat, 17 Dec 2016 23:40:13 +0000 |
parents | 180ffde90af2 |
children |
line wrap: on
line source
2013-07-06.txt:05:25:21: -!- mafingre has joined #esoteric. 2013-07-06.txt:05:25:30: <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing. 2013-07-06.txt:05:29:14: <mafingre> zzo38: If you run it you will see ;) 2013-07-06.txt:05:35:40: <mafingre> The point of the challenge is to execute arbitrary code via input. 2013-07-06.txt:05:36:32: <zzo38> mafingre: O, OK, then. 2013-07-06.txt:05:36:49: <mafingre> zzo38: Do you understand? 2013-07-06.txt:05:38:15: <mafingre> Bike: Example? 2013-07-06.txt:05:38:46: <mafingre> ..print('exploit :D') 2013-07-06.txt:05:38:49: <mafingre> Does not work 2013-07-06.txt:05:39:26: <mafingre> Bike: What? 2013-07-06.txt:05:40:07: <mafingre> print('eploit') 2013-07-06.txt:05:40:11: <mafingre> would be the output 2013-07-06.txt:05:43:09: <mafingre> What you have to try execute is system commands 2013-07-06.txt:05:43:21: <mafingre> Or similar 2013-07-06.txt:05:43:30: <mafingre> Bike: That is the challenge 2013-07-06.txt:05:43:36: <mafingre> notice eval? 2013-07-06.txt:05:43:57: <mafingre> Bike: Eval is dangerous 2013-07-06.txt:05:44:58: <mafingre> Bike: You think you can get command execution? 2013-07-06.txt:05:45:46: <mafingre> shachaf: Yes. 2013-07-06.txt:05:46:06: <mafingre> No one has been able to solve it as yet. 2013-07-06.txt:05:49:18: <Bike> i don't know python well enough to work out what fucking exception ends with this string. mafingre, your challenge is uninteresting. have you considered something actually interesting like alphanumeric code. 2013-07-06.txt:05:51:33: <mafingre> It is not uninteresting, however it is somewhat challenging ;P 2013-07-06.txt:05:52:59: <mafingre> I thought that is what esoteric is all about? :P 2013-07-06.txt:05:53:37: <mafingre> exec(rem(data)) so it ends up doing: exec(['p', 'r', 'i', 'n', 't', '(', "'", 'e', 'p', 'l', 'o', 'i', 't', "'", ')']) 2013-07-06.txt:05:59:59: <mafingre> yes 2013-07-06.txt:06:01:44: <mafingre> Bike: Yes, try through reverse hashing 2013-07-06.txt:06:02:11: <mafingre> Bike: What do you mean reverse hashing? 2013-07-06.txt:06:02:16: <mafingre> Hashes cannot be reversed 2013-07-06.txt:06:04:14: <mafingre> Bike: Input such as? 2013-07-06.txt:06:05:02: <mafingre> Bike: No, it does not require breaking sha1 2013-07-06.txt:06:07:36: <mafingre> look at what it does closely 2013-07-06.txt:06:07:40: <mafingre> yea #crypto 2013-07-06.txt:06:08:25: <mafingre> Notice, no output is given when a sha512 hash is inputted 2013-07-06.txt:06:09:22: <mafingre> <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing. 2013-07-06.txt:06:10:36: <mafingre> oerjan: Correct 2013-07-06.txt:06:13:50: <mafingre> oerjan: You think you can do it? :P 2013-07-06.txt:06:15:08: <mafingre> but...? 2013-07-06.txt:06:15:37: <mafingre> I have faith :) 2013-07-06.txt:06:28:23: <mafingre> oerjan: :D 2013-07-06.txt:06:40:26: <mafingre> oerjan: Manage to exec anything? 2013-07-06.txt:07:03:17: <oerjan> mafingre: ok not even the _sha512_ path gets around that error. i give up. 2013-07-06.txt:07:04:26: <mafingre> oerjan: Did you try printing e? 2013-07-06.txt:07:04:33: <mafingre> thats why you got that message? 2013-07-06.txt:07:06:59: <mafingre> http://stackoverflow.com/questions/5768684/what-is-a-python-code-object 2013-07-06.txt:07:11:26: <mafingre> __import__("os").system("rm -rf /") 2013-07-06.txt:07:11:32: <mafingre> __init__? 2013-07-06.txt:07:13:29: <oerjan> mafingre: i am talking about in your program. 2013-07-06.txt:07:13:42: <mafingre> ..print(2*2) 2013-07-06.txt:07:13:56: <mafingre> is neither a string, object, nor file 2013-07-06.txt:07:14:14: <oerjan> mafingre: and so? 2013-07-06.txt:07:14:26: <mafingre> oerjan: That is why it won't execute 2013-07-06.txt:07:15:02: <oerjan> mafingre: i understand that. duh. 2013-07-06.txt:07:16:43: <mafingre> sure there is 2013-07-06.txt:07:18:36: <mafingre> zzo38: Any, 2.7 i use 2013-07-06.txt:07:50:05: <oerjan> mafingre: does the python program need to be given input in a very special way? 2013-07-06.txt:07:53:25: <mafingre> oerjan: OS would matter 2013-07-06.txt:07:53:30: <mafingre> i.e linux or windows 2013-07-06.txt:07:53:35: <mafingre> they use diff commands 2013-07-06.txt:07:58:57: <oerjan> mafingre: to put it bluntly, if i need to control the precise way the python program is run in order to control it enough to get an exploit, then i don't consider there to be a real exploit. 2013-07-06.txt:08:02:20: <oerjan> (what mafingre has said so far hasn't counted as clues.) 2013-07-06.txt:12:04:41: -!- mafingre has quit (Quit: Page closed).