Problem with functions in test_generic

I got the following error running the test_generic for a hack challenge solution:

Undefined functions are from the pwntools library, an exploit development library.
Also, I am having another problem with the functions defined by me, since they are functions in python a data type function is not defined but the test_generic requires it.

An alternative to this can be to include the exploit code in the .feature, so through this post I ask if it is possible to do that?

Can you send the commit link? to see what happens with the things that you try to upload.

With that probably we can find why fails and help you.

Of course, its this:
https://gitlab.com/autonomicmind/challenges/-/commit/98ece70fb734ea154d950b602d041deebe35d948

Ok first of all, test_generic has 2 fails:

image

And the second:

In the first one, the name of the error says what happens.
In the second one, is a linter error, you must pass a linter to your exploit.

One of the errors is probably related to typing.

This is an example of typing in python:

def greeting(name: str) -> str:
  #your code here
  return some_string #type str

If it is a void you must use type

None

The remaining error you must figure out how to solve it, try to use ‘mypy’ in your file.

And your have another 2 errors in the structure.

First:

  • The evidences folder must have the same name as your GitLab username.

Second:

  • The exploit must be in the evidence folder and u have it outside of evidences folder.
1 Like

Thanks very much, I have managed to solve the typing issue but i still have problems to validate the exploit code. Due to not having Pwntools support, I decided to write the exploit using Sockets, Telnet and Struct libraries:

hack/rootme/app-system-elf-x64-remote-heap-buffer-overflow-fastbin/vmelendez/exploit.py:79: error: "Telnet" has no attribute "sock"

Specifically when I get shell I redirect the socket for Telnet() in order to have an interactive connection, in this way:

t = telnetlib.Telnet()
t.sock = s # socket
t.interact()

I could read the .passwd without having an interactive shell, would that be fine?

Hi @major-probability

You are defining a different attack vector by trying another approach of the vulnerability, I have no problem with that, however, make sure to change your feature to show these changes in the exploitation method, there isn’t a single way to exploit a vulnerability, and this is a perfect example of this.