Mercurial > repo

view paste/paste.21203 @ 9994:d8734db325b9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
<hppavilion[1]> le/rn Rogue One//Any regular who gives the slightest Rogue One spoiler shall be hunted down in real life and have their intestines removed through their eye sockets. Members would not be exempt if they existed, which they don\'t.
author HackBot
date Sat, 17 Dec 2016 23:40:13 +0000
parents 180ffde90af2
children
line wrap: on
line source

2013-07-06.txt:05:25:21: -!- mafingre has joined #esoteric.
2013-07-06.txt:05:25:30: <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing.
2013-07-06.txt:05:29:14: <mafingre> zzo38: If you run it you will see ;)
2013-07-06.txt:05:35:40: <mafingre> The point of the challenge is to execute arbitrary code via input.
2013-07-06.txt:05:36:32: <zzo38> mafingre: O, OK, then.
2013-07-06.txt:05:36:49: <mafingre> zzo38: Do you understand?
2013-07-06.txt:05:38:15: <mafingre> Bike: Example?
2013-07-06.txt:05:38:46: <mafingre> ..print('exploit :D')
2013-07-06.txt:05:38:49: <mafingre> Does not work
2013-07-06.txt:05:39:26: <mafingre> Bike: What?
2013-07-06.txt:05:40:07: <mafingre> print('eploit')
2013-07-06.txt:05:40:11: <mafingre> would be the output
2013-07-06.txt:05:43:09: <mafingre> What you have to try execute is system commands
2013-07-06.txt:05:43:21: <mafingre> Or similar
2013-07-06.txt:05:43:30: <mafingre> Bike: That is the challenge
2013-07-06.txt:05:43:36: <mafingre> notice eval?
2013-07-06.txt:05:43:57: <mafingre> Bike: Eval is dangerous
2013-07-06.txt:05:44:58: <mafingre> Bike: You think you can get command execution?
2013-07-06.txt:05:45:46: <mafingre> shachaf: Yes.
2013-07-06.txt:05:46:06: <mafingre> No one has been able to solve it as yet.
2013-07-06.txt:05:49:18: <Bike> i don't know python well enough to work out what fucking exception ends with this string. mafingre, your challenge is uninteresting. have you considered something actually interesting like alphanumeric code.
2013-07-06.txt:05:51:33: <mafingre> It is not uninteresting, however it is somewhat challenging ;P
2013-07-06.txt:05:52:59: <mafingre> I thought that is what esoteric is all about? :P
2013-07-06.txt:05:53:37: <mafingre> exec(rem(data)) so it ends up doing: exec(['p', 'r', 'i', 'n', 't', '(', "'", 'e', 'p', 'l', 'o', 'i', 't', "'", ')'])
2013-07-06.txt:05:59:59: <mafingre> yes
2013-07-06.txt:06:01:44: <mafingre> Bike: Yes, try through reverse hashing
2013-07-06.txt:06:02:11: <mafingre> Bike: What do you mean reverse hashing?
2013-07-06.txt:06:02:16: <mafingre> Hashes cannot be reversed
2013-07-06.txt:06:04:14: <mafingre> Bike: Input such as?
2013-07-06.txt:06:05:02: <mafingre> Bike: No, it does not require breaking sha1
2013-07-06.txt:06:07:36: <mafingre> look at what it does closely 
2013-07-06.txt:06:07:40: <mafingre> yea #crypto
2013-07-06.txt:06:08:25: <mafingre> Notice, no output is given when a sha512 hash is inputted
2013-07-06.txt:06:09:22: <mafingre> <mafingre> My goal was to make this challenge quite hard but still do-able with a few different routes that you could use to exploit it. http://pastebin.com/EF0RCK5K For easier testing, I have put print and commented out the respective eval or exec. Just take away the comments on eval and exec for testing.
2013-07-06.txt:06:10:36: <mafingre> oerjan: Correct
2013-07-06.txt:06:13:50: <mafingre> oerjan: You think you can do it? :P
2013-07-06.txt:06:15:08: <mafingre> but...?
2013-07-06.txt:06:15:37: <mafingre> I have faith :)
2013-07-06.txt:06:28:23: <mafingre> oerjan: :D
2013-07-06.txt:06:40:26: <mafingre> oerjan: Manage to exec anything?
2013-07-06.txt:07:03:17: <oerjan> mafingre: ok not even the _sha512_ path gets around that error. i give up.
2013-07-06.txt:07:04:26: <mafingre> oerjan: Did you try printing e?
2013-07-06.txt:07:04:33: <mafingre> thats why you got that message?
2013-07-06.txt:07:06:59: <mafingre> http://stackoverflow.com/questions/5768684/what-is-a-python-code-object
2013-07-06.txt:07:11:26: <mafingre> __import__("os").system("rm -rf /")
2013-07-06.txt:07:11:32: <mafingre> __init__?
2013-07-06.txt:07:13:29: <oerjan> mafingre: i am talking about in your program.
2013-07-06.txt:07:13:42: <mafingre> ..print(2*2)
2013-07-06.txt:07:13:56: <mafingre> is neither a string, object, nor file
2013-07-06.txt:07:14:14: <oerjan> mafingre: and so?
2013-07-06.txt:07:14:26: <mafingre> oerjan: That is why it won't execute
2013-07-06.txt:07:15:02: <oerjan> mafingre: i understand that. duh.
2013-07-06.txt:07:16:43: <mafingre> sure there is
2013-07-06.txt:07:18:36: <mafingre> zzo38: Any, 2.7 i use
2013-07-06.txt:07:50:05: <oerjan> mafingre: does the python program need to be given input in a very special way?
2013-07-06.txt:07:53:25: <mafingre> oerjan: OS would matter
2013-07-06.txt:07:53:30: <mafingre> i.e linux or windows
2013-07-06.txt:07:53:35: <mafingre> they use diff commands
2013-07-06.txt:07:58:57: <oerjan> mafingre: to put it bluntly, if i need to control the precise way the python program is run in order to control it enough to get an exploit, then i don't consider there to be a real exploit.
2013-07-06.txt:08:02:20: <oerjan> (what mafingre has said so far hasn't counted as clues.)
2013-07-06.txt:12:04:41: -!- mafingre has quit (Quit: Page closed).