On level17 we have a python script listening on port 10007. In order to solve this challenge we’ll have to connect to this port and provide some input.
What you’ll need to know…
- Python
Level17
Looking at the code, we can identify one module, known to be vulnerable. On top of that, it accepts input from the user, so it’s probably a good place to start testing.
Before we actually start doing something, take a look at the documentation of pickle module. It allows to serialize and de-serialize Python structures.
Let’s run an example.
![Example](wp-content/uploads/2018/07/example_py.png)
If we execute this python script, it’ll produce a file, pickled.
![Files](wp-content/uploads/2018/07/files.png)
![pickled](wp-content/uploads/2018/07/pickled.png)
Now, let’s feed the main python script this file.
![Test](wp-content/uploads/2018/07/test_example.png)
This pickle module was new for me, so I did some research and end up finding a BlackHat presentation by Marco Slaviero. I’ll use his technique to solve challenge level17.
Like the previous exercise, I’ll take advantage of this vulnerability to compile a SUID program. Let’s take a peek my pickled file.
![pickled_malicious](wp-content/uploads/2018/07/exploit.png)
Simple. Now it’s just a matter of feeding this file to the program running on port 10007. For this, use nc 127.0.0.1 10007 < pickled
. Exit and list the files under /home/flag17
, where you’ll see the following files.
![Files_flag17](wp-content/uploads/2018/07/files_flag17.png)
Run the SUID program and collect the flag
![Result level17](wp-content/uploads/2018/07/result_level17.png)
One more, two left.
Challenges completed: 18/20
Mitigation
The easiest way to solve this problem is not using pickle at all. But I believe that in some cases this will be a half measure, because the main problem is the source of the data. So, as suggested in the previous articles, always sanitize input, don’t trust any source.